More comment realignment

Reviewed-by: NTim Hudson <tjh@openssl.org>

apps/gendh.c

@@ -120,8 +120,8 @@ int MAIN(int argc, char **argv)
             outfile = *(++argv);
         } else if (strcmp(*argv, "-2") == 0)
             g = 2;
-        /*-     else if (strcmp(*argv,"-3") == 0)
-                        g=3; */
+/*-     else if (strcmp(*argv,"-3") == 0)
+                g=3; */
         else if (strcmp(*argv, "-5") == 0)
             g = 5;
 # ifndef OPENSSL_NO_ENGINE

apps/s_cb.c

@@ -200,10 +200,10 @@ int verify_callback(int ok, X509_STORE_CTX *ctx)
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
 {
     if (cert_file != NULL) {
-                /*-
-                SSL *ssl;
-                X509 *x509;
-                */
+        /*-
+        SSL *ssl;
+        X509 *x509;
+        */
 
         if (SSL_CTX_use_certificate_file(ctx, cert_file,
                                          SSL_FILETYPE_PEM) <= 0) {

apps/s_client.c

@@ -1749,8 +1749,8 @@ int MAIN(int argc, char **argv)
                     openssl_fdset(SSL_get_fd(con), &writefds);
             }
 #endif
-/*-                     printf("mode tty(%d %d%d) ssl(%d%d)\n",
-                                tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+/*-         printf("mode tty(%d %d%d) ssl(%d%d)\n",
+                    tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
 
             /*
              * Note: under VMS with SOCKETSHR the second parameter is

crypto/bio/b_sock.c

@@ -529,13 +529,13 @@ int BIO_socket_ioctl(int fd, long type, void *arg)
     i = ioctlsocket(fd, type, (char *)arg);
 #  else
 #   if defined(OPENSSL_SYS_VMS)
-	/*-
-	 * 2011-02-18 SMS.
-	 * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
-	 * observe that all the consumers pass in an "unsigned long *",
-	 * so we arrange a local copy with a short pointer, and use
-	 * that, instead.
-	 */
+    /*-
+     * 2011-02-18 SMS.
+     * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
+     * observe that all the consumers pass in an "unsigned long *",
+     * so we arrange a local copy with a short pointer, and use
+     * that, instead.
+     */
 #    if __INITIAL_POINTER_SIZE == 64
 #     define ARG arg_32p
 #     pragma pointer_size save

crypto/bio/bf_null.c

@@ -103,11 +103,11 @@ static int nullf_free(BIO *a)
 {
     if (a == NULL)
         return (0);
-	/*-
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	*/
+    /*-
+    a->ptr=NULL;
+    a->init=0;
+    a->flags=0;
+    */
     return (1);
 }
 

crypto/bio/bss_acpt.c

@@ -415,12 +415,12 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
         ret = (long)data->bind_mode;
         break;
     case BIO_CTRL_DUP:
-/*-             dbio=(BIO *)ptr;
-                if (data->param_port) EAY EAY
-                        BIO_set_port(dbio,data->param_port);
-                if (data->param_hostname)
-                        BIO_set_hostname(dbio,data->param_hostname);
-                BIO_set_nbio(dbio,data->nbio); */
+/*-     dbio=(BIO *)ptr;
+        if (data->param_port) EAY EAY
+                BIO_set_port(dbio,data->param_port);
+        if (data->param_hostname)
+                BIO_set_hostname(dbio,data->param_hostname);
+        BIO_set_nbio(dbio,data->nbio); */
         break;
 
     default:

crypto/bn/bn_kron.c

@@ -66,13 +66,13 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
     int ret = -2;               /* avoid 'uninitialized' warning */
     int err = 0;
     BIGNUM *A, *B, *tmp;
-        /*-
-         * In 'tab', only odd-indexed entries are relevant:
-         * For any odd BIGNUM n,
-         *     tab[BN_lsw(n) & 7]
-         * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
-         * Note that the sign of n does not matter.
-         */
+    /*-
+     * In 'tab', only odd-indexed entries are relevant:
+     * For any odd BIGNUM n,
+     *     tab[BN_lsw(n) & 7]
+     * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
+     * Note that the sign of n does not matter.
+     */
     static const int tab[8] = { 0, 1, 0, -1, 0, -1, 0, 1 };
 
     bn_check_top(a);

crypto/bn/bn_print.c

@@ -106,12 +106,12 @@ char *BN_bn2dec(const BIGNUM *a)
     BIGNUM *t = NULL;
     BN_ULONG *bn_data = NULL, *lp;
 
-        /*-
-         * get an upper bound for the length of the decimal integer
-         * num <= (BN_num_bits(a) + 1) * log(2)
-         *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
-         *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
-         */
+    /*-
+     * get an upper bound for the length of the decimal integer
+     * num <= (BN_num_bits(a) + 1) * log(2)
+     *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
+     *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
+     */
     i = BN_num_bits(a) * 3;
     num = (i / 10 + i / 1000 + 1) + 1;
     bn_data =

crypto/bn/bn_sqrt.c

@@ -152,32 +152,32 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
     }
 
     if (e == 2) {
-                /*-
-                 * |p| == 5  (mod 8)
-                 *
-                 * In this case  2  is always a non-square since
-                 * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
-                 * So if  a  really is a square, then  2*a  is a non-square.
-                 * Thus for
-                 *      b := (2*a)^((|p|-5)/8),
-                 *      i := (2*a)*b^2
-                 * we have
-                 *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
-                 *         = (2*a)^((p-1)/2)
-                 *         = -1;
-                 * so if we set
-                 *      x := a*b*(i-1),
-                 * then
-                 *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
-                 *         = a^2 * b^2 * (-2*i)
-                 *         = a*(-i)*(2*a*b^2)
-                 *         = a*(-i)*i
-                 *         = a.
-                 *
-                 * (This is due to A.O.L. Atkin,
-                 * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
-                 * November 1992.)
-                 */
+        /*-
+         * |p| == 5  (mod 8)
+         *
+         * In this case  2  is always a non-square since
+         * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
+         * So if  a  really is a square, then  2*a  is a non-square.
+         * Thus for
+         *      b := (2*a)^((|p|-5)/8),
+         *      i := (2*a)*b^2
+         * we have
+         *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
+         *         = (2*a)^((p-1)/2)
+         *         = -1;
+         * so if we set
+         *      x := a*b*(i-1),
+         * then
+         *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
+         *         = a^2 * b^2 * (-2*i)
+         *         = a*(-i)*(2*a*b^2)
+         *         = a*(-i)*i
+         *         = a.
+         *
+         * (This is due to A.O.L. Atkin,
+         * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
+         * November 1992.)
+         */
 
         /* t := 2*a */
         if (!BN_mod_lshift1_quick(t, A, p))

crypto/cast/casttest.c

@@ -134,9 +134,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
     0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
     0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
     0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
-/*-     0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-        0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-        0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
 };
 # endif
 

crypto/des/destest.c

@@ -397,7 +397,7 @@ int main(int argc, char *argv[])
                           DES_ENCRYPT);
     DES_ede3_cbcm_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2,
                           &ks3, &iv3, &iv2, DES_ENCRYPT);
-/*-     if (memcmp(cbc_out,cbc3_ok,
+/*- if (memcmp(cbc_out,cbc3_ok,
         (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
         {
         printf("des_ede3_cbc_encrypt encrypt error\n");

crypto/des/enc_read.c

@@ -205,12 +205,12 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
          */
         num = len;
     } else {
-                /*-
-                 * >output is a multiple of 8 byes, if len < rnum
-                 * >we must be careful.  The user must be aware that this
-                 * >routine will write more bytes than he asked for.
-                 * >The length of the buffer must be correct.
-                 * FIXED - Should be ok now 18-9-90 - eay */
+        /*-
+         * >output is a multiple of 8 byes, if len < rnum
+         * >we must be careful.  The user must be aware that this
+         * >routine will write more bytes than he asked for.
+         * >The length of the buffer must be correct.
+         * FIXED - Should be ok now 18-9-90 - eay */
         if (len < rnum) {
 
             if (DES_rw_mode & DES_PCBC_MODE)

crypto/des/ofb64ede.c

@@ -102,8 +102,8 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in,
         n = (n + 1) & 0x07;
     }
     if (save) {
-/*-             v0=ti[0];
-                v1=ti[1];*/
+/*-     v0=ti[0];
+        v1=ti[1];*/
         iv = &(*ivec)[0];
         l2c(v0, iv);
         l2c(v1, iv);

crypto/ec/ecp_nistp256.c

@@ -432,25 +432,25 @@ static void felem_shrink(smallfelem out, const felem in)
     /* As tmp[3] < 2^65, high is either 1 or 0 */
     high <<= 63;
     high >>= 63;
-	/*-
-	 * high is:
-	 *   all ones   if the high word of tmp[3] is 1
-	 *   all zeros  if the high word of tmp[3] if 0 */
+    /*-
+     * high is:
+     *   all ones   if the high word of tmp[3] is 1
+     *   all zeros  if the high word of tmp[3] if 0 */
     low = tmp[3];
     mask = low >> 63;
-	/*-
-	 * mask is:
-	 *   all ones   if the MSB of low is 1
-	 *   all zeros  if the MSB of low if 0 */
+    /*-
+     * mask is:
+     *   all ones   if the MSB of low is 1
+     *   all zeros  if the MSB of low if 0 */
     low &= bottom63bits;
     low -= kPrime3Test;
     /* if low was greater than kPrime3Test then the MSB is zero */
     low = ~low;
     low >>= 63;
-	/*-
-	 * low is:
-	 *   all ones   if low was > kPrime3Test
-	 *   all zeros  if low was <= kPrime3Test */
+    /*-
+     * low is:
+     *   all ones   if low was > kPrime3Test
+     *   all zeros  if low was <= kPrime3Test */
     mask = (mask & low) | high;
     tmp[0] -= mask & kPrime[0];
     tmp[1] -= mask & kPrime[1];
@@ -790,17 +790,17 @@ static void felem_reduce(felem out, const longfelem in)
 
     felem_reduce_(out, in);
 
-	/*-
-	 * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
-	 * out[1] > 2^100 - 2^64 - 7*2^96 > 0
-	 * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
-	 * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
-	 *
-	 * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
-	 * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
-	 * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
-	 * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
-	 */
+    /*-
+     * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
+     * out[1] > 2^100 - 2^64 - 7*2^96 > 0
+     * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
+     * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
+     *
+     * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
+     * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
+     * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
+     * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
+     */
 }
 
 /*-
@@ -819,17 +819,17 @@ static void felem_reduce_zero105(felem out, const longfelem in)
 
     felem_reduce_(out, in);
 
