Deprecate RSA harder

[openssl.git] / ssl / statem / statem_clnt.c

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 5b7b7cd5f5e190a9c4100dec0f8f999069e68444..277998f9548fd15e22c5f2e43c759d53961e1598 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -20,6 +20,7 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
 #include <openssl/dh.h>
+#include <openssl/rsa.h>
 #include <openssl/bn.h>
 #include <openssl/engine.h>
 #include <openssl/trace.h>
@@ -2824,7 +2825,7 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt)
     }
 
     pkey = X509_get0_pubkey(s->session->peer);
-    if (EVP_PKEY_get0_RSA(pkey) == NULL) {
+    if (!EVP_PKEY_is_a(pkey, "RSA")) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         return 0;
     }