Only require an EC public key in tls1_set_ec_id(), if we need to provide

a compression identifier. In the case of a server using ephemeral EC keys,
the supplied key is unlikely to have a public key where
SSL_CTX_set_tmp_ecdh() is called after SSL_OP_SINGLE_ECDH_USE has been
set. This makes ECDHE ciphers work again for this use case.

1 files changed, 4 insertions, 4 deletions

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 409da9b4bd..22e84fe122 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.63 2014/10/05 14:56:32 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.64 2014/10/15 14:02:16 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -458,9 +458,6 @@ tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec)
         if (ec == NULL)
                 return (0);
 
-        if (EC_KEY_get0_public_key(ec) == NULL)
-                return (0);
-
         /* Determine if it is a prime field. */
         if ((grp = EC_KEY_get0_group(ec)) == NULL)
                 return (0);
@@ -484,6 +481,9 @@ tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec)
 
         /* Specify the compression identifier. */
         if (comp_id != NULL) {
+                if (EC_KEY_get0_public_key(ec) == NULL)
+                        return (0);
+
                 if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED) {
                         *comp_id = is_prime ?
                             TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime :