From 3951bbabd5a36dfe31ff24e739f25df9f58ca30c Mon Sep 17 00:00:00 2001
From: Norbert Pocs <npocs@redhat.com>
Date: Tue, 30 May 2023 16:27:43 +0200
Subject: [PATCH] Remove remained HAVE_DSA ifdefs and WITH_DSA

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 .gitlab-ci.yml                               |  3 +--
 CMakeLists.txt                               |  1 -
 tests/pkd/pkd_hello.c                        | 26 --------------------
 tests/unittests/torture_knownhosts_parsing.c |  6 -----
 tests/unittests/torture_options.c            |  5 ----
 5 files changed, 1 insertion(+), 40 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8e36b778..69433e97 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -69,8 +69,7 @@ stages:
 .fips:
   extends: .tests
   variables:
-    # DSA is turned off in fips mode
-    CMAKE_ADDITIONAL_OPTIONS: -DWITH_PKCS11_URI=ON -DWITH_DSA=OFF
+    CMAKE_ADDITIONAL_OPTIONS: -DWITH_PKCS11_URI=ON
   before_script:
     - *build
     - echo "# userspace fips" > /etc/system-fips
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5e4246c8..6ba50f70 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -250,7 +250,6 @@ message(STATUS "Client code testing: ${CLIENT_TESTING}")
 message(STATUS "Blowfish cipher support: ${WITH_BLOWFISH_CIPHER}")
 message(STATUS "PKCS #11 URI support: ${WITH_PKCS11_URI}")
 message(STATUS "With PKCS #11 provider support: ${WITH_PKCS11_PROVIDER}")
-message(STATUS "DSA support: ${WITH_DSA}")
 set(_SERVER_TESTING OFF)
 if (WITH_SERVER)
     set(_SERVER_TESTING ${SERVER_TESTING})
diff --git a/tests/pkd/pkd_hello.c b/tests/pkd/pkd_hello.c
index 5dbb0cc4..a64124d3 100644
--- a/tests/pkd/pkd_hello.c
+++ b/tests/pkd/pkd_hello.c
@@ -313,22 +313,6 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
     PKDTESTS_KEX_COMMON(f, client, kexcmd)
 #endif
 
-#ifdef HAVE_DSA
-#define PKDTESTS_KEX_OPENSSHONLY(f, client, kexcmd) \
-    /* Kex algorithms. */ \
-    f(client, ed25519_curve25519_sha256,              kexcmd("curve25519-sha256"),             setup_ed25519,    teardown) \
-    f(client, ed25519_curve25519_sha256_libssh_org,   kexcmd("curve25519-sha256@libssh.org"),  setup_ed25519,    teardown) \
-    f(client, ed25519_ecdh_sha2_nistp256,             kexcmd("ecdh-sha2-nistp256"),            setup_ed25519,    teardown) \
-    f(client, ed25519_ecdh_sha2_nistp384,             kexcmd("ecdh-sha2-nistp384"),            setup_ed25519,    teardown) \
-    f(client, ed25519_ecdh_sha2_nistp521,             kexcmd("ecdh-sha2-nistp521"),            setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group14_sha256,  kexcmd("diffie-hellman-group14-sha256"), setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group16_sha512,  kexcmd("diffie-hellman-group16-sha512"), setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group18_sha512,  kexcmd("diffie-hellman-group18-sha512"), setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group14_sha1,    kexcmd("diffie-hellman-group14-sha1"),   setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group1_sha1,     kexcmd("diffie-hellman-group1-sha1"),    setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256),                setup_ed25519,    teardown) \
-    f(client, ed25519_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1),                    setup_ed25519,    teardown)
-#else
 #define PKDTESTS_KEX_OPENSSHONLY(f, client, kexcmd) \
     /* Kex algorithms. */ \
     f(client, ed25519_curve25519_sha256,              kexcmd("curve25519-sha256"),             setup_ed25519,    teardown) \
@@ -342,7 +326,6 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
     f(client, ed25519_diffie_hellman_group1_sha1,     kexcmd("diffie-hellman-group1-sha1"),    setup_ed25519,    teardown) \
     f(client, ed25519_diffie_hellman_group_exchange_sha256, kexcmd(GEX_SHA256),                setup_ed25519,    teardown) \
     f(client, ed25519_diffie_hellman_group_exchange_sha1, kexcmd(GEX_SHA1),                    setup_ed25519,    teardown)
-#endif
 
