gnutls/gnutls-3.2.1-noecc.patch

Index: gnutls-3.2.1/lib/algorithms/kx.c
===================================================================
--- gnutls-3.2.1.orig/lib/algorithms/kx.c
+++ gnutls-3.2.1/lib/algorithms/kx.c
@@ -28,9 +28,11 @@
 
 extern mod_auth_st rsa_auth_struct;
 extern mod_auth_st dhe_rsa_auth_struct;
+#ifdef ENABLE_ECC
 extern mod_auth_st ecdhe_rsa_auth_struct;
 extern mod_auth_st ecdhe_psk_auth_struct;
 extern mod_auth_st ecdhe_ecdsa_auth_struct;
+#endif
 extern mod_auth_st dhe_dss_auth_struct;
 extern mod_auth_st anon_auth_struct;
 extern mod_auth_st anon_ecdh_auth_struct;
@@ -57,8 +59,10 @@ static const gnutls_cred_map cred_mappin
   {GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
   {GNUTLS_KX_ANON_ECDH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
   {GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
+#ifdef ENABLE_ECC
   {GNUTLS_KX_ECDHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
   {GNUTLS_KX_ECDHE_ECDSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
+#endif
   {GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
   {GNUTLS_KX_DHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
   {GNUTLS_KX_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
@@ -98,7 +102,7 @@ static const gnutls_kx_algo_entry _gnutl
   {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1},
   {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1},
 #endif
-#ifdef ENABLE_ECDHE
+#if defined(ENABLE_ECDHE) && defined(ENABLE_ECC)
   {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0},
   {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0},
 #endif
@@ -113,7 +117,7 @@ static const gnutls_kx_algo_entry _gnutl
   {"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct,
    1 /* needs DHE params */},
 # endif
-# ifdef ENABLE_ECDHE
+# if defined(ENABLE_ECDHE) && defined(ENABLE_ECC)
   {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0},
 # endif
 #endif
Index: gnutls-3.2.1/lib/algorithms/publickey.c
===================================================================
--- gnutls-3.2.1.orig/lib/algorithms/publickey.c
+++ gnutls-3.2.1/lib/algorithms/publickey.c
@@ -49,8 +49,10 @@ static const gnutls_pk_map pk_mappings[]
   {GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
   {GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
   {GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
+#ifdef ENABLE_ECC
   {GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
   {GNUTLS_KX_ECDHE_ECDSA, GNUTLS_PK_EC, CIPHER_SIGN},
+#endif
   {GNUTLS_KX_DHE_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
   {GNUTLS_KX_SRP_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
   {0, 0, 0}
@@ -96,7 +98,9 @@ static const gnutls_pk_entry pk_algorith
   {"DSA", PK_DSA_OID, GNUTLS_PK_DSA},
   {"GOST R 34.10-2001", PK_GOST_R3410_2001_OID, GNUTLS_PK_UNKNOWN},
   {"GOST R 34.10-94", PK_GOST_R3410_94_OID, GNUTLS_PK_UNKNOWN},
+#ifdef ENABLE_ECC
   {"EC", "1.2.840.10045.2.1", GNUTLS_PK_EC},
+#endif
   {0, 0, 0}
 };
 
Index: gnutls-3.2.1/lib/algorithms/sign.c
===================================================================
--- gnutls-3.2.1.orig/lib/algorithms/sign.c
+++ gnutls-3.2.1/lib/algorithms/sign.c
@@ -43,6 +43,14 @@ typedef struct gnutls_sign_entry gnutls_
 #define TLS_SIGN_AID_UNKNOWN {255, 255}
 static const sign_algorithm_st unknown_tls_aid = TLS_SIGN_AID_UNKNOWN;
 
+#ifndef ENABLE_ECC
+#define GNUTLS_SIGN_ECDSA_SHA1 0
+#define GNUTLS_SIGN_ECDSA_SHA224 0
+#define GNUTLS_SIGN_ECDSA_SHA256 0
+#define GNUTLS_SIGN_ECDSA_SHA384 0
+#define GNUTLS_SIGN_ECDSA_SHA512 0
+#endif
+
 static const gnutls_sign_entry sign_algorithms[] = {
   {"RSA-SHA1", SIG_RSA_SHA1_OID, GNUTLS_SIGN_RSA_SHA1, GNUTLS_PK_RSA,
    GNUTLS_DIG_SHA1, {2, 1}},
Index: gnutls-3.2.1/lib/auth/cert.c
===================================================================
--- gnutls-3.2.1.orig/lib/auth/cert.c
+++ gnutls-3.2.1/lib/auth/cert.c
@@ -63,7 +63,11 @@ static gnutls_privkey_t alloc_and_load_p
                                                    key, int deinit);
 #endif
 
