From: Matt Caswell Date: Fri, 16 Jan 2015 09:21:50 +0000 (+0000) Subject: Additional comment changes for reformat of 0.9.8 X-Git-Tag: OpenSSL_0_9_8-post-reformat~41 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=3e8042c38f3a4be8933b0f773fd1e79f50e12e56;p=oweals%2Fopenssl.git Additional comment changes for reformat of 0.9.8 Reviewed-by: Tim Hudson --- diff --git a/MacOS/opensslconf.h b/MacOS/opensslconf.h index ad557cc06a..1bc31bf3cc 100644 --- a/MacOS/opensslconf.h +++ b/MacOS/opensslconf.h @@ -23,7 +23,7 @@ #if !defined(RC4_INT) /* using int types make the structure larger but make the code faster * on most boxes I have tested - up to %20 faster. */ -/* +/*- * I don't know what does "most" mean, but declaring "int" is a must on: * - Intel P6 because partial register stalls are very expensive; * - elder Alpha because it lacks byte load/store instructions; diff --git a/apps/crl2p7.c b/apps/crl2p7.c index eb7c6bfa0c..06e7321886 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -290,7 +290,7 @@ end: OPENSSL_EXIT(ret); } -/* +/*- *---------------------------------------------------------------------- * int add_certs_from_file * diff --git a/apps/gendh.c b/apps/gendh.c index 346ea4a866..4b8ed2a0b4 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -121,7 +121,7 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-2") == 0) g=2; - /* else if (strcmp(*argv,"-3") == 0) + /*- else if (strcmp(*argv,"-3") == 0) g=3; */ else if (strcmp(*argv,"-5") == 0) g=5; diff --git a/apps/s_cb.c b/apps/s_cb.c index 456aef18f9..2882bfa4d0 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -183,7 +183,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) { if (cert_file != NULL) { - /* + /*- SSL *ssl; X509 *x509; */ diff --git a/apps/s_client.c b/apps/s_client.c index 74790f48aa..c8cf1c6aca 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1122,7 +1122,7 @@ SSL_set_tlsext_status_ids(con, ids); FD_SET(SSL_get_fd(con),&writefds); } #endif -/* printf("mode tty(%d %d%d) ssl(%d%d)\n", +/*- printf("mode tty(%d %d%d) ssl(%d%d)\n", tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ /* Note: under VMS with SOCKETSHR the second parameter diff --git a/apps/s_time.c b/apps/s_time.c index 904945e1a8..957378f1dd 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -659,7 +659,7 @@ end: OPENSSL_EXIT(ret); } -/*********************************************************************** +/*- * doConnection - make a connection * Args: * scon = earlier ssl connection for session id, or NULL diff --git a/apps/winrand.c b/apps/winrand.c index 59bede3d70..d6a30ee21b 100644 --- a/apps/winrand.c +++ b/apps/winrand.c @@ -53,7 +53,8 @@ * */ -/* Usage: winrand [filename] +/*- + * Usage: winrand [filename] * * Collects entropy from mouse movements and other events and writes * random data to filename or .rnd diff --git a/bugs/alpha.c b/bugs/alpha.c index 701d6a7c74..2c90a6d3ef 100644 --- a/bugs/alpha.c +++ b/bugs/alpha.c @@ -60,7 +60,8 @@ * something to watch out for. This was fine on linux/NT/Solaris but not * Alpha */ -/* it is basically an example of +/*- + * it is basically an example of * func(*(a++),*(a++)) * which parameter is evaluated first? It is not defined in ASN1 C. */ diff --git a/bugs/dggccbug.c b/bugs/dggccbug.c index 30e07a60ea..b0eb41deb4 100644 --- a/bugs/dggccbug.c +++ b/bugs/dggccbug.c @@ -14,7 +14,8 @@ * copies of the valiable, one in a register and one being an address * that is passed. */ -/* compare the out put from +/*- + * compare the out put from * gcc dggccbug.c; ./a.out * and * gcc -O dggccbug.c; ./a.out diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c index 178239d492..9edda5e946 100644 --- a/bugs/sgiccbug.c +++ b/bugs/sgiccbug.c @@ -11,7 +11,8 @@ * Gage */ -/* Compare the output from +/*- + * Compare the output from * cc sgiccbug.c; ./a.out * and * cc -O sgiccbug.c; ./a.out diff --git a/bugs/ultrixcc.c b/bugs/ultrixcc.c index 7ba75b140f..ca5b45164b 100644 --- a/bugs/ultrixcc.c +++ b/bugs/ultrixcc.c @@ -1,6 +1,7 @@ #include -/* This is a cc optimiser bug for ultrix 4.3, mips CPU. +/*- + * This is a cc optimiser bug for ultrix 4.3, mips CPU. * What happens is that the compiler, due to the (a)&7, * does * i=a&7; diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index ee26c31bca..90eadce02d 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -86,7 +86,7 @@ int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y) } -/* +/*- * This converts an ASN1 INTEGER into its content encoding. * The internal representation is an ASN1_STRING whose data is a big endian * representation of the value, ignoring the sign. The sign is determined by diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 9b7d68810f..63071cb28f 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -87,7 +87,8 @@ unsigned long ASN1_STRING_get_default_mask(void) return global_mask; } -/* This function sets the default to various "flavours" of configuration. +/*- + * This function sets the default to various "flavours" of configuration. * based on an ASCII string. Currently this is: * MASK:XXXX : a numerical mask value. * nobmp : Don't use BMPStrings (just Printable, T61). diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index d958ca60d9..fc17179e86 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -354,7 +354,7 @@ err:\ if (((arg)=func()) == NULL) return(NULL) #define M_ASN1_New_Error(a) \ -/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ +/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ return(NULL);*/ \ err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ return(NULL) diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h index 574282b26c..5b3a2feaeb 100644 --- a/crypto/asn1/asn1t.h +++ b/crypto/asn1/asn1t.h @@ -567,7 +567,8 @@ const char *sname; /* Structure name */ #endif }; -/* These are values for the itype field and +/*- + * These are values for the itype field and * determine how the type is interpreted. * * For PRIMITIVE types the underlying type diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 095887f27d..f37c31daf9 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -843,7 +843,8 @@ static void mime_param_free(MIME_PARAM *param) OPENSSL_free(param); } -/* Check for a multipart boundary. Returns: +/*- + * Check for a multipart boundary. Returns: * 0 : no boundary * 1 : part boundary * 2 : final boundary diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c index 1ea6a59248..87b5579c8c 100644 --- a/crypto/asn1/asn_moid.c +++ b/crypto/asn1/asn_moid.c @@ -102,7 +102,8 @@ void ASN1_add_oid_module(void) CONF_module_add("oid_section", oid_module_init, oid_module_finish); } -/* Create an OID based on a name value pair. Accept two formats. +/*- + * Create an OID based on a name value pair. Accept two formats. * shortname = 1.2.3.4 * shortname = some long name, 1.2.3.4 */ diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index 47fa266dfc..b24091bdba 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -/* +/*- * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout * with binary data (e.g. asn1parse -inform DER < xxx) under * Windows diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index a9ec4c5214..b0de1cb41f 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -622,7 +622,8 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); /* r^2 + r = a mod p */ #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) -/* Some functions allow for representation of the irreducible polynomials +/*- + * Some functions allow for representation of the irreducible polynomials * as an unsigned int[], say p. The irreducible f(t) is then of the form: * t^p[0] + t^p[1] + ... + t^p[k] * where m = p[0] > p[1] > ... > p[k] = 0. diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c index eb60a25b3c..b23bf2b631 100755 --- a/crypto/bn/bn_const.c +++ b/crypto/bn/bn_const.c @@ -3,7 +3,8 @@ #include "bn.h" -/* "First Oakley Default Group" from RFC2409, section 6.1. +/*- + * "First Oakley Default Group" from RFC2409, section 6.1. * * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } * @@ -26,7 +27,8 @@ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn) return BN_bin2bn(RFC2409_PRIME_768,sizeof(RFC2409_PRIME_768),bn); } -/* "Second Oakley Default Group" from RFC2409, section 6.2. +/*- + * "Second Oakley Default Group" from RFC2409, section 6.2. * * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. * @@ -52,7 +54,8 @@ BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn) return BN_bin2bn(RFC2409_PRIME_1024,sizeof(RFC2409_PRIME_1024),bn); } -/* "1536-bit MODP Group" from RFC3526, Section 2. +/*- + * "1536-bit MODP Group" from RFC3526, Section 2. * * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } * @@ -83,7 +86,8 @@ BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_1536,sizeof(RFC3526_PRIME_1536),bn); } -/* "2048-bit MODP Group" from RFC3526, Section 3. +/*- + * "2048-bit MODP Group" from RFC3526, Section 3. * * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } * @@ -119,7 +123,8 @@ BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_2048,sizeof(RFC3526_PRIME_2048),bn); } -/* "3072-bit MODP Group" from RFC3526, Section 4. +/*- + * "3072-bit MODP Group" from RFC3526, Section 4. * * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } * @@ -165,7 +170,8 @@ BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_3072,sizeof(RFC3526_PRIME_3072),bn); } -/* "4096-bit MODP Group" from RFC3526, Section 5. +/*- + * "4096-bit MODP Group" from RFC3526, Section 5. * * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } * @@ -222,7 +228,8 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_4096,sizeof(RFC3526_PRIME_4096),bn); } -/* "6144-bit MODP Group" from RFC3526, Section 6. +/*- + * "6144-bit MODP Group" from RFC3526, Section 6. * * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } * @@ -300,7 +307,8 @@ BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_6144,sizeof(RFC3526_PRIME_6144),bn); } -/* "8192-bit MODP Group" from RFC3526, Section 