meta-starlingx/meta-stx-integ/recipes-support/openldap/files/0020-openldap-openssl-ITS7596-Add-EC-support-patch-2.patch

   1 From 14058818a2d2aa42427a0e9433957c90a1264ec5 Mon Sep 17 00:00:00 2001
   2 From: babak sarashki <babak.sarashki@windriver.com>
   3 Date: Tue, 5 Nov 2019 09:50:55 -0800
   4 Subject: [PATCH 20/20] openldap openssl ITS7596 Add EC support patch 2
   5
   6 From 721e46fe6695077d63a3df6ea2e397920a72308d
   7 From stx 1901 openldap-openssl-ITS7595-Add-EC-support-2.patch
   8 ---
   9  libraries/libldap/tls_o.c | 8 ++++++--
  10  1 file changed, 6 insertions(+), 2 deletions(-)
  11
  12 diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
  13 index 45afc11..0a70156 100644
  14 --- a/libraries/libldap/tls_o.c
  15 +++ b/libraries/libldap/tls_o.c
  16 @@ -396,8 +396,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
  17                 DH_free( dh );
  18         }
  19
  20 -#ifdef SSL_OP_SINGLE_ECDH_USE
  21         if ( is_server && lo->ldo_tls_ecname ) {
  22 +#ifdef OPENSSL_NO_EC
  23 +               Debug( LDAP_DEBUG_ANY,
  24 +                       "TLS: Elliptic Curves not supported.\n", 0,0,0 );
  25 +               return -1;
  26 +#else
  27                 EC_KEY *ecdh;
  28
  29                 int nid = OBJ_sn2nid( lt->lt_ecname );
  30 @@ -419,8 +423,8 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
  31                 SSL_CTX_set_tmp_ecdh( ctx, ecdh );
  32                 SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE );
  33                 EC_KEY_free( ecdh );
  34 -       }
  35  #endif
  36 +       }
  37
  38         if ( tlso_opt_trace ) {
  39                 SSL_CTX_set_info_callback( ctx, tlso_info_cb );
  40 --
  41 2.17.1
  42