5 files changed, 4 insertions, 17 deletions

diff --git a/authfile.c b/authfile.c
index de9708607..d47e0058f 100644
--- a/authfile.c
+++ b/authfile.c
@@ -551,12 +551,10 @@ sshkey_check_revoked(struct sshkey *key, const char *revoked_keys_file)
 {
         int r;
 
-#ifdef WITH_OPENSSL
         r = ssh_krl_file_contains_key(revoked_keys_file, key);
         /* If this was not a KRL to begin with then continue below */
         if (r != SSH_ERR_KRL_BAD_MAGIC)
                 return r;
-#endif
 
         /*
          * If the file is not a KRL or we can't handle KRLs then attempt to
diff --git a/krl.c b/krl.c
index b19def79f..3917338f9 100644
--- a/krl.c
+++ b/krl.c
@@ -18,8 +18,6 @@
 
 #include "includes.h"
 
-#ifdef WITH_OPENSSL /* XXX just fix bignums and this is good */
-
 #include <sys/types.h>
 #include <sys/param.h>
 #include <openbsd-compat/sys-tree.h>
@@ -1284,4 +1282,3 @@ ssh_krl_file_contains_key(const char *path, const struct sshkey *key)
                 errno = oerrno;
         return r;
 }
-#endif /* WITH_OPENSSL */
diff --git a/ssh-agent.c b/ssh-agent.c
index 4925d47a3..43000a429 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -524,6 +524,7 @@ reaper(void)
                 return (deadline - now);
 }
 
+#ifdef WITH_SSH1
 /*
  * XXX this and the corresponding serialisation function probably belongs
  * in key.c
@@ -565,6 +566,7 @@ agent_decode_rsa1(struct sshbuf *m, struct sshkey **kp)
                 sshkey_free(k);
         return r;
 }
+#endif
 
 static void
 process_add_identity(SocketEntry *e, int version)
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 75f8e2e09..7f775ff16 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1964,7 +1964,6 @@ do_show_cert(struct passwd *pw)
         exit(0);
 }
 
-#ifdef WITH_OPENSSL
 static void
 load_krl(const char *path, struct ssh_krl **krlp)
 {
@@ -2106,12 +2105,10 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
                 fclose(krl_spec);
         free(path);
 }
-#endif /* WITH_OPENSSL */
 
 static void
 do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
 {
-#ifdef WITH_OPENSSL
         struct ssh_krl *krl;
         struct stat sb;
         Key *ca = NULL;
@@ -2161,15 +2158,11 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
         ssh_krl_free(krl);
         if (ca != NULL)
                 key_free(ca);
-#else /* WITH_OPENSSL */
-        fatal("KRLs not supported without OpenSSL");
-#endif /* WITH_OPENSSL */
 }
 
 static void
 do_check_krl(struct passwd *pw, int argc, char **argv)
 {
-#ifdef WITH_OPENSSL
         int i, r, ret = 0;
         char *comment;
         struct ssh_krl *krl;
@@ -2192,9 +2185,6 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
         }
         ssh_krl_free(krl);
         exit(ret);
-#else /* WITH_OPENSSL */
-        fatal("KRLs not supported without OpenSSL");
-#endif /* WITH_OPENSSL */
 }
 
 static void
diff --git a/sshbuf.h b/sshbuf.h
index ac0191936..eb0d92e10 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -209,11 +209,11 @@ int	sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
  * curve points.
  */
 int     sshbuf_put_bignum2_bytes(struct sshbuf *buf, const void *v, size_t len);
+int     sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
+            const u_char **valp, size_t *lenp);
 #ifdef WITH_OPENSSL
 int     sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v);
 int     sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v);
-int     sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
-            const u_char **valp, size_t *lenp);
 int     sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v);
 int     sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v);
 # ifdef OPENSSL_HAS_ECC