diff --git a/ChangeLog b/ChangeLog index 21ab0c309..601692cea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20101111 + - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on + platforms that don't support ECC. Fixes some spurious warnings reported + by tim@ + 20101109 - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin. Feedback from dtucker@ diff --git a/servconf.c b/servconf.c index 41c9c6964..4e5fd2f04 100644 --- a/servconf.c +++ b/servconf.c @@ -155,8 +155,10 @@ fill_default_server_options(ServerOptions *options) _PATH_HOST_RSA_KEY_FILE; options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE; +#ifdef OPENSSL_HAS_ECC options->host_key_files[options->num_host_key_files++] = _PATH_HOST_ECDSA_KEY_FILE; +#endif } } /* No certificates by default */ diff --git a/ssh-add.c b/ssh-add.c index 8bf5675fb..125d6645b 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -70,7 +70,9 @@ extern char *__progname; static char *default_files[] = { _PATH_SSH_CLIENT_ID_RSA, _PATH_SSH_CLIENT_ID_DSA, +#ifdef OPENSSL_HAS_ECC _PATH_SSH_CLIENT_ID_ECDSA, +#endif _PATH_SSH_CLIENT_IDENTITY, NULL }; diff --git a/ssh-keygen.c b/ssh-keygen.c index 560c4818a..b9fd10abc 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -177,10 +177,12 @@ ask_filename(struct passwd *pw, const char *prompt) case KEY_DSA: name = _PATH_SSH_CLIENT_ID_DSA; break; +#ifdef OPENSSL_HAS_ECC case KEY_ECDSA_CERT: case KEY_ECDSA: name = _PATH_SSH_CLIENT_ID_ECDSA; break; +#endif case KEY_RSA_CERT: case KEY_RSA_CERT_V00: case KEY_RSA: