From 5e5b8512d6797db10ce215ca18cf64e0449d0f38 Mon Sep 17 00:00:00 2001
From: hyc <hyc@symas.com>
Date: Wed, 12 Apr 2017 23:56:23 +0100
Subject: [PATCH] Fix obsolete OpenSSL API usage

EVP_dss1() was deprecated and EVP_sha1() is the direct replacement.
Upstream libunbound already has this patch. Note that I haven't
added a test for HAVE_EVP_DSS1 since that was deprecated quite a
long time ago in OpenSSL, there's really no reason to support it.
---
 external/unbound/validator/val_secalgo.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/external/unbound/validator/val_secalgo.c b/external/unbound/validator/val_secalgo.c
index 7c8d7b28..256c3ff9 100644
--- a/external/unbound/validator/val_secalgo.c
+++ b/external/unbound/validator/val_secalgo.c
@@ -345,7 +345,11 @@ setup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type,
 					"EVP_PKEY_assign_DSA failed");
 				return 0;
 			}
+#ifdef HAVE_EVP_DSS1
 			*digest_type = EVP_dss1();
+#else
+			*digest_type = EVP_sha1();
+#endif
 
 			break;
 		case LDNS_RSASHA1: