ext/openssl: use SSL_is_server() to check if the SSL is server or not

The state returned by SSL_get_state() doesn't become SSL_ST_ACCEPT
anymore in OpenSSL 1.1.0.

3 files changed, 7 insertions, 3 deletions

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index 7758694b4b..9dbb4d4b03 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -104,6 +104,7 @@ have_func("CRYPTO_memcmp")
 have_func("EC_curve_nist2nid")
 have_func("X509_REVOKED_dup")
 have_func("X509_STORE_CTX_get0_store")
+have_func("SSL_is_server");
 have_func("SSL_CTX_set_alpn_select_cb")
 have_func_like("SSL_CTX_set1_curves_list", "openssl/ssl.h")
 have_func_like("SSL_CTX_set_ecdh_auto", "openssl/ssl.h")
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 55f3adacb4..a23f7d87ea 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -70,6 +70,10 @@ int EC_curve_nist2nid(const char *str);
 #  define X509_STORE_CTX_get0_store(x) ((x)->ctx)
 #endif
 
+#if !defined(HAVE_SSL_IS_SERVER)
+#  define SSL_is_server(s) ((s)->server)
+#endif
+
 /*** added in 1.1.0 ***/
 #if !defined(HAVE_BN_GENCB_NEW)
 #  define BN_GENCB_new() ((BN_GENCB *)OPENSSL_malloc(sizeof(BN_GENCB)))
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 4f215376c9..cfde8d7281 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -654,10 +654,9 @@ ssl_alpn_select_cb(SSL *ssl, const unsigned char **out, unsigned char *outlen, c
 static void
 ssl_info_cb(const SSL *ssl, int where, int val)
 {
-    int state = SSL_get_state(ssl);
+    int is_server = SSL_is_server((SSL *)ssl);
 
-    if ((where & SSL_CB_HANDSHAKE_START) &&
-	(state & SSL_ST_ACCEPT)) {
+    if (is_server && (where & SSL_CB_HANDSHAKE_START)) {
 	ssl_renegotiation_cb(ssl);
     }
 }