Additional comment changes for reformat of 1.0.2

Reviewed-by: Tim Hudson <tjh@openssl.org>

diff --git a/MacOS/opensslconf.h b/MacOS/opensslconf.h
index ad557cc06aa4bf0a866d8d54c11954799d9c4cb6..1bc31bf3cca6a6a8c8809fd46059a2a67b611ed0 100644 (file)
--- a/MacOS/opensslconf.h
+++ b/MacOS/opensslconf.h
@@ -23,7 +23,7 @@
 #if !defined(RC4_INT)
 /* using int types make the structure larger but make the code faster
  * on most boxes I have tested - up to %20 faster. */
 #if !defined(RC4_INT)
 /* using int types make the structure larger but make the code faster
  * on most boxes I have tested - up to %20 faster. */

-/*
+/*-

  * I don't know what does "most" mean, but declaring "int" is a must on:
  * - Intel P6 because partial register stalls are very expensive;
  * - elder Alpha because it lacks byte load/store instructions;
  * I don't know what does "most" mean, but declaring "int" is a must on:
  * - Intel P6 because partial register stalls are very expensive;
  * - elder Alpha because it lacks byte load/store instructions;

diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index ce78e76e80641cf190cd22fb986f486b9403da92..4f9383dc9c1dddce4533bee0621c1946cbcb495a 100644 (file)
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -289,7 +289,7 @@ end:
        OPENSSL_EXIT(ret);
        }
 
        OPENSSL_EXIT(ret);
        }
 

-/*
+/*-

  *----------------------------------------------------------------------
  * int add_certs_from_file
  *
  *----------------------------------------------------------------------
  * int add_certs_from_file
  *

diff --git a/apps/gendh.c b/apps/gendh.c
index 8df8c62f8aa3015c231cc685eb336c6655998dce..d7d85f4233aeb63176f81e3ab0262cfb233c12be 100644 (file)
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -121,7 +121,7 @@ int MAIN(int argc, char **argv)
                        }
                else if (strcmp(*argv,"-2") == 0)
                        g=2;
                        }
                else if (strcmp(*argv,"-2") == 0)
                        g=2;

-       /*      else if (strcmp(*argv,"-3") == 0)
+       /*-     else if (strcmp(*argv,"-3") == 0)

                        g=3; */
                else if (strcmp(*argv,"-5") == 0)
                        g=5;
                        g=3; */
                else if (strcmp(*argv,"-5") == 0)
                        g=5;

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 86e59c8dcf5f94fa33c8f74df2c02c73a0c2a4bb..ed372f3e835c521c96468657e6c8a1c9d5d79428 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -205,7 +205,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
        {
        if (cert_file != NULL)
                {
        {
        if (cert_file != NULL)
                {

-               /*
+               /*-

                SSL *ssl;
                X509 *x509;
                */
                SSL *ssl;
                X509 *x509;
                */

diff --git a/apps/s_client.c b/apps/s_client.c
index d27ee3dd35ab2c120f41f51f31be7b3c2df48046..0a5cbb3a178accd031336ff9cdf356b63f16b616 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -446,20 +446,21 @@ static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
        return ret;
        }
 
        return ret;
        }
 

-/* This callback is used here for two purposes:
-   - extended debugging
-   - making some primality tests for unknown groups
-   The callback is only called for a non default group.
-
-   An application does not need the call back at all if
-   only the stanard groups are used.  In real life situations, 
-   client and server already share well known groups, 
-   thus there is no need to verify them. 
-   Furthermore, in case that a server actually proposes a group that
-   is not one of those defined in RFC 5054, it is more appropriate 
-   to add the group to a static list and then compare since 
-   primality tests are rather cpu consuming.
-*/
+/*-
+ * This callback is used here for two purposes:
+ * - extended debugging
+ * - making some primality tests for unknown groups
+ * The callback is only called for a non default group.
+ *
+ * An application does not need the call back at all if
+ * only the stanard groups are used.  In real life situations, 
+ * client and server already share well known groups, 
+ * thus there is no need to verify them. 
+ * Furthermore, in case that a server actually proposes a group that
+ * is not one of those defined in RFC 5054, it is more appropriate 
+ * to add the group to a static list and then compare since 
+ * primality tests are rather cpu consuming.
+ */

 
 static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
        {
 
 static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
        {


@@ -1806,7 +1807,7 @@ SSL_set_tlsext_status_ids(con, ids);
                                        openssl_fdset(SSL_get_fd(con),&writefds);
                        }
 #endif
                                        openssl_fdset(SSL_get_fd(con),&writefds);
                        }
 #endif

-/*                     printf("mode tty(%d %d%d) ssl(%d%d)\n",
+/*-                    printf("mode tty(%d %d%d) ssl(%d%d)\n",

                                tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
 
                        /* Note: under VMS with SOCKETSHR the second parameter
                                tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
 
