diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 92b36802..1d934c27 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3195,8 +3195,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			return (int)s->cert->ctype_num;
 			}
 		if (pctype)
-			*pctype = (unsigned char *)s->s3->tmp.ctype;
-		return s->s3->tmp.ctype_num;
+			*pctype = s->s3->tmp.ctype;
+		return (int)s->s3->tmp.ctype_num;
 		}
 
 	case SSL_CTRL_SET_CLIENT_CERT_TYPES:
diff --git a/ssl/ssl.h b/ssl/ssl.h
index fdb28083..701c2838 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2416,6 +2416,7 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
 int SSL_add_client_CA(SSL *ssl,X509 *x);
 int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
 
+/* Deprecated. Use SSL_get0_certificate_types instead. */
 void SSL_get_client_certificate_types(const SSL *s, const unsigned char **ctype,
 	size_t *ctype_num);
 
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 1d3be7b6..af1ecf2b 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -524,7 +524,7 @@ typedef struct ssl3_state_st
 
 		/* used for certificate requests */
 		int cert_req;
-		int ctype_num;
+		size_t ctype_num;
 		unsigned char ctype[SSL3_CT_NUMBER];
 		STACK_OF(X509_NAME) *ca_names;
 
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 095235ea..1bad680e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1020,16 +1020,9 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x)
 void SSL_get_client_certificate_types(const SSL *s, const unsigned char **ctype,
 	size_t *ctype_num)
 	{
-	if (s->s3 == NULL)
-		{
-		*ctype = NULL;
-		*ctype_num = 0;
-		return;
-		}
-
-	/* This always returns nothing for the server. */
-	*ctype = s->s3->tmp.ctype;
-	*ctype_num = s->s3->tmp.ctype_num;
+	/* TODO(fork): Remove this function once Chromium is updated
+	 * to use the new one. */
+	*ctype_num = SSL_get0_certificate_types((SSL*)s, ctype);
 	}
 
 static int xname_cmp(const X509_NAME **a, const X509_NAME **b)