1diff --git android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c
2index 3fe6612..ea7fefa 100644
3--- android-openssl.orig/ssl/t1_lib.c
4+++ android-openssl/ssl/t1_lib.c
5@@ -444,55 +444,6 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
6 		}
7 #endif
8 
9-#ifndef OPENSSL_NO_EC
10-	if (s->tlsext_ecpointformatlist != NULL &&
11-	    s->version != DTLS1_VERSION)
12-		{
13-		/* Add TLS extension ECPointFormats to the ClientHello message */
14-		long lenmax; 
15-
16-		if ((lenmax = limit - ret - 5) < 0) return NULL; 
17-		if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
18-		if (s->tlsext_ecpointformatlist_length > 255)
19-			{
20-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
21-			return NULL;
22-			}
23-		
24-		s2n(TLSEXT_TYPE_ec_point_formats,ret);
25-		s2n(s->tlsext_ecpointformatlist_length + 1,ret);
26-		*(ret++) = (unsigned char) s->tlsext_ecpointformatlist_length;
27-		memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
28-		ret+=s->tlsext_ecpointformatlist_length;
29-		}
30-	if (s->tlsext_ellipticcurvelist != NULL &&
31-	    s->version != DTLS1_VERSION)
32-		{
33-		/* Add TLS extension EllipticCurves to the ClientHello message */
34-		long lenmax; 
35-
36-		if ((lenmax = limit - ret - 6) < 0) return NULL; 
37-		if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax) return NULL;
38-		if (s->tlsext_ellipticcurvelist_length > 65532)
39-			{
40-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
41-			return NULL;
42-			}
43-		
44-		s2n(TLSEXT_TYPE_elliptic_curves,ret);
45-		s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
46-
47-		/* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for
48-		 * elliptic_curve_list, but the examples use two bytes.
49-		 * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html
50-		 * resolves this to two bytes.
51-		 */
52-		s2n(s->tlsext_ellipticcurvelist_length, ret);
53-		memcpy(ret, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
54-		ret+=s->tlsext_ellipticcurvelist_length;
55-		}
56-#endif /* OPENSSL_NO_EC */
57-
58 	if (!(SSL_get_options(s) & SSL_OP_NO_TICKET))
59 		{
60 		int ticklen;
61@@ -665,6 +616,58 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
62                 }
63 #endif
64 
65+#ifndef OPENSSL_NO_EC
66+	/* WebSphere Application Server 7.0 is intolerant to the last extension
67+	 * being zero-length. ECC extensions are non-empty and not dropped until
68+	 * fallback to SSL3, at which point all extensions are gone. */
69+	if (s->tlsext_ecpointformatlist != NULL &&
70+	    s->version != DTLS1_VERSION)
71+		{
72+		/* Add TLS extension ECPointFormats to the ClientHello message */
73+		long lenmax; 
74+
75+		if ((lenmax = limit - ret - 5) < 0) return NULL; 
76+		if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
77+		if (s->tlsext_ecpointformatlist_length > 255)
78+			{
79+			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
80+			return NULL;
81+			}
82+		
83+		s2n(TLSEXT_TYPE_ec_point_formats,ret);
84+		s2n(s->tlsext_ecpointformatlist_length + 1,ret);
85+		*(ret++) = (unsigned char) s->tlsext_ecpointformatlist_length;
86+		memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
87+		ret+=s->tlsext_ecpointformatlist_length;
88+		}
89+	if (s->tlsext_ellipticcurvelist != NULL &&
90+	    s->version != DTLS1_VERSION)
91+		{
92+		/* Add TLS extension EllipticCurves to the ClientHello message */
93+		long lenmax; 
94+
95+		if ((lenmax = limit - ret - 6) < 0) return NULL; 
96+		if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax) return NULL;
97+		if (s->tlsext_ellipticcurvelist_length > 65532)
98+			{
99+			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
100+			return NULL;
101+			}
102+		
103+		s2n(TLSEXT_TYPE_elliptic_curves,ret);
104+		s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
105+
106+		/* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for
107+		 * elliptic_curve_list, but the examples use two bytes.
108+		 * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html
109+		 * resolves this to two bytes.
110+		 */
111+		s2n(s->tlsext_ellipticcurvelist_length, ret);
112+		memcpy(ret, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
113+		ret+=s->tlsext_ellipticcurvelist_length;
114+		}
115+#endif /* OPENSSL_NO_EC */
116+
117 	/* Add padding to workaround bugs in F5 terminators.
118 	 * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */
119 	if (header_len > 0)
120@@ -673,10 +676,14 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
121 		if (header_len > 0xff && header_len < 0x200)
122 			{
123 			size_t padding_len = 0x200 - header_len;
124-			if (padding_len >= 4)
125+			/* Extensions take at least four bytes to encode. Always
126+			 * include least one byte of data if including the
127+			 * extension. WebSphere Application Server 7.0 is
128+			 * intolerant to the last extension being zero-length. */
129+			if (padding_len >= 4 + 1)
130 				padding_len -= 4;
131 			else
132-				padding_len = 0;
133+				padding_len = 1;
134 			if (limit - ret - 4 - (long)padding_len < 0)
135 				return NULL;
136 
137