                        /* Note: under VMS with SOCKETSHR the second parameter

diff --git a/apps/s_time.c b/apps/s_time.c
index 81dad53243a4e0ec5599e1c0cddf16cdfb35638e..eb95ffa64ca200862a1d9cb24e494012cd733351 100644 (file)
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -550,7 +550,7 @@ end:
        OPENSSL_EXIT(ret);
        }
 
        OPENSSL_EXIT(ret);
        }
 

-/***********************************************************************
+/*-

  * doConnection - make a connection
  * Args:
  *             scon    = earlier ssl connection for session id, or NULL
  * doConnection - make a connection
  * Args:
  *             scon    = earlier ssl connection for session id, or NULL

diff --git a/apps/winrand.c b/apps/winrand.c
index 59bede3d70aca97f81a209a8f0bb5223a6f0cdf9..d6a30ee21b202db6010a369247eb4e09d086d5ef 100644 (file)
--- a/apps/winrand.c
+++ b/apps/winrand.c
@@ -53,7 +53,8 @@
  *
  */
 
  *
  */
 

-/* Usage: winrand [filename]
+/*-
+ * Usage: winrand [filename]

  *
  * Collects entropy from mouse movements and other events and writes
  * random data to filename or .rnd
  *
  * Collects entropy from mouse movements and other events and writes
  * random data to filename or .rnd

diff --git a/bugs/alpha.c b/bugs/alpha.c
index 701d6a7c74227c8c6c65cd10f9fee1c63357dd2f..2c90a6d3efd3422739e0370c73ef840bb4941280 100644 (file)
--- a/bugs/alpha.c
+++ b/bugs/alpha.c
@@ -60,7 +60,8 @@
  * something to watch out for.  This was fine on linux/NT/Solaris but not
  * Alpha */
 
  * something to watch out for.  This was fine on linux/NT/Solaris but not
  * Alpha */
 

-/* it is basically an example of
+/*-
+ * it is basically an example of

  * func(*(a++),*(a++))
  * which parameter is evaluated first?  It is not defined in ASN1 C.
  */
  * func(*(a++),*(a++))
  * which parameter is evaluated first?  It is not defined in ASN1 C.
  */

diff --git a/bugs/dggccbug.c b/bugs/dggccbug.c
index 30e07a60ea4a0d526fe96648227463db1d94492c..b0eb41deb432d1fb378fa6d66c30fcff214f7c97 100644 (file)
--- a/bugs/dggccbug.c
+++ b/bugs/dggccbug.c
@@ -14,7 +14,8 @@
  * copies of the valiable, one in a register and one being an address
  * that is passed. */
 
  * copies of the valiable, one in a register and one being an address
  * that is passed. */
 

-/* compare the out put from
+/*-
+ * compare the out put from

  * gcc dggccbug.c; ./a.out
  * and
  * gcc -O dggccbug.c; ./a.out
  * gcc dggccbug.c; ./a.out
  * and
  * gcc -O dggccbug.c; ./a.out

diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c
index 178239d492a2bda2acd6c6ca82206144571d364b..9edda5e94602fdff6658be6fe9916a086507d6dd 100644 (file)
--- a/bugs/sgiccbug.c
+++ b/bugs/sgiccbug.c
@@ -11,7 +11,8 @@
  * Gage <agage@forgetmenot.Mines.EDU>
  */
  
  * Gage <agage@forgetmenot.Mines.EDU>
  */
  

-/* Compare the output from
+/*-
+ * Compare the output from

  * cc sgiccbug.c; ./a.out
  * and
  * cc -O sgiccbug.c; ./a.out
  * cc sgiccbug.c; ./a.out
  * and
  * cc -O sgiccbug.c; ./a.out

diff --git a/bugs/ultrixcc.c b/bugs/ultrixcc.c
index 7ba75b140f1f731f4e87618920cf040f70db643b..ca5b45164bcc9c44021694047ce2bd41e7721918 100644 (file)
--- a/bugs/ultrixcc.c
+++ b/bugs/ultrixcc.c
@@ -1,6 +1,7 @@
 #include <stdio.h>
 
 #include <stdio.h>
 

-/* This is a cc optimiser bug for ultrix 4.3, mips CPU.
+/*-
+ * This is a cc optimiser bug for ultrix 4.3, mips CPU.

  * What happens is that the compiler, due to the (a)&7,
  * does
  * i=a&7;
  * What happens is that the compiler, due to the (a)&7,
  * does
  * i=a&7;

diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 297c45a9ff12ebb54df717bd7c1f8487579daad4..b2eb875a123c8d80961fd68ff83e90ca46d7c73a 100644 (file)
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -86,7 +86,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
        }
        
 
        }
        
 

-/* 
+/*- 

  * This converts an ASN1 INTEGER into its content encoding.
  * The internal representation is an ASN1_STRING whose data is a big endian
  * representation of the value, ignoring the sign. The sign is determined by
  * This converts an ASN1 INTEGER into its content encoding.
  * The internal representation is an ASN1_STRING whose data is a big endian
  * representation of the value, ignoring the sign. The sign is determined by

diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 2afd5a41368d6274eb99874569e062272aa53c8a..29d41e6b4684b3dd95cac90fcd0e87b3a4a3f719 100644 (file)
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -86,7 +86,8 @@ unsigned long ASN1_STRING_get_default_mask(void)
        return global_mask;
 }
 
        return global_mask;
 }
 

-/* This function sets the default to various "flavours" of configuration.
+/*-
+ * This function sets the default to various "flavours" of configuration.

