From d36fa29ac43b4615d0c291e2faccd922c468d8d6 Mon Sep 17 00:00:00 2001
From: Joakim Soderberg <joakim.soderberg@gmail.com>
Date: Sat, 12 Mar 2016 08:49:09 +0800
Subject: [PATCH] ssl ecdh adapt if missing ecdh.h include

https://github.com/warmcat/libwebsockets/issues/457
---
 CMakeLists.txt  | 10 ++++++++++
 lib/ssl.c       |  4 ++--
 lws_config.h.in |  3 +++
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5c619341e..a9874e933 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -695,6 +695,15 @@ if (LWS_WITH_SSL)
 		include_directories("${OPENSSL_INCLUDE_DIRS}")
 		list(APPEND LIB_LIST ${OPENSSL_LIBRARIES})
 	endif()
+
+	# older (0.98) Openssl lacks this
+	set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
+	check_include_file(openssl/ecdh.h LWS_HAVE_OPENSSL_ECDH_H)
+
+	if (LWS_SSL_SERVER_WITH_ECDH_CERT AND NOT LWS_HAVE_OPENSSL_ECDH_H)
+		message(FATAL_ERROR "Missing openssl/ecdh.h, so cannot use LWS_SSL_SERVER_WITH_ECDH_CERT")
+	endif()
+
 endif(LWS_WITH_SSL)
 
 if (LWS_WITH_LIBEV)
@@ -1208,6 +1217,7 @@ message(" LWS_WITH_HTTP2 = ${LWS_WITH_HTTP2}")
 message(" LWS_MBED3 = ${LWS_MBED3}")
 message(" LWS_SSL_SERVER_WITH_ECDH_CERT = ${LWS_SSL_SERVER_WITH_ECDH_CERT}")
 message(" LWS_MAX_SMP = ${LWS_MAX_SMP}")
+message(" LWS_HAVE_OPENSSL_ECDH_H = ${LWS_HAVE_OPENSSL_ECDH_H}")
 message("---------------------------------------------------------------------")
 
 # These will be available to parent projects including libwebsockets using add_subdirectory()
diff --git a/lib/ssl.c b/lib/ssl.c
index 88906e78a..bffa8d02e 100644
--- a/lib/ssl.c
+++ b/lib/ssl.c
@@ -24,7 +24,7 @@
  #include <openssl/err.h>
 #endif
 
-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+#ifdef LWS_HAVE_OPENSSL_ECDH_H
 #include <openssl/ecdh.h>
 #endif
 
@@ -139,7 +139,7 @@ static int
 lws_context_ssl_init_ecdh_curve(struct lws_context_creation_info *info,
 				struct lws_context *context)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+#ifdef LWS_HAVE_OPENSSL_ECDH_H
 	EC_KEY *ecdh;
 	int ecdh_nid;
 	const char *ecdh_curve = "prime256v1";
diff --git a/lws_config.h.in b/lws_config.h.in
index 6ce964b6d..9a3852896 100644
--- a/lws_config.h.in
+++ b/lws_config.h.in
@@ -74,6 +74,9 @@
 /* SSL server using ECDH certificate */
 #cmakedefine LWS_SSL_SERVER_WITH_ECDH_CERT
 
+/* whether the Openssl is recent enough, and / or built with, ecdh */
+#cmakedefine LWS_HAVE_OPENSSL_ECDH_H
+
 /* Maximum supported service threads */
 #define LWS_MAX_SMP ${LWS_MAX_SMP}