upstream: remove ability to enable DSA support. Actual code will be

g/c'd separately. ok deraadt@

OpenBSD-Commit-ID: 2a032b75156c4d922e8343fa97ff6bc227f09819

diff --git a/configure.ac b/configure.ac
index f0d6d5b0d9de8184564ca2a02f7d3a49c7c83e4a..bc2c25896d9a24b9101f02ffcaa52b3a6565a9da 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -2179,16 +2179,6 @@ AC_ARG_WITH([security-key-standalone],
        [ enable_sk_standalone=$withval ]
 )
 
-enable_dsa=
-AC_ARG_ENABLE([dsa-keys],
-       [  --enable-dsa-keys       enable DSA key support [no]],
-       [
-               if test "x$enableval" != "xno" ; then
-                       enable_dsa=1
-               fi
-       ]
-)
-
 AC_SEARCH_LIBS([dlopen], [dl])
 AC_CHECK_FUNCS([dlopen])
 AC_CHECK_DECL([RTLD_NOW], [], [], [#include <dlfcn.h>])
@@ -3297,26 +3287,6 @@ if test "x$openssl" = "xyes" ; then
                        AC_MSG_RESULT([no])
                ]
        )
-
-       openssl_dsa=no
-       if test ! -z "$enable_dsa" ; then
-               AC_CHECK_DECLS([OPENSSL_NO_DSA], [], [
-                       AC_CHECK_DECLS([OPENSSL_IS_BORINGSSL], [],
-                           [ openssl_dsa=yes ],
-                           [ #include <openssl/opensslconf.h> ]
-                       )
-                   ],
-                   [ #include <openssl/opensslconf.h> ]
-               )
-               AC_MSG_CHECKING([whether to enable DSA key support])
-               if test "x$openssl_dsa" = "xno"; then
-                       AC_MSG_ERROR([DSA requested but not supported by OpenSSL])
-               else
-                       AC_MSG_RESULT([yes])
-                       AC_DEFINE([WITH_DSA], [1],
-                          [DSA keys explicitly enabled])
-               fi
-       fi
 fi
 
 # PKCS11/U2F depend on OpenSSL and dlopen().