 #define CHACHA20 "chacha20-poly1305@openssh.com"
 
@@ -374,19 +357,10 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
     f(client, ecdsa_384_chacha20,      ciphercmd(CHACHA20),        setup_ecdsa_384,  teardown) \
     f(client, ecdsa_521_chacha20,      ciphercmd(CHACHA20),        setup_ecdsa_521,  teardown)
 
-#ifdef HAVE_DSA
-#define PKDTESTS_CIPHER(f, client, ciphercmd) \
-    /* Ciphers. */ \
-    PKDTESTS_CIPHER_COMMON(f, client, ciphercmd) \
-    PKDTESTS_CIPHER_CHACHA(f, client, ciphercmd) \
-    f(client, dsa_aes128_ctr,          ciphercmd("aes128-ctr"),    setup_dsa,        teardown) \
-    f(client, dsa_aes256_ctr,          ciphercmd("aes256-ctr"),    setup_dsa,        teardown)
-#else
 #define PKDTESTS_CIPHER(f, client, ciphercmd) \
     /* Ciphers. */ \
     PKDTESTS_CIPHER_COMMON(f, client, ciphercmd) \
     PKDTESTS_CIPHER_CHACHA(f, client, ciphercmd)
-#endif
 
 #define AES128_GCM "aes128-gcm@openssh.com"
 #define AES256_GCM "aes256-gcm@openssh.com"
diff --git a/tests/unittests/torture_knownhosts_parsing.c b/tests/unittests/torture_knownhosts_parsing.c
index 138f4dee..bc79fd0f 100644
--- a/tests/unittests/torture_knownhosts_parsing.c
+++ b/tests/unittests/torture_knownhosts_parsing.c
@@ -145,7 +145,6 @@ close_fp:
     return rc;
 }
 
-#ifndef HAVE_DSA
 static int setup_knownhosts_file_unsupported_type(void **state)
 {
     char *tmp_file = NULL;
@@ -175,7 +174,6 @@ close_fp:
 
     return rc;
 }
-#endif
 
 static int teardown_knownhosts_file(void **state)
 {
@@ -429,7 +427,6 @@ static void torture_knownhosts_get_algorithms_names(void **state)
     ssh_free(session);
 }
 
-#ifndef HAVE_DSA
 /* Do not remove this test if we completely remove DSA support! */
 static void torture_knownhosts_get_algorithms_names_unsupported(void **state)
 {
@@ -452,7 +449,6 @@ static void torture_knownhosts_get_algorithms_names_unsupported(void **state)
 
     ssh_free(session);
 }
-#endif
 
 static void torture_knownhosts_algorithms_wanted(void **state)
 {
@@ -722,11 +718,9 @@ int torture_run_tests(void) {
         cmocka_unit_test_setup_teardown(torture_knownhosts_get_algorithms_names,
                                         setup_knownhosts_file,
                                         teardown_knownhosts_file),
-#ifndef HAVE_DSA
         cmocka_unit_test_setup_teardown(torture_knownhosts_get_algorithms_names_unsupported,
                                         setup_knownhosts_file_unsupported_type,
                                         teardown_knownhosts_file),
-#endif
         cmocka_unit_test_setup_teardown(torture_knownhosts_algorithms_wanted,
                                         setup_knownhosts_file,
                                         teardown_knownhosts_file),
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index 919a46cf..d91252ab 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -1455,11 +1455,6 @@ static void torture_options_apply (void **state) {
     id = ssh_path_expand_escape(session, "%d/id_rsa");
     rc = ssh_list_append(awaited_list, id);
     assert_int_equal(rc, SSH_OK);
-#ifdef HAVE_DSA
-    id = ssh_path_expand_escape(session, "%d/id_dsa");
-    rc = ssh_list_append(awaited_list, id);
-    assert_int_equal(rc, SSH_OK);
-#endif
 
     assert_int_equal(ssh_list_count(awaited_list),
                      ssh_list_count(session->opts.identity));