Revert the size_t modifications from HEAD that had led to more

knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.

87 files changed, 510 insertions, 585 deletions

diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 63331b2e1e..34179960b8 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -60,13 +60,12 @@
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, size_t len)
-	{ return M_ASN1_BIT_STRING_set(x, d, len); }
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
+{ return M_ASN1_BIT_STRING_set(x, d, len); }
 
 int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 	{
-	int ret,j,bits;
-	size_t len;
+	int ret,j,bits,len;
 	unsigned char *p,*d;
 
 	if (a == NULL) return(0);
@@ -115,7 +114,7 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 	}
 
 ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
-				     const unsigned char **pp, size_t len)
+	const unsigned char **pp, long len)
 	{
 	ASN1_BIT_STRING *ret=NULL;
 	const unsigned char *p;
@@ -145,13 +144,13 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
 
 	if (len-- > 1) /* using one because of the bits left byte */
 		{
-		s=OPENSSL_malloc(len);
+		s=(unsigned char *)OPENSSL_malloc((int)len);
 		if (s == NULL)
 			{
 			i=ERR_R_MALLOC_FAILURE;
 			goto err;
 			}
-		memcpy(s,p,len);
+		memcpy(s,p,(int)len);
 		s[len-1]&=(0xff<<i);
 		p+=len;
 		}
@@ -174,10 +173,9 @@ err:
 
 /* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
  */
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, size_t n, int value)
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
 	{
-	int v,iv;
-	size_t w;
+	int w,v,iv;
 	unsigned char *c;
 
 	w=n/8;
@@ -194,9 +192,11 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, size_t n, int value)
 		{
 		if (!value) return(1); /* Don't need to set */
 		if (a->data == NULL)
-			c=OPENSSL_malloc(w+1);
+			c=(unsigned char *)OPENSSL_malloc(w+1);
 		else
-			c=OPENSSL_realloc_clean(a->data, a->length, w+1);
+			c=(unsigned char *)OPENSSL_realloc_clean(a->data,
+								 a->length,
+								 w+1);
 		if (c == NULL)
 			{
 			ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE);
@@ -212,7 +212,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, size_t n, int value)
 	return(1);
 	}
 
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, size_t n)
+int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
 	{
 	int w,v;
 
@@ -230,7 +230,7 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, size_t n)
  * 'len' is the length of 'flags'.
  */
 int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
-			  unsigned char *flags, size_t flags_len)
+			  unsigned char *flags, int flags_len)
 	{
 	int i, ok;
 	/* Check if there is one bit set at all. */
diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c
index bf5c079e92..331acdf053 100644
--- a/crypto/asn1/a_bool.c
+++ b/crypto/asn1/a_bool.c
@@ -75,11 +75,11 @@ int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
 	return(r);
 	}
 
-int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, size_t length)
+int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
 	{
 	int ret= -1;
 	const unsigned char *p;
-	size_t len;
+	long len;
 	int inf,tag,xclass;
 	int i=0;
 
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
index 1bf9247d8e..8d13f9c931 100644
--- a/crypto/asn1/a_bytes.c
+++ b/crypto/asn1/a_bytes.c
@@ -64,12 +64,12 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
 /* type is a 'bitmap' of acceptable string types.
  */
 ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
-				 size_t length, int type)
+	     long length, int type)
 	{
 	ASN1_STRING *ret=NULL;
 	const unsigned char *p;
 	unsigned char *s;
-	size_t len;
+	long len;
 	int inf,tag,xclass;
 	int i=0;
 
@@ -155,12 +155,12 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
 	}
 
 ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
-			    size_t length, int Ptag, int Pclass)
+	     long length, int Ptag, int Pclass)
 	{
 	ASN1_STRING *ret=NULL;
 	const unsigned char *p;
 	unsigned char *s;
-	size_t len;
+	long len;
 	int inf,tag,xclass;
 	int i=0;
 
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 7691193c51..c6fd204ae3 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -176,7 +176,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
 /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
 
 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-			       size_t len)
+	     long len)
 	{
 	ASN1_INTEGER *ret=NULL;
 	const unsigned char *p, *pend;
@@ -196,7 +196,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
 
 	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
 	 * signifies a missing NULL parameter. */
-	s=OPENSSL_malloc(len+1);
+	s=(unsigned char *)OPENSSL_malloc((int)len+1);
 	if (s == NULL)
 		{
 		i=ERR_R_MALLOC_FAILURE;
@@ -246,7 +246,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
 			p++;
 			len--;
 			}
-		memcpy(s,p,len);
+		memcpy(s,p,(int)len);
 	}
 
 	if (ret->data != NULL) OPENSSL_free(ret->data);
@@ -269,12 +269,12 @@ err:
  */
 
 ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-				size_t length)
+	     long length)
 	{
 	ASN1_INTEGER *ret=NULL;
 	const unsigned char *p;
 	unsigned char *to,*s;
-	size_t len;
+	long len;
 	int inf,tag,xclass;
 	int i;
 
@@ -302,7 +302,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
 
 	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
 	 * signifies a missing NULL parameter. */
-	s=OPENSSL_malloc(len+1);
+	s=(unsigned char *)OPENSSL_malloc((int)len+1);
 	if (s == NULL)
 		{
 		i=ERR_R_MALLOC_FAILURE;
@@ -316,7 +316,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
 			p++;
 			len--;
 			}
-		memcpy(s,p,len);
+		memcpy(s,p,(int)len);
 		p+=len;
 	}
 
@@ -405,7 +405,7 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a)
 ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
 	{
 	ASN1_INTEGER *ret;
-	size_t len,j;
+	int len,j;
 
 	if (ai == NULL)
 		ret=M_ASN1_INTEGER_new();
@@ -423,7 +423,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
 	len=((j == 0)?0:((j/8)+1));
 	if (ret->length < len+4)
 		{
-		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4U);
+		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
 		if (!new_data)
 			{
 			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 805d9c69bd..1bcd046893 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -80,15 +80,15 @@ static int is_printable(unsigned long value);
  * The 'ncopy' form checks minimum and maximum size limits too.
  */
 
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, size_t len,
-		       int inform, unsigned long mask)
+int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
+					int inform, unsigned long mask)
 {
 	return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
 }
 
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, size_t len,
-			int inform, unsigned long mask, size_t minsize,
-			size_t maxsize)
+int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
+					int inform, unsigned long mask, 
+					long minsize, long maxsize)
 {
 	int str_type;
 	int ret;
@@ -145,14 +145,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, size_t len,
 
 	if((minsize > 0) && (nchar < minsize)) {
 		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
-		BIO_snprintf(strbuf, sizeof strbuf, "%ld", (long)minsize);
+		BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
 		ERR_add_error_data(2, "minsize=", strbuf);
 		return -1;
 	}
 
 	if((maxsize > 0) && (nchar > maxsize)) {
 		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
-		BIO_snprintf(strbuf, sizeof strbuf, "%ld", (long)maxsize);
+		BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
 		ERR_add_error_data(2, "maxsize=", strbuf);
 		return -1;
 	}
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 570aac71a7..f1a5a1e31e 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -83,13 +83,11 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
 	return(objsize);
 	}
 
-size_t a2d_ASN1_OBJECT(unsigned char *out, size_t olen, const char *buf,
-		       int num)
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 	{
-	int i,len=0,c, use_bn;
-	unsigned first;
+	int i,first,len=0,c, use_bn;
 	char ftmp[24], *tmp = ftmp;
-	size_t tmpsize = sizeof ftmp;
+	int tmpsize = sizeof ftmp;
 	const char *p;
 	unsigned long l;
 	BIGNUM *bl = NULL;
@@ -152,11 +150,11 @@ size_t a2d_ASN1_OBJECT(unsigned char *out, size_t olen, const char *buf,
 			if (use_bn)
 				{
 				if (!BN_mul_word(bl, 10L)
-				    || !BN_add_signed_word(bl, c-'0'))
+					|| !BN_add_word(bl, c-'0'))
 					goto err;
 				}
 			else
-				l=l*10L+(c-'0');
+				l=l*10L+(long)(c-'0');
 			}
 		if (len == 0)
 			{
@@ -229,7 +227,7 @@ err:
 	return(0);
 	}
 
-int i2t_ASN1_OBJECT(char *buf, size_t buf_len, ASN1_OBJECT *a)
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
 {
 	return OBJ_obj2txt(buf, buf_len, a, 0);
 }
@@ -237,7 +235,7 @@ int i2t_ASN1_OBJECT(char *buf, size_t buf_len, ASN1_OBJECT *a)
 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
 	{
 	char buf[80], *p = buf;
-	size_t i;
+	int i;
 
 	if ((a == NULL) || (a->data == NULL))
 		return(BIO_write(bp,"NULL",4));
@@ -258,14 +256,13 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
 	}
 
 ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-			     size_t length)
+	     long length)
 {
 	const unsigned char *p;
-	size_t len;
+	long len;
 	int tag,xclass;
 	int inf,i;
 	ASN1_OBJECT *ret = NULL;
-
 	p= *pp;
 	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
 	if (inf & 0x80)
@@ -287,7 +284,7 @@ err:
 	return(NULL);
 }
 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-			     size_t len)
+	     long len)
 	{
 	ASN1_OBJECT *ret=NULL;
 	const unsigned char *p;
@@ -312,15 +309,15 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 		{
 		ret->length=0;
 		if (data != NULL) OPENSSL_free(data);
-		data=OPENSSL_malloc(len ? len : 1);
+		data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
 		if (data == NULL)
 			{ i=ERR_R_MALLOC_FAILURE; goto err; }
 		ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
 		}
-	memcpy(data,p,len);
+	memcpy(data,p,(int)len);
 	/* reattach data to object, after which it remains const */
-	ret->data=data;
-	ret->length=len;
+	ret->data  =data;
+	ret->length=(int)len;
 	ret->sn=NULL;
 	ret->ln=NULL;
 	/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
@@ -376,7 +373,7 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a)
 		OPENSSL_free(a);
 	}
 
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, size_t len,
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
 	     const char *sn, const char *ln)
 	{
 	ASN1_OBJECT o;
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
index edeccddf57..e8725e44f1 100644
--- a/