The function `git_packfile_stream_free` frees all state of the packfile
stream without freeing the structure itself. This naming makes it hard
to spot whether it will try to free the pointer itself or not, causing
potential future errors. Due to this reason, we have decided to name a
function freeing state without freeing the actual struture a "dispose"
function.

Rename `git_packfile_stream_free` to `git_packfile_stream_dispose` as a
first example following this rule.

index: Fix alignment issues in write_disk_entry()

travis: war on leaks

refdb_fs: fix regression: failure when globbing for non-existant references

tests: submodule: do not rely on config iteration order

The goal is to let cmake manage the parallelism

==17851== Invalid free() / delete / delete[] / realloc()
==17851==    at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17851==    by 0x60BBE2B: __libc_freeres (in /lib/x86_64-linux-gnu/libc-2.19.so)
==17851==    by 0x4A256BC: _vgnU_freeres (in /usr/lib/valgrind/vgpreload_core-amd64-linux.so)
==17851==    by 0x5F8F16A: __run_exit_handlers (exit.c:97)
==17851==    by 0x5F8F1F4: exit (exit.c:104)
==17851==    by 0x5F74F4B: (below main) (libc-start.c:321)
==17851==  Address 0x63153c0 is 0 bytes inside data symbol "noai6ai_cached"

==2957== 912 bytes in 19 blocks are still reachable in loss record 323 of 369
==2957==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2957==    by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x675BDF8: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x675FE0D: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x6761DC4: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x676477E: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x675B071: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x675B544: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x675914B: gcry_control (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==2957==    by 0x5D30EC9: libssh2_init (in /usr/lib/x86_64-linux-gnu/libssh2.so.1.0.1)
==2957==    by 0x66BCCD: git_transport_ssh_global_init (ssh.c:910)
==2957==    by 0x616443: init_common (global.c:65)

==18109== 664 bytes in 1 blocks are still reachable in loss record 279 of 339
==18109==    at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==18109==    by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==18109==    by 0x675C13C: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==18109==    by 0x675C296: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==18109==    by 0x679BD14: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==18109==    by 0x679CC64: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2)
==18109==    by 0x6A64946: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6)
==18109==    by 0x6A116E8: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6)
==18109==    by 0x6A01114: gnutls_global_init (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6)
==18109==    by 0x52A6C78: ??? (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0)
==18109==    by 0x5285ADC: curl_global_init (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0)
==18109==    by 0x663524: git_curl_stream_global_init (curl.c:44)

The test submodule::lookup::duplicated_path, which tries to verify that
we detect submodules with duplicated paths, currently relies on the
gitmodules file of "submod2_target". While this file has two gitmodules
with the same path, one of these gitmodules has an empty name and thus
does not pass `git_submodule_name_is_valid`. Because of this, the test
is in fact dependent on the iteration order in which we process the
submodules. In fact the "valid" submodule comes first, the "invalid"
submodule will cause the desired error. In fact the "invalid" submodule
comes first, it will be skipped due to its name being invalid, and we
will not see the desired error. While this works on the master branch
just right due to the refactoring of our config code, where iteration
order is now deterministic, this breaks on all older maintenance
branches.

Fix the issue by simply using `cl_git_rewritefile` to rewrite the
gitmodules file. This greatly simplifies the test and also makes the
intentions of it much clearer.

Detect duplicated submodules for the same path

This commit fixes a regression introduced by

        20a2b02d

The commit introduced an optimization for finding references using a
glob: rather than iterating over all references and matching each one
against the glob, we would iterate only over references within the
directory common to all possible references which may match against the
glob.

However, contrary to the `ref/` directory, which was the previous entry
point for the iteration, this directory may not exist. In this case, the
optimization causes an error (`ENOENT`) rather than the iterator simply
yielding no references.

This patch fixes the regression by checkign for this specific case.

Fix docurium missing includes

In order to avoid alignment issues on certain target architectures,
it is necessary to use memcpy() when modifying elements of a struct
inside a buffer returned by git_filebuf_reserve().

github: update issue template

streams: openssl: add missing check on OPENSSL_LEGACY_API

Previous to dfda2f68 (submodule: remove the per-repo cache,
2015-04-27), we tried to cache our submodules per repository to avoid
having to reload it too frequently. As it created some headaches with
regards to multithreading, we removed that cache.

Previous to that removal, we had to compute what submodule status to
refresh. The mask computation was not removed, though, resulting in
confusing and actually dead code. While it seems like the mask is
currently in use in a conditional, it is not, as we unconditionally
assign to the mask previous to that condition.

Remove all mask computations to clean up stale code.

The function `load_submodule_names` was always being called with a
newly allocated string map, which was then getting filled by the
function. Move the string map allocation into `load_submodule_names`,
instead, and pass the whole map back to the caller in case no error
occurs. This change helps to avoid misuse by handing in pre-populated
maps.

When loading submodule names, we build a map of submodule paths and
their respective names. While looping over the configuration keys,
we do not check though whether a submodule path was seen already. This
leads to a memory leak in case we have multiple submodules with the same
path, as we just overwrite the old value in the map in that case.

Fix the error by verifying that the path to be added is not yet part of
the string map. Git does not allow to have multiple submodules for a
path anyway, so we now do the same and detect this duplication,
reporting it to the user.

mbedtls: don't require mbedtls from our pkgconfig file

The `CRYPTO_THREADID` type is no longer available in OpenSSL ≥ 1.1.0 with deprecated features disabled, and causes build failures. Since the `threadid_cb()` function is only ever called by `git_openssl_set_locking()` when `defined(OPENSSL_LEGACY_API)`, only define it then.

Fixes for CVE 2018-11235

mbedTLS has no pkgconfig file, hence we can't require it. For now, pass its link flags as our own.

Added note about Windows junction points to the differences from git document

We might modify caches due to us trying to load the configuration to figure out
what kinds of filesystem protections we should have.

We still compare case-insensitively to protect more thoroughly as we don't know
what specifics we'll see on the system and it's the behaviour from git.

When dealing with `core.proectNTFS` and `core.protectHFS` we do check
against `.gitmodules` but we still have a failing test as the non-filesystem
codepath does not check for it.