Opaquify CONF.

This removes the last mention of LHASH in public headers. This can only
break people who stack-allocate CONF or access the data field. The
latter does not happen (external code never calls lh_CONF_VALUE_*
functions). The former could not work as there would be no way to clean
it up.

Update-Note: CONF is now opaque.
Change-Id: Iad3796c4e75874530d7a70fde2f84a390def2d49
Reviewed-on: https://boringssl-review.googlesource.com/32118
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>

crypto/conf/conf.c

diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
index b1982f8..4c27ddf 100644
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@@ -62,6 +62,7 @@
 #include <openssl/bio.h>
 #include <openssl/buf.h>
 #include <openssl/err.h>
+#include <openssl/lhash.h>
 #include <openssl/mem.h>
 
 #include "conf_def.h"
@@ -69,6 +70,10 @@
 #include "../internal.h"
 
 
+struct conf_st {
+  LHASH_OF(CONF_VALUE) *data;
+};
+
 // The maximum length we can grow a value to after variable expansion. 64k
 // should be more than enough for all reasonable uses.
 #define MAX_CONF_VALUE_LENGTH 65536

include/openssl/conf.h

diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 07e34ee..7aa76e1 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -60,7 +60,6 @@
 #include <openssl/base.h>
 
 #include <openssl/stack.h>
-#include <openssl/lhash.h>
 
 #if defined(__cplusplus)
 extern "C" {
@@ -85,10 +84,6 @@
   char *value;
 };
 
-struct conf_st {
-  LHASH_OF(CONF_VALUE) *data;
-};
-
 DEFINE_STACK_OF(CONF_VALUE)