Fix segfault on printing the temp key from s_client when connection is not established

Resolves: RHEL-79045

0141-print-pq-group.patch

@@ -17,3 +17,16 @@ index 3b3c0dd0b38f5..026315406e298 100644
      BIO_puts(out, "Server Temp Key: ");
      switch (EVP_PKEY_get_id(key)) {
      case EVP_PKEY_RSA:
+diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
+index b98464256e..eb3d7e24f6 100644
+--- a/ssl/s3_lib.c
++++ b/ssl/s3_lib.c
+@@ -3734,7 +3734,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
+             if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
+                 id = sc->s3.group_id;
+             else
+-                id = sc->session->kex_group;
++                id = (sc->session != NULL) ? sc->session->kex_group : NID_undef;
+             ret = tls1_group_id2nid(id, 1);
+             break;
+         }

openssl.spec

@@ -184,6 +184,7 @@ Patch139: 0139-CVE-2024-6119.patch
 # https://github.com/openssl/openssl/pull/26197
 Patch140: 0140-prov_no-cache.patch
 # https://github.com/openssl/openssl/pull/25959
+# https://github.com/openssl/openssl/pull/26722
 Patch141: 0141-print-pq-group.patch
 # https://github.com/openssl/openssl/pull/26429
 Patch142: 0142-CVE-2024-13176-Minerva.patch
@@ -550,6 +551,8 @@ touch $RPM_BUILD_ROOT/%{_prefix}/include/openssl/engine.h
   Related: RHEL-71132
 - RFC7250 handshakes with unauthenticated servers don't abort as expected (CVE-2024-12797)
   Resolves: RHEL-76754
+- Fix segfault on printing the temp key from s_client when connection is not established
+  Resolves: RHEL-79045
 
 * Thu Jan 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-15
 - Fix providers no_cache behavior