1 files changed, 17 insertions, 10 deletions

diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c
index 96d9d0838bd7..925893257b7f 100644
--- a/libntp/ssl_init.c
+++ b/libntp/ssl_init.c
@@ -13,16 +13,16 @@
 #include <lib_strbuf.h>
 
 #ifdef OPENSSL
-# include "openssl/cmac.h"
-# include "openssl/crypto.h"
-# include "openssl/err.h"
-# include "openssl/evp.h"
-# include "openssl/opensslv.h"
+# include <openssl/crypto.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/opensslv.h>
 # include "libssl_compat.h"
-
-# define CMAC_LENGTH	16
-# define CMAC		"AES128CMAC"
-
+# ifdef HAVE_OPENSSL_CMAC_H
+#  include <openssl/cmac.h>
+#  define CMAC_LENGTH	16
+#  define CMAC		"AES128CMAC"
+# endif /*HAVE_OPENSSL_CMAC_H*/
 int ssl_init_done;
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -126,6 +126,7 @@ keytype_from_text(
 
 	key_type = OBJ_sn2nid(upcased);
 
+#   ifdef ENABLE_CMAC
 	if (!key_type && !strncmp(CMAC, upcased, strlen(CMAC) + 1)) {
 		key_type = NID_cmac;
 
@@ -134,6 +135,7 @@ keytype_from_text(
 				__FILE__, __LINE__, __func__, CMAC);
 		}
 	}
+#   endif /*ENABLE_CMAC*/
 #else
 
 	key_type = 0;
@@ -153,6 +155,7 @@ keytype_from_text(
 		digest_len = (md) ? EVP_MD_size(md) : 0;
 
 		if (!md || digest_len <= 0) {
+#   ifdef ENABLE_CMAC
 		    if (key_type == NID_cmac) {
 			digest_len = CMAC_LENGTH;
 
@@ -160,7 +163,9 @@ keytype_from_text(
 				fprintf(stderr, "%s:%d:%s():%s:len\n",
 					__FILE__, __LINE__, __func__, CMAC);
 			}
-		    } else {
+		    } else
+#   endif /*ENABLE_CMAC*/
+		    {
 			fprintf(stderr,
 				"key type %s is not supported by OpenSSL\n",
 				keytype_name(key_type));
@@ -209,6 +214,7 @@ keytype_name(
 	INIT_SSL();
 	name = OBJ_nid2sn(nid);
 
+#   ifdef ENABLE_CMAC
 	if (NID_cmac == nid) {
 		name = CMAC;
 
@@ -217,6 +223,7 @@ keytype_name(
 				__FILE__, __LINE__, __func__, CMAC);
 		}
 	} else
+#   endif /*ENABLE_CMAC*/
 	if (NULL == name) {
 		name = unknown_type;
 	}