From 04e45b52ee3be81121359cc1198fd01e38096e9f Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 1 Feb 2013 13:53:43 +0000
Subject: [PATCH] Don't access EVP_MD_CTX internals directly.

---
 ssl/s3_cbc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index da53a6da3b..52e294157e 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -379,7 +379,7 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
 	if (FIPS_mode())
 		return 0;
 #endif
-	switch (ctx->digest->type)
+	switch (EVP_MD_CTX_type(ctx))
 		{
 		case NID_md5:
 		case NID_sha1:
@@ -452,7 +452,7 @@ void ssl3_cbc_digest_record(
 	 * many possible overflows later in this function. */
 	OPENSSL_assert(data_plus_mac_plus_padding_size < 1024*1024);
 
-	switch (ctx->digest->type)
+	switch (EVP_MD_CTX_type(ctx))
 		{
 		case NID_md5:
 			MD5_Init((MD5_CTX*)md_state.c);
-- 
2.25.1