You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 lines
831 B
22 lines
831 B
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c |
|
index 0275452..8efdcd7 100644 |
|
--- a/modules/ssl/ssl_engine_init.c |
|
+++ b/modules/ssl/ssl_engine_init.c |
|
@@ -1144,11 +1144,16 @@ static void ssl_init_server_certs(server_rec *s, |
|
OBJ_nid2sn(nid), vhost_id, mctx->pks->cert_files[0]); |
|
} |
|
/* |
|
- * ...otherwise, configure NIST P-256 (required to enable ECDHE) |
|
+ * ...otherwise, enable auto curve selection (OpenSSL 1.0.2 and later) |
|
+ * or configure NIST P-256 (required to enable ECDHE for earlier versions) |
|
*/ |
|
else { |
|
+#if defined(SSL_CTX_set_ecdh_auto) |
|
+ SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); |
|
+#else |
|
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, |
|
EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
|
+#endif |
|
} |
|
#endif |
|
}
|
|
|