diff options
69 files changed, 223 insertions, 148 deletions
diff --git a/MacOS/opensslconf.h b/MacOS/opensslconf.h index ad557cc06a..1bc31bf3cc 100644 --- a/MacOS/opensslconf.h +++ b/MacOS/opensslconf.h @@ -23,7 +23,7 @@ #if !defined(RC4_INT) /* using int types make the structure larger but make the code faster * on most boxes I have tested - up to %20 faster. */ -/* +/*- * I don't know what does "most" mean, but declaring "int" is a must on: * - Intel P6 because partial register stalls are very expensive; * - elder Alpha because it lacks byte load/store instructions; diff --git a/apps/crl2p7.c b/apps/crl2p7.c index ce78e76e80..4f9383dc9c 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -289,7 +289,7 @@ end: OPENSSL_EXIT(ret); } -/* +/*- *---------------------------------------------------------------------- * int add_certs_from_file * diff --git a/apps/gendh.c b/apps/gendh.c index 8df8c62f8a..d7d85f4233 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -121,7 +121,7 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-2") == 0) g=2; - /* else if (strcmp(*argv,"-3") == 0) + /*- else if (strcmp(*argv,"-3") == 0) g=3; */ else if (strcmp(*argv,"-5") == 0) g=5; diff --git a/apps/s_cb.c b/apps/s_cb.c index 86e59c8dcf..ed372f3e83 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -205,7 +205,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) { if (cert_file != NULL) { - /* + /*- SSL *ssl; X509 *x509; */ diff --git a/apps/s_client.c b/apps/s_client.c index d27ee3dd35..0a5cbb3a17 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -446,20 +446,21 @@ static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g) return ret; } -/* This callback is used here for two purposes: - - extended debugging - - making some primality tests for unknown groups - The callback is only called for a non default group. - - An application does not need the call back at all if - only the stanard groups are used. In real life situations, - client and server already share well known groups, - thus there is no need to verify them. - Furthermore, in case that a server actually proposes a group that - is not one of those defined in RFC 5054, it is more appropriate - to add the group to a static list and then compare since - primality tests are rather cpu consuming. -*/ +/*- + * This callback is used here for two purposes: + * - extended debugging + * - making some primality tests for unknown groups + * The callback is only called for a non default group. + * + * An application does not need the call back at all if + * only the stanard groups are used. In real life situations, + * client and server already share well known groups, + * thus there is no need to verify them. + * Furthermore, in case that a server actually proposes a group that + * is not one of those defined in RFC 5054, it is more appropriate + * to add the group to a static list and then compare since + * primality tests are rather cpu consuming. + */ static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) { @@ -1806,7 +1807,7 @@ SSL_set_tlsext_status_ids(con, ids); openssl_fdset(SSL_get_fd(con),&writefds); } #endif -/* printf("mode tty(%d %d%d) ssl(%d%d)\n", +/*- printf("mode tty(%d %d%d) ssl(%d%d)\n", tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ /* Note: under VMS with SOCKETSHR the second parameter diff --git a/apps/s_time.c b/apps/s_time.c index 81dad53243..eb95ffa64c 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -550,7 +550,7 @@ end: OPENSSL_EXIT(ret); } -/*********************************************************************** +/*- * doConnection - make a connection * Args: * scon = earlier ssl connection for session id, or NULL diff --git a/apps/winrand.c b/apps/winrand.c index 59bede3d70..d6a30ee21b 100644 --- a/apps/winrand.c +++ b/apps/winrand.c @@ -53,7 +53,8 @@ * */ -/* Usage: winrand [filename] +/*- + * Usage: winrand [filename] * * Collects entropy from mouse movements and other events and writes * random data to filename or .rnd diff --git a/bugs/alpha.c b/bugs/alpha.c index 701d6a7c74..2c90a6d3ef 100644 --- a/bugs/alpha.c +++ b/bugs/alpha.c @@ -60,7 +60,8 @@ * something to watch out for. This was fine on linux/NT/Solaris but not * Alpha */ -/* it is basically an example of +/*- + * it is basically an example of * func(*(a++),*(a++)) * which parameter is evaluated first? It is not defined in ASN1 C. */ diff --git a/bugs/dggccbug.c b/bugs/dggccbug.c index 30e07a60ea..b0eb41deb4 100644 --- a/bugs/dggccbug.c +++ b/bugs/dggccbug.c @@ -14,7 +14,8 @@ * copies of the valiable, one in a register and one being an address * that is passed. */ -/* compare the out put from +/*- + * compare the out put from * gcc dggccbug.c; ./a.out * and * gcc -O dggccbug.c; ./a.out diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c index 178239d492..9edda5e946 100644 --- a/bugs/sgiccbug.c +++ b/bugs/sgiccbug.c @@ -11,7 +11,8 @@ * Gage <agage@forgetmenot.Mines.EDU> */ -/* Compare the output from +/*- + * Compare the output from * cc sgiccbug.c; ./a.out * and * cc -O sgiccbug.c; ./a.out diff --git a/bugs/ultrixcc.c b/bugs/ultrixcc.c index 7ba75b140f..ca5b45164b 100644 --- a/bugs/ultrixcc.c +++ b/bugs/ultrixcc.c @@ -1,6 +1,7 @@ #include <stdio.h> -/* This is a cc optimiser bug for ultrix 4.3, mips CPU. +/*- + * This is a cc optimiser bug for ultrix 4.3, mips CPU. * What happens is that the compiler, due to the (a)&7, * does * i=a&7; diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 297c45a9ff..b2eb875a12 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -86,7 +86,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) } -/* +/*- * This converts an ASN1 INTEGER into its content encoding. * The internal representation is an ASN1_STRING whose data is a big endian * representation of the value, ignoring the sign. The sign is determined by diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 2afd5a4136..29d41e6b46 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -86,7 +86,8 @@ unsigned long ASN1_STRING_get_default_mask(void) return global_mask; } -/* This function sets the default to various "flavours" of configuration. +/*- + * This function sets the default to various "flavours" of configuration. * based on an ASCII string. Currently this is: * MASK:XXXX : a numerical mask value. * nobmp : Don't use BMPStrings (just Printable, T61). diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index 87bd0e9e1d..1c6ba1c80f 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -361,7 +361,7 @@ err:\ if (((arg)=func()) == NULL) return(NULL) #define M_ASN1_New_Error(a) \ -/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ +/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ return(NULL);*/ \ err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ return(NULL) diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h index 47502a6a5e..293a538e64 100644 --- a/crypto/asn1/asn1t.h +++ b/crypto/asn1/asn1t.h @@ -579,7 +579,8 @@ const char *sname; /* Structure name */ #endif }; -/* These are values for the itype field and +/*- + * These are values for the itype field and * determine how the type is interpreted. * * For PRIMITIVE types the underlying type diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 13d003bce3..04893a15ce 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -915,7 +915,8 @@ static void mime_param_free(MIME_PARAM *param) OPENSSL_free(param); } -/* Check for a multipart boundary. Returns: +/*- + * Check for a multipart boundary. Returns: * 0 : no boundary * 1 : part boundary * 2 : final boundary diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c index 1ea6a59248..87b5579c8c 100644 --- a/crypto/asn1/asn_moid.c +++ b/crypto/asn1/asn_moid.c @@ -102,7 +102,8 @@ void ASN1_add_oid_module(void) CONF_module_add("oid_section", oid_module_init, oid_module_finish); } -/* Create an OID based on a name value pair. Accept two formats. +/*- + * Create an OID based on a name value pair. Accept two formats. * shortname = 1.2.3.4 * shortname = some long name, 1.2.3.4 */ diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index b954fe7ebc..d84c992f6e 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -/* +/*- * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout * with binary data (e.g. asn1parse -inform DER < xxx) under * Windows diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 5a00c874dc..fc89691f54 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -636,7 +636,8 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); /* r^2 + r = a mod p */ #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) -/* Some functions allow for representation of the irreducible polynomials +/*- + * Some functions allow for representation of the irreducible polynomials * as an unsigned int[], say p. The irreducible f(t) is then of the form: * t^p[0] + t^p[1] + ... + t^p[k] * where m = p[0] > p[1] > ... > p[k] = 0. diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c index eb60a25b3c..b23bf2b631 100755 --- a/crypto/bn/bn_const.c +++ b/crypto/bn/bn_const.c @@ -3,7 +3,8 @@ #include "bn.h" -/* "First Oakley Default Group" from RFC2409, section 6.1. +/*- + * "First Oakley Default Group" from RFC2409, section 6.1. * * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } * @@ -26,7 +27,8 @@ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn) return BN_bin2bn(RFC2409_PRIME_768,sizeof(RFC2409_PRIME_768),bn); } -/* "Second Oakley Default Group" from RFC2409, section 6.2. +/*- + * "Second Oakley Default Group" from RFC2409, section 6.2. * * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. * @@ -52,7 +54,8 @@ BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn) return BN_bin2bn(RFC2409_PRIME_1024,sizeof(RFC2409_PRIME_1024),bn); } -/* "1536-bit MODP Group" from RFC3526, Section 2. +/*- + * "1536-bit MODP Group" from RFC3526, Section 2. * * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } * @@ -83,7 +86,8 @@ BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_1536,sizeof(RFC3526_PRIME_1536),bn); } -/* "2048-bit MODP Group" from RFC3526, Section 