-	/*-
-	 * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
-	 * out[1] > 2^105 - 2^71 - 2^103 > 0
-	 * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
-	 * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
-	 *
-	 * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
-	 * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
-	 */
+    /*-
+     * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
+     * out[1] > 2^105 - 2^71 - 2^103 > 0
+     * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
+     * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
+     *
+     * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
+     */
 }
 
 /*
@@ -1094,7 +1094,8 @@ static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
  *
  * Building on top of the field operations we have the operations on the
  * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates */
+ * coordinates
+ */
 
 /*-
  * point_double calculates 2*(x_in, y_in, z_in)
@@ -1103,7 +1104,8 @@ static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
  *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
  *
  * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested). */
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
 static void
 point_double(felem x_out, felem y_out, felem z_out,
              const felem x_in, const felem y_in, const felem z_in)
@@ -1234,7 +1236,8 @@ static void copy_small_conditional(felem out, const smallfelem in, limb mask)
  * This function includes a branch for checking whether the two input points
  * are equal, (while not equal to the point at infinity). This case never
  * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing. */
+ * ECDH or ECDSA signing.
+ */
 static void point_add(felem x3, felem y3, felem z3,
                       const felem x1, const felem y1, const felem z1,
                       const int mixed, const smallfelem x2,

crypto/ec/ecp_nistp521.c

@@ -414,15 +414,16 @@ static void felem_square(largefelem out, const felem in)
     felem_scalar(inx2, in, 2);
     felem_scalar(inx4, in, 4);
 
-	/*-
-	 * We have many cases were we want to do
-	 *   in[x] * in[y] +
-	 *   in[y] * in[x]
-	 * This is obviously just
-	 *   2 * in[x] * in[y]
-	 * However, rather than do the doubling on the 128 bit result, we
-	 * double one of the inputs to the multiplication by reading from
-	 * |inx2| */
+    /*-
+     * We have many cases were we want to do
+     *   in[x] * in[y] +
+     *   in[y] * in[x]
+     * This is obviously just
+     *   2 * in[x] * in[y]
+     * However, rather than do the doubling on the 128 bit result, we
+     * double one of the inputs to the multiplication by reading from
+     * |inx2|
+     */
 
     out[0] = ((uint128_t) in[0]) * in[0];
     out[1] = ((uint128_t) in[0]) * inx2[1];
@@ -610,10 +611,10 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[1] += ((limb) in[0]) >> 58;
     out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
-        /*-
-         * out[1] < 2^58 + 2^6 + 2^58
-         *        = 2^59 + 2^6
-         */
+    /*-
+     * out[1] < 2^58 + 2^6 + 2^58
+     *        = 2^59 + 2^6
+     */
     out[2] += ((limb) (in[0] >> 64)) >> 52;
 
     out[2] += ((limb) in[1]) >> 58;
@@ -642,10 +643,10 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[8] += ((limb) in[7]) >> 58;
     out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
-        /*-
-         * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
-         *            < 2^59 + 2^13
-         */
+    /*-
+     * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
+     *            < 2^59 + 2^13
+     */
     overflow1 = ((limb) (in[7] >> 64)) >> 52;
 
     overflow1 += ((limb) in[8]) >> 58;
@@ -660,11 +661,11 @@ static void felem_reduce(felem out, const largefelem in)
 
     out[1] += out[0] >> 58;
     out[0] &= bottom58bits;
-        /*-
-         * out[0] < 2^58
-         * out[1] < 2^59 + 2^6 + 2^13 + 2^2
-         *        < 2^59 + 2^14
-         */
+    /*-
+     * out[0] < 2^58
+     * out[1] < 2^59 + 2^6 + 2^13 + 2^2
+     *        < 2^59 + 2^14
+     */
 }
 
 static void felem_square_reduce(felem out, const felem in)

crypto/ec/ecp_oct.c

@@ -96,11 +96,11 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
     if (y == NULL)
         goto err;
 
-        /*-
-         * Recover y.  We have a Weierstrass equation
-         *     y^2 = x^3 + a*x + b,
-         * so  y  is one of the square roots of  x^3 + a*x + b.
-         */
+    /*-
+     * Recover y.  We have a Weierstrass equation
+     *     y^2 = x^3 + a*x + b,
+     * so  y  is one of the square roots of  x^3 + a*x + b.
+     */
 
     /* tmp1 := x^3 */
     if (!BN_nnmod(x, x_, group->field, ctx))

crypto/ec/ecp_smpl.c

@@ -909,10 +909,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
             goto err;
         if (!BN_mod_add_quick(n1, n0, n1, p))
             goto err;
-                /*-
-                 * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
-                 *    = 3 * X_a^2 - 3 * Z_a^4
-                 */
+        /*-
+         * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
+         *    = 3 * X_a^2 - 3 * Z_a^4
+         */
     } else {
         if (!field_sqr(group, n0, a->X, ctx))
             goto err;
@@ -1033,15 +1033,15 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
     if (Z6 == NULL)
         goto err;
 