  * based on an ASCII string. Currently this is:
  * MASK:XXXX : a numerical mask value.
  * nobmp : Don't use BMPStrings (just Printable, T61).
  * based on an ASCII string. Currently this is:
  * MASK:XXXX : a numerical mask value.
  * nobmp : Don't use BMPStrings (just Printable, T61).

diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h
index 87bd0e9e1d81358b0631615269882ee4c88bb1a3..1c6ba1c80f16e5260761804f13392d4d2023f318 100644 (file)
--- a/crypto/asn1/asn1_mac.h
+++ b/crypto/asn1/asn1_mac.h
@@ -361,7 +361,7 @@ err:\
        if (((arg)=func()) == NULL) return(NULL)
 
 #define M_ASN1_New_Error(a) \
        if (((arg)=func()) == NULL) return(NULL)
 
 #define M_ASN1_New_Error(a) \

-/*     err:    ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
+/*-    err:    ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \

                return(NULL);*/ \
        err2:   ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
                return(NULL)
                return(NULL);*/ \
        err2:   ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
                return(NULL)

diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h
index 47502a6a5e9b99911cbc49c2c57ffa022fd07a29..293a538e646d55622407fb9e620ddff3816cd7c7 100644 (file)
--- a/crypto/asn1/asn1t.h
+++ b/crypto/asn1/asn1t.h
@@ -579,7 +579,8 @@ const char *sname;          /* Structure name */
 #endif
 };
 
 #endif
 };
 

-/* These are values for the itype field and
+/*-
+ * These are values for the itype field and

  * determine how the type is interpreted.
  *
  * For PRIMITIVE types the underlying type
  * determine how the type is interpreted.
  *
  * For PRIMITIVE types the underlying type

diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 13d003bce3cd5e77ce6445d03d05dca148078ea3..04893a15cea3d833ffbde54fc86fc60c75fc502e 100644 (file)
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -915,7 +915,8 @@ static void mime_param_free(MIME_PARAM *param)
        OPENSSL_free(param);
 }
 
        OPENSSL_free(param);
 }
 

-/* Check for a multipart boundary. Returns:
+/*-
+ * Check for a multipart boundary. Returns:

  * 0 : no boundary
  * 1 : part boundary
  * 2 : final boundary
  * 0 : no boundary
  * 1 : part boundary
  * 2 : final boundary

diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c
index 1ea6a5924838bcfd702153472a916d7941338eb7..87b5579c8c4e842e731fce4fd8fabfb5d411bc49 100644 (file)
--- a/crypto/asn1/asn_moid.c
+++ b/crypto/asn1/asn_moid.c
@@ -102,7 +102,8 @@ void ASN1_add_oid_module(void)
        CONF_module_add("oid_section", oid_module_init, oid_module_finish);
        }
 
        CONF_module_add("oid_section", oid_module_init, oid_module_finish);
        }
 

-/* Create an OID based on a name value pair. Accept two formats.
+/*-
+ * Create an OID based on a name value pair. Accept two formats.

  * shortname = 1.2.3.4
  * shortname = some long name, 1.2.3.4
  */
  * shortname = 1.2.3.4
  * shortname = some long name, 1.2.3.4
  */

diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index b954fe7ebc8d41d64e278a09b15ca7f39fdd034c..d84c992f6eb80cd09ac43e24ab46b6fd346fc832 100644 (file)
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
  * [including the GNU Public Licence.]
  */
 

-/*
+/*-

  * 03-Dec-1997 rdenny@dc3.com  Fix bug preventing use of stdin/stdout
  *             with binary data (e.g. asn1parse -inform DER < xxx) under
  *             Windows
  * 03-Dec-1997 rdenny@dc3.com  Fix bug preventing use of stdin/stdout
  *             with binary data (e.g. asn1parse -inform DER < xxx) under
  *             Windows

diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 5a00c874dc3c0d67162cc041a059c99890ae0782..fc89691f54610389b891f2df2b74871de38d5138 100644 (file)
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -636,7 +636,8 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 int    BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
        BN_CTX *ctx); /* r^2 + r = a mod p */
 #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
 int    BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
        BN_CTX *ctx); /* r^2 + r = a mod p */
 #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))

-/* Some functions allow for representation of the irreducible polynomials
+/*-
+ * Some functions allow for representation of the irreducible polynomials

  * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
  *     t^p[0] + t^p[1] + ... + t^p[k]
  * where m = p[0] > p[1] > ... > p[k] = 0.
  * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
  *     t^p[0] + t^p[1] + ... + t^p[k]
  * where m = p[0] > p[1] > ... > p[k] = 0.

diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c
index eb60a25b3c7309e1b7bebf47158a84a0182a8552..b23bf2b631f59371d66b46e14dbf05e256fa6fae 100755 (executable)
--- a/crypto/bn/bn_const.c
+++ b/crypto/bn/bn_const.c
@@ -3,7 +3,8 @@
 
 #include "bn.h"
 
 
 #include "bn.h"
 

-/* "First Oakley Default Group" from RFC2409, section 6.1.
+/*-
+ * "First Oakley Default Group" from RFC2409, section 6.1.

