From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 13 Sep 2015 15:51:51 +0000 (-0400)
Subject: Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers...
X-Git-Tag: tor-0.2.7.3-rc~32^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=902517a7c03ec5a879190903f65fafc62c0b1613;p=thirdparty%2Ftor.git

Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers...

(which isn't correct.)

Fixes bug 17047; bugfix on 0.2.7.2-alpha, introduced by the merge in
0030765e04d8dfe3dfaf8124b01a4d578b7d8ceb, apparently.
---

diff --git a/changes/bug17047 b/changes/bug17047
new file mode 100644
index 0000000000..3ff40ad9b5
--- /dev/null
+++ b/changes/bug17047
@@ -0,0 +1,3 @@
+  o Minor bugfixes (portability):
+    - Restore correct operation of TLS client-cipher detection on
+      OpenSSL 1.1.  Fixes bug 14047; bugfix on 0.2.7.2-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 7447822d48..20c898456a 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1563,7 +1563,7 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl)
 {
   STACK_OF(SSL_CIPHER) *ciphers;
 #ifdef HAVE_SSL_GET_CLIENT_CIPHERS
-  ciphers = SSL_get_ciphers(ssl);
+  ciphers = SSL_get_client_ciphers(ssl);
 #else
   SSL_SESSION *session;
   if (!(session = SSL_get_session((SSL *)ssl))) {