You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.0 KiB
34 lines
1.0 KiB
ITS#7595 don't try to use EC if OpenSSL lacks it |
|
|
|
Cherry-picked upstream 721e46fe6695077d63a3df6ea2e397920a72308d |
|
Author: Howard Chu <hyc@openldap.org> |
|
Date: Sun Sep 8 06:32:23 2013 -0700 |
|
|
|
diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c |
|
index 1a81bc625..71c2b055c 100644 |
|
--- a/libraries/libldap/tls_o.c |
|
+++ b/libraries/libldap/tls_o.c |
|
@@ -321,8 +321,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) |
|
DH_free( dh ); |
|
} |
|
|
|
-#ifdef SSL_OP_SINGLE_ECDH_USE |
|
if ( is_server && lo->ldo_tls_ecname ) { |
|
+#ifdef OPENSSL_NO_EC |
|
+ Debug( LDAP_DEBUG_ANY, |
|
+ "TLS: Elliptic Curves not supported.\n", 0,0,0 ); |
|
+ return -1; |
|
+#else |
|
EC_KEY *ecdh; |
|
|
|
int nid = OBJ_sn2nid( lt->lt_ecname ); |
|
@@ -344,8 +348,8 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) |
|
SSL_CTX_set_tmp_ecdh( ctx, ecdh ); |
|
SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE ); |
|
EC_KEY_free( ecdh ); |
|
- } |
|
#endif |
|
+ } |
|
|
|
if ( tlso_opt_trace ) { |
|
SSL_CTX_set_info_callback( ctx, tlso_info_cb );
|
|
|