Some more ifdefs for no-xxx options.

crypto/mdc2/mdc2test.c

@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#ifdef NO_DES
+#if defined(NO_DES) && !defined(NO_MDC2)
 #define NO_MDC2
 #endif
 

crypto/x509/x509.h

@@ -260,7 +260,9 @@ typedef struct x509_st
 	unsigned long ex_kusage;
 	unsigned long ex_xkusage;
 	unsigned long ex_nscert;
+#ifndef NO_SHA
 	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+#endif
 	X509_CERT_AUX *aux;
 	} X509;
 

crypto/x509/x509_cmp.c

@@ -136,6 +136,8 @@ unsigned long X509_subject_name_hash(X509 *x)
 	{
 	return(X509_NAME_hash(x->cert_info->subject));
 	}
+
+#ifndef NO_SHA
 /* Compare two certificates: they must be identical for
  * this to work.
  */
@@ -144,8 +146,10 @@ int X509_cmp(X509 *a, X509 *b)
 	/* ensure hash is valid */
 	X509_check_purpose(a, -1, 0);
 	X509_check_purpose(b, -1, 0);
+
 	return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
 }
+#endif
 
 int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
 	{

crypto/x509v3/v3_purp.c

@@ -247,6 +247,7 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
 	return xp->trust;
 }
 
+#ifndef NO_SHA
 static void x509v3_cache_extensions(X509 *x)
 {
 	BASIC_CONSTRAINTS *bs;
@@ -321,6 +322,7 @@ static void x509v3_cache_extensions(X509 *x)
 	}
 	x->ex_flags |= EXFLAG_SET;
 }
+#endif
 
 /* CA checks common to all purposes
  * return codes:

ssl/ssl.h

@@ -151,7 +151,7 @@ extern "C" {
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 
-#if defined(NO_RSA) && !defined(NO_SSL2)
+#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
 #define NO_SSL2
 #endif