1 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 4b215a786d..e3e0c974af 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.251 2021/03/02 15:43:12 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.252 2021/03/24 18:44:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2111,8 +2111,8 @@ ssl_using_ecc_cipher(SSL *s)
 {
        unsigned long alg_a, alg_k;
-        alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
+        alg_a = S3I(s)->hs.cipher->algorithm_auth;
-        alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
+        alg_k = S3I(s)->hs.cipher->algorithm_mkey;
        return SSI(s)->tlsext_ecpointformatlist != NULL &&
            SSI(s)->tlsext_ecpointformatlist_length > 0 &&
@@ -2122,7 +2122,7 @@ ssl_using_ecc_cipher(SSL *s)
 int
 ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 {
-        const SSL_CIPHER        *cs = S3I(s)->hs.new_cipher;
+        const SSL_CIPHER        *cs = S3I(s)->hs.cipher;
        unsigned long            alg_a;
        alg_a = cs->algorithm_auth;
@@ -2150,9 +2150,9 @@ ssl_get_server_send_pkey(const SSL *s)
        int              i;
        c = s->cert;
-        ssl_set_cert_masks(c, S3I(s)->hs.new_cipher);
+        ssl_set_cert_masks(c, S3I(s)->hs.cipher);
-        alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
+        alg_a = S3I(s)->hs.cipher->algorithm_auth;
        if (alg_a & SSL_aECDSA) {
                i = SSL_PKEY_ECC;
@@ -2211,9 +2211,9 @@ ssl_get_auto_dh(SSL *s)
        if (s->cert->dh_tmp_auto == 2) {
                keylen = 1024;
-        } else if (S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL) {
+        } else if (S3I(s)->hs.cipher->algorithm_auth & SSL_aNULL) {
                keylen = 1024;
-                if (S3I(s)->hs.new_cipher->strength_bits == 256)
+                if (S3I(s)->hs.cipher->strength_bits == 256)
                        keylen = 3072;
        } else {
                if ((cpk = ssl_get_server_send_pkey(s)) == NULL)

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 4b215a786d..e3e0c974af 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.251 2021/03/02 15:43:12 tb Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.252 2021/03/24 18:44:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2111,8 +2111,8 @@ ssl_using_ecc_cipher(SSL *s)
2111	{	2111	{
2112	unsigned long alg_a, alg_k;	2112	unsigned long alg_a, alg_k;
2113		2113
2114	alg_a = S3I(s)->hs.new_cipher->algorithm_auth;	2114	alg_a = S3I(s)->hs.cipher->algorithm_auth;
2115	alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;	2115	alg_k = S3I(s)->hs.cipher->algorithm_mkey;
2116		2116
2117	return SSI(s)->tlsext_ecpointformatlist != NULL &&	2117	return SSI(s)->tlsext_ecpointformatlist != NULL &&
2118	SSI(s)->tlsext_ecpointformatlist_length > 0 &&	2118	SSI(s)->tlsext_ecpointformatlist_length > 0 &&
@@ -2122,7 +2122,7 @@ ssl_using_ecc_cipher(SSL *s)
2122	int	2122	int
2123	ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)	2123	ssl_check_srvr_ecc_cert_and_alg(X509 x, SSL s)
2124	{	2124	{
2125	const SSL_CIPHER *cs = S3I(s)->hs.new_cipher;	2125	const SSL_CIPHER *cs = S3I(s)->hs.cipher;
2126	unsigned long alg_a;	2126	unsigned long alg_a;
2127		2127
2128	alg_a = cs->algorithm_auth;	2128	alg_a = cs->algorithm_auth;
@@ -2150,9 +2150,9 @@ ssl_get_server_send_pkey(const SSL *s)
2150	int i;	2150	int i;
2151		2151
2152	c = s->cert;	2152	c = s->cert;
2153	ssl_set_cert_masks(c, S3I(s)->hs.new_cipher);	2153	ssl_set_cert_masks(c, S3I(s)->hs.cipher);
2154		2154
2155	alg_a = S3I(s)->hs.new_cipher->algorithm_auth;	2155	alg_a = S3I(s)->hs.cipher->algorithm_auth;
2156		2156
2157	if (alg_a & SSL_aECDSA) {	2157	if (alg_a & SSL_aECDSA) {
2158	i = SSL_PKEY_ECC;	2158	i = SSL_PKEY_ECC;
@@ -2211,9 +2211,9 @@ ssl_get_auto_dh(SSL *s)
2211		2211
2212	if (s->cert->dh_tmp_auto == 2) {	2212	if (s->cert->dh_tmp_auto == 2) {
2213	keylen = 1024;	2213	keylen = 1024;
2214	} else if (S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL) {	2214	} else if (S3I(s)->hs.cipher->algorithm_auth & SSL_aNULL) {
2215	keylen = 1024;	2215	keylen = 1024;
2216	if (S3I(s)->hs.new_cipher->strength_bits == 256)	2216	if (S3I(s)->hs.cipher->strength_bits == 256)
2217	keylen = 3072;	2217	keylen = 3072;
2218	} else {	2218	} else {
2219	if ((cpk = ssl_get_server_send_pkey(s)) == NULL)	2219	if ((cpk = ssl_get_server_send_pkey(s)) == NULL)