Index: crypto/openssh/config.h =================================================================== --- crypto/openssh/config.h +++ crypto/openssh/config.h @@ -396,14 +396,6 @@ don't. */ #define HAVE_DECL_OFFSETOF 1 -/* Define to 1 if you have the declaration of 'OPENSSL_IS_BORINGSSL', and to 0 - if you don't. */ -/* #undef HAVE_DECL_OPENSSL_IS_BORINGSSL */ - -/* Define to 1 if you have the declaration of 'OPENSSL_NO_DSA', and to 0 if - you don't. */ -/* #undef HAVE_DECL_OPENSSL_NO_DSA */ - /* Define to 1 if you have the declaration of 'O_NONBLOCK', and to 0 if you don't. */ #define HAVE_DECL_O_NONBLOCK 1 @@ -1991,9 +1983,6 @@ /* Define if you want to enable AIX4's authenticate function */ /* #undef WITH_AIXAUTHENTICATE */ -/* DSA keys explicitly enabled */ -/* #undef WITH_DSA */ - /* Define if you have/want arrays (cluster-wide session management, not C arrays) */ /* #undef WITH_IRIX_ARRAY */ Index: crypto/openssh/configure.ac =================================================================== --- crypto/openssh/configure.ac +++ crypto/openssh/configure.ac @@ -2140,16 +2140,6 @@ [ enable_sk_internal=$withval ] ) -enable_dsa= -AC_ARG_ENABLE([dsa-keys], - [ --enable-dsa-keys enable DSA key support [no]], - [ - if test "x$enableval" != "xno" ; then - enable_dsa=1 - fi - ] -) - AC_SEARCH_LIBS([dlopen], [dl]) AC_CHECK_FUNCS([dlopen]) AC_CHECK_DECL([RTLD_NOW], [], [], [#include ]) @@ -3258,26 +3248,6 @@ AC_MSG_RESULT([no]) ] ) - - openssl_dsa=no - if test ! -z "$enable_dsa" ; then - AC_CHECK_DECLS([OPENSSL_NO_DSA], [], [ - AC_CHECK_DECLS([OPENSSL_IS_BORINGSSL], [], - [ openssl_dsa=yes ], - [ #include ] - ) - ], - [ #include ] - ) - AC_MSG_CHECKING([whether to enable DSA key support]) - if test "x$openssl_dsa" = "xno"; then - AC_MSG_ERROR([DSA requested but not supported by OpenSSL]) - else - AC_MSG_RESULT([yes]) - AC_DEFINE([WITH_DSA], [1], - [DSA keys explicitly enabled]) - fi - fi fi # PKCS11/U2F depend on OpenSSL and dlopen().