3. +/*- + * "2048-bit MODP Group" from RFC3526, Section 3. * * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } * @@ -119,7 +123,8 @@ BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_2048,sizeof(RFC3526_PRIME_2048),bn); } -/* "3072-bit MODP Group" from RFC3526, Section 4. +/*- + * "3072-bit MODP Group" from RFC3526, Section 4. * * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } * @@ -165,7 +170,8 @@ BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_3072,sizeof(RFC3526_PRIME_3072),bn); } -/* "4096-bit MODP Group" from RFC3526, Section 5. +/*- + * "4096-bit MODP Group" from RFC3526, Section 5. * * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } * @@ -222,7 +228,8 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_4096,sizeof(RFC3526_PRIME_4096),bn); } -/* "6144-bit MODP Group" from RFC3526, Section 6. +/*- + * "6144-bit MODP Group" from RFC3526, Section 6. * * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } * @@ -300,7 +307,8 @@ BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn) return BN_bin2bn(RFC3526_PRIME_6144,sizeof(RFC3526_PRIME_6144),bn); } -/* "8192-bit MODP Group" from RFC3526, Section 7. +/*- + * "8192-bit MODP Group" from RFC3526, Section 7. * * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } * diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index 3c59981163..94c6ec0444 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -131,7 +131,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, && !defined(PEDANTIC) && !defined(BN_DIV3W) # if defined(__GNUC__) && __GNUC__>=2 # if defined(__i386) || defined (__i386__) - /* + /*- * There were two reasons for implementing this template: * - GNU C generates a call to a function (__udivdi3 to be exact) * in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c index 8a4dc20ad9..bc0a29282a 100644 --- a/crypto/bn/bn_gf2m.c +++ b/crypto/bn/bn_gf2m.c @@ -256,7 +256,8 @@ int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) } -/* Some functions allow for representation of the irreducible polynomials +/*- + * Some functions allow for representation of the irreducible polynomials * as an int[], say p. The irreducible f(t) is then of the form: * t^p[0] + t^p[1] + ... + t^p[k] * where m = p[0] > p[1] > ... > p[k] = 0. diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c index 740359b752..6c0cd08210 100644 --- a/crypto/bn/bn_kron.c +++ b/crypto/bn/bn_kron.c @@ -66,7 +66,8 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) int ret = -2; /* avoid 'uninitialized' warning */ int err = 0; BIGNUM *A, *B, *tmp; - /* In 'tab', only odd-indexed entries are relevant: + /*- + * In 'tab', only odd-indexed entries are relevant: * For any odd BIGNUM n, * tab[BN_lsw(n) & 7] * is $(-1)^{(n^2-1)/8}$ (using TeX notation). diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 1743b6a7e2..739564da5f 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -108,7 +108,8 @@ char *BN_bn2dec(const BIGNUM *a) BIGNUM *t=NULL; BN_ULONG *bn_data=NULL,*lp; - /* get an upper bound for the length of the decimal integer + /*- + * get an upper bound for the length of the decimal integer * num <= (BN_num_bits(a) + 1) * log(2) * <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1 (rounding error) * <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 diff --git a/crypto/cast/casttest.c b/crypto/cast/casttest.c index 0d020d6975..c94c26f33f 100644 --- a/crypto/cast/casttest.c +++ b/crypto/cast/casttest.c @@ -125,7 +125,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A, 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45 -/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, +/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38, 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9, 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; diff --git a/crypto/crypto.h b/crypto/crypto.h index 655993e8d7..d0e168949a 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -511,7 +511,8 @@ int CRYPTO_remove_all_info(void); /* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro; * used as default in CRYPTO_MDEBUG compilations): */ -/* The last argument has the following significance: +/*- + * The last argument has the following significance: * * 0: called before the actual memory allocation has taken place * 1: called after the actual memory allocation has taken place diff --git a/crypto/des/des.c b/crypto/des/des.c index 343135ff9e..3713e35b09 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -233,7 +233,8 @@ int main(int argc, char **argv) } } if (error) usage(); - /* We either + /*- + * We either * do checksum or * do encrypt or * do decrypt or diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c index e6c4769126..74bf51b72e 100644 --- a/crypto/des/enc_read.c +++ b/crypto/des/enc_read.c @@ -205,7 +205,8 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, } else { - /* >output is a multiple of 8 byes, if len < rnum + /*- + * >output is a multiple of 8 byes, if len < rnum * >we must be careful. The user must be aware that this * >routine