Specify an ECDH group for ECDHE.

By default, OpenSSL cannot negotiate ECDHE cipher suites as a server because it
doesn't know what curve to use.

TEST=Download Firefox nightly build from 2014-08-12.
  Point Firefox to https://apprtc.appspot.com
  Point Chrome on Android to the URL Firefox redirects to (it'll say ?r=NUMBERS at the end)
  After tapping through various permissions prompts on either side, the call goes through.

R=agl@chromium.org, henrike@webrtc.org, jiayl@webrtc.org, juberti@webrtc.org

Review URL: https://webrtc-codereview.appspot.com/18269004

git-svn-id: http://webrtc.googlecode.com/svn/trunk@7002 4adac7df-926f-26a2-2b94-8c16560cd09d
diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc
index 5eaeb1b..ed5ac74 100644
--- a/webrtc/base/opensslstreamadapter.cc
+++ b/webrtc/base/opensslstreamadapter.cc
@@ -615,6 +615,16 @@
+  // Specify an ECDH group for ECDHE ciphers, otherwise they cannot be
+  // negotiated when acting as the server. Use NIST's P-256 which is commonly
+  // supported.
+  EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+  if (ecdh == NULL)
+    return -1;
+  SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE);
+  SSL_set_tmp_ecdh(ssl_, ecdh);
+  EC_KEY_free(ecdh);
   // Do the connect
   return ContinueSSL();