  *
  * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
  *
  *
  * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
  *


@@ -26,7 +27,8 @@ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
        return BN_bin2bn(RFC2409_PRIME_768,sizeof(RFC2409_PRIME_768),bn);
        }
 
        return BN_bin2bn(RFC2409_PRIME_768,sizeof(RFC2409_PRIME_768),bn);
        }
 

-/* "Second Oakley Default Group" from RFC2409, section 6.2.
+/*-
+ * "Second Oakley Default Group" from RFC2409, section 6.2.

  *
  * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
  *
  *
  * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
  *


@@ -52,7 +54,8 @@ BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
        return BN_bin2bn(RFC2409_PRIME_1024,sizeof(RFC2409_PRIME_1024),bn);
        }
 
        return BN_bin2bn(RFC2409_PRIME_1024,sizeof(RFC2409_PRIME_1024),bn);
        }
 

-/* "1536-bit MODP Group" from RFC3526, Section 2.
+/*-
+ * "1536-bit MODP Group" from RFC3526, Section 2.

  *
  * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
  *
  *
  * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
  *


@@ -83,7 +86,8 @@ BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
        return BN_bin2bn(RFC3526_PRIME_1536,sizeof(RFC3526_PRIME_1536),bn);
        }
 
        return BN_bin2bn(RFC3526_PRIME_1536,sizeof(RFC3526_PRIME_1536),bn);
        }
 

-/* "2048-bit MODP Group" from RFC3526, Section 3.
+/*-
+ * "2048-bit MODP Group" from RFC3526, Section 3.

  *
  * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
  *
  *
  * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
  *


@@ -119,7 +123,8 @@ BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
        return BN_bin2bn(RFC3526_PRIME_2048,sizeof(RFC3526_PRIME_2048),bn);
        }
 
        return BN_bin2bn(RFC3526_PRIME_2048,sizeof(RFC3526_PRIME_2048),bn);
        }
 

-/* "3072-bit MODP Group" from RFC3526, Section 4.
+/*-
+ * "3072-bit MODP Group" from RFC3526, Section 4.

  *
  * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
  *
  *
  * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
  *


@@ -165,7 +170,8 @@ BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
        return BN_bin2bn(RFC3526_PRIME_3072,sizeof(RFC3526_PRIME_3072),bn);
        }
 
        return BN_bin2bn(RFC3526_PRIME_3072,sizeof(RFC3526_PRIME_3072),bn);
        }
 

-/* "4096-bit MODP Group" from RFC3526, Section 5.
+/*-
+ * "4096-bit MODP Group" from RFC3526, Section 5.

  *
  * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
  *
  *
  * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
  *


@@ -222,7 +228,8 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
        return BN_bin2bn(RFC3526_PRIME_4096,sizeof(RFC3526_PRIME_4096),bn);
        }
 
        return BN_bin2bn(RFC3526_PRIME_4096,sizeof(RFC3526_PRIME_4096),bn);
        }
 

-/* "6144-bit MODP Group" from RFC3526, Section 6.
+/*-
+ * "6144-bit MODP Group" from RFC3526, Section 6.

  *
  * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
  *
  *
  * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
  *


@@ -300,7 +307,8 @@ BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
        return BN_bin2bn(RFC3526_PRIME_6144,sizeof(RFC3526_PRIME_6144),bn);
        }
 
        return BN_bin2bn(RFC3526_PRIME_6144,sizeof(RFC3526_PRIME_6144),bn);
        }
 

-/* "8192-bit MODP Group" from RFC3526, Section 7.
+/*-
+ * "8192-bit MODP Group" from RFC3526, Section 7.

  *
  * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
  *
  *
  * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
  *

diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 3c59981163b267259c1df6ef0604c721be8108b9..94c6ec0444a0354e263254f931ed492a689d1585 100644 (file)
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -131,7 +131,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
     && !defined(PEDANTIC) && !defined(BN_DIV3W)
 # if defined(__GNUC__) && __GNUC__>=2
 #  if defined(__i386) || defined (__i386__)
     && !defined(PEDANTIC) && !defined(BN_DIV3W)
 # if defined(__GNUC__) && __GNUC__>=2
 #  if defined(__i386) || defined (__i386__)

-   /*
+   /*-

     * There were two reasons for implementing this template:
     * - GNU C generates a call to a function (__udivdi3 to be exact)
     *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
     * There were two reasons for implementing this template:
     * - GNU C generates a call to a function (__udivdi3 to be exact)
     *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to

diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index 8a4dc20ad980d9b3bf9849bef739e0cedc3fcb7c..bc0a29282a7276de23989afaf46190e2b6ca9b0a 100644 (file)
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -256,7 +256,8 @@ int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
        }
 
