From 9ec3798236ba5e1c3f0b8fb2f99e01ee4aaefa97 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Wed, 2 Nov 2016 17:18:13 -0400
Subject: [PATCH] Don't access SSL internals in bssl_shim.

This is the last blocker within BoringSSL itself to opaquifying SSL.
(There are still blockers in consumers, of course.)

BUG=6

Change-Id: Ie3b8dcb78eeaa9aea7311406c5431a8625d60401
Reviewed-on: https://boringssl-review.googlesource.com/12061
Reviewed-by: Adam Langley <agl@google.com>
---
 ssl/test/bssl_shim.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index ed17aa87..12231463 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -366,7 +366,7 @@ static bool GetCertificate(SSL *ssl, bssl::UniquePtr<X509> *out_x509,
     }
   }
   if (!config->ocsp_response.empty() &&
-      !SSL_CTX_set_ocsp_response(ssl->ctx,
+      !SSL_CTX_set_ocsp_response(SSL_get_SSL_CTX(ssl),
                                  (const uint8_t *)config->ocsp_response.data(),
                                  config->ocsp_response.size())) {
     return false;