Plug a few leaks and perform some other code hygiene

Closing this directory now until the daily Coverity run throws a hissy fit.

ok jsing

p12_npas.c: hoist some helpers from the bottom to the top in reverse order

p12_npas.c: maclen -> mac_len

p12_npas.c: Use slightly less awkward variable names

Merge PKCS12_newpass() and newpass_p12()

With the previous refactoring, newpass_p12() became simple enough that it
doesn't require a separate function anymore. Merge the public API into it
and move it below (most of) the things it calls.

ok jsing

Rename pkcs12_repack_safe() into pkcs12_repack_authsafes()

discussed with jsing

Rework newpass_p12() a bit more

Split the bottom half that repacks the authsafes into a helper function.
This simplifies the curly exit path and makes it clearer what is being
done. PKCS12_pack_authsafes() is a very inconvenient API and there are
some extra dances needed due to it.

ok jsing

newpass_p12(): factor for loop body into helpers

Since newpass_bags() and sk_PKCS7_push() could be shared between two
otherwise entirely unrelated code paths, it was decided to dedup the
code in about the ugliest possible way. Untangle the spaghetti and
split the code paths into helper functions, so we can easily error
check and avoid a bunch of leaks.

ok jsing

Fix a memleak and a double free in newpass_p12()

If the allocation of newsafes fails, asafes is leaked. And if the
ASN1_OCTET_STRING_new() after the freeing of asafes fails, asafes is
freed a second time.

ok jsing

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Hide symbols in libcrypto/pkcs12

ok jsing@

Add an empty pkcs12_local.h and include it where it will soon be needed.

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Hide symbols in libcrypto/pkcs12

ok jsing@

Add an empty pkcs12_local.h and include it where it will soon be needed.

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Hide symbols in libcrypto/pkcs12

ok jsing@

Add an empty pkcs12_local.h and include it where it will soon be needed.

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Hide symbols in libcrypto/pkcs12

ok jsing@

Add an empty pkcs12_local.h and include it where it will soon be needed.

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Add an empty pkcs12_local.h and include it where it will soon be needed.

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Move the now internal X.509-related structs into x509_lcl.h.
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.

ok jsing

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Add const to the X509_ALGOR and other arguments of
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.

Attempt to correctly free temporary storage upon error. With help from
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime
at commiting bugfixes)

KNF.

tags as requested by miod and tedu

resolve conflicts, fix local changes

resolve conflicts

resolve conflicts

merge 0.9.7b with local changes; crank majors for libssl/libcrypto

OpenSSL 0.9.7 stable 2002 05 08 merge

openssl-engine-0.9.6 merge

branches: 1.1.1;
OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs