I'm not clear that this was a good usage of the current API...
In file included from httpd-2.x/modules/ssl/ssl_private.h:90:0,
from httpd-2.x/modules/ssl/ssl_engine_init.c:29:
httpd-2.x/modules/ssl/ssl_engine_init.c: In function ‘ssl_init_server_certs’:
include/openssl/ssl.h:1287:51: warning: statement with no effect
[-Wunused-value]
# define SSL_CTX_set_ecdh_auto(dummy, onoff) ((onoff) != 0)
^
httpd-2.x/modules/ssl/ssl_engine_init.c:1328:9: note: in expansion of
macro ‘SSL_CTX_set_ecdh_auto’
SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1);
^~~~~~~~~~~~~~~~~~~~~
This looks like a no-op now in OpenSSL 1.1.0.
/*
* ...otherwise, enable auto curve selection (OpenSSL 1.0.2 and later)
* or configure NIST P-256 (required to enable ECDHE for earlier versions)
*/
else {
#if defined(SSL_CTX_set_ecdh_auto)
SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1);
#else
eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
#endif
