From: Theo Buehler <tb@theobuehler.org>
Subject: Re: unwind/unbound unnecessarily pull in DSA_*
To: tech@openbsd.org
Date: Thu, 6 Feb 2025 22:47:56 +0100

On Sat, Jan 18, 2025 at 11:07:54AM +0100, Theo Buehler wrote:
> Neither unbound nor unwind define USE_DSA in config.h, and the only
> function in this newly guarded scope that is used outside of keyraw.c
> is sldns_key_dsa2pkey_raw(), the use of which is itself guarded by 
> USE_DSA and USE_SHA1.
> 
> Apart from removing the functions inside the guard, the diff below
> makes these go away:
> 
>          U DSA_free
>          U DSA_new
>          U DSA_set0_key
>          U DSA_set0_pqg
> 
> This isn't a big deal as none of these or their callers are dangerous or
> worrying, but it's just dead code. I sent the diff upstream:
> 
> https://github.com/NLnetLabs/unbound/pull/1224
> 
> so if there's worry that it causes pain in the next sync, we can also
> just wait until it trickles down.

Upstream have merged this soon after I sent it. Should I drop the diff
or can I commit it?

Index: sbin/unwind/libunbound/sldns/keyraw.c
===================================================================
RCS file: /cvs/src/sbin/unwind/libunbound/sldns/keyraw.c,v
diff -u -p -r1.4 keyraw.c
--- sbin/unwind/libunbound/sldns/keyraw.c	1 Mar 2022 18:34:22 -0000	1.4
+++ sbin/unwind/libunbound/sldns/keyraw.c	18 Jan 2025 09:53:20 -0000
@@ -195,6 +195,7 @@ void sldns_key_EVP_unload_gost(void)
 }
 #endif /* USE_GOST */
 
+#ifdef USE_DSA
 /* Retrieve params as BIGNUM from raw buffer */
 static int
 sldns_key_dsa_buf_bignum(unsigned char* key, size_t len, BIGNUM** p,
@@ -370,6 +371,7 @@ EVP_PKEY *sldns_key_dsa2pkey_raw(unsigne
 	return evp_key;
 #endif
 }
+#endif /* USE_DSA */
 
 /* Retrieve params as BIGNUM from raw buffer, n is modulus, e is exponent */
 static int
Index: usr.sbin/unbound/sldns/keyraw.c
===================================================================
RCS file: /cvs/src/usr.sbin/unbound/sldns/keyraw.c,v
diff -u -p -r1.8 keyraw.c
--- usr.sbin/unbound/sldns/keyraw.c	23 Feb 2022 12:04:06 -0000	1.8
+++ usr.sbin/unbound/sldns/keyraw.c	18 Jan 2025 09:38:05 -0000
@@ -195,6 +195,7 @@ void sldns_key_EVP_unload_gost(void)
 }
 #endif /* USE_GOST */
 
+#ifdef USE_DSA
 /* Retrieve params as BIGNUM from raw buffer */
 static int
 sldns_key_dsa_buf_bignum(unsigned char* key, size_t len, BIGNUM** p,
@@ -370,6 +371,7 @@ EVP_PKEY *sldns_key_dsa2pkey_raw(unsigne
 	return evp_key;
 #endif
 }
+#endif /* USE_DSA */
 
 /* Retrieve params as BIGNUM from raw buffer, n is modulus, e is exponent */
 static int