+#ifdef ENABLE_ECC
 #define MAX_CLIENT_SIGN_ALGOS 3
+#else
+#define MAX_CLIENT_SIGN_ALGOS 2
+#endif
 #define CERTTYPE_SIZE (MAX_CLIENT_SIGN_ALGOS+1)
 typedef enum CertificateSigType
 { RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64
@@ -1438,8 +1442,10 @@ _gnutls_check_supported_sign_algo (Certi
       return GNUTLS_PK_RSA;
     case DSA_SIGN:
       return GNUTLS_PK_DSA;
+#ifdef ENABLE_ECC
     case ECDSA_SIGN:
       return GNUTLS_PK_EC;
+#endif
     }
 
   return -1;
@@ -1726,7 +1732,9 @@ _gnutls_gen_cert_server_cert_req (gnutls
   tmp_data[0] = CERTTYPE_SIZE - 1;
   tmp_data[1] = RSA_SIGN;
   tmp_data[2] = DSA_SIGN;
+#ifdef ENABLE_ECC
   tmp_data[3] = ECDSA_SIGN;     /* only these for now */
+#endif
 
   ret = _gnutls_buffer_append_data (data, tmp_data, CERTTYPE_SIZE);
   if (ret < 0)
Index: gnutls-3.2.1/lib/auth/dhe_psk.c
===================================================================
--- gnutls-3.2.1.orig/lib/auth/dhe_psk.c
+++ gnutls-3.2.1/lib/auth/dhe_psk.c
@@ -92,6 +92,7 @@ const mod_auth_st ecdhe_psk_auth_struct
 };
 #endif
 
+#ifdef ENABLE_ECDHE
 static int
 gen_ecdhe_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data)
 {
@@ -135,6 +136,7 @@ cleanup:
 
   return ret;
 }
+#endif
 
 static int
 gen_dhe_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data)
@@ -230,6 +232,7 @@ gen_dhe_psk_server_kx (gnutls_session_t
   return ret;
 }
 
+#ifdef ENABLE_ECDHE
 static int
 gen_ecdhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data)
 {
@@ -254,7 +257,7 @@ gen_ecdhe_psk_server_kx (gnutls_session_
 
   return ret;
 }
-
+#endif
 
 static int
 proc_dhe_psk_client_kx (gnutls_session_t session, uint8_t * data,
@@ -335,6 +338,7 @@ proc_dhe_psk_client_kx (gnutls_session_t
 
 }
 
+#ifdef ENABLE_ECDHE
 static int
 proc_ecdhe_psk_client_kx (gnutls_session_t session, uint8_t * data,
                     size_t _data_size)
@@ -399,6 +403,7 @@ proc_ecdhe_psk_client_kx (gnutls_session
   
   return ret;
 }
+#endif
 
 static int
 proc_dhe_psk_server_kx (gnutls_session_t session, uint8_t * data,
@@ -432,6 +437,7 @@ proc_dhe_psk_server_kx (gnutls_session_t
   return 0;
 }
 
+#ifdef ENABLE_ECDHE
 static int
 proc_ecdhe_psk_server_kx (gnutls_session_t session, uint8_t * data,
                     size_t _data_size)
@@ -463,5 +469,6 @@ proc_ecdhe_psk_server_kx (gnutls_session
 
   return 0;
 }
+#endif
 
 #endif /* ENABLE_PSK */
Index: gnutls-3.2.1/lib/ext/ecc.c
===================================================================
--- gnutls-3.2.1.orig/lib/ext/ecc.c
+++ gnutls-3.2.1/lib/ext/ecc.c
@@ -35,6 +35,7 @@
 /* Maps record size to numbers according to the
  * extensions draft.
  */
+#ifdef ENABLE_ECC
 
 static int _gnutls_supported_ecc_recv_params (gnutls_session_t session,
                                           const uint8_t * data,
@@ -269,3 +270,5 @@ _gnutls_session_supports_ecc_curve (gnut
 
   return GNUTLS_E_ECC_UNSUPPORTED_CURVE;
 }
+
+#endif
Index: gnutls-3.2.1/lib/gnutls_extensions.c
===================================================================
--- gnutls-3.2.1.orig/lib/gnutls_extensions.c
+++ gnutls-3.2.1/lib/gnutls_extensions.c
@@ -351,6 +351,7 @@ _gnutls_ext_init (void)
   if (ret != GNUTLS_E_SUCCESS)
     return ret;
 
