From dc103686348d3205733a2c77e7d2ccbff6691022 Mon Sep 17 00:00:00 2001
From: Ed Maste <emaste@FreeBSD.org>
Date: Tue, 30 May 2023 14:28:44 -0400
Subject: [PATCH] unbound: avoid calling deprecated OpenSSL function

SSL_CTX_set_ecdh_auto is deprecated and has no effect (for reference see
https://github.com/openssl/openssl/commit/2ecb9f2d18614fb7b7b42830a358b7163ed43221).

As unbound's config.h is manually maintained just turn off
HAVE_DECL_SSL_CTX_SET_ECDH_AUTO so that the deprecated function won't
be called.

Reviewed by:	ngie
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40341
---
 usr.sbin/unbound/config.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.sbin/unbound/config.h b/usr.sbin/unbound/config.h
index 2068cbfe729..ef97b01b12e 100644
--- a/usr.sbin/unbound/config.h
+++ b/usr.sbin/unbound/config.h
@@ -165,7 +165,7 @@
 
 /* Define to 1 if you have the declaration of `SSL_CTX_set_ecdh_auto', and to
    0 if you don't. */
-#define HAVE_DECL_SSL_CTX_SET_ECDH_AUTO 1
+/* #undef HAVE_DECL_SSL_CTX_SET_ECDH_AUTO */
 
 /* Define to 1 if you have the declaration of `strlcat', and to 0 if you
    don't. */