At runtime:

• Continue to call SSL_CTX_set_ecdh_auto, if present at compile time.
  • This will activate ECDHE when built against OpenSSL 1.0.2, and leave it activated when running on OpenSSL 1.1.0 or above.
• If SSL_CTX_set_ecdh_auto is not present, attempt to call SSL_CTX_ctrl and set option SSL_CTRL_SET_ECDH_AUTO, which is equivalent to the integer literal 94, to 'true'.
  • If, at runtime, we have been linked against OpenSSL 1.0.2, this will enable ECDHE auto-negotiation.
  • If, at runtime, we have been linked against OpenSSL 1.0.1, this function will return an error and be ignored.
  • OpenSSL 1.0.2 defines SSL_CTRL_SET_ECDH_AUTO to 94. Vendor patches to OpenSSL 1.0.1 should not have been able to repurpose 94 to another configuration option, as doing so would likely harm forward ABI compatibility with OpenSSL 1.0.2.
• If SSL_CTX_ctrl fails, and OpenSSL has defined the types necessary to hardcode an ECDHE curve, hardcode the named curve prime256v1.
  • This is the named curve hard coded by both Python and Apache, when SSL_CTX_set_ecdh_auto is not present[6].
• Otherwise, if SSL_CTX_set_ecdh_auto is not defined at compile time, SSL_CTX_ctrl fails, and we failed to detect ECDHE support at compile time, do not enable ECDHE.

We should also extend jstests/ssl/ssl_ECDHE_suites.js to assert that ECDHE cipher suites are offered on all platforms.