From: Theo Buehler <tb@openbsd.org>
Date: Sat, 18 Jan 2025 09:23:57 +0000 (+0100)
Subject: Do not use DSA API unless USE_DSA is set
X-Git-Tag: release-1.23.0rc1~56^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1224%2Fhead;p=thirdparty%2Funbound.git

Do not use DSA API unless USE_DSA is set

Even if USE_DSA is unset, unbound ends up linking against OpenSSL
DSA API because these guards are missing.
---

diff --git a/sldns/keyraw.c b/sldns/keyraw.c
index befe1f722..90a6e8533 100644
--- a/sldns/keyraw.c
+++ b/sldns/keyraw.c
@@ -195,6 +195,7 @@ void sldns_key_EVP_unload_gost(void)
 }
 #endif /* USE_GOST */
 
+#ifdef USE_DSA
 /* Retrieve params as BIGNUM from raw buffer */
 static int
 sldns_key_dsa_buf_bignum(unsigned char* key, size_t len, BIGNUM** p,
@@ -370,6 +371,7 @@ EVP_PKEY *sldns_key_dsa2pkey_raw(unsigned char* key, size_t len)
 	return evp_key;
 #endif
 }
+#endif /* USE_DSA */
 
 /* Retrieve params as BIGNUM from raw buffer, n is modulus, e is exponent */
 static int