Fix comment around safari fingerprint check

author Matt Caswell <matt@openssl.org>

Tue, 2 May 2017 15:26:00 +0000 (16:26 +0100)

committer Matt Caswell <matt@openssl.org>

Tue, 2 May 2017 16:08:41 +0000 (17:08 +0100)
author Matt Caswell <matt@openssl.org>
Tue, 2 May 2017 15:26:00 +0000 (16:26 +0100)
committer Matt Caswell <matt@openssl.org>
Tue, 2 May 2017 16:08:41 +0000 (17:08 +0100)
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index 9dfdbe5e6a15062ade4d3511f8609ee2cc07e737..7adf09b3d819743b4f48551d6aa8b45e6eb6df2f 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1175,6 +1175,7 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
   *   SNI,
   *   elliptic_curves
   *   ec_point_formats
+ *   signature_algorithms (for TLSv1.2 only)
   *
   * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
   * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.
author	Matt Caswell <matt@openssl.org>
	Tue, 2 May 2017 15:26:00 +0000 (16:26 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 2 May 2017 16:08:41 +0000 (17:08 +0100)