Use SSL_state() to inspect the state of SSL objects.

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 609328663715c2d23cf3304a464552ae8dd872cc..edb744f33cf01d3f66ff3de51581c11ad469b7c2 100644 (file)
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1682,14 +1682,17 @@ static void
 tor_tls_server_info_callback(const SSL *ssl, int type, int val)
 {
   tor_tls_t *tls;
+  int ssl_state;
   (void) val;
 
   tor_tls_debug_state_callback(ssl, type, val);
 
   if (type != SSL_CB_ACCEPT_LOOP)
     return;
-  if ((ssl->state != SSL3_ST_SW_SRVR_HELLO_A) &&
-      (ssl->state != SSL3_ST_SW_SRVR_HELLO_B))
+
+  ssl_state = SSL_state(ssl);
+  if ((ssl_state != SSL3_ST_SW_SRVR_HELLO_A) &&
+      (ssl_state != SSL3_ST_SW_SRVR_HELLO_B))
     return;
 
   tls = tor_tls_get_by_ssl(ssl);
@@ -2194,7 +2197,7 @@ tor_tls_handshake(tor_tls_t *tls)
   tor_assert(tls->ssl);
   tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
   check_no_tls_errors();
-  oldstate = tls->ssl->state;
+  oldstate = SSL_state(tls->ssl);
   if (tls->isServer) {
     log_debug(LD_HANDSHAKE, "About to call SSL_accept on %p (%s)", tls,
               SSL_state_string_long(tls->ssl));
@@ -2204,7 +2207,7 @@ tor_tls_handshake(tor_tls_t *tls)
               SSL_state_string_long(tls->ssl));
     r = SSL_connect(tls->ssl);
   }
-  if (oldstate != tls->ssl->state)
+  if (oldstate != SSL_state(tls->ssl))
     log_debug(LD_HANDSHAKE, "After call, %p was in state %s",
               tls, SSL_state_string_long(tls->ssl));
   /* We need to call this here and not earlier, since OpenSSL has a penchant