 
        }
 
 

-/* Some functions allow for representation of the irreducible polynomials
+/*-
+ * Some functions allow for representation of the irreducible polynomials

  * as an int[], say p.  The irreducible f(t) is then of the form:
  *     t^p[0] + t^p[1] + ... + t^p[k]
  * where m = p[0] > p[1] > ... > p[k] = 0.
  * as an int[], say p.  The irreducible f(t) is then of the form:
  *     t^p[0] + t^p[1] + ... + t^p[k]
  * where m = p[0] > p[1] > ... > p[k] = 0.

diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c
index 740359b7520de3609e825801d96a5f41df81ea98..6c0cd08210d39259994c09a78a9ec1006ba49b22 100644 (file)
--- a/crypto/bn/bn_kron.c
+++ b/crypto/bn/bn_kron.c
@@ -66,7 +66,8 @@ int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
        int ret = -2; /* avoid 'uninitialized' warning */
        int err = 0;
        BIGNUM *A, *B, *tmp;
        int ret = -2; /* avoid 'uninitialized' warning */
        int err = 0;
        BIGNUM *A, *B, *tmp;

-       /* In 'tab', only odd-indexed entries are relevant:
+       /*-
+        * In 'tab', only odd-indexed entries are relevant:

         * For any odd BIGNUM n,
         *     tab[BN_lsw(n) & 7]
         * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
         * For any odd BIGNUM n,
         *     tab[BN_lsw(n) & 7]
         * is $(-1)^{(n^2-1)/8}$ (using TeX notation).

diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index 1743b6a7e212f19bcc94f0816c71493b1270961f..739564da5f9e56993b0d1090aeae4d6676781f7a 100644 (file)
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -108,7 +108,8 @@ char *BN_bn2dec(const BIGNUM *a)
        BIGNUM *t=NULL;
        BN_ULONG *bn_data=NULL,*lp;
 
        BIGNUM *t=NULL;
        BN_ULONG *bn_data=NULL,*lp;
 

-       /* get an upper bound for the length of the decimal integer
+       /*-
+        * get an upper bound for the length of the decimal integer

         * num <= (BN_num_bits(a) + 1) * log(2)
         *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
         *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 
         * num <= (BN_num_bits(a) + 1) * log(2)
         *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
         *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1 

diff --git a/crypto/cast/casttest.c b/crypto/cast/casttest.c
index 0d020d697596c18c758247e60de2dfe1673b49e4..c94c26f33f57dd51771db8d379aa8767047925fa 100644 (file)
--- a/crypto/cast/casttest.c
+++ b/crypto/cast/casttest.c
@@ -125,7 +125,7 @@ static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
        0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
        0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
 
        0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
        0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
 

-/*     0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+/*-    0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,

        0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
        0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
        }; 
        0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
        0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
        }; 

diff --git a/crypto/crypto.h b/crypto/crypto.h
index 655993e8d72c0e63de3149e0af0d2169b69fd938..d0e168949a94403cf7c95c67178b759a67cf4ef6 100644 (file)
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -511,7 +511,8 @@ int CRYPTO_remove_all_info(void);
 
 /* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
  * used as default in CRYPTO_MDEBUG compilations): */
 
 /* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
  * used as default in CRYPTO_MDEBUG compilations): */

-/* The last argument has the following significance:
+/*-
+ * The last argument has the following significance:

  *
  * 0:  called before the actual memory allocation has taken place
  * 1:  called after the actual memory allocation has taken place
  *
  * 0:  called before the actual memory allocation has taken place
  * 1:  called after the actual memory allocation has taken place

diff --git a/crypto/des/des.c b/crypto/des/des.c
index 343135ff9ec505e2c0865706997a44bb249b17c7..3713e35b096a2098c365e9ce4fe79debe01748af 100644 (file)
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -233,7 +233,8 @@ int main(int argc, char **argv)
                        }
                }
        if (error) usage();
                        }
                }
        if (error) usage();

-       /* We either
+       /*-
+        * We either

         * do checksum or
         * do encrypt or
         * do decrypt or
         * do checksum or
         * do encrypt or
         * do decrypt or

diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
index e6c4769126449b06efe7197ff4a74dc38ed66827..74bf51b72e290f53560c801f8cb09d6537fa054c 100644 (file)
--- a/crypto/des/enc_read.c
+++ b/crypto/des/enc_read.c
@@ -205,7 +205,8 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
                }
        else
                {
                }
        else
                {

-               /* >output is a multiple of 8 byes, if len < rnum
+               /*-
+                * >output is a multiple of 8 byes, if len < rnum

                 * >we must be careful.  The user must be aware that this
                 * >routine will write more bytes than he asked for.
                 * >The length of the buffer must be correct.
                 * >we must be careful.  The user must be aware that this
                 * >routine will write more bytes than he asked for.
                 * >The length of the buffer must be correct.

diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
index 26bbf9a6a73343622c1407a65a4e8d09e25e3dd1..a9cdfd63f3e4841610555e335b962284346a0eba 100644 (file)
--- a/crypto/des/ofb64ede.c
+++ b/crypto/des/ofb64ede.c
@@ -105,7 +105,7 @@ void DES_ede3_ofb64_encrypt(register const unsigned char *in,
                }
        if (save)
                {
                }
        if (save)
                {

-/*             v0=ti[0];
+/*-            v0=ti[0];

                v1=ti[1];*/
                iv = &(*ivec)[0];
                l2c(v0,iv);
                v1=ti[1];*/
                iv = &(*ivec)[0];
                l2c(v0,iv);

diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 3321396be3d1f784b9e40883498b636cc6ccb160..b621c9a6deb75af3d158d5739d6cf3dde15768b0 100644 (file)
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -56,7 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
  * [including the GNU Public Licence.]
  */
 

-/* set_key.c v 1.4 eay 24/9/91
+/*-
+ * set_key.c v 1.4 eay 24/9/91

  * 1.4 Speed up by 400% :-)
  * 1.3 added register declarations.
  * 1.2 unrolled make_key_sched a bit more
  * 1.4 Speed up by 400% :-)
  * 1.3 added register declarations.
  * 1.2 unrolled make_key_sched a bit more

diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
index faa9d76b42701b5ef0765287957e6dea527171cc..fb6f90a78c94a3defd3b8eb44c2d11f29938028a 100644 (file)
--- a/crypto/dso/dso_dlfcn.c
+++ b/crypto/dso/dso_dlfcn.c
@@ -401,7 +401,7 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
        }
 
 #ifdef __sgi
        }
 
 #ifdef __sgi

-/*
+/*-

 This is a quote from IRIX manual for dladdr(3c):
 
      <dlfcn.h> does not contain a prototype for dladdr or definition of
 This is a quote from IRIX manual for dladdr(3c):
 
      <dlfcn.h> does not contain a prototype for dladdr or definition of

diff --git a/crypto/ebcdic.c b/crypto/ebcdic.c
index 43e53bcaf7d97bb11e203ec735e7e6a4fafbffc7..8df70ee824091866f958c70440458013fb705097 100644 (file)
--- a/crypto/ebcdic.c
+++ b/crypto/ebcdic.c
@@ -10,7 +10,8 @@ static void *dummy=&dummy;
 #else /*CHARSET_EBCDIC*/
 
 #include "ebcdic.h"
 #else /*CHARSET_EBCDIC*/
 
 #include "ebcdic.h"

-/*      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>
+/*-
+ *      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>

  *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
  */
 
  *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
  */
 

diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
index 350b59be91104c7ee36cc3324e14bebd5c57c8cb..0de9e73bae72b073030bcdffffcb6feceb4b9ca9 100644 (file)
--- a/crypto/ec/ec2_smpl.c
+++ b/crypto/ec/ec2_smpl.c
@@ -544,7 +544,8 @@ int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
        }
 
 
        }
 
 

-/* Determines whether the given EC_POINT is an actual point on the curve defined
+/*-
+ * Determines whether the given EC_POINT is an actual point on the curve defined

  * in the EC_GROUP.  A point is valid if it satisfies the Weierstrass equation:
  *      y^2 + x*y = x^3 + a*x^2 + b.
  */
  * in the EC_GROUP.  A point is valid if it satisfies the Weierstrass equation:
  *      y^2 + x*y = x^3 + a*x^2 + b.
  */

diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 4e805014a72120b771c9721e2d858d36a13275ff..518525d85ac95339d9a64772538f974039e3098a 100644 (file)
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -182,7 +182,8 @@ static void ec_pre_comp_clear_free(void *pre_)
 
 
 
 
 
 

-/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+/*-
+ * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.

  * This is an array  r[]  of values that are either zero or odd with an
  * absolute value less than  2^w  satisfying
  *     scalar = \sum_j r[j]*2^j
  * This is an array  r[]  of values that are either zero or odd with an
  * absolute value less than  2^w  satisfying
  *     scalar = \sum_j r[j]*2^j


@@ -337,7 +338,8 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
                  (b) >=   20 ? 2 : \
                  1))
 
                  (b) >=   20 ? 2 : \
                  1))
 

-/* Compute
+/*-
+ * Compute

  *      \sum scalars[i]*points[i],
  * also including
  *      scalar*generator
  *      \sum scalars[i]*points[i],
  * also including
  *      scalar*generator

diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index 613c5abc38bfbd88d1cccd726d642a7c18e2d5c2..eec9f4220b3682b4c0f78a07048b4e69a9dd9b58 100644 (file)
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -624,8 +624,10 @@ static void felem_reduce(felem out, const largefelem in)
 
        out[1] += ((limb) in[0]) >> 58;
        out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
 
        out[1] += ((limb) in[0]) >> 58;
        out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;