will write more bytes than he asked for. * >The length of the buffer must be correct. diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c index 26bbf9a6a7..a9cdfd63f3 100644 --- a/crypto/des/ofb64ede.c +++ b/crypto/des/ofb64ede.c @@ -105,7 +105,7 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in, } if (save) { -/* v0=ti[0]; +/*- v0=ti[0]; v1=ti[1];*/ iv = &(*ivec)[0]; l2c(v0,iv); diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c index 3321396be3..b621c9a6de 100644 --- a/crypto/des/set_key.c +++ b/crypto/des/set_key.c @@ -56,7 +56,8 @@ * [including the GNU Public Licence.] */ -/* set_key.c v 1.4 eay 24/9/91 +/*- + * set_key.c v 1.4 eay 24/9/91 * 1.4 Speed up by 400% :-) * 1.3 added register declarations. * 1.2 unrolled make_key_sched a bit more diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c index faa9d76b42..fb6f90a78c 100644 --- a/crypto/dso/dso_dlfcn.c +++ b/crypto/dso/dso_dlfcn.c @@ -401,7 +401,7 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) } #ifdef __sgi -/* +/*- This is a quote from IRIX manual for dladdr(3c): <dlfcn.h> does not contain a prototype for dladdr or definition of diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c index 43e53bcaf7..8df70ee824 100644 --- a/crypto/ebcdic.c +++ b/crypto/ebcdic.c @@ -10,7 +10,8 @@ static void *dummy=&dummy; #else /*CHARSET_EBCDIC*/ #include "ebcdic.h" -/* Initial Port for Apache-1.3 by <Martin.Kraemer@Mch.SNI.De> +/*- + * Initial Port for Apache-1.3 by <Martin.Kraemer@Mch.SNI.De> * Adapted for OpenSSL-0.9.4 by <Martin.Kraemer@Mch.SNI.De> */ diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index 350b59be91..0de9e73bae 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -544,7 +544,8 @@ int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) } -/* Determines whether the given EC_POINT is an actual point on the curve defined +/*- + * Determines whether the given EC_POINT is an actual point on the curve defined * in the EC_GROUP. A point is valid if it satisfies the Weierstrass equation: * y^2 + x*y = x^3 + a*x^2 + b. */ diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 4e805014a7..518525d85a 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -182,7 +182,8 @@ static void ec_pre_comp_clear_free(void *pre_) -/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. +/*- + * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. * This is an array r[] of values that are either zero or odd with an * absolute value less than 2^w satisfying * scalar = \sum_j r[j]*2^j @@ -337,7 +338,8 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) (b) >= 20 ? 2 : \ 1)) -/* Compute +/*- + * Compute * \sum scalars[i]*points[i], * also including * scalar*generator diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 613c5abc38..eec9f4220b 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -624,8 +624,10 @@ static void felem_reduce(felem out, const largefelem in) out[1] += ((limb) in[0]) >> 58; out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6; - /* out[1] < 2^58 + 2^6 + 2^58 - * = 2^59 + 2^6 */ + /*- + * out[1] < 2^58 + 2^6 + 2^58 + * = 2^59 + 2^6 + */ out[2] += ((limb) (in[0] >> 64)) >> 52; out[2] += ((limb) in[1]) >> 58; @@ -654,8 +656,10 @@ static void felem_reduce(felem out, const largefelem in) out[8] += ((limb) in[7]) >> 58; out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6; - /* out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12 - * < 2^59 + 2^13 */ + /*- + * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12 + * < 2^59 + 2^13 + */ overflow1 = ((limb) (in[7] >> 64)) >> 52; overflow1 += ((limb) in[8]) >> 58; @@ -669,9 +673,11 @@ static void felem_reduce(felem out, const largefelem in) out[1] += overflow2; /* out[1] < 2^59 + 2^6 + 2^13 */ out[1] += out[0] >> 58; out[0] &= bottom58bits; - /* out[0] < 2^58 + /*- + * out[0] < 2^58 * out[1] < 2^59 + 2^6 + 2^13 + 2^2 - * < 2^59 + 2^14 */ + * < 2^59 + 2^14 + */ } static void felem_square_reduce(felem out, const felem in) @@ -1216,9 +1222,11 @@ static void point_add(felem x3, felem y3, felem z3, felem_scalar128(tmp2, 2); /* tmp2[i] < 17*2^121 */ felem_diff128(tmp, tmp2); - /* tmp[i] < 2^127 - 2^69 + 17*2^122 + /*- + * tmp[i] < 2^127 - 2^69 + 17*2^122 * = 2^126 - 2^122 - 2^6 - 2^2 - 1 - * < 2^127 */ + * < 2^127 + */ felem_reduce(y_out, tmp); copy_conditional(x_out, x2, z1_is_zero); diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c index 374a0ee731..c23983d7f7 100644 --- a/crypto/ec/ecp_oct.c +++ b/crypto/ec/ecp_oct.c @@ -93,7 +93,8 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po y = BN_CTX_get(ctx); if (y == NULL) goto err; - /* Recover y. We have a Weierstrass equation + /*- + * Recover y. We have a Weierstrass equation * y^2 = x^3 + a*x + b, * so y is one of the square roots of x^3 + a*x + b. */ diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c index 4741bf9af3..c9fe1cf1db 100644 --- a/crypto/ec/ecp_smpl.c +++ b/crypto/ec/ecp_smpl.c @@ -864,8 +864,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_ if (!field_mul(group, n1, n0, n2, ctx)) goto