Remove ECDH client auth code.

        p[ret++] = SSL3_CT_DSS_SIGN;

#endif

#ifndef OPENSSL_NO_EC

    if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {

        if (nostrict || !(alg_a & SSL_aRSA))

            p[ret++] = TLS_CT_RSA_FIXED_ECDH;

        if (nostrict || !(alg_a & SSL_aECDSA))

            p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;

    }

    /*

     * ECDSA certs can be used with RSA cipher suites as well so we don't

     * ECDSA certs can be used with RSA cipher suites too so we don't

     * need to check for SSL_kECDH or SSL_kECDHE

     */

    if (s->version >= TLS1_VERSION) {

    else if (alg_k & (SSL_kECDHE | SSL_kECDHr | SSL_kECDHe | SSL_kECDHEPSK)) {

        const EC_GROUP *srvr_group = NULL;

        EC_KEY *tkey;

        int ecdh_clnt_cert = 0;

        int field_size = 0;

        /*

         * Did we send out the client's ECDH share for use in premaster

         * computation as part of client certificate? If so, set

         * ecdh_clnt_cert to 1.

         */

        if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {

            /*-

             * XXX: For now, we do not support client

             * authentication using ECDH certificates.

             * To add such support, one needs to add

             * code that checks for appropriate

             * conditions and sets ecdh_clnt_cert to 1.

             * For example, the cert have an ECC

             * key on the same curve as the server's

             * and the key should be authorized for

             * key agreement.

             *

             * One also needs to add code in ssl3_connect

             * to skip sending the certificate verify

             * message.

             *

             * if ((s->cert->key->privatekey != NULL) &&

             *     (s->cert->key->privatekey->type ==

             *      EVP_PKEY_EC) && ...)

             * ecdh_clnt_cert = 1;

             */

        }

        if (s->s3->peer_ecdh_tmp != NULL) {

            tkey = s->s3->peer_ecdh_tmp;

            SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);

            goto err;

        }

        if (ecdh_clnt_cert) {

            /*

             * Reuse key info from our certificate We only need our

             * private key to perform the ECDH computation.

             */

            const BIGNUM *priv_key;

            tkey = s->cert->key->privatekey->pkey.ec;

            priv_key = EC_KEY_get0_private_key(tkey);

            if (priv_key == NULL) {

                SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,

                       ERR_R_MALLOC_FAILURE);

                goto err;

            }

            if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {

                SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);

                goto err;

            }

        } else {

        /* Generate a new ECDH key pair */

        if (!(EC_KEY_generate_key(clnt_ecdh))) {

                SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,

                       ERR_R_ECDH_LIB);

            SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);

            goto err;

        }

        }

        /*

         * use the 'p' output buffer for the ECDH key, but make sure to

            goto err;

        }

        if (ecdh_clnt_cert) {

            /* Send empty client key exch message */

            n = 0;

        } else {

        /*

         * First check the size of encoding and allocate memory

         * accordingly.

        memcpy(p, encodedPoint, n);

        /* increment n to account for length field */

        n += 1;

        }

        /* Free allocated memory */

        OPENSSL_free(encodedPoint);

        }

        if (PACKET_remaining(pkt) == 0L) {

            /* Client Publickey was in Client Certificate */

            if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {

            /* We don't support ECDH client auth */

            al = SSL_AD_HANDSHAKE_FAILURE;

            SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,

                   SSL_R_MISSING_TMP_ECDH_KEY);

            goto f_err;

            }

            if (((clnt_pub_pkey = X509_get_pubkey(s->session->peer))

                 == NULL) || (clnt_pub_pkey->type != EVP_PKEY_EC)) {

                /*

                 * XXX: For now, we do not support client authentication

                 * using ECDH certificates so this branch (n == 0L) of the

                 * code is never executed. When that support is added, we

                 * ought to ensure the key received in the certificate is

                 * authorized for key agreement. ECDH_compute_key implicitly

                 * checks that the two ECDH shares are for the same group.

                 */

                al = SSL_AD_HANDSHAKE_FAILURE;

                SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,

                       SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);

                goto f_err;

            }

            if (EC_POINT_copy(clnt_ecpoint,

                              EC_KEY_get0_public_key(clnt_pub_pkey->

                                                     pkey.ec)) == 0) {

                SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);

                goto err;

            }

            s->statem.no_cert_verify = 1;

        } else {

            /*

             * Get client's public key from encoded point in the