From ac52f42aca9fe0933f7564581268ac50c826bd39 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 6 Jun 2018 09:51:12 +0100
Subject: [PATCH] Fix no-dsa

Broken by 0336df2fa.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6427)
---
 apps/req.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apps/req.c b/apps/req.c
index 59baa89bcf..7e7b994f0d 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -523,11 +523,13 @@ int req_main(int argc, char **argv)
                        "         Your key size is %ld! Larger key size may behave not as expected.\n",
                        OPENSSL_RSA_MAX_MODULUS_BITS, newkey);
 
+#ifndef OPENSSL_NO_DSA
         if (pkey_type == EVP_PKEY_DSA && newkey > OPENSSL_DSA_MAX_MODULUS_BITS)
             BIO_printf(bio_err,
                        "Warning: It is not recommended to use more than %d bit for DSA keys.\n"
                        "         Your key size is %ld! Larger key size may behave not as expected.\n",
                        OPENSSL_DSA_MAX_MODULUS_BITS, newkey);
+#endif
 
         if (genctx == NULL) {
             genctx = set_keygen_ctx(NULL, &pkey_type, &newkey,
-- 
2.34.1