ITS#7595 don't try to use EC if OpenSSL lacks it

Cherry-picked upstream 721e46fe6695077d63a3df6ea2e397920a72308d

Author: Howard Chu <hyc@openldap.org>

Date: Sun Sep 8 06:32:23 2013 -0700

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c

index 1a81bc625..71c2b055c 100644

--- a/libraries/libldap/tls_o.c

+++ b/libraries/libldap/tls_o.c

@@ -321,8 +321,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )

 		DH_free( dh );

 	}

-#ifdef SSL_OP_SINGLE_ECDH_USE

 	if ( is_server && lo->ldo_tls_ecname ) {

+#ifdef OPENSSL_NO_EC

+		Debug( LDAP_DEBUG_ANY,

+			"TLS: Elliptic Curves not supported.\n", 0,0,0 );

+		return -1;

+#else

 		EC_KEY *ecdh;

 		int nid = OBJ_sn2nid( lt->lt_ecname );

@@ -344,8 +348,8 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )

 		SSL_CTX_set_tmp_ecdh( ctx, ecdh );

 		SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE );

 		EC_KEY_free( ecdh );

-	}

 #endif

+	}

 	if ( tlso_opt_trace ) {

 		SSL_CTX_set_info_callback( ctx, tlso_info_cb );