These files were pulled from the 1.6.3 release tarball.
This new version builds against OpenSSL version 1.1 which will be
the default in the new Debian Stable which is due to be released
RealSoonNow (tm).
EVP_dss1() was deprecated and EVP_sha1() is the direct replacement.
Upstream libunbound already has this patch. Note that I haven't
added a test for HAVE_EVP_DSS1 since that was deprecated quite a
long time ago in OpenSSL, there's really no reason to support it.