diff --git a/src/secp256k1/CMakeLists.txt b/src/secp256k1/CMakeLists.txt
--- a/src/secp256k1/CMakeLists.txt
+++ b/src/secp256k1/CMakeLists.txt
@@ -45,6 +45,7 @@
 	-Wextra
 	-Wcast-align
 	-Wshadow
+	-Wundef
 	-Wno-unused-function
 	-Wno-overlength-strings
 	-std=c89
diff --git a/src/secp256k1/configure.ac b/src/secp256k1/configure.ac
--- a/src/secp256k1/configure.ac
+++ b/src/secp256k1/configure.ac
@@ -67,7 +67,7 @@
 
 CFLAGS="-W $CFLAGS"
 
-warn_CFLAGS="-std=c89 -pedantic -Wall -Wextra -Wcast-align -Wnested-externs -Wshadow -Wstrict-prototypes -Wno-unused-function -Wno-long-long -Wno-overlength-strings"
+warn_CFLAGS="-std=c89 -pedantic -Wall -Wextra -Wcast-align -Wnested-externs -Wshadow -Wstrict-prototypes -Wundef -Wno-unused-function -Wno-long-long -Wno-overlength-strings"
 saved_CFLAGS="$CFLAGS"
 CFLAGS="$warn_CFLAGS $CFLAGS"
 AC_MSG_CHECKING([if ${CC} supports ${warn_CFLAGS}])
diff --git a/src/secp256k1/src/valgrind_ctime_test.c b/src/secp256k1/src/valgrind_ctime_test.c
--- a/src/secp256k1/src/valgrind_ctime_test.c
+++ b/src/secp256k1/src/valgrind_ctime_test.c
@@ -9,23 +9,23 @@
 #include "assumptions.h"
 #include "util.h"
 
-#if ENABLE_MODULE_ECDH
+#ifdef ENABLE_MODULE_ECDH
 # include "include/secp256k1_ecdh.h"
 #endif
 
-#if ENABLE_MODULE_RECOVERY
+#ifdef ENABLE_MODULE_RECOVERY
 # include "include/secp256k1_recovery.h"
 #endif
 
-#if ENABLE_MODULE_SCHNORR
+#ifdef ENABLE_MODULE_SCHNORR
 # include "include/secp256k1_schnorr.h"
 #endif
 
-#if ENABLE_MODULE_EXTRAKEYS
+#ifdef ENABLE_MODULE_EXTRAKEYS
 # include "include/secp256k1_extrakeys.h"
 #endif
 
-#if ENABLE_MODULE_SCHNORRSIG
+#ifdef ENABLE_MODULE_SCHNORRSIG
 #include "include/secp256k1_schnorrsig.h"
 #endif
 
@@ -41,11 +41,11 @@
     unsigned char key[32];
     unsigned char sig[74];
     unsigned char spubkey[33];
-#if ENABLE_MODULE_RECOVERY
+#ifdef ENABLE_MODULE_RECOVERY
     secp256k1_ecdsa_recoverable_signature recoverable_signature;
     int recid;
 #endif
-#if ENABLE_MODULE_EXTRAKEYS
+#ifdef ENABLE_MODULE_EXTRAKEYS
     secp256k1_keypair keypair;
 #endif
 
@@ -85,7 +85,7 @@
     CHECK(ret);
     CHECK(secp256k1_ecdsa_signature_serialize_der(ctx, sig, &siglen, &signature));
 
-#if ENABLE_MODULE_ECDH
+#ifdef ENABLE_MODULE_ECDH
     /* Test ECDH. */
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
     ret = secp256k1_ecdh(ctx, msg, &pubkey, key, NULL, NULL);
@@ -93,7 +93,7 @@
     CHECK(ret == 1);
 #endif
 
-#if ENABLE_MODULE_RECOVERY
+#ifdef ENABLE_MODULE_RECOVERY
     /* Test signing a recoverable signature. */
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
     ret = secp256k1_ecdsa_sign_recoverable(ctx, &recoverable_signature, msg, key, NULL, NULL);
@@ -142,7 +142,7 @@
     CHECK(ret);
 
     /* Test keypair_create and keypair_xonly_tweak_add. */
-#if ENABLE_MODULE_EXTRAKEYS
+#ifdef ENABLE_MODULE_EXTRAKEYS
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
     ret = secp256k1_keypair_create(ctx, &keypair, key);
     VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
@@ -155,7 +155,7 @@
     CHECK(ret == 1);
 #endif
 
-#if ENABLE_MODULE_SCHNORRSIG
+#ifdef ENABLE_MODULE_SCHNORRSIG
     VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
     ret = secp256k1_keypair_create(ctx, &keypair, key);
     VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));