3 files changed, 4 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 156cbc729..85392699d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -41,6 +41,7 @@
    in servconf.h.
  - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
    tests.
+ - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
 
 20140717
  - (djm) [digest-openssl.c] Preserve array order when disabling digests.
diff --git a/key.c b/key.c
index a8532061a..84bbeae38 100644
--- a/key.c
+++ b/key.c
@@ -255,7 +255,7 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
         return 0;
 }
 
-#ifdef WITH_OPENSSL
+#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
 int
 key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
 {
diff --git a/sshkey.c b/sshkey.c
index f957b061f..14110cdad 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -762,6 +762,7 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain)
                     (ret = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0)
                         return ret;
                 break;
+# ifdef OPENSSL_HAS_ECC
         case KEY_ECDSA:
                 if (key->ecdsa == NULL)
                         return SSH_ERR_INVALID_ARGUMENT;
@@ -771,6 +772,7 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain)
                     (ret = sshbuf_put_eckey(b, key->ecdsa)) != 0)
                         return ret;
                 break;
+# endif
         case KEY_RSA:
                 if (key->rsa == NULL)
                         return SSH_ERR_INVALID_ARGUMENT;