-	/*-
-	 * We have a curve defined by a Weierstrass equation
-	 *      y^2 = x^3 + a*x + b.
-	 * The point to consider is given in Jacobian projective coordinates
-	 * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
-	 * Substituting this and multiplying by  Z^6  transforms the above equation into
-	 *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
-	 * To test this, we add up the right-hand side in 'rh'.
-	 */
+    /*-
+     * We have a curve defined by a Weierstrass equation
+     *      y^2 = x^3 + a*x + b.
+     * The point to consider is given in Jacobian projective coordinates
+     * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
+     * Substituting this and multiplying by  Z^6  transforms the above equation into
+     *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
+     * To test this, we add up the right-hand side in 'rh'.
+     */
 
     /* rh := X^2 */
     if (!field_sqr(group, rh, point->X, ctx))
@@ -1108,12 +1108,12 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
                       const EC_POINT *b, BN_CTX *ctx)
 {
-        /*-
-         * return values:
-         *  -1   error
-         *   0   equal (in affine coordinates)
-         *   1   not equal
-         */
+    /*-
+     * return values:
+     *  -1   error
+     *   0   equal (in affine coordinates)
+     *   1   not equal
+     */
 
     int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
                       const BIGNUM *, BN_CTX *);
@@ -1151,12 +1151,12 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
     if (Zb23 == NULL)
         goto end;
 
-	/*-
-	 * We have to decide whether
-	 *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
-	 * or equivalently, whether
-	 *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
-	 */
+    /*-
+     * We have to decide whether
+     *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
+     * or equivalently, whether
+     *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
+     */
 
     if (!b->Z_is_one) {
         if (!field_sqr(group, Zb23, b->Z, ctx))

crypto/idea/ideatest.c

@@ -102,9 +102,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
     0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
     0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
     0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
-/*-     0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-        0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-        0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
 };
 
 static int cfb64_test(unsigned char *cfb_cipher);

crypto/lhash/lhash.c

@@ -434,9 +434,9 @@ unsigned long lh_strhash(const char *c)
     if ((c == NULL) || (*c == '\0'))
         return (ret);
 /*-
-        unsigned char b[16];
-        MD5(c,strlen(c),b);
-        return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
+    unsigned char b[16];
+    MD5(c,strlen(c),b);
+    return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
 */
 
     n = 0x100;

crypto/pem/pem.h

@@ -174,8 +174,8 @@ typedef struct pem_ctx_st {
     struct {
         int cipher;
         /*-
-           unused, and wrong size
-           unsigned char iv[8]; */
+        unused, and wrong size
+        unsigned char iv[8]; */
     } DEK_info;
 
     PEM_USER *originator;
@@ -195,9 +195,9 @@ typedef struct pem_ctx_st {
     EVP_CIPHER *dec;            /* date encryption cipher */
     int key_len;                /* key length */
     unsigned char *key;         /* key */
-	/*-
-		unused, and wrong size
-	   unsigned char iv[8]; */
+  /*-
+    unused, and wrong size
+    unsigned char iv[8]; */
 
     int data_enc;               /* is the data encrypted */
     int data_len;

crypto/rand/randfile.c

@@ -113,10 +113,10 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) =
 
 int RAND_load_file(const char *file, long bytes)
 {
-        /*-
-         * If bytes >= 0, read up to 'bytes' bytes.
-         * if bytes == -1, read complete file.
-         */
+    /*-
+     * If bytes >= 0, read up to 'bytes' bytes.
+     * if bytes == -1, read complete file.
+     */
 
     MS_STATIC unsigned char buf[BUFSIZE];
 #ifndef OPENSSL_NO_POSIX_IO

crypto/rc2/rc2test.c

@@ -134,9 +134,9 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
     0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
     0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
     0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
-/*-     0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
-        0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
-        0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
 };
 
 /*

crypto/threads/mttest.c

@@ -798,23 +798,23 @@ void solaris_locking_callback(int mode, int type, char *file, int line)
             (type & CRYPTO_READ) ? "r" : "w", file, line);
 # endif
 
-	/*-
-	if (CRYPTO_LOCK_SSL_CERT == type)
-	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-			CRYPTO_thread_id(),
-			mode,file,line);
-	*/
+    /*-
+    if (CRYPTO_LOCK_SSL_CERT == type)
+    fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+            CRYPTO_thread_id(),
+            mode,file,line);
+    */
     if (mode & CRYPTO_LOCK) {
         /*-
-                if (mode & CRYPTO_READ)
-                        rw_rdlock(&(lock_cs[type]));
-                else
-                        rw_wrlock(&(lock_cs[type])); */
+        if (mode & CRYPTO_READ)
+                rw_rdlock(&(lock_cs[type]));
+        else
+                rw_wrlock(&(lock_cs[type])); */
 
         mutex_lock(&(lock_cs[type]));
         lock_count[type]++;
     } else {
-/*              rw_unlock(&(lock_cs[type]));  */
+/*      rw_unlock(&(lock_cs[type]));  */
         mutex_unlock(&(lock_cs[type]));
     }
 }
@@ -984,10 +984,10 @@ void pthreads_locking_callback(int mode, int type, char *file, int line)
             (type & CRYPTO_READ) ? "r" : "w", file, line);
 # endif
 /*-
-        if (CRYPTO_LOCK_SSL_CERT == type)
-                fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
-                CRYPTO_thread_id(),
-                mode,file,line);
+    if (CRYPTO_LOCK_SSL_CERT == type)
+            fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+            CRYPTO_thread_id(),
+            mode,file,line);
 */
     if (mode & CRYPTO_LOCK) {
         pthread_mutex_lock(&(lock_cs[type]));

crypto/x509/by_dir.c

@@ -430,8 +430,8 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
              * If we were going to up the reference count, we would need to
              * do it on a perl 'type' basis
              */
-        /*-             CRYPTO_add(&tmp->data.x509->references,1,
-                                CRYPTO_LOCK_X509);*/
+        /*- CRYPTO_add(&tmp->data.x509->references,1,
+                    CRYPTO_LOCK_X509);*/
             goto finish;
         }
     }

crypto/x509/x509_lu.c

@@ -323,8 +323,8 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
             return 0;
     }
 