err; if (!BN_mod_lshift1_quick(n0, n1, p)) goto err; if (!BN_mod_add_quick(n1, n0, n1, p)) goto err; - /* n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) - * = 3 * X_a^2 - 3 * Z_a^4 */ + /*- + * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) + * = 3 * X_a^2 - 3 * Z_a^4 + */ } else { @@ -1035,7 +1037,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { - /* return values: + /*- + * return values: * -1 error * 0 equal (in affine coordinates) * 1 not equal diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c index 81a5cb5120..c8bbe40a65 100644 --- a/crypto/jpake/jpake.c +++ b/crypto/jpake/jpake.c @@ -191,7 +191,7 @@ static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x, BIGNUM *h = BN_new(); BIGNUM *t = BN_new(); - /* + /*- * r in [0,q) * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform */ diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index a60914a910..e5aab0ce8b 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -450,7 +450,7 @@ unsigned long lh_strhash(const char *c) if ((c == NULL) || (*c == '\0')) return(ret); -/* +/*- unsigned char b[16]; MD5(c,strlen(c),b); return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h index 99c3e5004c..dd19f38939 100644 --- a/crypto/md4/md4_locl.h +++ b/crypto/md4/md4_locl.h @@ -86,7 +86,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num); #include "md32_common.h" -/* +/*- #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) #define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z)))) */ diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index ac793397f1..ddb95fb549 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -142,7 +142,8 @@ static LHASH_OF(MEM) *mh=NULL; /* hash-table of memory requests typedef struct app_mem_info_st -/* For application-defined information (static C-string `info') +/*- + * For application-defined information (static C-string `info') * to be displayed in memory leak list. * Each thread has its own stack. For applications, there is * CRYPTO_push_info("...") to push an entry, diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 14ba69d4c6..5d28d63e79 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -108,8 +108,10 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) = int RAND_load_file(const char *file, long bytes) { - /* If bytes >= 0, read up to 'bytes' bytes. - * if bytes == -1, read complete file. */ + /*- + * If bytes >= 0, read up to 'bytes' bytes. + * if bytes == -1, read complete file. + */ MS_STATIC unsigned char buf[BUFSIZE]; #ifndef OPENSSL_NO_POSIX_IO diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c index ee0fe8d7f5..dff4fc30ea 100644 --- a/crypto/rc4/rc4_enc.c +++ b/crypto/rc4/rc4_enc.c @@ -59,7 +59,8 @@ #include <openssl/rc4.h> #include "rc4_locl.h" -/* RC4 as implemented from a posting from +/*- + * RC4 as implemented from a posting from * Newsgroups: sci.crypt * From: sterndark@netcom.com (David Sterndark) * Subject: RC4 Algorithm revealed. diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c index fda27636e7..a9908556f6 100644 --- a/crypto/rc4/rc4_skey.c +++ b/crypto/rc4/rc4_skey.c @@ -77,7 +77,8 @@ const char *RC4_options(void) #endif } -/* RC4 as implemented from a posting from +/*- + * RC4 as implemented from a posting from * Newsgroups: sci.crypt * From: sterndark@netcom.com (David Sterndark) * Subject: RC4 Algorithm revealed. diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index 59cb3f34a4..7c9781d909 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -350,7 +350,7 @@ end: fprintf(stderr,"-----\n"); lh_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); - /* lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); + /*- lh_node_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); */ lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr); fprintf(stderr,"-----\n"); @@ -390,7 +390,7 @@ int ndoit(SSL_CTX *ssl_ctx[2]) fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id()); for (i=0; i<number_of_loops; i++) { -/* fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", +/*- fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n", CRYPTO_thread_id(),i, ssl_ctx[0]->references, ssl_ctx[1]->references); */ diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index cee1398a85..70b1a91c07 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -125,7 +125,7 @@ static struct /* Functions for verifying a signed TS_TST_INFO structure. */ -/* +/*- * This function carries out the following tasks: * - Checks if there is one and only one signer. * - Search for the signing certificate in 'certs' and in the response. @@ -353,7 +353,7 @@ static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo) return 0; } -/* +/*- * Verifies whether 'response' contains a valid response with regards * to the settings of the context: * - Gives an error message if the TS_TST_INFO is not present. diff --git a/crypto/ui/ui.h b/crypto/ui/ui.h index 2d01186263..dde8ecfe2e 100644 --- a/crypto/ui/ui.h +++ b/crypto/ui/ui.h @@ -157,34 +157,36 @@ int UI_dup_error_string(UI *ui, const char *text); might get confused. */ #define UI_INPUT_FLAG_DEFAULT_PWD 0x02 -/* The user of these routines may want to define flags of their own. The core - UI won't look at those, but will pass them on to the method routines. They - must use higher bits so they don't get confused with the UI bits above. - UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good - example of use is this: - - #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) - +/*- + * The user of these routines may want to define flags of their own. The core + * UI won't look at those, but will pass them on to the method routines. They + * must use higher bits so they don't get confused with the UI bits above. + * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good + * example of use is this: + * + * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) + * */ #define UI_INPUT_FLAG_USER_BASE 16 -/* The following function helps construct a prompt. object_desc is a - textual short description of the object, for example "pass phrase", - and object_name is the name of the object (might be a card name or - a file name. - The returned string shall always be allocated on the heap with - OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). - - If the ui_method doesn't contain a pointer to a user-defined prompt - constructor, a default string is built, looking like this: - - "Enter {object_desc} for {object_name}:" - - So, if object_desc has the value "pass phrase" and object_name has - the value "foo.key", the resulting string is: - - "Enter pass phrase for foo.key:" +/*- + * The following function helps construct a prompt. object_desc is a + * textual short description of the object, for example "pass phrase", + * and object_name is the name of the object (might be a card name or + * a file name. + * The returned string shall always be allocated on the heap with + * OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). + * + * If the ui_method doesn't contain a pointer to a user-defined prompt + * constructor, a default string is built, looking like this: + * + * "Enter {object_desc} for {object_name}:" + * + * So, if object_desc has the value "pass phrase" and object_name has + * the value "foo.key", the resulting string is: + * + * "Enter pass phrase for foo.key:" */ char *UI_construct_prompt(UI *ui_method, const char *object_desc, const char *object_name); diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index c6602dae4f..10adc06d2e 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -469,7 +469,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, /* If we were going to up the reference count, * we would need to do it on a perl 'type' * basis */ - /* CRYPTO_add(&tmp->data.x509->references,1, + /*- CRYPTO_add(&tmp->data.x509->references,1, CRYPTO_LOCK_X509);*/ goto finish; } diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index a691aab7a2..de4ed5090e 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -333,7 +333,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, return 0; } -/* if (ret->data.ptr != NULL) +/*- if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret); */ ret->type=tmp->type; diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 254a14693d..62b7fb54c4 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -84,7 +84,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) { if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err; if (!ASN1_INTEGER_set(xi->version,2)) goto err; -/* xi->extensions=ri->attributes; <- bad, should not ever be done +/*- xi->extensions=ri->attributes; <- bad, should not ever be done ri->attributes=NULL; */ } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 0d5c6b1c31..7a11e099bf 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -529,14 +529,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) int allow_proxy_certs; cb=ctx->verify_cb; - /* must_be_ca can have 1 of 3 values: - -1: we accept both CA and non-CA certificates, to allow direct - use of self-signed certificates (which are marked as CA). - 0: we only accept non-CA certificates. This is currently not - used, but the possibility is present for future extensions. - 1: we only accept CA certificates. This is currently used for - all certificates in the chain except the leaf certificate. - */ + /*- + * must_be_ca can have 1 of 3 values: + * -1: we accept both CA and non-CA certificates, to allow direct + * use of self-signed certificates (which are marked as CA). + * 0: we only accept non-CA certificates. This is currently not + * used, but the possibility is present for future extensions. + * 1: we only accept CA certificates. This is currently used for + * all certificates in the chain except the leaf certificate. + */ must_be_ca = -1; /* CRL path validation */ diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index c6b68ee221..56ff367d12 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -100,7 +100,8 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, return extlist; } -/* Currently