7. +/*- + * "8192-bit MODP Group" from RFC3526, Section 7. * * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } * diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index c1047e8141..b50e378a2b 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -131,7 +131,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, && !defined(PEDANTIC) && !defined(BN_DIV3W) # if defined(__GNUC__) && __GNUC__>=2 # if defined(__i386) || defined (__i386__) - /* + /*- * There were two reasons for implementing this template: * - GNU C generates a call to a function (__udivdi3 to be exact) * in reply to ((((BN_ULLONG)n0)< p[1] > ... > p[k] = 0. diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c index 740359b752..6c0cd08210 100644 --- a/crypto/bn/bn_kron.c +++ b/crypto/bn/bn_kron.c @@ -66,7 +66,8 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) int ret = -2; /* avoid 'uninitialized' warning */ int err = 0; BIGNUM *A, *B, *tmp; - /* In 'tab', only odd-indexed entries are relevant: + /*- + * In 'tab', only odd-indexed entries are relevant: * For any odd BIGNUM n, * tab[BN_lsw(n) & 7] * is $(-1)^{(n^2-1)/8}$ (using TeX notation). diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 810dde34e1..49df399f9f 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -108,7 +108,8 @@ char *BN_bn2dec(const BIGNUM *a) BIGNUM *t=NULL; BN_ULONG *bn_data=NULL,*lp; - /* get an upper bound for the length of the decimal integer + /*- + * get an upper bound for the length of the decimal integer * num <= (BN_num_bits(a) + 1) * log(2) * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 diff --git a/crypto/cast/casttest.c b/crypto/cast/casttest.c index 0d020d6975..c94c26f33f 100644 --- a/crypto/cast/casttest.c +++ b/crypto/cast/casttest.c @@ -125,7 +125,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A, 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45 -/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, +/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; diff --git a/crypto/crypto.h b/crypto/crypto.h index 0450b21816..1721b02bd4 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -495,7 +495,8 @@ int CRYPTO_remove_all_info(void); /* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro; * used as default in CRYPTO_MDEBUG compilations): */ -/* The last argument has the following significance: +/*- + * The last argument has the following significance: * * 0: called before the actual memory allocation has taken place * 1: called after the actual memory allocation has taken place diff --git a/crypto/des/des.c b/crypto/des/des.c index 343135ff9e..3713e35b09 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -233,7 +233,8 @@ int main(int argc, char **argv) } } if (error) usage(); - /* We either + /*- + * We either * do checksum or * do encrypt or * do decrypt or diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c index a463a78a50..7ff9e2a708 100644 --- a/crypto/des/enc_read.c +++ b/crypto/des/enc_read.c @@ -198,7 +198,8 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, } else { - /* >output is a multiple of 8 byes, if len < rnum + /*- + * >output is a multiple of 8 byes, if len < rnum * >we must be careful. The user must be aware that this * >routine will write more bytes than he asked for. * >The length of the buffer must be correct. diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c index 26bbf9a6a7..a9cdfd63f3 100644 --- a/crypto/des/ofb64ede.c +++ b/crypto/des/ofb64ede.c @@ -105,7 +105,7 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in, } if (save) { -/* v0=ti[0]; +/*- v0=ti[0]; v1=ti[1];*/ iv = &(*ivec)[0]; l2c(v0,iv); diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c index 50e17afe38..ae9add49f7 100644 --- a/crypto/des/set_key.c +++ b/crypto/des/set_key.c @@ -56,7 +56,8 @@ * [including the GNU Public Licence.] */ -/* set_key.c v 1.4 eay 24/9/91 +/*- + * set_key.c v 1.4 eay 24/9/91 * 1.4 Speed up by 400% :-) * 1.3 added register declarations. * 1.2 unrolled make_key_sched a bit more diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 08d47720fa..f219a24a4a 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -190,7 +190,8 @@ int DSA_size(const DSA *r) return(ret); } -/* data has already been hashed (probably with SHA or SHA-1). */ +/*- + * data has already been hashed (probably with SHA or SHA-1). */ /* returns * 1: correct signature * 0: incorrect signature diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c index 43e53bcaf7..8df70ee824 100644 --- a/crypto/ebcdic.c +++ b/crypto/ebcdic.c @@ -10,7 +10,8 @@ static void *dummy=&dummy; #else /*CHARSET_EBCDIC*/ #include "ebcdic.h" -/* Initial Port for Apache-1.3 by +/*- + * Initial Port for Apache-1.3 by * Adapted for OpenSSL-0.9.4 by */ diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index f1fc010561..52cb94fb55 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -802,7 +802,8 @@ int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) } -/* Determines whether the given EC_POINT