-/*-     if (ret->data.ptr != NULL)
-                X509_OBJECT_free_contents(ret); */
+/*- if (ret->data.ptr != NULL)
+            X509_OBJECT_free_contents(ret); */
 
     ret->type = tmp->type;
     ret->data.ptr = tmp->data.ptr;

crypto/x509/x509_r2x.c

@@ -84,8 +84,8 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
             goto err;
         if (!ASN1_INTEGER_set(xi->version, 2))
             goto err;
-/*-             xi->extensions=ri->attributes; <- bad, should not ever be done
-                ri->attributes=NULL; */
+/*-     xi->extensions=ri->attributes; <- bad, should not ever be done
+        ri->attributes=NULL; */
     }
 
     xn = X509_REQ_get_subject_name(r);

crypto/x509/x509_vfy.c

@@ -549,15 +549,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
     int allow_proxy_certs;
     cb = ctx->verify_cb;
 
-        /*-
-         *  must_be_ca can have 1 of 3 values:
-         * -1: we accept both CA and non-CA certificates, to allow direct
-         *     use of self-signed certificates (which are marked as CA).
-         * 0:  we only accept non-CA certificates.  This is currently not
-         *     used, but the possibility is present for future extensions.
-         * 1:  we only accept CA certificates.  This is currently used for
-         *     all certificates in the chain except the leaf certificate.
-         */
+    /*-
+     *  must_be_ca can have 1 of 3 values:
+     * -1: we accept both CA and non-CA certificates, to allow direct
+     *     use of self-signed certificates (which are marked as CA).
+     * 0:  we only accept non-CA certificates.  This is currently not
+     *     used, but the possibility is present for future extensions.
+     * 1:  we only accept CA certificates.  This is currently used for
+     *     all certificates in the chain except the leaf certificate.
+     */
     must_be_ca = -1;
 
     /* CRL path validation */

crypto/x509/x509name.c

@@ -162,16 +162,16 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
         set_prev = ret->set - 1;
     set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set;
 
-        /*-
-         * set_prev is the previous set
-         * set is the current set
-         * set_next is the following
-         * prev  1 1    1 1     1 1     1 1
-         * set   1      1       2       2
-         * next  1 1    2 2     2 2     3 2
-         * so basically only if prev and next differ by 2, then
-         * re-number down by 1
-         */
+    /*-
+     * set_prev is the previous set
+     * set is the current set
+     * set_next is the following
+     * prev  1 1    1 1     1 1     1 1
+     * set   1      1       2       2
+     * next  1 1    2 2     2 2     3 2
+     * so basically only if prev and next differ by 2, then
+     * re-number down by 1
+     */
     if (set_prev + 1 < set_next)
         for (i = loc; i < n; i++)
             sk_X509_NAME_ENTRY_value(sk, i)->set--;

crypto/x509v3/v3_utl.c

@@ -808,11 +808,11 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len,
         if (p[i] == '*') {
             int atstart = (state & LABEL_START);
             int atend = (i == len - 1 || p[i + i] == '.');
-                        /*-
-                         * At most one wildcard per pattern.
-                         * No wildcards in IDNA labels.
-                         * No wildcards after the first label.
-                         */
+            /*-
+             * At most one wildcard per pattern.
+             * No wildcards in IDNA labels.
+             * No wildcards after the first label.
+             */
             if (star != NULL || (state & LABEL_IDNA) != 0 || dots)
                 return NULL;
             /* Only full-label '*.example.com' wildcards? */

demos/engines/zencod/hw_zencod.h

@@ -106,14 +106,14 @@ extern "C" {
     /*
      * Functions for Digest (MD5, SHA1) stuff
      */
-/* output : output data buffer */
-/* input : input data buffer */
-/* algo : hash algorithm, MD5 or SHA1 */
-/*-
- * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;
- * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
- */
-/* For now separate this stuff that mad it easier to test */
+    /* output : output data buffer */
+    /* input : input data buffer */
+    /* algo : hash algorithm, MD5 or SHA1 */
+    /*-
+     * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;
+     * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
+     */
+    /* For now separate this stuff that mad it easier to test */
     typedef int t_zencod_md5_init(ZEN_MD_DATA *data);
     typedef int t_zencod_md5_update(ZEN_MD_DATA *data, const KEY * input);
     typedef int t_zencod_md5_do_final(ZEN_MD_DATA *data, KEY * output);

engines/ccgost/gost_ctl.c

@@ -18,20 +18,20 @@ static char *gost_params[GOST_PARAM_MAX + 1] = { NULL };
 static const char *gost_envnames[] = { "CRYPT_PARAMS" };
 
