Some more ifdefs for no-xxx options.

diff --git a/crypto/mdc2/mdc2test.c b/crypto/mdc2/mdc2test.c
index 0b1134b..46c25ae 100644
--- a/crypto/mdc2/mdc2test.c
+++ b/crypto/mdc2/mdc2test.c

@@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#ifdef NO_DES
+#if defined(NO_DES) && !defined(NO_MDC2)
 #define NO_MDC2
 #endif
 

diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 849633a..6b2c290 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h

@@ -260,7 +260,9 @@
 	unsigned long ex_kusage;
 	unsigned long ex_xkusage;
 	unsigned long ex_nscert;
+#ifndef NO_SHA
 	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+#endif
 	X509_CERT_AUX *aux;
 	} X509;
 

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 62d8013..200682f 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c

@@ -136,6 +136,8 @@
 	{
 	return(X509_NAME_hash(x->cert_info->subject));
 	}
+
+#ifndef NO_SHA
 /* Compare two certificates: they must be identical for
  * this to work.
  */
@@ -144,8 +146,10 @@
 	/* ensure hash is valid */
 	X509_check_purpose(a, -1, 0);
 	X509_check_purpose(b, -1, 0);
+
 	return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
 }
+#endif
 
 int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
 	{

diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index c5fca40..e03f976 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c

@@ -247,6 +247,7 @@
 	return xp->trust;
 }
 
+#ifndef NO_SHA
 static void x509v3_cache_extensions(X509 *x)
 {
 	BASIC_CONSTRAINTS *bs;
@@ -321,6 +322,7 @@
 	}
 	x->ex_flags |= EXFLAG_SET;
 }
+#endif
 
 /* CA checks common to all purposes
  * return codes:

diff --git a/ssl/ssl.h b/ssl/ssl.h
index db49804..11796af 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h

@@ -151,7 +151,7 @@
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 
-#if defined(NO_RSA) && !defined(NO_SSL2)
+#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2)
 #define NO_SSL2
 #endif