is an actual point on the curve defined +/*- + * Determines whether the given EC_POINT is an actual point on the curve defined * in the EC_GROUP. A point is valid if it satisfies the Weierstrass equation: * y^2 + x*y = x^3 + a*x^2 + b. */ diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 12a3102712..48836221b3 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -182,7 +182,8 @@ static void ec_pre_comp_clear_free(void *pre_) -/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. +/*- + * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. * This is an array r[] of values that are either zero or odd with an * absolute value less than 2^w satisfying * scalar = \sum_j r[j]*2^j @@ -337,7 +338,8 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) (b) >= 20 ? 2 : \ 1)) -/* Compute +/*- + * Compute * \sum scalars[i]*points[i], * also including * scalar*generator diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c index 8d0075742c..7c9d1d0a31 100644 --- a/crypto/ec/ecp_smpl.c +++ b/crypto/ec/ecp_smpl.c @@ -663,7 +663,8 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po y = BN_CTX_get(ctx); if (y == NULL) goto err; - /* Recover y. We have a Weierstrass equation + /*- + * Recover y. We have a Weierstrass equation * y^2 = x^3 + a*x + b, * so y is one of the square roots of x^3 + a*x + b. */ @@ -1222,8 +1223,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_ if (!field_mul(group, n1, n0, n2, ctx)) goto err; if (!BN_mod_lshift1_quick(n0, n1, p)) goto err; if (!BN_mod_add_quick(n1, n0, n1, p)) goto err; - /* n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) - * = 3 * X_a^2 - 3 * Z_a^4 */ + /*- + * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) + * = 3 * X_a^2 - 3 * Z_a^4 + */ } else { @@ -1393,7 +1396,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { - /* return values: + /*- + * return values: * -1 error * 0 equal (in affine coordinates) * 1 not equal diff --git a/crypto/engine/eng_padlock.c b/crypto/engine/eng_padlock.c index 27992b7d54..48d7f17c45 100644 --- a/crypto/engine/eng_padlock.c +++ b/crypto/engine/eng_padlock.c @@ -281,7 +281,7 @@ struct padlock_cipher_data static volatile struct padlock_cipher_data *padlock_saved_context; #endif -/* +/*- * ======================================================= * Inline assembler section(s). * ======================================================= @@ -840,7 +840,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -/* +/*- * Simplified version of padlock_aes_cipher() used when * 1) both input and output buffers are at aligned addresses. * or when diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c index 605d506585..58de81cb00 100644 --- a/crypto/jpake/jpake.c +++ b/crypto/jpake/jpake.c @@ -191,7 +191,7 @@ static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x, BIGNUM *h = BN_new(); BIGNUM *t = BN_new(); - /* + /*- * r in [0,q) * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform */ diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 06e4562e17..34c8663b9c 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -449,7 +449,7 @@ unsigned long lh_strhash(const char *c) if ((c == NULL) || (*c == '\0')) return(ret); -/* +/*- unsigned char b[16]; MD5(c,strlen(c),b); return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h index c8085b0ead..7aa5b24cf6 100644 --- a/crypto/md4/md4_locl.h +++ b/crypto/md4/md4_locl.h @@ -86,7 +86,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); #include "md32_common.h" -/* +/*- #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) #define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z)))) */ diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index dfeb084799..afe96ac311 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -86,7 +86,8 @@ static LHASH *mh=NULL; /* hash-table of memory requests (address as key); typedef struct app_mem_info_st -/* For application-defined information (static C-string `info') +/*- + * For application-defined information (static C-string `info') * to be displayed in memory leak list. * Each thread has its own stack. For applications, there is * CRYPTO_push_info("...") to push an entry, diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index 69dd19bf2e..932e3723f6 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -418,7 +418,8 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) #endif -/* The PrivateKey case is not that straightforward. +/*- + * The PrivateKey case is not that straightforward. * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) * does not work, RSA and DSA keys have specific strings. * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 181056847e..5518b3bd0d 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -107,8 +107,10 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) = int RAND_load_file(const char *file, long bytes) { - /* If bytes >= 0, read up to 'bytes' bytes. - * if bytes == -1, read complete file. */ + /*- + * If bytes >= 0, read up to 'bytes' bytes. + * if bytes == -1, read complete file. + */ MS_STATIC unsigned char buf[BUFSIZE]; struct stat sb; diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c index 4a15ffa619..524a29a163 100644 --- a/crypto/rc4/rc4_enc.c +++ b/crypto/rc4/rc4_enc.c @@ -59,7 +59,8 @@ #include #include "rc4_locl.h" -/* RC4 as implemented from a posting from +/*- + * RC4 as implemented from a posting from * Newsgroups: sci.crypt * From: sterndark@netcom.com (David Sterndark) * Subject: RC4 Algorithm revealed. diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index d1dc912b24..ab43c3a8e9 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -82,7 +82,8 @@ const char *RC4_options(void) #endif } -/* RC4 as implemented from a posting from +/*- + * RC4 as implemented from a posting from * Newsgroups: sci.crypt * From: sterndark@netcom.com (David Sterndark) * Subject: RC4 Algorithm revealed. diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index faf445f69c..cbf236277b 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -348,7 +348,7 @@ end: fprintf(stderr,"-----\n"); lh_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); - /* lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); + /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); */ lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); @@ -388,7 +388,7 @@ int ndoit(SSL_CTX *ssl_ctx[2]) fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id()); for (i=0; iref (%3d,%3d)\n", +/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", CRYPTO_thread_id(),i, ssl_ctx[0]->references, ssl_ctx[1]->references); */ diff --git a/crypto/ui/ui.h b/crypto/ui/ui.h index 2280930e22..18d9b63999 100644 --- a/crypto/ui/ui.h +++ b/crypto/ui/ui.h @@ -157,34 +157,36 @@ int UI_dup_error_string(UI *ui, const char *text); might get confused. */ #define UI_INPUT_FLAG_DEFAULT_PWD 0x02 -/* The user of these routines may want to define flags of their own. The core - UI won't look at those, but will pass them on to the method routines. They - must use higher bits so they don't get confused with the UI bits above. - UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good - example of use is this: - - #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) - +/*- + * The user of these routines may want to define flags of their own. The core + * UI won't look at those, but will pass them on to the method routines. They + * must use higher bits so they don't get confused with the UI bits above. + * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good + * example of use is this: + * + * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) + * */ #define UI_INPUT_FLAG_USER_BASE 16 -/* The following function helps construct a prompt. object_desc is a - textual short description of the object, for example "pass phrase", - and object_name is the name of the object (might be a card name or - a file name. - The returned string shall always be allocated on the heap with - OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). - - If the ui_method doesn't contain a pointer to a user-defined prompt - constructor, a default string is built, looking like this: - - "Enter {object_desc} for {object_name}:" - - So, if object_desc has the value "pass phrase" and object_name has - the value "foo.key", the resulting string is: - - "Enter pass phrase for foo.key:" +/*- + * The following function helps construct a prompt. object_desc is a + * textual short description of the object, for example "pass phrase", + * and object_name is the name of the object (might be a card name or + * a file name. + * The returned string shall always be allocated on the heap with + * OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). + * + * If the ui_method doesn't contain a pointer to a user-defined prompt + * constructor, a default string is built, looking like this: + * + * "Enter {object_desc} for {object_name}:" + * + * So, if object_desc has the value "pass phrase" and object_name has + * the value "foo.key", the resulting string is: + * + * "Enter pass phrase for foo.key:" */ char *UI_construct_prompt(UI *ui_method, const char *object_desc, const char *object_name); diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index b3acd80f25..671bd81d27 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -374,7 +374,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, /* If we were going to up the reference count, * we would need to do it on a perl 'type' * basis */ - /* CRYPTO_add(&tmp->data.x509->references,1, + /*- CRYPTO_add(&tmp->data.x509->references,1, CRYPTO_LOCK_X509);*/ goto finish; } diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 5100c92779..6654f40ca8 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -318,7 +318,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, return 0; } -/* if (ret->data.ptr != NULL) +/*- if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret); */ ret->type=tmp->type; diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 254a14693d..62b7fb54c4 