diff --git a/ssl/internal.h b/ssl/internal.h
index fe1ea5ad..b6f02038 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1652,7 +1652,8 @@ OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session,
 
 void ssl_cipher_preference_list_free(
     struct ssl_cipher_preference_list_st *cipher_list);
-struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(SSL *ssl);
+const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
+    const SSL *ssl);
 
 int ssl_cert_set0_chain(CERT *cert, STACK_OF(X509) *chain);
 int ssl_cert_set1_chain(CERT *cert, STACK_OF(X509) *chain);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index ad7a5443..2a7c91a9 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -220,7 +220,8 @@ void ssl3_free(SSL *ssl) {
   ssl->s3 = NULL;
 }
 
-struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(SSL *ssl) {
+const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
+    const SSL *ssl) {
   if (ssl->cipher_list != NULL) {
     return ssl->cipher_list;
   }
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 491c408c..b8d45496 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1564,23 +1564,13 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) {
     return NULL;
   }
 
-  if (ssl->cipher_list != NULL) {
-    return ssl->cipher_list->ciphers;
+  const struct ssl_cipher_preference_list_st *prefs =
+      ssl_get_cipher_preferences(ssl);
+  if (prefs == NULL) {
+    return NULL;
   }
 
-  if (ssl->version >= TLS1_1_VERSION && ssl->ctx->cipher_list_tls11 != NULL) {
-    return ssl->ctx->cipher_list_tls11->ciphers;
-  }
-
-  if (ssl->version >= TLS1_VERSION && ssl->ctx->cipher_list_tls10 != NULL) {
-    return ssl->ctx->cipher_list_tls10->ciphers;
-  }
-
-  if (ssl->ctx->cipher_list != NULL) {
-    return ssl->ctx->cipher_list->ciphers;
-  }
-
-  return NULL;
+  return prefs->ciphers;
 }
 
 /* return a STACK of the ciphers available for the SSL and in order of