 const ENGINE_CMD_DEFN gost_cmds[] = {
-/*-     { GOST_CTRL_RNG,
-        "RNG",
-        "Type of random number generator to use",
-        ENGINE_CMD_FLAG_STRING
-        },
-        { GOST_CTRL_RNG_PARAMS,
-        "RNG_PARAMS",
-        "Parameter for random number generator",
-        ENGINE_CMD_FLAG_STRING
-        },
+/*- { GOST_CTRL_RNG,
+    "RNG",
+    "Type of random number generator to use",
+    ENGINE_CMD_FLAG_STRING
+    },
+    { GOST_CTRL_RNG_PARAMS,
+    "RNG_PARAMS",
+    "Parameter for random number generator",
+    ENGINE_CMD_FLAG_STRING
+    },
 */ {GOST_CTRL_CRYPT_PARAMS,
-               "CRYPT_PARAMS",
-               "OID of default GOST 28147-89 parameters",
-               ENGINE_CMD_FLAG_STRING},
+           "CRYPT_PARAMS",
+           "OID of default GOST 28147-89 parameters",
+           ENGINE_CMD_FLAG_STRING},
     {0, NULL, NULL, 0}
 };
 

engines/e_cswift.c

@@ -1037,11 +1037,11 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
     while (num >= (int)sizeof(buf32)) {
         largenum.value = buf;
         largenum.nbytes = sizeof(buf32);
-                /*-
-                 * tell CryptoSwift how many bytes we want and where we want it.
-                 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
-                 *       - CryptoSwift can only do multiple of 32-bits.
-                 */
+        /*-
+         * tell CryptoSwift how many bytes we want and where we want it.
+         * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
+         *       - CryptoSwift can only do multiple of 32-bits.
+         */
         swrc =
             p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
         if (swrc != SW_OK) {

ssl/d1_pkt.c

@@ -433,12 +433,12 @@ static int dtls1_process_record(SSL *s)
     rr->orig_len = rr->length;
 
     enc_err = s->method->ssl3_enc->enc(s, 0);
-        /*-
-         * enc_err is:
-         *    0: (in non-constant time) if the record is publically invalid.
-         *    1: if the padding is valid
-         *   -1: if the padding is invalid
-         */
+    /*-
+     * enc_err is:
+     *    0: (in non-constant time) if the record is publically invalid.
+     *    1: if the padding is valid
+     *   -1: if the padding is invalid
+     */
     if (enc_err == 0) {
         /* For DTLS we simply ignore bad packets. */
         rr->length = 0;
@@ -1046,11 +1046,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         }
     }
 
-        /*-
-         * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
-         * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
-         * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
-         */
+    /*-
+     * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
+     * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
+     * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
+     */
 
     /* If we are a client, check for an incoming 'Hello Request': */
     if ((!s->server) &&

ssl/s3_cbc.c

@@ -754,25 +754,25 @@ void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
     if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
         return;
     block_size = EVP_MD_CTX_block_size(mac_ctx);
-	/*-
-	 * We are in FIPS mode if we get this far so we know we have only SHA*
-	 * digests and TLS to deal with.
-	 * Minimum digest padding length is 17 for SHA384/SHA512 and 9
-	 * otherwise.
-	 * Additional header is 13 bytes. To get the number of digest blocks
-	 * processed round up the amount of data plus padding to the nearest
-	 * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
-	 * So we have:
-	 * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
-	 * equivalently:
-	 * blocks = (payload_len + digest_pad + 12)/block_size + 1
-	 * HMAC adds a constant overhead.
-	 * We're ultimately only interested in differences so this becomes
-	 * blocks = (payload_len + 29)/128
-	 * for SHA384/SHA512 and
-	 * blocks = (payload_len + 21)/64
-	 * otherwise.
-	 */
+    /*-
+     * We are in FIPS mode if we get this far so we know we have only SHA*
+     * digests and TLS to deal with.
+     * Minimum digest padding length is 17 for SHA384/SHA512 and 9
+     * otherwise.
+     * Additional header is 13 bytes. To get the number of digest blocks
+     * processed round up the amount of data plus padding to the nearest
+     * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
+     * So we have:
+     * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
+     * equivalently:
+     * blocks = (payload_len + digest_pad + 12)/block_size + 1
+     * HMAC adds a constant overhead.
+     * We're ultimately only interested in differences so this becomes
+     * blocks = (payload_len + 29)/128
+     * for SHA384/SHA512 and
+     * blocks = (payload_len + 21)/64
+     * otherwise.
+     */
     digest_pad = block_size == 64 ? 21 : 29;
     blocks_orig = (orig_len + digest_pad) / block_size;
     blocks_data = (data_len + digest_pad) / block_size;

ssl/s3_clnt.c

@@ -725,36 +725,36 @@ int ssl3_client_hello(SSL *s)
         /* Do the message type and length last */
         d = p = ssl_handshake_start(s);
 
-		/*-
-		 * version indicates the negotiated version: for example from
-		 * an SSLv2/v3 compatible client hello). The client_version
-		 * field is the maximum version we permit and it is also
-		 * used in RSA encrypted premaster secrets. Some servers can
-		 * choke if we initially report a higher version then
-		 * renegotiate to a lower one in the premaster secret. This
-		 * didn't happen with TLS 1.0 as most servers supported it
-		 * but it can with TLS 1.1 or later if the server only supports
-		 * 1.0.
-		 *
-		 * Possible scenario with previous logic:
-		 *      1. Client hello indicates TLS 1.2
-		 *      2. Server hello says TLS 1.0
-		 *      3. RSA encrypted premaster secret uses 1.2.
-		 *      4. Handhaked proceeds using TLS 1.0.
-		 *      5. Server sends hello request to renegotiate.
-		 *      6. Client hello indicates TLS v1.0 as we now
-		 *         know that is maximum server supports.
-		 *      7. Server chokes on RSA encrypted premaster secret
-		 *         containing version 1.0.
-		 *
-		 * For interoperability it should be OK to always use the
-		 * maximum version we support in client hello and then rely
-		 * on the checking of version to ensure the servers isn't
-		 * being inconsistent: for example initially negotiating with
-		 * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
-		 * client_version in client hello and not resetting it to
-		 * the negotiated version.
-		 */
+        /*-
+         * version indicates the negotiated version: for example from
+         * an SSLv2/v3 compatible client hello). The client_version
+         * field is the maximum version we permit and it is also
+         * used in RSA encrypted premaster secrets. Some servers can
+         * choke if we initially report a higher version then
+         * renegotiate to a lower one in the premaster secret. This
+         * didn't happen with TLS 1.0 as most servers supported it
+         * but it can with TLS 1.1 or later if the server only supports
+         * 1.0.
+         *
+         * Possible scenario with previous logic:
+         *      1. Client hello indicates TLS 1.2
+         *      2. Server hello says TLS 1.0
+         *      3. RSA encrypted premaster secret uses 1.2.
+         *      4. Handhaked proceeds using TLS 1.0.
+         *      5. Server sends hello request to renegotiate.
+         *      6. Client hello indicates TLS v1.0 as we now
+         *         know that is maximum server supports.
+         *      7. Server chokes on RSA encrypted premaster secret
+         *         containing version 1.0.
+         *
+         * For interoperability it should be OK to always use the
+         * maximum version we support in client hello and then rely
+         * on the checking of version to ensure the servers isn't
+         * being inconsistent: for example initially negotiating with
+         * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
+         * client_version in client hello and not resetting it to
+         * the negotiated version.
+         */
 #if 0
         *(p++) = s->version >> 8;
         *(p++) = s->version & 0xff;
@@ -2514,13 +2514,13 @@ int ssl3_send_client_key_exchange(SSL *s)
             if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
                 goto err;
 
-			/*-
-			 * 20010420 VRS.  Tried it this way; failed.
-			 *      EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
-			 *      EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
-			 *                              kssl_ctx->length);
-			 *      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
-			 */
+            /*-
+             * 20010420 VRS.  Tried it this way; failed.
+             *      EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+             *      EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+             *                              kssl_ctx->length);
+             *      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+             */
 
             memset(iv, 0, sizeof iv); /* per RFC 1510 */
             EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);

ssl/s3_enc.c

@@ -748,13 +748,14 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
          * are hashing because that gives an attacker a timing-oracle.
          */
 
-                /*-
-                 * npad is, at most, 48 bytes and that's with MD5:
-                 *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
-                 *
-                 * With SHA-1 (the largest hash speced for SSLv3) the hash size
-                 * goes up 4, but npad goes down by 8, resulting in a smaller
-                 * total size. */
+        /*-
+         * npad is, at most, 48 bytes and that's with MD5:
+         *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
+         *
+         * With SHA-1 (the largest hash speced for SSLv3) the hash size
+         * goes up 4, but npad goes down by 8, resulting in a smaller
+         * total size.
+         */
         unsigned char header[75];
         unsigned j = 0;
         memcpy(header + j, mac_sec, md_size);

ssl/ssl_lib.c

@@ -1913,11 +1913,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
     ret->references = 1;
     ret->quiet_shutdown = 0;
 
-/*      ret->cipher=NULL;*/
+/*  ret->cipher=NULL;*/
 /*-
-        ret->s2->challenge=NULL;
-        ret->master_key=NULL;
-        ret->s2->conn_id=NULL; */
+    ret->s2->challenge=NULL;
+    ret->master_key=NULL;
+    ret->s2->conn_id=NULL; */
 
     ret->info_callback = NULL;
 

ssl/ssl_sess.c

@@ -325,21 +325,21 @@ int ssl_get_new_session(SSL *s, int session)
             return (0);
         }
 #ifndef OPENSSL_NO_TLSEXT
-		/*-
-		 * If RFC5077 ticket, use empty session ID (as server).
-		 * Note that:
-		 * (a) ssl_get_prev_session() does lookahead into the
-		 *     ClientHello extensions to find the session ticket.
-		 *     When ssl_get_prev_session() fails, s3_srvr.c calls
-		 *     ssl_get_new_session() in ssl3_get_client_hello().
-		 *     At that point, it has not yet parsed the extensions,
-		 *     however, because of the lookahead, it already knows
-		 *     whether a ticket is expected or not.
-		 *
-		 * (b) s3_clnt.c calls ssl_get_new_session() before parsing
-		 *     ServerHello extensions, and before recording the session
-		 *     ID received from the server, so this block is a noop.
-		 */
+        /*-
+         * If RFC5077 ticket, use empty session ID (as server).
+         * Note that:
+         * (a) ssl_get_prev_session() does lookahead into the
+         *     ClientHello extensions to find the session ticket.
+         *     When ssl_get_prev_session() fails, s3_srvr.c calls
+         *     ssl_get_new_session() in ssl3_get_client_hello().
+         *     At that point, it has not yet parsed the extensions,
+         *     however, because of the lookahead, it already knows
+         *     whether a ticket is expected or not.
+         *
+         * (b) s3_clnt.c calls ssl_get_new_session() before parsing
+         *     ServerHello extensions, and before recording the session
+         *     ID received from the server, so this block is a noop.
+         */
         if (s->tlsext_ticket_expected) {
             ss->session_id_length = 0;
             goto sess_id_done;

ssl/ssl_task.c

@@ -288,8 +288,8 @@ int doit(io_channel chan, SSL_CTX *s_ctx)
     if ((s_to_c == NULL) || (c_to_s == NULL))
         goto err;
 /*- original, DRM 24-SEP-1997
-        BIO_set_fd ( c_to_s, "", chan );
-        BIO_set_fd ( s_to_c, "", chan );
+    BIO_set_fd ( c_to_s, "", chan );
+    BIO_set_fd ( s_to_c, "", chan );
 */
     BIO_set_fd(c_to_s, 0, chan);
     BIO_set_fd(s_to_c, 0, chan);

ssl/ssltest.c

@@ -1845,40 +1845,40 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
     (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
 
     do {
-		/*-
-		 * c_ssl_bio:          SSL filter BIO
-		 *
-		 * client:             pseudo-I/O for SSL library
-		 *
-		 * client_io:          client's SSL communication; usually to be
-		 *                     relayed over some I/O facility, but in this
-		 *                     test program, we're the server, too:
-		 *
-		 * server_io:          server's SSL communication
-		 *
-		 * server:             pseudo-I/O for SSL library
-		 *
-		 * s_ssl_bio:          SSL filter BIO
-		 *
-		 * The client and the server each employ a "BIO pair":
-		 * client + client_io, server + server_io.
-		 * BIO pairs are symmetric.  A BIO pair behaves similar
-		 * to a non-blocking socketpair (but both endpoints must
-		 * be handled by the same thread).
-		 * [Here we could connect client and server to the ends
-		 * of a single BIO pair, but then this code would be less
-		 * suitable as an example for BIO pairs in general.]
-		 *
-		 * Useful functions for querying the state of BIO pair endpoints:
-		 *
-		 * BIO_ctrl_pending(bio)              number of bytes we can read now
-		 * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
-		 *                                      other side's read attempt
-		 * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
-		 *
-		 * ..._read_request is never more than ..._write_guarantee;
-		 * it depends on the application which one you should use.
-		 */
+        /*-
+         * c_ssl_bio:          SSL filter BIO
+         *
+         * client:             pseudo-I/O for SSL library
+         *
+         * client_io:          client's SSL communication; usually to be
+         *                     relayed over some I/O facility, but in this
+         *                     test program, we're the server, too:
+         *
+         * server_io:          server's SSL communication
+         *
+         * server:             pseudo-I/O for SSL library
+         *
+         * s_ssl_bio:          SSL filter BIO
+         *
+         * The client and the server each employ a "BIO pair":
+         * client + client_io, server + server_io.
+         * BIO pairs are symmetric.  A BIO pair behaves similar
+         * to a non-blocking socketpair (but both endpoints must
+         * be handled by the same thread).
+         * [Here we could connect client and server to the ends
+         * of a single BIO pair, but then this code would be less
+         * suitable as an example for BIO pairs in general.]
+         *
+         * Useful functions for querying the state of BIO pair endpoints:
+         *
+         * BIO_ctrl_pending(bio)              number of bytes we can read now
+         * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
+         *                                      other side's read attempt
+         * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
+         *
+         * ..._read_request is never more than ..._write_guarantee;
+         * it depends on the application which one you should use.
+         */
 
         /*
          * We have non-blocking behaviour throughout this test program, but
@@ -2266,10 +2266,10 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
                 printf("server waiting in SSL_accept - %s\n",
                        SSL_state_string_long(s_ssl));
 /*-
-                        else if (s_write)
-                                printf("server:SSL_write()\n");
-                        else
-                                printf("server:SSL_read()\n"); */
+            else if (s_write)
+                printf("server:SSL_write()\n");
+            else
+                printf("server:SSL_read()\n"); */
         }
 
         if (do_client && debug) {
@@ -2277,10 +2277,10 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
                 printf("client waiting in SSL_connect - %s\n",
                        SSL_state_string_long(c_ssl));
 /*-
-                        else if (c_write)
-                                printf("client:SSL_write()\n");
-                        else
-                                printf("client:SSL_read()\n"); */
+            else if (c_write)
+                printf("client:SSL_write()\n");
+            else
+                printf("client:SSL_read()\n"); */
         }
 
         if (!do_client && !do_server) {

test/methtest.c

@@ -86,13 +86,13 @@ char *argv[];
     METH_arg(tmp2, METH_TYPE_DIR, "/usr/local/ssl/certs");
     METH_push(top, METH_X509_CA_BY_SUBJECT, tmp2);
 
-/*-     tmp=METH_new(x509_by_issuer_dir);
-        METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
-        METH_push(top,METH_X509_BY_ISSUER,tmp);
+/*- tmp=METH_new(x509_by_issuer_dir);
+    METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
+    METH_push(top,METH_X509_BY_ISSUER,tmp);
 
-        tmp=METH_new(x509_by_issuer_primary);
-        METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
-        METH_push(top,METH_X509_BY_ISSUER,tmp);
+    tmp=METH_new(x509_by_issuer_primary);
+    METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
+    METH_push(top,METH_X509_BY_ISSUER,tmp);
 */
 
     METH_init(top);