+#ifdef ENABLE_ECC
   ret = _gnutls_ext_register (&ext_mod_supported_ecc);
   if (ret != GNUTLS_E_SUCCESS)
     return ret;
@@ -358,6 +359,7 @@ _gnutls_ext_init (void)
   ret = _gnutls_ext_register (&ext_mod_supported_ecc_pf);
   if (ret != GNUTLS_E_SUCCESS)
     return ret;
+#endif
 
   ret = _gnutls_ext_register (&ext_mod_sig);
   if (ret != GNUTLS_E_SUCCESS)
Index: gnutls-3.2.1/lib/gnutls_priority.c
===================================================================
--- gnutls-3.2.1.orig/lib/gnutls_priority.c
+++ gnutls-3.2.1/lib/gnutls_priority.c
@@ -245,35 +245,45 @@ gnutls_certificate_type_set_priority (gn
 }
 
 static const int supported_ecc_normal[] = {
+#ifdef ENABLE_ECC
   GNUTLS_ECC_CURVE_SECP192R1,
   GNUTLS_ECC_CURVE_SECP224R1,
   GNUTLS_ECC_CURVE_SECP256R1,
   GNUTLS_ECC_CURVE_SECP384R1,
   GNUTLS_ECC_CURVE_SECP521R1,
+#endif
   0
 };
 
 static const int supported_ecc_secure128[] = {
+#ifdef ENABLE_ECC
   GNUTLS_ECC_CURVE_SECP256R1,
   GNUTLS_ECC_CURVE_SECP384R1,
   GNUTLS_ECC_CURVE_SECP521R1,
+#endif
   0
 };
 
 static const int supported_ecc_suiteb128[] = {
+#ifdef ENABLE_ECC
   GNUTLS_ECC_CURVE_SECP256R1,
   GNUTLS_ECC_CURVE_SECP384R1,
+#endif
   0
 };
 
 static const int supported_ecc_suiteb192[] = {
+#ifdef ENABLE_ECC
   GNUTLS_ECC_CURVE_SECP384R1,
+#endif
   0
 };
 
 static const int supported_ecc_secure192[] = {
+#ifdef ENABLE_ECC
   GNUTLS_ECC_CURVE_SECP384R1,
   GNUTLS_ECC_CURVE_SECP521R1,
+#endif
   0
 };
 
@@ -458,51 +468,75 @@ static const int comp_priority[] = {
 static const int sign_priority_default[] = {
   GNUTLS_SIGN_RSA_SHA256,
   GNUTLS_SIGN_DSA_SHA256,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA256,
+#endif
 
   GNUTLS_SIGN_RSA_SHA384,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA384,
+#endif
 
   GNUTLS_SIGN_RSA_SHA512,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA512,
+#endif
 
   GNUTLS_SIGN_RSA_SHA224,
   GNUTLS_SIGN_DSA_SHA224,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA224,
+#endif
 
   GNUTLS_SIGN_RSA_SHA1,
   GNUTLS_SIGN_DSA_SHA1,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA1,
+#endif
   0
 };
 
 static const int sign_priority_suiteb128[] = {
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA256,
   GNUTLS_SIGN_ECDSA_SHA384,
+#endif
   0
 };
 
 static const int sign_priority_suiteb192[] = {
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA384,
+#endif
   0
 };
 
 static const int sign_priority_secure128[] = {
   GNUTLS_SIGN_RSA_SHA256,
   GNUTLS_SIGN_DSA_SHA256,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA256,
+#endif
   GNUTLS_SIGN_RSA_SHA384,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA384,
+#endif
   GNUTLS_SIGN_RSA_SHA512,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA512,
+#endif
   0
 };
 
 static const int sign_priority_secure192[] = {
   GNUTLS_SIGN_RSA_SHA384,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA384,
+#endif
   GNUTLS_SIGN_RSA_SHA512,
+#ifdef ENABLE_ECC
   GNUTLS_SIGN_ECDSA_SHA512,
+#endif
   0
 };
 
