From: Matt Caswell <matt@openssl.org>
Date: Tue, 2 May 2017 15:26:00 +0000 (+0100)
Subject: Fix comment around safari fingerprint check
X-Git-Tag: OpenSSL_1_1_1-pre1~1614
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=33564cb7494b0d12384d8ad83207306ebd056e36;p=oweals%2Fopenssl.git

Fix comment around safari fingerprint check

Fixes #2442

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3367)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 9dfdbe5e6a..7adf09b3d8 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1175,6 +1175,7 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
  *   SNI,
  *   elliptic_curves
  *   ec_point_formats
+ *   signature_algorithms (for TLSv1.2 only)
  *
  * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
  * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.