From cca9892deba0db3a78dd8cfcf441f5b12c86adb7 Mon Sep 17 00:00:00 2001
From: Bert van Hall <bert.vanhall@avionic-design.de>
Date: Tue, 31 Jan 2017 14:42:45 +0100
Subject: [PATCH] libvncclient/tls_openssl: support openssl 1.1.x

Treat openSSL data structures as opaque to achieve compatibility with
openSSL 1.1.x. While at it, fix order of cleaning up in
open_ssl_connection().

Signed-off-by: Bert van Hall <bert.vanhall@avionic-design.de>
---
 libvncclient/tls_openssl.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/libvncclient/tls_openssl.c b/libvncclient/tls_openssl.c
index a531778..1b6c986 100644
--- a/libvncclient/tls_openssl.c
+++ b/libvncclient/tls_openssl.c
@@ -189,7 +189,7 @@ ssl_verify (int ok, X509_STORE_CTX *ctx)
 
   ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx ());
 
-  client = SSL_CTX_get_app_data (ssl->ctx);
+  client = SSL_CTX_get_app_data (SSL_get_SSL_CTX(ssl));
 
   cert = X509_STORE_CTX_get_current_cert (ctx);
   err = X509_STORE_CTX_get_error (ctx);
@@ -287,11 +287,10 @@ open_ssl_connection (rfbClient *client, int sockfd, rfbBool anonTLS)
     {
       if (wait_for_data(ssl, n, 1) != 1) 
       {
-        finished = 1; 
-        if (ssl->ctx)
-          SSL_CTX_free (ssl->ctx);
+        finished = 1;
+        SSL_shutdown(ssl);
         SSL_free(ssl);
-        SSL_shutdown (ssl);
+        SSL_CTX_free(ssl_ctx);
 
         return NULL;
       }