meta-starlingx/recipes-support/openldap/files/0020-openldap-openssl-ITS7596-Add-EC-support-patch-2.patch

From 14058818a2d2aa42427a0e9433957c90a1264ec5 Mon Sep 17 00:00:00 2001
From: babak sarashki <babak.sarashki@windriver.com>
Date: Tue, 5 Nov 2019 09:50:55 -0800
Subject: [PATCH 20/20] openldap openssl ITS7596 Add EC support patch 2

From 721e46fe6695077d63a3df6ea2e397920a72308d
From stx 1901 openldap-openssl-ITS7595-Add-EC-support-2.patch
---
 libraries/libldap/tls_o.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index 45afc11..0a70156 100644
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -396,8 +396,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 		DH_free( dh );
 	}
 
-#ifdef SSL_OP_SINGLE_ECDH_USE
 	if ( is_server && lo->ldo_tls_ecname ) {
+#ifdef OPENSSL_NO_EC
+		Debug( LDAP_DEBUG_ANY,
+			"TLS: Elliptic Curves not supported.\n", 0,0,0 );
+		return -1;
+#else
 		EC_KEY *ecdh;
 
 		int nid = OBJ_sn2nid( lt->lt_ecname );
@@ -419,8 +423,8 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 		SSL_CTX_set_tmp_ecdh( ctx, ecdh );
 		SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE );
 		EC_KEY_free( ecdh );
-	}
 #endif
+	}
 
 	if ( tlso_opt_trace ) {
 		SSL_CTX_set_info_callback( ctx, tlso_info_cb );
-- 
2.17.1