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -84,7 +84,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) { if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err; if (!ASN1_INTEGER_set(xi->version,2)) goto err; -/* xi->extensions=ri->attributes; <- bad, should not ever be done +/*- xi->extensions=ri->attributes; <- bad, should not ever be done ri->attributes=NULL; */ } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index b927584805..55debad478 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -397,14 +397,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); cb=ctx->verify_cb; - /* must_be_ca can have 1 of 3 values: - -1: we accept both CA and non-CA certificates, to allow direct - use of self-signed certificates (which are marked as CA). - 0: we only accept non-CA certificates. This is currently not - used, but the possibility is present for future extensions. - 1: we only accept CA certificates. This is currently used for - all certificates in the chain except the leaf certificate. - */ + /*- + * must_be_ca can have 1 of 3 values: + * -1: we accept both CA and non-CA certificates, to allow direct + * use of self-signed certificates (which are marked as CA). + * 0: we only accept non-CA certificates. This is currently not + * used, but the possibility is present for future extensions. + * 1: we only accept CA certificates. This is currently used for + * all certificates in the chain except the leaf certificate. + */ must_be_ca = -1; /* A hack to keep people who don't want to modify their software diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index c6b68ee221..56ff367d12 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -100,7 +100,8 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, return extlist; } -/* Currently two options: +/*- + * Currently two options: * keyid: use the issuers subject keyid, the value 'always' means its is * an error if the issuer certificate doesn't have a key id. * issuer: use the issuers cert issuer and serial number. The default is diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c index 40cd4daad2..21b09a56bc 100644 --- a/demos/bio/saccept.c +++ b/demos/bio/saccept.c @@ -1,7 +1,8 @@ /* NOCW */ /* demos/bio/saccept.c */ -/* A minimal program to server an SSL connection. +/*- + * A minimal program to server an SSL connection. * It uses blocking. * saccept host:port * host is the interface IP to use. If any interface, use *:port diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c index 880344eb78..d15c4132e5 100644 --- a/demos/bio/sconnect.c +++ b/demos/bio/sconnect.c @@ -1,7 +1,8 @@ /* NOCW */ /* demos/bio/sconnect.c */ -/* A minimal program to do SSL to a passed host and port. +/*- + * A minimal program to do SSL to a passed host and port. * It is actually using non-blocking IO but in a very simple manner * sconnect host:port - it does a 'GET / HTTP/1.0' * diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c index 952e537712..64090c41ca 100644 --- a/demos/easy_tls/easy-tls.c +++ b/demos/easy_tls/easy-tls.c @@ -1,5 +1,5 @@ /* -*- Mode: C; c-file-style: "bsd" -*- */ -/* +/*- * easy-tls.c -- generic TLS proxy. * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $ */ @@ -62,7 +62,7 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* +/*- * Attribution for OpenSSL library: * * This product includes cryptographic software written by Eric Young @@ -124,7 +124,8 @@ static char const rcsid[] = # include TLS_APP #endif -/* Applications can define: +/*- + * Applications can define: * TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg) * TLS_CUMULATE_ERRORS * TLS_ERROR_BUFSIZ diff --git a/demos/easy_tls/easy-tls.h b/demos/easy_tls/easy-tls.h index 52b298e654..71ed87aeac 100644 --- a/demos/easy_tls/easy-tls.h +++ b/demos/easy_tls/easy-tls.h @@ -1,5 +1,5 @@ /* -*- Mode: C; c-file-style: "bsd" -*- */ -/* +/*- * easy-tls.h -- generic TLS proxy. * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $ */ diff --git a/demos/engines/ibmca/ica_openssl_api.h b/demos/engines/ibmca/ica_openssl_api.h index c77e0fd5c0..b3739f604a 100644 --- a/demos/engines/ibmca/ica_openssl_api.h +++ b/demos/engines/ibmca/ica_openssl_api.h @@ -62,7 +62,7 @@ typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE]; | RSA Key Token format | *------------------------------------------------*/ -/* +/*- * NOTE: All the fields in the ICA_KEY_RSA_MODEXPO structure * (lengths, offsets, exponents, modulus, etc.) are * stored in big-endian format @@ -86,7 +86,7 @@ typedef struct _ICA_KEY_RSA_MODEXPO } ICA_KEY_RSA_MODEXPO; #define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC)) -/* +/*- * NOTE: All the fields in the ICA_KEY_RSA_CRT structure * (lengths, offsets, exponents, modulus, etc.) are * stored in big-endian format diff --git a/demos/engines/zencod/hw_zencod.h b/demos/engines/zencod/hw_zencod.h index 415c9a6be8..eef8ee6fe8 100644 --- a/demos/engines/zencod/hw_zencod.h +++ b/demos/engines/zencod/hw_zencod.h @@ -114,7 +114,8 @@ typedef struct ZEN_data_st /* output : output data buffer */ /* input : input data buffer */ /* algo : hash algorithm, MD5 or SHA1 */ -/* typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; +/*- + * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ; */ /* For now separate this stuff that mad it easier to test */ diff --git a/demos/spkigen.c b/demos/spkigen.c index 2cd5dfea97..a22b3ef340 100644 --- a/demos/spkigen.c +++ b/demos/spkigen.c @@ -1,5 +1,6 @@ /* NOCW */ -/* demos/spkigen.c +/*- + * demos/spkigen.c * 18-Mar-1997 - eay - A quick hack :-) * version 1.1, it would probably help to save or load the * private key :-) diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c index e64983896e..0f6850ea97 100644 --- a/demos/tunala/cb.c +++ b/demos/tunala/cb.c @@ -5,7 +5,8 @@ /* For callbacks generating output, here are their file-descriptors. */ static FILE *fp_cb_ssl_info = NULL; static FILE *fp_cb_ssl_verify = NULL; -/* Output level: +/*- + * Output level: * 0 = nothing, * 1 = minimal, just errors, * 2 = minimal, all steps, diff --git a/engines/e_cswift.c b/engines/e_cswift.c index 2e64ff3277..18c583d689 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -1065,9 +1065,11 @@ static int cswift_rand_bytes(unsigned char *buf, int num) { largenum.value = buf; largenum.nbytes = sizeof(buf32); - /* tell CryptoSwift how many bytes we want and where we want it. + /*- + * tell CryptoSwift how many bytes we want and where we want it. * Note: - CryptoSwift cannot do more than 4096 bytes at a time. - * - CryptoSwift can only do multiple of 32-bits. */ + * - CryptoSwift can only do multiple of 32-bits. + */ swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); if (swrc != SW_OK) { diff --git a/fips/dh/dh_gen.c b/fips/dh/dh_gen.c index 999e1deb40..7da6de3ee4 100644 --- a/fips/dh/dh_gen.c +++ b/fips/dh/dh_gen.c @@ -77,7 +77,8 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *c return dh_builtin_genparams(ret, prime_len, generator, cb); } -/* We generate DH parameters as follows +/*- + * We generate DH parameters as follows * find a prime q which is prime_len/2 bits long. * p=(2*q)+1 or (p-1)/2 = q * For this case, g is a generator if diff --git a/fips/dh/fips_dh_check.c b/fips/dh/fips_dh_check.c index 7333f7c80f..a8a7eda6c5 100644 --- a/fips/dh/fips_dh_check.c +++ b/fips/dh/fips_dh_check.c @@ -62,7 +62,8 @@ #include #include -/* Check that p is a safe prime and +/*- + * Check that p is a safe prime and * if g is 2, 3 or 5, check that is is a suitable generator * where * for 2, p mod 24 == 11 diff --git a/fips/dh/fips_dh_gen.c b/fips/dh/fips_dh_gen.c index d115f9d5d2..fe74edbc24 100644 --- a/fips/dh/fips_dh_gen.c +++ b/fips/dh/fips_dh_gen.c @@ -78,7 +78,8 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *c return dh_builtin_genparams(ret, prime_len, generator, cb); } -/* We generate DH parameters as follows +/*- + * We generate DH parameters as follows * find a prime q which is prime_len/2 bits long. * p=(2*q)+1 or (p-1)/2 = q * For this case, g is a generator if diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 58a3b46994..b709c3b9e9 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -906,7 +906,8 @@ int dtls1_send_client_key_exchange(SSL *s) goto err; } - /* 20010406 VRS - Earlier versions used KRB5 AP_REQ + /*- + * 20010406 VRS - Earlier versions used KRB5 AP_REQ ** in place of RFC 2712 KerberosWrapper, as in: ** ** Send ticket (copy to *p, set n = length) @@ -952,12 +953,13 @@ int dtls1_send_client_key_exchange(SSL *s) if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0) goto err; - /* 20010420 VRS. Tried it this way; failed. - ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); - ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx, - ** kssl_ctx->length); - ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); - */ + /*- + * 20010420 VRS. Tried it this way; failed. + * EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); + * EVP_CIPHER_CTX_set_key_length(&ciph_ctx, + * kssl_ctx->length); + * EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); + */ memset(iv, 0, sizeof iv); /* per RFC 1510 */ EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, @@ -1060,7 +1062,7 @@ int dtls1_send_client_key_exchange(SSL *s) d = dtls1_set_message_header(s, d, SSL3_MT_CLIENT_KEY_EXCHANGE, n, 0, n); - /* + /*- *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; l2n3(n,d); l2n(s->d1->handshake_write_seq,d); diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index f0c446dedd..f637830913 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -126,14 +126,16 @@ #include #endif -/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. +/*- + * dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. * * Returns: * 0: (in non-constant time) if the record is publically invalid (i.e. too * short etc). * 1: if the record's padding is valid / the encryption was successful. * -1: if the record's padding/AEAD-authenticator is invalid or, if sending, - * an