diff --git a/ssl/record/rec_layer.h b/ssl/record/rec_layer.h
index 648fd3cdd55f22b211e2fbd2c65a4b8577127862..96e245e2c0520c59158d822a0e73b89005a76e0c 100644
--- a/ssl/record/rec_layer.h
+++ b/ssl/record/rec_layer.h
@@ -167,6 +167,9 @@ typedef struct record_layer_st {
 #define RECORD_LAYER_get_wrec(rl)               (&(rl)->wrec)
 
 void RECORD_LAYER_clear(RECORD_LAYER *rl);
+void RECORD_LAYER_release(RECORD_LAYER *rl);
+int RECORD_LAYER_read_pending(RECORD_LAYER *rl);
+int RECORD_LAYER_write_pending(RECORD_LAYER *rl);
 __owur int ssl23_read_bytes(SSL *s, int n);
 __owur int ssl23_write_bytes(SSL *s);
 __owur int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
diff --git a/ssl/record/s3_pkt.c b/ssl/record/s3_pkt.c
index ec3f0a1fe88bf68afb1743d6f218463db942d02d..21ded63e38bbe950a0a48434d8d2bcffca0d15d4 100644
--- a/ssl/record/s3_pkt.c
+++ b/ssl/record/s3_pkt.c
@@ -159,6 +159,25 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl)
     rl->s = s;
 }
 
+void RECORD_LAYER_release(RECORD_LAYER *rl)
+{
+    if (SSL3_BUFFER_is_initialised(&rl->rbuf))
+        ssl3_release_read_buffer(rl->s);
+    if (SSL3_BUFFER_is_initialised(&rl->wbuf))
+        ssl3_release_write_buffer(rl->s);
+    SSL3_RECORD_release(&rl->rrec);
+}
+
+int RECORD_LAYER_read_pending(RECORD_LAYER *rl)
+{
+    return SSL3_BUFFER_get_left(&rl->rbuf) != 0;
+}
+
+int RECORD_LAYER_write_pending(RECORD_LAYER *rl)
+{
+    return SSL3_BUFFER_get_left(&rl->wbuf) != 0;
+}
+
 int ssl3_read_n(SSL *s, int n, int max, int extend)
 {
     /*
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 6066c7807d8715e8eb6e28210733537384b31354..2b745f60a371d75e5e97abb9ed2e02c92aa9c296 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4473,8 +4473,8 @@ int ssl3_renegotiate_check(SSL *s)
     int ret = 0;
 
     if (s->s3->renegotiate) {
-        if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0)
-            && (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0)
+        if (!RECORD_LAYER_read_pending(&s->rlayer)
+            && !RECORD_LAYER_write_pending(&s->rlayer)
             && !SSL_in_init(s)) {
             /*
              * if we are the server, and we have sent a 'RENEGOTIATE'
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 8fc92c1d47b1c4ad8c0b8e7677c6b5e635cbd0ec..fcf474419033320f9a8f87caa181dad4a01eac67 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -179,7 +179,7 @@ int ssl3_send_alert(SSL *s, int level, int desc)
     s->s3->alert_dispatch = 1;
     s->s3->send_alert[0] = level;
     s->s3->send_alert[1] = desc;
-    if (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0) {
+    if (!RECORD_LAYER_write_pending(&s->rlayer)) {
         /* data still being written out? */
         return s->method->ssl_dispatch_alert(s);
     }
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 0298501ada41c3f99652d3bcfab9a326b3cd759e..9a29d9c60a6c0c5659651044e4b30c037f79b9db 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -603,11 +603,7 @@ void SSL_free(SSL *s)
     if (s->method != NULL)
         s->method->ssl_free(s);
 
-    if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
-        ssl3_release_read_buffer(s);
-    if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_wbuf(&s->rlayer)))
-        ssl3_release_write_buffer(s);
-    SSL3_RECORD_release(RECORD_LAYER_get_rrec(&s->rlayer));
+    RECORD_LAYER_release(&s->rlayer);
 
     if (s->ctx)
         SSL_CTX_free(s->ctx);