two options: +/*- + * Currently two options: * keyid: use the issuers subject keyid, the value 'always' means its is * an error if the issuer certificate doesn't have a key id. * issuer: use the issuers cert issuer and serial number. The default is diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c index 699930db51..753c4e11f2 100644 --- a/demos/bio/saccept.c +++ b/demos/bio/saccept.c @@ -1,7 +1,8 @@ /* NOCW */ /* demos/bio/saccept.c */ -/* A minimal program to serve an SSL connection. +/*- + * A minimal program to serve an SSL connection. * It uses blocking. * saccept host:port * host is the interface IP to use. If any interface, use *:port diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c index 880344eb78..d15c4132e5 100644 --- a/demos/bio/sconnect.c +++ b/demos/bio/sconnect.c @@ -1,7 +1,8 @@ /* NOCW */ /* demos/bio/sconnect.c */ -/* A minimal program to do SSL to a passed host and port. +/*- + * A minimal program to do SSL to a passed host and port. * It is actually using non-blocking IO but in a very simple manner * sconnect host:port - it does a 'GET / HTTP/1.0' * diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c index 952e537712..64090c41ca 100644 --- a/demos/easy_tls/easy-tls.c +++ b/demos/easy_tls/easy-tls.c @@ -1,5 +1,5 @@ /* -*- Mode: C; c-file-style: "bsd" -*- */ -/* +/*- * easy-tls.c -- generic TLS proxy. * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $ */ @@ -62,7 +62,7 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* +/*- * Attribution for OpenSSL library: * * This product includes cryptographic software written by Eric Young @@ -124,7 +124,8 @@ static char const rcsid[] = # include TLS_APP #endif -/* Applications can define: +/*- + * Applications can define: * TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg) * TLS_CUMULATE_ERRORS * TLS_ERROR_BUFSIZ diff --git a/demos/easy_tls/easy-tls.h b/demos/easy_tls/easy-tls.h index 52b298e654..71ed87aeac 100644 --- a/demos/easy_tls/easy-tls.h +++ b/demos/easy_tls/easy-tls.h @@ -1,5 +1,5 @@ /* -*- Mode: C; c-file-style: "bsd" -*- */ -/* +/*- * easy-tls.h -- generic TLS proxy. * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $ */ diff --git a/demos/engines/ibmca/ica_openssl_api.h b/demos/engines/ibmca/ica_openssl_api.h index c77e0fd5c0..b3739f604a 100644 --- a/demos/engines/ibmca/ica_openssl_api.h +++ b/demos/engines/ibmca/ica_openssl_api.h @@ -62,7 +62,7 @@ typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE]; | RSA Key Token format | *------------------------------------------------*/ -/* +/*- * NOTE: All the fields in the ICA_KEY_RSA_MODEXPO structure * (lengths, offsets, exponents, modulus, etc.) are * stored in big-endian format @@ -86,7 +86,7 @@ typedef struct _ICA_KEY_RSA_MODEXPO } ICA_KEY_RSA_MODEXPO; #define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC)) -/* +/*- * NOTE: All the fields in the ICA_KEY_RSA_CRT structure * (lengths, offsets, exponents, modulus, etc.) are * stored in big-endian format diff --git a/demos/engines/zencod/hw_zencod.h b/demos/engines/zencod/hw_zencod.h index 415c9a6be8..eef8ee6fe8 100644 --- a/demos/engines/zencod/hw_zencod.h +++ b/demos/engines/zencod/hw_zencod.h @@ -114,7 +114,8 @@ typedef struct ZEN_data_st /* output : output data buffer */ /* input : input data buffer */ /* algo : hash algorithm, MD5 or SHA1 */ -/* typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; +/*- + * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ; * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ; */ /* For now separate this stuff that mad it easier to test */ diff --git a/demos/spkigen.c b/demos/spkigen.c index 2cd5dfea97..a22b3ef340 100644 --- a/demos/spkigen.c +++ b/demos/spkigen.c @@ -1,5 +1,6 @@ /* NOCW */ -/* demos/spkigen.c +/*- + * demos/spkigen.c * 18-Mar-1997 - eay - A quick hack :-) * version 1.1, it would probably help to save or load the * private key :-) diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c index f6e452ae93..ba9a5681ff 100644 --- a/demos/tunala/cb.c +++ b/demos/tunala/cb.c @@ -5,7 +5,8 @@ /* For callbacks generating output, here are their file-descriptors. */ static FILE *fp_cb_ssl_info = NULL; static FILE *fp_cb_ssl_verify = NULL; -/* Output level: +/*- + * Output level: * 0 = nothing, * 1 = minimal, just errors, * 2 = minimal, all steps, diff --git a/engines/e_cswift.c b/engines/e_cswift.c index 2e64ff3277..18c583d689 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -1065,9 +1065,11 @@ static int cswift_rand_bytes(unsigned char *buf, int num) { largenum.value = buf; largenum.nbytes = sizeof(buf32); - /* tell CryptoSwift how many bytes we want and where we want it. + /*- + * tell CryptoSwift how many bytes we want and where we want it. * Note: - CryptoSwift cannot do more than 4096 bytes at a time. - * - CryptoSwift can only do multiple of 32-bits. */ + * - CryptoSwift can only do multiple of 32-bits. + */ swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); if (swrc != SW_OK) { diff --git a/engines/e_padlock.c b/engines/e_padlock.c