internal error occured. */ + * an internal error occured. + */ int dtls1_enc(SSL *s, int send) { SSL3_RECORD *rec; diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index ae888d966c..02d062a2e5 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -364,10 +364,12 @@ dtls1_process_record(SSL *s) rr->data=rr->input; enc_err = s->method->ssl3_enc->enc(s,0); - /* enc_err is: + /*- + * enc_err is: * 0: (in non-constant time) if the record is publically invalid. * 1: if the padding is valid - * -1: if the padding is invalid */ + * -1: if the padding is invalid + */ if (enc_err == 0) { /* For DTLS we simply ignore bad packets. */ @@ -919,9 +921,11 @@ start: } } - /* s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; + /*- + * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. - * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ + * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) + */ /* If we are a client, check for an incoming 'Hello Request': */ if ((!s->server) && diff --git a/ssl/kssl.c b/ssl/kssl.c index cdd0ae09bb..d57f000825 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1300,7 +1300,8 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, } -/* Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"), +/*- + * Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"), * and krb5 AP_REQ message & message length, * Return Kerberos session key and client principle * to SSL Server in KSSL_CTX *kssl_ctx. diff --git a/ssl/kssl.h b/ssl/kssl.h index c7e16a5a95..4cab3146e9 100644 --- a/ssl/kssl.h +++ b/ssl/kssl.h @@ -90,7 +90,8 @@ typedef unsigned char krb5_octet; #endif -/* Uncomment this to debug kssl problems or +/*- + * Uncomment this to debug kssl problems or * to trace usage of the Kerberos session key * * #define KSSL_DEBUG diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index 7387d8b7c5..9527504939 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -561,16 +561,20 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) } else if ((bs <= 1) && (!s->s2->escape)) { - /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ + /*- + * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + */ s->s2->three_byte_header=0; p=0; } else /* we may have to use a 3 byte header */ { - /* If s->s2->escape is not set, then + /*- + * If s->s2->escape is not set, then * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. + */ p=(j%bs); p=(p == 0)?0:(bs-p); if (s->s2->escape) @@ -584,7 +588,8 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) } } - /* Now + /*- + * Now * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER * holds, and if s->s2->three_byte_header is set, then even * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index f4391ec394..03951a655b 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -433,7 +433,8 @@ void ssl3_cleanup_key_block(SSL *s) s->s3->tmp.key_block_length=0; } -/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. +/*- + * ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. * * Returns: * 0: (in non-constant time) if the record is publically invalid (i.e. too @@ -619,7 +620,8 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send) * data we are hashing because that gives an attacker a * timing-oracle. */ - /* npad is, at most, 48 bytes and that's with MD5: + /*- + * npad is, at most, 48 bytes and that's with MD5: * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. * * With SHA-1 (the largest hash speced for SSLv3) the hash size diff --git a/ssl/ssl.h b/ssl/ssl.h index ec604a930e..035322738d 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -198,7 +198,8 @@ extern "C" { #endif /* SSLeay version number for ASN.1 encoding of the session information */ -/* Version 0 - initial version +/*- + * Version 0 - initial version * Version 1 - added the optional peer certificate */ #define SSL_SESSION_ASN1_VERSION 0x0001 @@ -1134,10 +1135,12 @@ extern "C" { #define SSL_ST_READ_BODY 0xF1 #define SSL_ST_READ_DONE 0xF2 -/* Obtain latest Finished message +/*- + * Obtain latest Finished message * -- that we sent (SSL_get_finished) * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ + * Returns length (0 == no Finished so far), copies up to 'count' bytes. + */ size_t SSL_get_finished(const SSL *s, void *buf, size_t count); size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index c364c142c7..bef847b92b 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -885,7 +885,8 @@ static int ssl_cipher_process_rulestr(const char *rule_str, if (!found) break; /* ignore this entry */ - /* New algorithms: + /*- + * New algorithms: * 1 - any old restrictions apply outside new mask * 2 - any new restrictions apply outside old mask * 3 - enforce old & new where masks intersect diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index a06e81c5c2..dd5c4ac012 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -396,7 +396,7 @@ * SSL_aDSS <- DSA_SIGN */ -/* +/*- #define CERT_INVALID 0 #define CERT_PUBLIC_KEY 1 #define CERT_PRIVATE_KEY 2