X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=331c4e631adb29e2ac211d57fedef0200e3e7847;hp=8332512dcaca9835ba6efb6f09223ae9e44755ab;hb=d89cd382dacb5bd40a49209e5ddb6fe8facc008e;hpb=14536c8c9c0abb894afcadb9a58b4b29fc8f7a4d

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 8332512dca..331c4e631a 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3029,8 +3029,6 @@ void ssl3_free(SSL *s)
 	SSL_SRP_CTX_free(s);
 #endif
 #ifndef OPENSSL_NO_TLSEXT
-	if (s->s3->tlsext_authz_client_types != NULL)
-		OPENSSL_free(s->s3->tlsext_authz_client_types);
 	if (s->s3->tlsext_custom_types != NULL)
 		OPENSSL_free(s->s3->tlsext_custom_types);
 #endif
@@ -3078,18 +3076,16 @@ void ssl3_clear(SSL *s)
 		}
 #endif
 #ifndef OPENSSL_NO_TLSEXT
-	if (s->s3->tlsext_authz_client_types != NULL)
-		{
-		OPENSSL_free(s->s3->tlsext_authz_client_types);
-		s->s3->tlsext_authz_client_types = NULL;
-		}
 	if (s->s3->tlsext_custom_types != NULL)
 		{
 		OPENSSL_free(s->s3->tlsext_custom_types);
 		s->s3->tlsext_custom_types = NULL;
 		}
 	s->s3->tlsext_custom_types_count = 0;	
-#endif
+#ifndef OPENSSL_NO_EC
+	s->s3->is_probably_safari = 0;
+#endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
 
 	rp = s->s3->rbuf.buf;
 	wp = s->s3->wbuf.buf;
@@ -3889,10 +3885,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_CHAIN_CERT_STORE:
 		return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
 
-	case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
-		ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
-		break;
-
 #endif /* !OPENSSL_NO_TLSEXT */
 
 	/* A Thawte special :-) */
@@ -4002,12 +3994,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
 		break;
 #endif
-
-	case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB:
-		ctx->tlsext_authz_server_audit_proof_cb =
-			(int (*)(SSL *, void *))fp;
-		break;
-
 #endif
 	case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
 		{
@@ -4170,6 +4156,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 		ii=sk_SSL_CIPHER_find(allow,c);
 		if (ii >= 0)
 			{
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+			if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
+				{
+				if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
+				continue;
+				}
+#endif
 			ret=sk_SSL_CIPHER_value(allow,ii);
 			break;
 			}