-       /* out[1] < 2^58 + 2^6 + 2^58
-        *        = 2^59 + 2^6 */
+       /*-
+        * out[1] < 2^58 + 2^6 + 2^58
+        *        = 2^59 + 2^6
+        */

        out[2] += ((limb) (in[0] >> 64)) >> 52;
 
        out[2] += ((limb) in[1]) >> 58;
        out[2] += ((limb) (in[0] >> 64)) >> 52;
 
        out[2] += ((limb) in[1]) >> 58;


@@ -654,8 +656,10 @@ static void felem_reduce(felem out, const largefelem in)
 
        out[8] += ((limb) in[7]) >> 58;
        out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
 
        out[8] += ((limb) in[7]) >> 58;
        out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;

-       /* out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
-        *            < 2^59 + 2^13 */
+       /*-
+        * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
+        *            < 2^59 + 2^13
+        */

        overflow1 = ((limb) (in[7] >> 64)) >> 52;
 
        overflow1 += ((limb) in[8]) >> 58;
        overflow1 = ((limb) (in[7] >> 64)) >> 52;
 
        overflow1 += ((limb) in[8]) >> 58;


@@ -669,9 +673,11 @@ static void felem_reduce(felem out, const largefelem in)
        out[1] += overflow2;  /* out[1] < 2^59 + 2^6 + 2^13 */
 
        out[1] += out[0] >> 58; out[0] &= bottom58bits;
        out[1] += overflow2;  /* out[1] < 2^59 + 2^6 + 2^13 */
 
        out[1] += out[0] >> 58; out[0] &= bottom58bits;

-       /* out[0] < 2^58
+       /*-
+        * out[0] < 2^58

         * out[1] < 2^59 + 2^6 + 2^13 + 2^2
         * out[1] < 2^59 + 2^6 + 2^13 + 2^2

-        *        < 2^59 + 2^14 */
+        *        < 2^59 + 2^14
+        */

        }
 
 static void felem_square_reduce(felem out, const felem in)
        }
 
 static void felem_square_reduce(felem out, const felem in)


@@ -1216,9 +1222,11 @@ static void point_add(felem x3, felem y3, felem z3,
        felem_scalar128(tmp2, 2);
        /* tmp2[i] < 17*2^121 */
        felem_diff128(tmp, tmp2);
        felem_scalar128(tmp2, 2);
        /* tmp2[i] < 17*2^121 */
        felem_diff128(tmp, tmp2);

-       /* tmp[i] < 2^127 - 2^69 + 17*2^122
+       /*-
+        * tmp[i] < 2^127 - 2^69 + 17*2^122

         *        = 2^126 - 2^122 - 2^6 - 2^2 - 1
         *        = 2^126 - 2^122 - 2^6 - 2^2 - 1

-        *        < 2^127 */
+        *        < 2^127
+        */

        felem_reduce(y_out, tmp);
 
        copy_conditional(x_out, x2, z1_is_zero);
        felem_reduce(y_out, tmp);
 
        copy_conditional(x_out, x2, z1_is_zero);

diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c
index 374a0ee731ae0ccd7a7e7d22bd5535f889809445..c23983d7f74d10202b4de6fe4315b4d1ea18f3ed 100644 (file)
--- a/crypto/ec/ecp_oct.c
+++ b/crypto/ec/ecp_oct.c
@@ -93,7 +93,8 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po
        y = BN_CTX_get(ctx);
        if (y == NULL) goto err;
 
        y = BN_CTX_get(ctx);
        if (y == NULL) goto err;
 

-       /* Recover y.  We have a Weierstrass equation
+       /*-
+        * Recover y.  We have a Weierstrass equation

         *     y^2 = x^3 + a*x + b,
         * so  y  is one of the square roots of  x^3 + a*x + b.
         */
         *     y^2 = x^3 + a*x + b,
         * so  y  is one of the square roots of  x^3 + a*x + b.
         */

diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 4741bf9af302c8b9568071ea1e5d33d3f29342dd..c9fe1cf1dbfe2f17b7634a22d5370c91d831fbc1 100644 (file)
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -864,8 +864,10 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
                if (!field_mul(group, n1, n0, n2, ctx)) goto err;
                if (!BN_mod_lshift1_quick(n0, n1, p)) goto err;
                if (!BN_mod_add_quick(n1, n0, n1, p)) goto err;
                if (!field_mul(group, n1, n0, n2, ctx)) goto err;
                if (!BN_mod_lshift1_quick(n0, n1, p)) goto err;
                if (!BN_mod_add_quick(n1, n0, n1, p)) goto err;

-               /* n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
-                *    = 3 * X_a^2 - 3 * Z_a^4 */
+               /*-
+                * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
+                *    = 3 * X_a^2 - 3 * Z_a^4
+                */

                }
        else
                {
                }
        else
                {


@@ -1035,7 +1037,8 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
 
 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
        {
 
 int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
        {

-       /* return values:
+       /*-
+        * return values:

