[tor/master] Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers... - tor-commits

16 Sep 2015

commit 902517a7c03ec5a879190903f65fafc62c0b1613
Author: Nick Mathewson nickm@torproject.org
Date:   Sun Sep 13 11:51:51 2015 -0400
Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers...
(which isn't correct.)
Fixes bug 17047; bugfix on 0.2.7.2-alpha, introduced by the merge in
    0030765e04d8dfe3dfaf8124b01a4d578b7d8ceb, apparently.
---
 changes/bug17047    |    3 +++
 src/common/tortls.c |    2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/changes/bug17047 b/changes/bug17047
new file mode 100644
index 0000000..3ff40ad
--- /dev/null
+++ b/changes/bug17047
@@ -0,0 +1,3 @@
+  o Minor bugfixes (portability):
+    - Restore correct operation of TLS client-cipher detection on
+      OpenSSL 1.1.  Fixes bug 14047; bugfix on 0.2.7.2-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 7447822..20c8984 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1563,7 +1563,7 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl)
 {
   STACK_OF(SSL_CIPHER) *ciphers;
 #ifdef HAVE_SSL_GET_CLIENT_CIPHERS
-  ciphers = SSL_get_ciphers(ssl);
+  ciphers = SSL_get_client_ciphers(ssl);
 #else
   SSL_SESSION *session;
   if (!(session = SSL_get_session((SSL *)ssl))) {

    