stsp [Mon, 6 Mar 2023 11:28:01 +0000 (11:28 +0000)]
always provide a subset of STA info in the MAC context command
We used to provide beacon-related information only once our station was
associated. New firmware wants to see this information earlier, when are
about to send an AUTH frame. Otherwise SYSASSERT 0x2000011A is raised.
Problem diagnosed with help from Johannes Berg, thanks!
stsp [Mon, 6 Mar 2023 11:21:24 +0000 (11:21 +0000)]
fix iwx session protection event duration
Firmware expects time in TU units.
Use 900 TU for the session protection timeout, like the linux driver does.
verified with Johannes Berg from Linux/Intel, thanks for the support!
stsp [Mon, 6 Mar 2023 11:18:37 +0000 (11:18 +0000)]
support the new iwx SCD_QUEUE_CONFIG command
Required for adding/removing Tx queues on new firmware versions.
Semantics have changed yet again. Good old iwm(4) required manual
removal of related Tx queues when a station is removed from firmware.
At some point iwx(4) firmware removed this requirement and demanded
that queue removal would be done implicitly by firmware instead.
And now the firmware engineers at Intel have again changed their
minds about this, and explicit queue removal is required again.
It is sad that we are being driven through such a marathon of changes
just in order to pick up some firmware security fixes...
stsp [Mon, 6 Mar 2023 11:08:56 +0000 (11:08 +0000)]
add support for the iwx BAID allocation config command
This command is required to set up Rx aggregation on new firmware.
stsp [Mon, 6 Mar 2023 11:03:29 +0000 (11:03 +0000)]
implement support for iwx PHY context cmd version 4
stsp [Mon, 6 Mar 2023 11:00:41 +0000 (11:00 +0000)]
support the new IWX_STA_MAC_DATA_API_S_VER_2 API
MAC context command fields which firmware has been ignoring since the iwm
hardware generation have been repurposed for information related to 11ax.
Just set these fields to zero. Firmware -71 and up will panic otherwise.
stsp [Mon, 6 Mar 2023 10:52:16 +0000 (10:52 +0000)]
add support for the iwx RLC config command
New firmware wants to be told about MIMO antenna configuration via
a separate command, rather than via the good old PHY context command.
stsp [Mon, 6 Mar 2023 10:48:05 +0000 (10:48 +0000)]
support iwx rate_n_flags API version 2 and delete fixed Tx rate support
As of this commit iwx will ignore 'ifconfig media' commands where the
user-specified Tx rate resolves to something other than 'autoselect'.
The existing support for forcing a Tx rate was already only partially
working in 11n and 11ac modes. I doubt anyone had a serious use case for
this. If you really need to force a specific Tx rate for data frames
sent by iwx then hack the driver instead of using 'ifconfig media'.
The firmware interface was designed for Tx rate selection in firmware.
Maintaining support for overriding the Tx rate with ifconfig in face of
complicated firmware interface changes such as this rate_n_flags change
is just not worth it. While trying to keep forced Tx rates working on top
of the new rate_n_flags format I accidentally broke the Tx rate used for
managment frames during regular operation, which caused much frustration.
stsp [Mon, 6 Mar 2023 10:31:58 +0000 (10:31 +0000)]
change current iwx rate_n_flag field names to indicate this is API version 1
also add some missing bits found in the Linux driver while here
stsp [Mon, 6 Mar 2023 10:28:04 +0000 (10:28 +0000)]
add support for iwx TLC config command v4
stsp [Mon, 6 Mar 2023 10:24:15 +0000 (10:24 +0000)]
add support for iwx firmware alive response version 6
stsp [Mon, 6 Mar 2023 10:16:16 +0000 (10:16 +0000)]
recognize more iwx ucode TLV sections which are present in newer fw images
job [Mon, 6 Mar 2023 09:14:29 +0000 (09:14 +0000)]
Fix comment
tb [Mon, 6 Mar 2023 08:37:24 +0000 (08:37 +0000)]
Fix some return checks in ecdh_cms_encrypt()
i2d functions return <= 0 on error, so check for that instead of == 0.
The issue with CMS_SharedInfo_encode() was found by Niels Dossche.
OpenSSL review overlooked that they had turned penclen into a size_t.
