filter PUBKEY_DEFAULT_PK_ALG for ECC algorithms

Remove ECC algorithms from the PUBKEY_DEFAULT_PK_ALG list when
compiling without ECC support in libcrypto.

1 files changed, 19 insertions, 13 deletions

diff --git a/myproposal.h b/myproposal.h
index 90bb67bb3..1d4aa297a 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -31,35 +31,41 @@
 /* conditional algorithm support */
 
 #ifdef OPENSSL_HAS_ECC
-#ifdef OPENSSL_HAS_NISTP521
-# define KEX_ECDH_METHODS \
+# ifdef OPENSSL_HAS_NISTP521
+#  define KEX_ECDH_METHODS \
         "ecdh-sha2-nistp256," \
         "ecdh-sha2-nistp384," \
         "ecdh-sha2-nistp521,"
-# define HOSTKEY_ECDSA_CERT_METHODS \
+#  define HOSTKEY_ECDSA_CERT_METHODS \
         "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
         "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
         "ecdsa-sha2-nistp521-cert-v01@openssh.com,"
-# define HOSTKEY_ECDSA_METHODS \
+#  define HOSTKEY_ECDSA_METHODS \
         "ecdsa-sha2-nistp256," \
         "ecdsa-sha2-nistp384," \
         "ecdsa-sha2-nistp521,"
-#else
-# define KEX_ECDH_METHODS \
+# else /* OPENSSL_HAS_NISTP521 */
+#  define KEX_ECDH_METHODS \
         "ecdh-sha2-nistp256," \
         "ecdh-sha2-nistp384,"
-# define HOSTKEY_ECDSA_CERT_METHODS \
+#  define HOSTKEY_ECDSA_CERT_METHODS \
         "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
         "ecdsa-sha2-nistp384-cert-v01@openssh.com,"
-# define HOSTKEY_ECDSA_METHODS \
+#  define HOSTKEY_ECDSA_METHODS \
         "ecdsa-sha2-nistp256," \
         "ecdsa-sha2-nistp384,"
-#endif
-#else
+# endif /* OPENSSL_HAS_NISTP521 */
+# define USERKEY_ECDSA_SK_CERT_METHODS \
+        "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,"
+# define USERKEY_ECDSA_SK_METHODS \
+        "sk-ecdsa-sha2-nistp256@openssh.com,"
+#else /* OPENSSL_HAS_ECC */
 # define KEX_ECDH_METHODS
 # define HOSTKEY_ECDSA_CERT_METHODS
 # define HOSTKEY_ECDSA_METHODS
-#endif
+# define USERKEY_ECDSA_SK_CERT_METHODS
+# define USERKEY_ECDSA_SK_METHODS
+#endif /* OPENSSL_HAS_ECC */
 
 #ifdef OPENSSL_HAVE_EVPGCM
 # define AESGCM_CIPHER_MODES \
@@ -145,7 +151,7 @@
         "ssh-rsa"
 
 #define PUBKEY_DEFAULT_PK_ALG   \
-        "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \
+        USERKEY_ECDSA_SK_CERT_METHODS \
         "ecdsa-sha2-nistp256-cert-v01@openssh.com," \
         "ecdsa-sha2-nistp384-cert-v01@openssh.com," \
         "ecdsa-sha2-nistp521-cert-v01@openssh.com," \
@@ -154,7 +160,7 @@
         "rsa-sha2-512-cert-v01@openssh.com," \
         "rsa-sha2-256-cert-v01@openssh.com," \
         "ssh-rsa-cert-v01@openssh.com," \
-        "sk-ecdsa-sha2-nistp256@openssh.com," \
+        USERKEY_ECDSA_SK_METHODS \
         "ecdsa-sha2-nistp256," \
         "ecdsa-sha2-nistp384," \
         "ecdsa-sha2-nistp521," \