Enable -Wmissing-variable-declarations and

-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>

10 files changed, 26 insertions, 17 deletions

diff --git a/apps/apps.h b/apps/apps.h
index 0901c7dce3..328f8fb55a 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -573,6 +573,12 @@ int raw_write_stdout(const void *, int);
 # define TM_STOP         1
 double app_tminterval(int stop, int usertime);
 
+/* this is an accident waiting to happen (-Wshadow is your friend) */
+extern int verify_depth;
+extern int verify_quiet;
+extern int verify_error;
+extern int verify_return_error;
+
 # include "progs.h"
 
 #endif
diff --git a/apps/cms.c b/apps/cms.c
index 2331ea2e28..ae47341532 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -95,7 +95,7 @@ static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
 # define SMIME_SIGN_RECEIPT      (15 | SMIME_IP | SMIME_OP)
 # define SMIME_VERIFY_RECEIPT    (16 | SMIME_IP)
 
-int verify_err = 0;
+static int verify_err = 0;
 
 typedef struct cms_key_param_st cms_key_param;
 
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 145f55c0e6..5a98f454fb 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -116,14 +116,14 @@ OPTIONS ecparam_options[] = {
     {NULL}
 };
 
-OPT_PAIR forms[] = {
+static OPT_PAIR forms[] = {
     {"compressed", POINT_CONVERSION_COMPRESSED},
     {"uncompressed", POINT_CONVERSION_UNCOMPRESSED},
     {"hybrid", POINT_CONVERSION_HYBRID},
     {NULL}
 };
 
-OPT_PAIR encodings[] = {
+static OPT_PAIR encodings[] = {
     {"named_curve", OPENSSL_EC_NAMED_CURVE},
     {"explicit", 0},
     {NULL}
diff --git a/apps/openssl.c b/apps/openssl.c
index 39ae64d498..58a2d0f700 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -160,7 +160,7 @@ static void list_pkey(void);
 static void list_type(FUNC_TYPE ft);
 char *default_config_file = NULL;
 
-CONF *config = NULL;
+static CONF *config = NULL;
 BIO *bio_in = NULL;
 BIO *bio_out = NULL;
 BIO *bio_err = NULL;
diff --git a/apps/progs.h b/apps/progs.h
index 4b9bcb47ed..4a59b64a50 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -65,7 +65,6 @@ extern int list_main(int argc, char *argv[]);
 extern int help_main(int argc, char *argv[]);
 extern int exit_main(int argc, char *argv[]);
 
-#ifdef INCLUDE_FUNCTION_TABLE
 extern OPTIONS asn1parse_options[];
 extern OPTIONS ca_options[];
 extern OPTIONS ciphers_options[];
@@ -114,7 +113,9 @@ extern OPTIONS rehash_options[];
 extern OPTIONS list_options[];
 extern OPTIONS help_options[];
 extern OPTIONS exit_options[];
-FUNCTION functions[] = {
+
+#ifdef INCLUDE_FUNCTION_TABLE
+static FUNCTION functions[] = {
     { FT_general, "asn1parse", asn1parse_main, asn1parse_options },
     { FT_general, "ca", ca_main, ca_options },
 #if !defined(OPENSSL_NO_SOCK)
diff --git a/apps/progs.pl b/apps/progs.pl
index 38e091e26e..065d954588 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -33,11 +33,13 @@ foreach (@ARGV) {
 	printf "extern int %s_main(int argc, char *argv[]);\n", $_;
 }
 
-printf "\n#ifdef INCLUDE_FUNCTION_TABLE\n";
+print "\n";
+
 foreach (@ARGV) {
 	printf "extern OPTIONS %s_options[];\n", $_;
 }
-printf "FUNCTION functions[] = {\n";
+print "\n#ifdef INCLUDE_FUNCTION_TABLE\n";
+print "static FUNCTION functions[] = {\n";
 foreach (@ARGV) {
 	$str="    { FT_general, \"$_\", ${_}_main, ${_}_options },\n";
 	if (/^s_/ || /^ciphers$/) {
diff --git a/apps/s_cb.c b/apps/s_cb.c
index a1305d339f..0c1dfc57d7 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -131,8 +131,8 @@ int verify_depth = 0;
 int verify_quiet = 0;
 int verify_error = X509_V_OK;
 int verify_return_error = 0;
-unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
-int cookie_initialized = 0;
+static unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
+static int cookie_initialized = 0;
 
 static const char *lookup(int val, const STRINT_PAIR* list, const char* def)
 {
diff --git a/apps/s_client.c b/apps/s_client.c
index 3eb495a479..65e3bb89d5 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -395,7 +395,7 @@ static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
 
 #endif
 
-char *srtp_profiles = NULL;
+static char *srtp_profiles = NULL;
 
 #ifndef OPENSSL_NO_NEXTPROTONEG
 /* This the context that we pass to next_proto_cb */
diff --git a/apps/s_server.c b/apps/s_server.c
index 8fe1ebe224..9e4a18636d 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -232,7 +232,7 @@ static char *s_dcert_file = NULL, *s_dkey_file = NULL, *s_dchain_file = NULL;
 static int s_nbio = 0;
 #endif
 static int s_nbio_test = 0;
-int s_crlf = 0;
+static int s_crlf = 0;
 static SSL_CTX *ctx = NULL;
 static SSL_CTX *ctx2 = NULL;
 static int www = 0;
@@ -2366,7 +2366,7 @@ static int init_ssl_connection(SSL *con)
     int i;
     const char *str;
     X509 *peer;
-    long verify_error;
+    long verify_err;
     char buf[BUFSIZ];
 #if !defined(OPENSSL_NO_NEXTPROTONEG)
     const unsigned char *next_proto_neg;
@@ -2409,10 +2409,10 @@ static int init_ssl_connection(SSL *con)
 
         BIO_printf(bio_err, "ERROR\n");
 
-        verify_error = SSL_get_verify_result(con);
-        if (verify_error != X509_V_OK) {
+        verify_err = SSL_get_verify_result(con);
+        if (verify_err != X509_V_OK) {
             BIO_printf(bio_err, "verify error:%s\n",
-                       X509_verify_cert_error_string(verify_error));
+                       X509_verify_cert_error_string(verify_err));
         }
         /* Always print any error messages */
         ERR_print_errors(bio_err);
diff --git a/apps/speed.c b/apps/speed.c
index 297ea521e3..1508076e9b 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -405,7 +405,7 @@ OPTIONS speed_options[] = {
 #define D_IGE_192_AES   27
 #define D_IGE_256_AES   28
 #define D_GHASH         29
-OPT_PAIR doit_choices[] = {
+static OPT_PAIR doit_choices[] = {
 #ifndef OPENSSL_NO_MD2
     {"md2", D_MD2},
 #endif