Index: gnutls-3.2.1/lib/nettle/pk.c
===================================================================
--- gnutls-3.2.1.orig/lib/nettle/pk.c
+++ gnutls-3.2.1/lib/nettle/pk.c
@@ -146,6 +146,7 @@ static int _wrap_nettle_pk_derive(gnutls
 
   switch (algo)
     {
+#ifdef ENABLE_ECC
     case GNUTLS_PK_EC:
       {
         struct ecc_scalar ecc_priv;
@@ -186,6 +187,7 @@ ecc_cleanup:
         if (ret < 0) goto cleanup;
         break;
       }
+#endif
     default:
       gnutls_assert ();
       ret = GNUTLS_E_INTERNAL_ERROR;
@@ -330,6 +332,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorith
 
   switch (algo)
     {
+#ifdef ENABLE_ECC
     case GNUTLS_PK_EC: /* we do ECDSA */
       {
         struct ecc_scalar priv;
@@ -369,6 +372,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorith
           }
         break;
       }
+#endif
     case GNUTLS_PK_DSA:
       {
         struct dsa_public_key pub;
@@ -470,6 +474,7 @@ _wrap_nettle_pk_verify (gnutls_pk_algori
 
   switch (algo)
     {
+#ifdef ENABLE_ECC
     case GNUTLS_PK_EC: /* ECDSA */
       {
         struct ecc_point pub;
@@ -511,6 +516,7 @@ _wrap_nettle_pk_verify (gnutls_pk_algori
         ecc_point_clear( &pub);
         break;
       }
+#endif
     case GNUTLS_PK_DSA:
       {
         struct dsa_public_key pub;
@@ -717,6 +723,7 @@ rsa_fail:
 
         break;
       }
+#ifdef ENABLE_ECC
     case GNUTLS_PK_EC:
       {
         struct ecc_scalar key;
@@ -757,6 +764,7 @@ ecc_cleanup:
         
         break;
       }
+#endif
     default:
       gnutls_assert ();
       return GNUTLS_E_INVALID_REQUEST;
@@ -873,6 +881,7 @@ dsa_cleanup:
       }
 
       break;
+#ifdef ENABLE_ECC
     case GNUTLS_PK_EC:
       {
         struct ecc_point r, pub;
@@ -934,6 +943,7 @@ ecc_cleanup:
         ecc_point_clear(&pub);
       }  
       break;
+#endif
     default:
       ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
     }
Index: gnutls-3.2.1/tests/cert-tests/dane
===================================================================
--- gnutls-3.2.1.orig/tests/cert-tests/dane
+++ gnutls-3.2.1/tests/cert-tests/dane
@@ -22,6 +22,8 @@
 
 set -e
 
+exit 77
+
 srcdir=${srcdir:-.}
 DANETOOL=${DANETOOL:-../../src/danetool$EXEEXT}
 
Index: gnutls-3.2.1/tests/dtls/dtls-nb
===================================================================
--- gnutls-3.2.1.orig/tests/dtls/dtls-nb
+++ gnutls-3.2.1/tests/dtls/dtls-nb
@@ -22,9 +22,7 @@
 
 set -e
 
-if test "${WINDIR}" != "";then
-  exit 77
-fi
+exit 77
 
 ./dtls-stress -nb -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
 ./dtls-stress -nb -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
Index: gnutls-3.2.1/tests/dtls/dtls
===================================================================
--- gnutls-3.2.1.orig/tests/dtls/dtls
+++ gnutls-3.2.1/tests/dtls/dtls
@@ -22,9 +22,7 @@
 
 set -e
 
-if test "${WINDIR}" != "";then
-  exit 77
-fi
+exit 77
 
 ./dtls-stress -shello 021 -sfinished 01 -cfinished 012 SKeyExchange CKeyExchange CFinished
 ./dtls-stress -shello 012 -sfinished 10 -cfinished 210 SHello SKeyExchange SHelloDone
Index: gnutls-3.2.1/tests/ecdsa/ecdsa
===================================================================
--- gnutls-3.2.1.orig/tests/ecdsa/ecdsa
+++ gnutls-3.2.1/tests/ecdsa/ecdsa
@@ -22,6 +22,8 @@
 
 #set -e
 
+exit 77
+
 srcdir=${srcdir:-.}
 CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
 
Index: gnutls-3.2.1/tests/mini-dtls-heartbeat.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-dtls-heartbeat.c
+++ gnutls-3.2.1/tests/mini-dtls-heartbeat.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32) || !defined(ENABLE_HEARTBEAT)
+#if defined(_WIN32) || !defined(ENABLE_HEARTBEAT) || !defined(ENABLE_ECC)
 
 int
 main ()
Index: gnutls-3.2.1/tests/mini-dtls-record.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-dtls-record.c
+++ gnutls-3.2.1/tests/mini-dtls-record.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int
 main ()
Index: gnutls-3.2.1/tests/mini-dtls-rehandshake.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-dtls-rehandshake.c
+++ gnutls-3.2.1/tests/mini-dtls-rehandshake.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
Index: gnutls-3.2.1/tests/mini-dtls-srtp.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-dtls-srtp.c
+++ gnutls-3.2.1/tests/mini-dtls-srtp.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32) || !defined(ENABLE_DTLS_SRTP)
+#if defined(_WIN32) || !defined(ENABLE_DTLS_SRTP) || !defined(ENABLE_ECC)
 
 int
 main (int argc, char** argv)
Index: gnutls-3.2.1/tests/mini-handshake-timeout.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-handshake-timeout.c
+++ gnutls-3.2.1/tests/mini-handshake-timeout.c
@@ -28,7 +28,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
@@ -142,7 +142,11 @@ initialize_tls_session (gnutls_session_t
   /* avoid calling all the priority functions, since the defaults
    * are adequate.
    */
-  gnutls_priority_set_direct (*session, "NORMAL:+ANON-ECDH", NULL);
+#ifdef ENABLE_ECC
+  gnutls_priority_set_direct (session, "NORMAL:+ANON-ECDH", NULL);
+#else
+  gnutls_priority_set_direct (session, "NORMAL:+ANON-DH", NULL);
+#endif
 }
 
 static void
Index: gnutls-3.2.1/tests/mini-loss-time.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-loss-time.c
+++ gnutls-3.2.1/tests/mini-loss-time.c
@@ -28,7 +28,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
Index: gnutls-3.2.1/tests/mini-record.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-record.c
+++ gnutls-3.2.1/tests/mini-record.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
Index: gnutls-3.2.1/tests/mini-record-range.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-record-range.c
+++ gnutls-3.2.1/tests/mini-record-range.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
Index: gnutls-3.2.1/tests/mini-xssl.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-xssl.c
+++ gnutls-3.2.1/tests/mini-xssl.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECC)
 
 int main()
 {
Index: gnutls-3.2.1/tests/pkcs12_simple.c
===================================================================
--- gnutls-3.2.1.orig/tests/pkcs12_simple.c
+++ gnutls-3.2.1/tests/pkcs12_simple.c
@@ -50,6 +50,10 @@ doit (void)
   gnutls_x509_privkey_t pkey;
   int ret;
 
+#ifndef ENABLE_ECC
+  exit(77);
+#endif
+
   ret = global_init ();
   if (ret < 0)
     fail ("global_init failed %d\n", ret);
Index: gnutls-3.2.1/tests/slow/keygen.c
===================================================================
--- gnutls-3.2.1.orig/tests/slow/keygen.c
+++ gnutls-3.2.1/tests/slow/keygen.c
@@ -65,6 +65,11 @@ doit (void)
                 if (algorithm == GNUTLS_PK_DH)
                     continue;
 
+#ifndef ENABLE_ECC
+                if (algorithm == GNUTLS_PK_EC)
+                    continue;
+#endif
+
                 ret = gnutls_x509_privkey_init (&pkey);
                 if (ret < 0)
                   {
Index: gnutls-3.2.1/tests/srp/mini-srp.c
===================================================================
--- gnutls-3.2.1.orig/tests/srp/mini-srp.c
+++ gnutls-3.2.1/tests/srp/mini-srp.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_SRP)
 
 int main()
 {
Index: gnutls-3.2.1/lib/auth/ecdhe.c
===================================================================
--- gnutls-3.2.1.orig/lib/auth/ecdhe.c
+++ gnutls-3.2.1/lib/auth/ecdhe.c
@@ -50,7 +50,7 @@ static int
 proc_ecdhe_client_kx (gnutls_session_t session,
                                     uint8_t * data, size_t _data_size);
 
-#if defined(ENABLE_ECDHE)
+#if defined(ENABLE_ECDHE) && defined(ENABLE_ECC)
 const mod_auth_st ecdhe_ecdsa_auth_struct = {
   "ECDHE_ECDSA",
   _gnutls_gen_cert_server_crt,
Index: gnutls-3.2.1/tests/mini-dtls-hello-verify.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-dtls-hello-verify.c
+++ gnutls-3.2.1/tests/mini-dtls-hello-verify.c
@@ -27,7 +27,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_ECDH)
 
 int main()
 {
Index: gnutls-3.2.1/tests/mini-alpn.c
===================================================================
--- gnutls-3.2.1.orig/tests/mini-alpn.c
+++ gnutls-3.2.1/tests/mini-alpn.c
@@ -25,7 +25,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#if defined(_WIN32) || !defined(ENABLE_ALPN)
+#if defined(_WIN32) || !defined(ENABLE_ALPN) || !defined(ENABLE_ECDH)
 
 int
 main (int argc, char** argv)