Generalise strbuf_catf() into put_fmt().

marshal.h now provides a macro put_fmt() which allows you to write
arbitrary printf-formatted data to an arbitrary BinarySink.

We already had this facility for strbufs in particular, in the form of
strbuf_catf(). That was able to take advantage of knowing the inner
structure of a strbuf to minimise memory allocation (it would snprintf
directly into the strbuf's existing buffer if possible). For a general
black-box BinarySink we can't do that, so instead we dupvprintf into a
temporary buffer.

For consistency, I've removed strbuf_catf, and converted all uses of
it into the new put_fmt - and I've also added an extra vtable method
in the BinarySink API, so that put_fmt can still use strbuf_catf's
more efficient memory management when talking to a strbuf, and fall
back to the simpler strategy when that's not available.

windows/pageant.c

@@ -335,7 +335,7 @@ static void keylist_update_callback(
 
     switch (key->ssh_version) {
       case 1: {
-        strbuf_catf(listentry, "ssh1\t%s\t%s", fingerprint, comment);
+        put_fmt(listentry, "ssh1\t%s\t%s", fingerprint, comment);
 
         /*
          * Replace the space in the fingerprint (between bit count and
@@ -390,15 +390,15 @@ static void keylist_update_callback(
                 put_byte(listentry, c);
         }
 
-        strbuf_catf(listentry, "\t%s", comment);
+        put_fmt(listentry, "\t%s", comment);
         break;
       }
     }
 
     if (ext_flags & LIST_EXTENDED_FLAG_HAS_NO_CLEARTEXT_KEY) {
-        strbuf_catf(listentry, "\t(encrypted)");
+        put_fmt(listentry, "\t(encrypted)");
     } else if (ext_flags & LIST_EXTENDED_FLAG_HAS_ENCRYPTED_KEY_FILE) {
-        strbuf_catf(listentry, "\t(re-encryptable)");
+        put_fmt(listentry, "\t(re-encryptable)");
 
         /* At least one key can be re-encrypted */
         ctx->enable_reencrypt_controls = true;