In principle the issue with i2d_X509_ALGOR() is purely cosmetic. Why do
a strange check when there is an idiomatic check? Then again this is CMS...
ok jsing
tb [Mon, 6 Mar 2023 08:31:34 +0000 (08:31 +0000)]
Fix incorrect RSA_public_decrypt() return check
RSA_public_decrypt() returns <= 0 on error. Assigning to a size_t and
checking for == 0 is not the right thing to do here. Neither is blindly
turning the check into <= 0...
Found by Niels Dossche
ok jsing
tb [Mon, 6 Mar 2023 08:08:31 +0000 (08:08 +0000)]
ASN.1 enc: check ASN1_item_ex_i2d() consistency
The i2d API design is: call a function first with a pointer to NULL, get
the length, allocate a buffer, call the function passing the buffer in.
Both calls should be checked since ther are still internal allocations.
At the heart of ASN.1 encoding, this idiom is used and the second call
is assumed to succeed after the length was determined. This is far from
guaranteed. Check that the second call returns the same length and error
otherwise.
ok jsing
jmc [Mon, 6 Mar 2023 06:56:49 +0000 (06:56 +0000)]
whack the *phy entries in SEE ALSO: it was becoming unwieldy, and they are
already listed in SYNOPSIS;
while here, rework the ifconfig sentence into something simpler, tweaked
by jsg to mention the "media" keyword;
ok jsg
deraadt [Mon, 6 Mar 2023 06:49:16 +0000 (06:49 +0000)]
sync
jsg [Mon, 6 Mar 2023 02:40:58 +0000 (02:40 +0000)]
drm/amd/display: Properly reuse completion structure
From Stylon Wang
118ad80d27d938868299ef184f7483b21f011f0b in linux-6.1.y/6.1.15
0cf8307adbc6beb5ff3b8a76afedc6e4e0b536a9 in mainline linux
jsg [Mon, 6 Mar 2023 02:38:01 +0000 (02:38 +0000)]
drm/amd/display: Fix race condition in DPIA AUX transfer
From Stylon Wang
075e2099c32cf4486b27266d2aecf61e95499ea4 in linux-6.1.y/6.1.15
ead08b95fa50f40618c72b93a849c4ae30c9cd50 in mainline linux
jsg [Mon, 6 Mar 2023 02:34:53 +0000 (02:34 +0000)]
drm/amd/display: Move DCN314 DOMAIN power control to DMCUB
From Nicholas Kazlauskas
4da108082a3290804ebbd42d70ce8535c00e4637 in linux-6.1.y/6.1.15
e383b12709e32d6494c948422070c2464b637e44 in mainline linux
tobhe [Sun, 5 Mar 2023 22:17:22 +0000 (22:17 +0000)]
Fix clean process shutdown by storing env globally like vmd and httpd do
instead of getting it from p_ps. The old approach does not work anymore
after the recent fork + exec update.
ok patrick@
ajacoutot [Sun, 5 Mar 2023 18:55:34 +0000 (18:55 +0000)]
Actually, LANG only set the default.
from guenther@
jsing [Sun, 5 Mar 2023 16:31:01 +0000 (16:31 +0000)]
Remove #ifndef OPENSSL_EC_NISTP_64_GCC_128.
This was presumably intended to be OPENSSL_NO_EC_NISTP_64_GCC_128, however
generic code has ended up inside the ifdef (and none of the NISTP code
or prototypes now remain).
kettenis [Sun, 5 Mar 2023 16:21:52 +0000 (16:21 +0000)]
arm64 needs -DBOOT_STTY as well.
ok miod@
jsing [Sun, 5 Mar 2023 16:11:36 +0000 (16:11 +0000)]
Remove ec_GFp_nistp.* prototypes.
This code has been deleted, however the prototypes managed to hang around.
jsing [Sun, 5 Mar 2023 16:06:14 +0000 (16:06 +0000)]
Remove duplicate function prototypes.
patrick [Sun, 5 Mar 2023 14:45:07 +0000 (14:45 +0000)]
Mask off IPL flags before storing the IPL for an interrupt.
ok kettenis@ jmatthew@
tb [Sun, 5 Mar 2023 13:12:53 +0000 (13:12 +0000)]
openssl: make all config structs static
These are per-app, so per-file. Most of them already are static, adjust
the rest of them.
tb [Sun, 5 Mar 2023 13:08:22 +0000 (13:08 +0000)]
openssl/cms: zap some trailing whitespace
jmc [Sun, 5 Mar 2023 12:56:41 +0000 (12:56 +0000)]
knock out double .Pp;
jmc [Sun, 5 Mar 2023 12:55:36 +0000 (12:55 +0000)]
oops, overridden has two d's; apologies ajacoutot for not spotting that.
