- (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on

   platforms that don't support ECC. Fixes some spurious warnings reported
   by tim@

4 files changed, 11 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 21ab0c309..601692cea 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+20101111
+ - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
+   platforms that don't support ECC. Fixes some spurious warnings reported
+   by tim@
+
 20101109
  - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
    Feedback from dtucker@
diff --git a/servconf.c b/servconf.c
index 41c9c6964..4e5fd2f04 100644
--- a/servconf.c
+++ b/servconf.c
@@ -155,8 +155,10 @@ fill_default_server_options(ServerOptions *options)
 			    _PATH_HOST_RSA_KEY_FILE;
 			options->host_key_files[options->num_host_key_files++] =
 			    _PATH_HOST_DSA_KEY_FILE;
+#ifdef OPENSSL_HAS_ECC
 			options->host_key_files[options->num_host_key_files++] =
 			    _PATH_HOST_ECDSA_KEY_FILE;
+#endif
 		}
 	}
 	/* No certificates by default */
diff --git a/ssh-add.c b/ssh-add.c
index 8bf5675fb..125d6645b 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -70,7 +70,9 @@ extern char *__progname;
 static char *default_files[] = {
 	_PATH_SSH_CLIENT_ID_RSA,
 	_PATH_SSH_CLIENT_ID_DSA,
+#ifdef OPENSSL_HAS_ECC
 	_PATH_SSH_CLIENT_ID_ECDSA,
+#endif
 	_PATH_SSH_CLIENT_IDENTITY,
 	NULL
 };
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 560c4818a..b9fd10abc 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -177,10 +177,12 @@ ask_filename(struct passwd *pw, const char *prompt)
 		case KEY_DSA:
 			name = _PATH_SSH_CLIENT_ID_DSA;
 			break;
+#ifdef OPENSSL_HAS_ECC
 		case KEY_ECDSA_CERT:
 		case KEY_ECDSA:
 			name = _PATH_SSH_CLIENT_ID_ECDSA;
 			break;
+#endif
 		case KEY_RSA_CERT:
 		case KEY_RSA_CERT_V00:
 		case KEY_RSA: