Move CRL_REASON_* back to x509v3.h

strongswan defines conflicting symbols and has been relying on them only
being defined in <openssl/x509v3.h>. Defining the constants in
<openssl/x509.h> would break strongswan, so move them back for now.

Long term, we would like for new code to only need <openssl/x509.h>, so
I've left a TODO to introduce properly namespaced versions of these
constants and, separately, see if we can fix strongswan to similarly
avoid the conflict. Between OpenSSL, strongswan, and wincrypt.h all
defining these constants, it seems best for everyone to just avoid them
going forward.

Change-Id: I23ce4c5013a80a831e0dc74fda8623027017190c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65387
Commit-Queue: Bob Beck <[email protected]>
Auto-Submit: David Benjamin <[email protected]>
Reviewed-by: Bob Beck <[email protected]>
Commit-Queue: David Benjamin <[email protected]>
(cherry picked from commit 45f5e5da1235b13220599fa04b7a648f29db80c3)

Author: davidben

crypto/x509/v3_enum.c

@@ -59,6 +59,7 @@
 #include <openssl/mem.h>
 #include <openssl/obj.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 
 #include "internal.h"
 

crypto/x509/x_crl.c

@@ -63,6 +63,7 @@
 #include <openssl/stack.h>
 #include <openssl/thread.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 
 #include <assert.h>
 

include/openssl/x509.h

@@ -4411,18 +4411,6 @@ typedef struct DIST_POINT_NAME_st {
 // CRLDP_ALL_REASONS is an alias for all existing reasons
 #define CRLDP_ALL_REASONS 0x807f
 
-#define CRL_REASON_NONE (-1)
-#define CRL_REASON_UNSPECIFIED 0
-#define CRL_REASON_KEY_COMPROMISE 1
-#define CRL_REASON_CA_COMPROMISE 2
-#define CRL_REASON_AFFILIATION_CHANGED 3
-#define CRL_REASON_SUPERSEDED 4
-#define CRL_REASON_CESSATION_OF_OPERATION 5
-#define CRL_REASON_CERTIFICATE_HOLD 6
-#define CRL_REASON_REMOVE_FROM_CRL 8
-#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
-#define CRL_REASON_AA_COMPROMISE 10
-
 struct DIST_POINT_st {
   DIST_POINT_NAME *distpoint;
   ASN1_BIT_STRING *reasons;

include/openssl/x509v3.h

@@ -20,6 +20,30 @@
 // However, due to conflicts, some deprecated symbols are defined here.
 #include <openssl/x509.h>
 
+
+// CRL reason constants.
+
+// TODO(davidben): These constants live here because strongswan defines
+// conflicting symbols and has been relying on them only being defined in
+// <openssl/x509v3.h>. Defining the constants in <openssl/x509.h> would break
+// strongswan, but we would also like for new code to only need
+// <openssl/x509.h>. Introduce properly namespaced versions of these constants
+// and, separately, see if we can fix strongswan to similarly avoid the
+// conflict. Between OpenSSL, strongswan, and wincrypt.h all defining these
+// constants, it seems best for everyone to just avoid them going forward.
+#define CRL_REASON_NONE (-1)
+#define CRL_REASON_UNSPECIFIED 0
+#define CRL_REASON_KEY_COMPROMISE 1
+#define CRL_REASON_CA_COMPROMISE 2
+#define CRL_REASON_AFFILIATION_CHANGED 3
+#define CRL_REASON_SUPERSEDED 4
+#define CRL_REASON_CESSATION_OF_OPERATION 5
+#define CRL_REASON_CERTIFICATE_HOLD 6
+#define CRL_REASON_REMOVE_FROM_CRL 8
+#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
+#define CRL_REASON_AA_COMPROMISE 10
+
+
 // Deprecated constants.
 
 // The following constants are legacy aliases for |X509v3_KU_*|. They are