espie [Sun, 5 Mar 2023 10:41:59 +0000 (10:41 +0000)]
adjust documentation to explain tags, which are still there just in case
ajacoutot [Sun, 5 Mar 2023 10:11:29 +0000 (10:11 +0000)]
Values for categories that are not set in the environment or that are overriden
by LANG or LC_ALL are displayed between double quotes.
wording by guenther@
ok kn@ jmc@
kettenis [Sun, 5 Mar 2023 09:57:32 +0000 (09:57 +0000)]
Add RK356x-specific initialization. Also initialize a few auto mode
related registers on all supported SoCs. Makes rktemp(4) work on
RK356x with U-Boot.
ok jmatthew@
dtucker [Sun, 5 Mar 2023 09:24:35 +0000 (09:24 +0000)]
Fix mem and FILE leaks in moduli screening.
If multiple -Ocheckpoint= options are passed, the earlier ones would
be overwritten and leaked. If we use an input file that wasn't stdin,
close that. From Coverity CIDs 291884 and 291894.
dtucker [Sun, 5 Mar 2023 08:18:58 +0000 (08:18 +0000)]
Plug mem leak in moduli checkpoint option parsing.
From Coverity CID 291894.
dtucker [Sun, 5 Mar 2023 05:34:09 +0000 (05:34 +0000)]
Remove unused compat.h includes. We've previously removed a lot
of the really old compatibility code, and with it went the need to
include compat.h in most of the files that have it.
jmatthew [Sun, 5 Mar 2023 04:30:08 +0000 (04:30 +0000)]
Mask off IPL flags before storing the IPL for an interrupt.
This fixes the IPL calculations in mpic_calc_mask() in the presence
of IPL_MPSAFE interrupts such as mvneta(4).
ok patrick@ kettenis@ dlg@
jsg [Sun, 5 Mar 2023 03:17:04 +0000 (03:17 +0000)]
Xt -> Xr
kettenis [Sat, 4 Mar 2023 23:32:40 +0000 (23:32 +0000)]
Add ytphy(4); pointed out by jmc@
krw [Sat, 4 Mar 2023 23:09:15 +0000 (23:09 +0000)]
Don't whine about invalid start/end values when
starting to edit an unused GPT partition.
kettenis [Sat, 4 Mar 2023 22:54:35 +0000 (22:54 +0000)]
Turns out the RK3566 has a different value in the GPIO_VER_ID register
than advertised in the RK3568. This value is present in the Linux
driver and implies the new register layout. So handle both values.
This makes GPIOs on the RK3566 actually work.
ok patrick@
kettenis [Sat, 4 Mar 2023 22:51:12 +0000 (22:51 +0000)]
On RK356x many devices need to be explicitly routed to use alternative pin
muxings. Implement support for this.
ok patrick@
kettenis [Sat, 4 Mar 2023 22:48:00 +0000 (22:48 +0000)]
Enable ytphy(4) here too.
kettenis [Sat, 4 Mar 2023 22:44:27 +0000 (22:44 +0000)]
ytphy(4)
kettenis [Sat, 4 Mar 2023 22:40:37 +0000 (22:40 +0000)]
Add ytphy(4) to files.mii (forgotten in the previous commit).
Fix year on my copyright.
kettenis [Sat, 4 Mar 2023 22:36:15 +0000 (22:36 +0000)]
enable ytphy(4)
kettenis [Sat, 4 Mar 2023 22:35:28 +0000 (22:35 +0000)]
Add ytphy(4), a driver for the MotorComm YT8511 PHY.
ok deraadt@
kettenis [Sat, 4 Mar 2023 22:34:37 +0000 (22:34 +0000)]
Use ISC licence.
ok deraadt@
tobhe [Sat, 4 Mar 2023 22:22:50 +0000 (22:22 +0000)]
Sync proc.c from vmd(8) to enabled fork + exec for all processes. This gives
each process a fresh and unique address space to further improve randomization
of ASLR and stack protector.
ok bluhm@ patrick@
tb [Sat, 4 Mar 2023 21:58:54 +0000 (21:58 +0000)]
openssl enc doesn't really support AEAD ciphers and XTS mode
Do not display such ciphers in the usage display and error out if
they are given. As pointed out by Pauli Dale, the current situation
is confusing.
