Add OPENSSL_NO_ECDH guards

Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 7f9edfd23a9b9cd0827cc381e8fbd8cd0c9e5035)
2014-11-18 15:56:50 +00:00 · 2014-11-18 15:56:50 +00:00 · 2e3e3d278e
commit 2e3e3d278e
parent 2ececf59de
2 changed files with 8 additions and 0 deletions
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@ -167,6 +167,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
 	return ret;
 	}

+#ifndef OPENSSL_NO_ECDH
 static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
 	{
 	int ret;
@ -200,6 +201,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
 	*keylen = ret;
 	return 1;
 	}
+#endif

 static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 	{
@ -332,7 +334,11 @@ const EVP_PKEY_METHOD ec_pkey_meth =
 	0,0,

 	0,
+#ifndef OPENSSL_NO_ECDH
 	pkey_ec_derive,
+#else
+	0,
+#endif

 	pkey_ec_ctrl,
 	pkey_ec_ctrl_str
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -3058,6 +3058,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 				}
 			ok = ok && ec_ok;
 			}
+#ifndef OPENSSL_NO_ECDH
 		if (
 			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
 			(alg_k & SSL_kEECDH)
@ -3105,6 +3106,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 				}
 			ok = ok && ec_ok;
 			}
+#endif /* OPENSSL_NO_ECDH */
 #endif /* OPENSSL_NO_EC */
 #endif /* OPENSSL_NO_TLSEXT */