index 6fb33b7812..50c536411f 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -293,7 +293,7 @@ struct padlock_cipher_data static volatile struct padlock_cipher_data *padlock_saved_context; #endif -/* +/*- * ======================================================= * Inline assembler section(s). * ======================================================= @@ -854,7 +854,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -/* +/*- * Simplified version of padlock_aes_cipher() used when * 1) both input and output buffers are at aligned addresses. * or when diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 78d7a4a201..9c5a1246b4 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -418,10 +418,12 @@ dtls1_process_record(SSL *s) rr->data=rr->input; enc_err = s->method->ssl3_enc->enc(s,0); - /* enc_err is: + /*- + * enc_err is: * 0: (in non-constant time) if the record is publically invalid. * 1: if the padding is valid - * -1: if the padding is invalid */ + * -1: if the padding is invalid + */ if (enc_err == 0) { /* For DTLS we simply ignore bad packets. */ @@ -1046,9 +1048,11 @@ start: } } - /* s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; + /*- + * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. - * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ + * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) + */ /* If we are a client, check for an incoming 'Hello Request': */ if ((!s->server) && diff --git a/ssl/kssl.c b/ssl/kssl.c index 7ce8111708..f2b34bc876 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1301,7 +1301,8 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, } -/* Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"), +/*- + * Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"), * and krb5 AP_REQ message & message length, * Return Kerberos session key and client principle * to SSL Server in KSSL_CTX *kssl_ctx. diff --git a/ssl/kssl.h b/ssl/kssl.h index c3d5492d44..c61dba7432 100644 --- a/ssl/kssl.h +++ b/ssl/kssl.h @@ -99,7 +99,8 @@ typedef unsigned char krb5_octet; #endif -/* Uncomment this to debug kssl problems or +/*- + * Uncomment this to debug kssl problems or * to trace usage of the Kerberos session key * * #define KSSL_DEBUG diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c index acd61dc546..d05b908f6c 100644 --- a/ssl/s2_pkt.c +++ b/ssl/s2_pkt.c @@ -572,16 +572,20 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) } else if ((bs <= 1) && (!s->s2->escape)) { - /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */ + /*- + * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + */ s->s2->three_byte_header=0; p=0; } else /* we may have to use a 3 byte header */ { - /* If s->s2->escape is not set, then + /*- + * If s->s2->escape is not set, then * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus - * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */ + * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. + */ p=(j%bs); p=(p == 0)?0:(bs-p); if (s->s2->escape) @@ -595,7 +599,8 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len) } } - /* Now + /*- + * Now * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER * holds, and if s->s2->three_byte_header is set, then even * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER. diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index b55d0da6e8..1fbdd2b066 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -487,7 +487,8 @@ void ssl3_cleanup_key_block(SSL *s) s->s3->tmp.key_block_length=0; } -/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. +/*- + * ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. * * Returns: * 0: (in non-constant time) if the record is publically invalid (i.e. too @@ -777,7 +778,8 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) * data we are hashing because that gives an attacker a * timing-oracle. */ - /* npad is, at most, 48 bytes and that's with MD5: + /*- + * npad is, at most, 48 bytes and that's with MD5: * 16 + 48 + 8 (sequence bytes) + 1 + 2 = 75. * * With SHA-1 (the largest hash speced for SSLv3) the hash size @@ -171,7 +171,8 @@ extern "C" { #endif /* SSLeay version number for ASN.1 encoding of the session information */ -/* Version 0 - initial version +/*- + * Version 0 - initial version * Version 1 - added the optional peer certificate */ #define SSL_SESSION_ASN1_VERSION 0x0001 @@ -1625,10 +1626,12 @@ extern "C" { #define SSL_ST_READ_BODY 0xF1 #define SSL_ST_READ_DONE 0xF2 -/* Obtain latest Finished message +/*- + * Obtain latest Finished message * -- that we sent (SSL_get_finished) * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ + * Returns length (0 == no Finished so far), copies up to 'count' bytes. + */ size_t SSL_get_finished(const SSL *s, void *buf, size_t count); size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 590c84c19b..bd85110b8a 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -485,7 +485,7 @@ * SSL_aDSS <- DSA_SIGN */ -/* +/*- #define CERT_INVALID 0 #define CERT_PUBLIC_KEY 1 #define CERT_PRIVATE_KEY 2 |