Split most of SSL_METHOD out into an internal variant, which is opaque.

Discussed with beck@
author: jsing <jsing@openbsd.org> 2017-01-23 13:36:12 +0000
committer: jsing <jsing@openbsd.org> 2017-01-23 13:36:12 +0000
commit: 9eac7899ed76d83aff808c8376c1d53fc748541a (patch)
tree: 571d929db113cf5cd0463ab8d85cada655a140f1 /lib/libssl/t1_enc.c
parent: _end should be on a 64-bit boundary, so make sure to align (diff)
download: wireguard-openbsd-9eac7899ed76d83aff808c8376c1d53fc748541a.tar.xz
wireguard-openbsd-9eac7899ed76d83aff808c8376c1d53fc748541a.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 2100faac225..c0abe762e6c 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.91 2017/01/23 08:08:06 beck Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.92 2017/01/23 13:36:13 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -784,7 +784,7 @@ tls1_setup_key_block(SSL *s)
 		goto err;
 
 	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&
-	    s->method->version <= TLS1_VERSION) {
+	    s->method->internal->version <= TLS1_VERSION) {
 		/*
 		 * Enable vulnerability countermeasure for CBC ciphers with
 		 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
author	jsing <jsing@openbsd.org>	2017-01-23 13:36:12 +0000
committer	jsing <jsing@openbsd.org>	2017-01-23 13:36:12 +0000
commit	9eac7899ed76d83aff808c8376c1d53fc748541a (patch)
tree	571d929db113cf5cd0463ab8d85cada655a140f1 /lib/libssl/t1_enc.c
parent	_end should be on a 64-bit boundary, so make sure to align (diff)
download	wireguard-openbsd-9eac7899ed76d83aff808c8376c1d53fc748541a.tar.xz wireguard-openbsd-9eac7899ed76d83aff808c8376c1d53fc748541a.zip