Auto DH support.

Add auto DH parameter support. This is roughly equivalent to the
ECDH auto curve selection but for DH. An application can just call

SSL_CTX_set_auto_dh(ctx, 1);

and appropriate DH parameters will be used based on the size of the
server key.

Unlike ECDH there is no way a peer can indicate the range of DH parameters
it supports. Some peers cannot handle DH keys larger that 1024 bits for
example. In this case if you call:

SSL_CTX_set_auto_dh(ctx, 2);

Only 1024 bit DH parameters will be used.

If the server key is 7680 bits or more in size then 8192 bit DH parameters
will be used: these will be *very* slow.

The old export ciphersuites aren't supported but those are very
insecure anyway.

ssl/s3_lib.c

@@ -3254,6 +3254,9 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		return(ret);
 		}
 		break;
+	case SSL_CTRL_SET_DH_AUTO:
+		s->cert->dh_tmp_auto = larg;
+		return 1;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH:
@@ -3759,6 +3762,9 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		return(0);
 		}
 		break;
+	case SSL_CTRL_SET_DH_AUTO:
+		ctx->cert->dh_tmp_auto = larg;
+		return 1;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH: