From d7af0cc5bf273eeed0897a99420bc26841d07d8f Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Wed, 11 Jun 2014 07:37:25 +1000
Subject:  - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org
 in    the proposal if the version of OpenSSL we're using doesn't support ECC.

---
 ChangeLog    | 2 ++
 myproposal.h | 9 +++++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index a830e281d..92adafcc7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,8 @@
  - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
    regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
    curve tests if OpenSSL has them.
+ - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
+   the proposal if the version of OpenSSL we're using doesn't support ECC.
 
 20140527
  - (djm) [cipher.c] Fix merge botch.
diff --git a/myproposal.h b/myproposal.h
index 30cb20b44..d42988996 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -78,8 +78,13 @@
 #endif
 
 #ifdef WITH_OPENSSL
-#define KEX_SERVER_KEX          \
-	"curve25519-sha256@libssh.org," \
+# ifdef OPENSSL_HAS_ECC
+#  define KEX_CURVE25519_METHODS "curve25519-sha256@libssh.org,"
+# else
+#  define KEX_CURVE25519_METHODS ""
+# endif
+#define KEX_SERVER_KEX \
+	KEX_CURVE25519_METHODS \
 	KEX_ECDH_METHODS \
 	KEX_SHA256_METHODS \
 	"diffie-hellman-group14-sha1"
-- 
cgit v1.2.3