From: Piotr Sikora <piotr@cloudflare.com>
Date: Fri, 1 Nov 2013 21:35:46 +0000 (+0000)
Subject: Fix SSL_OP_SINGLE_ECDH_USE
X-Git-Tag: master-post-reformat~1101
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=29b490a45886b409fd402c233acda9659e3f2094

Fix SSL_OP_SINGLE_ECDH_USE

Don't require a public key in tls1_set_ec_id if compression status is
not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work.
(cherry picked from commit 5ff68e8f6dac3b0d8997b8bc379f9111c2bab74f)
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1bdac2201f..741f102831 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -590,14 +590,12 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 	{
 	int is_prime, id;
 	const EC_GROUP *grp;
-	const EC_POINT *pt;
 	const EC_METHOD *meth;
 	if (!ec)
 		return 0;
 	/* Determine if it is a prime field */
 	grp = EC_KEY_get0_group(ec);
-        pt = EC_KEY_get0_public_key(ec);
-	if (!grp || !pt)
+	if (!grp)
 		return 0;
         meth = EC_GROUP_method_of(grp);
 	if (!meth)
@@ -625,6 +623,8 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
 		}
 	if (comp_id)
 		{
+        	if (EC_KEY_get0_public_key(ec) == NULL)
+			return 0;
 		if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED)
 			{
 			if (is_prime)