- (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]

   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@

1 files changed, 4 insertions, 0 deletions

diff --git a/ssh-agent.c b/ssh-agent.c
index 87939b2b6..8f19fb157 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -468,8 +468,10 @@ process_add_identity(SocketEntry *e, int version)
         int type, success = 0, death = 0, confirm = 0;
         char *type_name, *comment, *curve;
         Key *k = NULL;
+#ifdef OPENSSL_HAS_ECC
         BIGNUM *exponent;
         EC_POINT *q;
+#endif
         u_char *cert;
         u_int len;
 
@@ -510,6 +512,7 @@ process_add_identity(SocketEntry *e, int version)
                         key_add_private(k);
                         buffer_get_bignum2(&e->request, k->dsa->priv_key);
                         break;
+#ifdef OPENSSL_HAS_ECC
                 case KEY_ECDSA:
                         k = key_new_private(type);
                         k->ecdsa_nid = key_ecdsa_nid_from_name(type_name);
@@ -561,6 +564,7 @@ process_add_identity(SocketEntry *e, int version)
                                 fatal("%s: bad ECDSA key", __func__);
                         BN_clear_free(exponent);
                         break;
+#endif /* OPENSSL_HAS_ECC */
                 case KEY_RSA:
                         k = key_new_private(type);
                         buffer_get_bignum2(&e->request, k->rsa->n);