ecdh: Fix a memory leak in ecdh_build_k().

Thanks to Tom Judge for the report.

src/ecdh.c

@@ -77,23 +77,26 @@ static void ecdh_import_pubkey(ssh_session session, ssh_string pubkey_string) {
 
 static int ecdh_build_k(ssh_session session) {
   const EC_GROUP *group = EC_KEY_get0_group(session->next_crypto->ecdh_privkey);
-  EC_POINT *pubkey=EC_POINT_new(group);
+  EC_POINT *pubkey;
   void *buffer;
   int len = (EC_GROUP_get_degree(group) + 7) / 8;
-#ifdef HAVE_LIBCRYPTO
   bignum_CTX ctx = bignum_ctx_new();
   if (ctx == NULL) {
     return -1;
   }
-#endif
 
   session->next_crypto->k = bignum_new();
   if (session->next_crypto->k == NULL) {
-#ifdef HAVE_LIBCRYPTO
     bignum_ctx_free(ctx);
-#endif
     return -1;
   }
+
+  pubkey = EC_POINT_new(group);
+  if (pubkey == NULL) {
+    bignum_ctx_free(ctx);
+    return -1;
+  }
+
   if (session->server)
       EC_POINT_oct2point(group,pubkey,ssh_string_data(session->next_crypto->ecdh_client_pubkey),
               ssh_string_len(session->next_crypto->ecdh_client_pubkey),ctx);
@@ -102,6 +105,7 @@ static int ecdh_build_k(ssh_session session) {
               ssh_string_len(session->next_crypto->ecdh_server_pubkey),ctx);
   buffer = malloc(len);
   ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL);
+  EC_POINT_free(pubkey);
   BN_bin2bn(buffer,len,session->next_crypto->k);
   free(buffer);
   EC_KEY_free(session->next_crypto->ecdh_privkey);