Fixes GH issues #786 and #819
ok jsing
tb [Sat, 4 Mar 2023 21:42:49 +0000 (21:42 +0000)]
Simplify the consistency checks in old_dsa_priv_decode()
We have long had expensive checks for DSA domain parameters in
old_dsa_priv_decode(). These were implemented in a more complicated
way than necesary.
ok beck jsing
tb [Sat, 4 Mar 2023 21:39:34 +0000 (21:39 +0000)]
Enforce a lower bound of of EC group order so 80 bits for ECDSA
This makes sure that the elliptic curve is not completely stupid.
This is conservative enough: the smallest named groups that we support
have an order of 112 bits.
ok beck jsing
tb [Sat, 4 Mar 2023 21:37:37 +0000 (21:37 +0000)]
Cap the number of iterations in ECDSA signing
ECDSA is essentially the same thing as DSA, except that it is slightly
less stupid. Signing specifies an infinite loop, which is only possible
with arbitrary ECDSA domain parameters. Fortunately, most use of ECDSA
in the wild is based on well-known groups, so it is known a priori that
the loop is not infinite. Still, infinite loops are bad. A retry is
unlikely, 32 retries have a probability of ~2^-8000. So it's pretty
safe to error out.
ok beck jsing
tb [Sat, 4 Mar 2023 21:30:23 +0000 (21:30 +0000)]
Cap the number of iterations in DSA signing
The DSA standard specifies an infinite loop: if either r or s is zero
in the signature calculation, a new random number k shall be generated
and the whole thing is to be redone. The rationale is that, as the
standard puts it, "[i]t is extremely unlikely that r = 0 or s = 0 if
signatures are generated properly."
The problem is... There is no cheap way to know that the DSA domain
parameters we are handed are actually DSA domain parameters, so even
if all our calculations are carefully done to do all the checks needed,
we cannot know if we generate the signatures properly. For this we would
need to do two primality checks as well as various congruences and
divisibility properties. Doing this easily leads to DoS, so nobody does
it.
Unfortunately, it is relatively easy to generate parameters that pass
all sorts of sanity checks and will always compute s = 0 since g
is nilpotent. Thus, as unlikely as it is, if we are in the mathematical
model, in practice it is very possible to ensure that s = 0.
Read David Benjamin's glorious commit message for more information
https://boringssl-review.googlesource.com/c/boringssl/+/57228
Thanks to Guido Vranken for reporting this issue, also thanks to
Hanno Boeck who apparently found and reported similar problems earlier.
ok beck jsing
krw [Sat, 4 Mar 2023 21:22:51 +0000 (21:22 +0000)]
Use nitems() in the simple iterations over mbr->mbr_prt[].
No intentional functional change.
tb [Sat, 4 Mar 2023 21:08:14 +0000 (21:08 +0000)]
Small readability tweak in old_dsa_priv_decode()
Explicitly check against NULL and turn early return into goto err.
ok beck jsing
tb [Sat, 4 Mar 2023 21:06:17 +0000 (21:06 +0000)]
Call dsa_check_keys() before signing or verifying
We already had some checks on both sides, but they were less precise
and differed between the functions. The code here is messy enough, so
any simplification is helpful...
ok beck jsing
tb [Sat, 4 Mar 2023 21:02:21 +0000 (21:02 +0000)]
Add dsa_check_key() calls on DSA decoding
When decoding a public or a private key, use dsa_check_key() to ensure
consistency of the DSA parameters. We do not always have sufficient
information to do that, so this is not always possible.
This adds new checks and replaces incomplete existing ones. On decoding
the private key we will now only calculate the corresponding public key,
if the sizes are sensible. This avoids potentially expensive operations.
ok beck jsing
tb [Sat, 4 Mar 2023 20:54:52 +0000 (20:54 +0000)]
Provide dsa_check_key()
This is a cheap check that ensures basid parameter consistency per
FIPS 186-4: 1 < g < q, that q has the allowed bit sizes 160, 224, 256
and that p is neither too small nor too large. Unfortunately, enforcing
the three allowed sizes for p is not possible since the default dsa key
generation has not respected this limitation.
Instead of checking that p and q are prime, we only check that they
are odd. Check that public and private keys, if set, are in the proper
range. In particular, disallow zero values.
