1 files changed, 7 insertions, 7 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index a42e414dec..2cb47a215c 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.115 2017/02/07 02:08:38 beck Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.116 2017/05/06 22:24:58 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -998,8 +998,8 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
        unsigned char *ret = p;
        int next_proto_neg_seen;
-        alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
+        alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
-        alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;
+        alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
        using_ecc = ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA)) &&
            SSI(s)->tlsext_ecpointformatlist != NULL;
@@ -1107,8 +1107,8 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
        }
 #endif
-        if (((S3I(s)->tmp.new_cipher->id & 0xFFFF) == 0x80 ||
+        if (((S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x80 ||
-            (S3I(s)->tmp.new_cipher->id & 0xFFFF) == 0x81) &&
+            (S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x81) &&
            (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
                static const unsigned char cryptopro_ext[36] = {
                        0xfd, 0xe8, /*65000*/
@@ -1986,8 +1986,8 @@ ssl_check_serverhello_tlsext(SSL *s)
         * suite, then if server returns an EC point formats lists extension
         * it must contain uncompressed.
         */
-        unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;
+        unsigned long alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
-        unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
+        unsigned long alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
        if ((s->internal->tlsext_ecpointformatlist != NULL) &&
            (s->internal->tlsext_ecpointformatlist_length > 0) &&
            (SSI(s)->tlsext_ecpointformatlist != NULL) &&

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index a42e414dec..2cb47a215c 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.115 2017/02/07 02:08:38 beck Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.116 2017/05/06 22:24:58 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -998,8 +998,8 @@ ssl_add_serverhello_tlsext(SSL s, unsigned char p, unsigned char *limit)
998	unsigned char *ret = p;	998	unsigned char *ret = p;
999	int next_proto_neg_seen;	999	int next_proto_neg_seen;
1000		1000
1001	alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;	1001	alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
1002	alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;	1002	alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
1003	using_ecc = ((alg_k & SSL_kECDHE) \|\| (alg_a & SSL_aECDSA)) &&	1003	using_ecc = ((alg_k & SSL_kECDHE) \|\| (alg_a & SSL_aECDSA)) &&
1004	SSI(s)->tlsext_ecpointformatlist != NULL;	1004	SSI(s)->tlsext_ecpointformatlist != NULL;
1005		1005
@@ -1107,8 +1107,8 @@ ssl_add_serverhello_tlsext(SSL s, unsigned char p, unsigned char *limit)
1107	}	1107	}
1108	#endif	1108	#endif
1109		1109
1110	if (((S3I(s)->tmp.new_cipher->id & 0xFFFF) == 0x80 \|\|	1110	if (((S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x80 \|\|
1111	(S3I(s)->tmp.new_cipher->id & 0xFFFF) == 0x81) &&	1111	(S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x81) &&
1112	(SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {	1112	(SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
1113	static const unsigned char cryptopro_ext[36] = {	1113	static const unsigned char cryptopro_ext[36] = {
1114	0xfd, 0xe8, /65000/	1114	0xfd, 0xe8, /65000/
@@ -1986,8 +1986,8 @@ ssl_check_serverhello_tlsext(SSL *s)
1986	* suite, then if server returns an EC point formats lists extension	1986	* suite, then if server returns an EC point formats lists extension
1987	* it must contain uncompressed.	1987	* it must contain uncompressed.
1988	*/	1988	*/
1989	unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;	1989	unsigned long alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
1990	unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;	1990	unsigned long alg_a = S3I(s)->hs.new_cipher->algorithm_auth;
1991	if ((s->internal->tlsext_ecpointformatlist != NULL) &&	1991	if ((s->internal->tlsext_ecpointformatlist != NULL) &&
1992	(s->internal->tlsext_ecpointformatlist_length > 0) &&	1992	(s->internal->tlsext_ecpointformatlist_length > 0) &&
1993	(SSI(s)->tlsext_ecpointformatlist != NULL) &&	1993	(SSI(s)->tlsext_ecpointformatlist != NULL) &&