Various versions of these checks have been added to the dsa code
over time. This consolidates and extends them and in a subsequent
commit wewill replace the incomplete checks. BoringSSL has a similar
function of the same name, thanks to David Benjamin for pointing it
out.
ok beck jsing
tb [Sat, 4 Mar 2023 20:47:04 +0000 (20:47 +0000)]
Provide DSA_R_INVALID_PARAMETERS error code
This has been missing for a while already and will be used in a
few upcoming commits.
ok beck jsing
deraadt [Sat, 4 Mar 2023 19:56:48 +0000 (19:56 +0000)]
sync
jsing [Sat, 4 Mar 2023 14:53:23 +0000 (14:53 +0000)]
Mop up ECP_NISTZ256_ASM and OPENSSL_NO_EC_NISTP_64_GCC_128 leftovers.
This is `unifdef -m -DOPENSSL_NO_EC_NISTP_64_GCC_128 -UECP_NISTZ256_ASM`
and some manual tidy up.
deraadt [Sat, 4 Mar 2023 14:49:36 +0000 (14:49 +0000)]
move to 7.3-beta
krw [Sat, 4 Mar 2023 14:47:18 +0000 (14:47 +0000)]
Toss in some const's to ensure that static data pointed to
by function return values is not fiddled with.
No intentional functional change.
jsing [Sat, 4 Mar 2023 14:38:00 +0000 (14:38 +0000)]
Rename field_data1 and field_data2.
Rather than pretending that these "generic" variables are used for multiple
things, rename them to reflect their actual usage and use appropriate types
instead of void *.
ok tb@
tb [Sat, 4 Mar 2023 12:13:11 +0000 (12:13 +0000)]
bio_chain test: fix error message
jmc [Sat, 4 Mar 2023 12:02:07 +0000 (12:02 +0000)]
expand Nd (missed in previous); ok claudio
tb [Sat, 4 Mar 2023 11:58:29 +0000 (11:58 +0000)]
Avoid infinite loop in bio_asn1 state machine
If the BIO_write() in the ASN1_STATE_DATA_COPY state fails, incorrect
error handling will break out of the switch without changing the state,
and the infinite for loop will immediately try the same write again,
which is unlikely to succeed... Clearly this code intended to break out
of the loop instead.
Via OpenSSL 1.1 commit
723f616df81ea05f31407f7417f49eea89bb459a
ok millert
sashan [Sat, 4 Mar 2023 10:55:37 +0000 (10:55 +0000)]
pf(4) should be enforcing TTL=1 to packets sent to 224.0.0.1 only.
Issue found and kindly reported by Luca Di Gregorio <lucdig _at_ gmail>
OK bluhm@
jmatthew [Sat, 4 Mar 2023 10:42:26 +0000 (10:42 +0000)]
Add mvortc(4) and mvodog(4) here too
kn [Sat, 4 Mar 2023 09:03:34 +0000 (09:03 +0000)]
properly initialise LIST head
This worked because the global head variable is zero-initialised,
but one must not rely on that.
OK mvs claudio
tb [Sat, 4 Mar 2023 06:25:42 +0000 (06:25 +0000)]
openssl/req: garbage collect a pointless EVP_MD_CTX_init()
Before do_sign_init(), the ctx is always allocated by EVP_MD_CTX_new()
aka calloc(). There is no point in doing EVP_MD_CTX_init(), aka bzero().
ok jsing
dtucker [Sat, 4 Mar 2023 03:22:59 +0000 (03:22 +0000)]
Use time_t instead of u_int for remaining x11 timeout checks for 64bit
time_t safety. From Coverity CIDs 405197 and 405028, ok djm@
dlg [Sat, 4 Mar 2023 01:23:40 +0000 (01:23 +0000)]
handle polling when cold in tipmic_thermal_opreg_handler().
this allows me to boot if acpitz is using tipmic instead of getting
stuck. tipmic would spin on tsleep, which returns immediately with
0 when cold, waiting for a value to be set by the tipmic interrupt
handler. cos the box is cold the interrupt is masked, so the tsleep
loop never ended.
patrick@ helped me find this
ok kettenis@
cheloha [Sat, 4 Mar 2023 00:00:25 +0000 (00:00 +0000)]
tee(1): explicitly check read(2) return value for 0 and -1
cheloha [Fri, 3 Mar 2023 20:16:44 +0000 (20:16 +0000)]
initclocks: don't reinitialize ticks, jiffies at runtime
Various drivers use ticks/jiffies before initclocks(). It isn't
generally safe to reinitialize them at runtime. Hoist the conditional
definition of HZ from param.c into sys/kernel.h so we can see it from
kern_clock.c and statically initialize ticks/jiffies to the desired
offset.
With this change, timeouts scheduled before initclocks() do not all
fire immediately during the first softclock().
With input from kettenis@.
Link: https://marc.info/?l=openbsd-tech&m=167753870803378&w=2
bluhm [Fri, 3 Mar 2023 16:22:57 +0000 (16:22 +0000)]
Process accounting and lastcomm(1) can detect execve(2) violations
of pinsyscall(2) policy. Report such findings in daily mail like
other security violations. User has to turn on accounting=YES in
rc.conf.local to utilize this feature.
OK deraadt@
job [Fri, 3 Mar 2023 16:19:05 +0000 (16:19 +0000)]
In filemode, print the certification path towards the Trust Anchor
with and OK tb@
claudio [Fri, 3 Mar 2023 13:03:29 +0000 (13:03 +0000)]
Use EXTRACT_16BITS() in default_print() instead of handrolling it.
OK bluhm@
dtucker [Fri, 3 Mar 2023 10:23:42 +0000 (10:23 +0000)]
Ensure ms_remain is always initialized, similar to what we do in
ssh_packet_write_wait. bz#2687, from jjelen at redhat.com.
dtucker [Fri, 3 Mar 2023 09:48:51 +0000 (09:48 +0000)]
Check for non-NULL before string comparison. From jjelen at redhat.com
via bz#2687.
jsg [Fri, 3 Mar 2023 08:08:15 +0000 (08:08 +0000)]
namservers -> nameservers
djm [Fri, 3 Mar 2023 05:00:34 +0000 (05:00 +0000)]
guard against getsockname(-1, ...) from Coverity CID 291832
djm [Fri, 3 Mar 2023 04:36:20 +0000 (04:36 +0000)]
some options are not first-match-wins. Mention that there are
exceptions at the start of the manpage and label some of them in
the option description.
djm [Fri, 3 Mar 2023 04:34:49 +0000 (04:34 +0000)]
actually print "channeltimeout none" in config dump mode;
spotted via Coverity CID 405022
dtucker [Fri, 3 Mar 2023 03:12:24 +0000 (03:12 +0000)]
Check return values of dup2. Spotted by Coverity, ok djm@
dtucker [Fri, 3 Mar 2023 02:37:58 +0000 (02:37 +0000)]
Use time_t for x11_refuse_time timeout. We need SSH_TIME_T_MAX for
this, so move from misc.c to misc.h so it's available. Fixes a Coverity
warning for 64bit time_t safety, ok djm@
dtucker [Fri, 3 Mar 2023 02:34:29 +0000 (02:34 +0000)]
Check return value from fctnl and warn on failure. Spotted by Coverity,
ok djm@
tb [Thu, 2 Mar 2023 21:17:35 +0000 (21:17 +0000)]
Simplify the ct Makefile slightly
tb [Thu, 2 Mar 2023 21:15:14 +0000 (21:15 +0000)]
Clean up the x509 regress make file a little
tb [Thu, 2 Mar 2023 21:08:14 +0000 (21:08 +0000)]
Remove a few more unnecessary line continuations
tb [Thu, 2 Mar 2023 21:07:21 +0000 (21:07 +0000)]
Nitpick error checks of BN_get_mem_data()
BN_get_mem_data() returns a non-positive long on error, so assigning
it to a size_t and displaying that in error messages is incorrect.
tb [Thu, 2 Mar 2023 20:45:11 +0000 (20:45 +0000)]
Some more Makefile cosmetics
The verbose evp test actually depends on the evptest binary. Use consistent
spacing and indentation.
tb [Thu, 2 Mar 2023 20:27:54 +0000 (20:27 +0000)]
The evp_ecx_test no longer needs static linking
tb [Thu, 2 Mar 2023 20:24:51 +0000 (20:24 +0000)]
Hide the hexdumps behind a verbose flags. Should have been part of
the previous commit.
tb [Thu, 2 Mar 2023 20:22:46 +0000 (20:22 +0000)]
Simplify evp test Makefile.
Make evptest silent by default: these pages of hexdumps are useless noise.
Add a verbose target for debugging.
tb [Thu, 2 Mar 2023 20:18:40 +0000 (20:18 +0000)]
evp_pkey_check: make this test silent on success
tb [Thu, 2 Mar 2023 20:04:42 +0000 (20:04 +0000)]
Remove a few unnecessary line continuations