         *  -1   error
         *   0   equal (in affine coordinates)
         *   1   not equal
         *  -1   error
         *   0   equal (in affine coordinates)
         *   1   not equal

diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
index 81a5cb51204dfc1b50ef552d447e1cde4bcf8e9c..c8bbe40a65aaea7e073a81f9bf70c1fac8df13fd 100644 (file)
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@@ -191,7 +191,7 @@ static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x,
     BIGNUM *h = BN_new();
     BIGNUM *t = BN_new();
 
     BIGNUM *h = BN_new();
     BIGNUM *t = BN_new();
 

-   /*
+   /*-

     * r in [0,q)
     * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform
     */
     * r in [0,q)
     * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform
     */

diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index a60914a9104addf4f4186087f232c14bea9ec189..e5aab0ce8b14b800340aec172e10b000dfd5d28a 100644 (file)
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -450,7 +450,7 @@ unsigned long lh_strhash(const char *c)
 
        if ((c == NULL) || (*c == '\0'))
                return(ret);
 
        if ((c == NULL) || (*c == '\0'))
                return(ret);

-/*
+/*-

        unsigned char b[16];
        MD5(c,strlen(c),b);
        return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); 
        unsigned char b[16];
        MD5(c,strlen(c),b);
        return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); 

diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h
index 99c3e5004c97eaca7a047644a35e58b14bb82045..dd19f389391b95c3ef3cb16552f6ff086cdaed6b 100644 (file)
--- a/crypto/md4/md4_locl.h
+++ b/crypto/md4/md4_locl.h
@@ -86,7 +86,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
 
 #include "md32_common.h"
 
 
 #include "md32_common.h"
 

-/*
+/*-

 #define        F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
 #define        G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
 */
 #define        F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
 #define        G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
 */

diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index ac793397f10f5289fe0d1a5ac1cc8ad3e33f4b28..ddb95fb549e306829a42d0ced6be049ba36209d5 100644 (file)
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -142,7 +142,8 @@ static LHASH_OF(MEM) *mh=NULL; /* hash-table of memory requests
 
 
 typedef struct app_mem_info_st
 
 
 typedef struct app_mem_info_st

-/* For application-defined information (static C-string `info')
+/*-
+ * For application-defined information (static C-string `info')

  * to be displayed in memory leak list.
  * Each thread has its own stack.  For applications, there is
  *   CRYPTO_push_info("...")     to push an entry,
  * to be displayed in memory leak list.
  * Each thread has its own stack.  For applications, there is
  *   CRYPTO_push_info("...")     to push an entry,

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 14ba69d4c694b6eb37ca12f69112202f6bde65fb..5d28d63e795d730d9fb84b22323cf66a46aa3ad4 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -108,8 +108,10 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) =
 
 int RAND_load_file(const char *file, long bytes)
        {
 
 int RAND_load_file(const char *file, long bytes)
        {

-       /* If bytes >= 0, read up to 'bytes' bytes.
-        * if bytes == -1, read complete file. */
+       /*-
+        * If bytes >= 0, read up to 'bytes' bytes.
+        * if bytes == -1, read complete file.
+        */

 
        MS_STATIC unsigned char buf[BUFSIZE];
 #ifndef OPENSSL_NO_POSIX_IO
 
        MS_STATIC unsigned char buf[BUFSIZE];
 #ifndef OPENSSL_NO_POSIX_IO

diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
index ee0fe8d7f5bc7d4b208ec05d12caf440d66e9c44..dff4fc30eaba332e9637a123d420b549b2c2e4d8 100644 (file)
--- a/crypto/rc4/rc4_enc.c
+++ b/crypto/rc4/rc4_enc.c
@@ -59,7 +59,8 @@
 #include <openssl/rc4.h>
 #include "rc4_locl.h"
 
 #include <openssl/rc4.h>
 #include "rc4_locl.h"
 

-/* RC4 as implemented from a posting from
+/*-
+ * RC4 as implemented from a posting from

  * Newsgroups: sci.crypt
  * From: sterndark@netcom.com (David Sterndark)
  * Subject: RC4 Algorithm revealed.
  * Newsgroups: sci.crypt
  * From: sterndark@netcom.com (David Sterndark)
  * Subject: RC4 Algorithm revealed.

diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c
index fda27636e7b3477e75cf543658cd2a4105c3cf1d..a9908556f6963c62818a3b1b81881bd0ac09df4c 100644 (file)
--- a/crypto/rc4/rc4_skey.c
+++ b/crypto/rc4/rc4_skey.c
@@ -77,7 +77,8 @@ const char *RC4_options(void)
 #endif
        }
 
 #endif
        }
 

-/* RC4 as implemented from a posting from
+/*-
+ * RC4 as implemented from a posting from

  * Newsgroups: sci.crypt
  * From: sterndark@netcom.com (David Sterndark)
  * Subject: RC4 Algorithm revealed.
  * Newsgroups: sci.crypt
  * From: sterndark@netcom.com (David Sterndark)
  * Subject: RC4 Algorithm revealed.

diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
index 59cb3f34a4235696075fbccdbf1399631fb5e03a..7c9781d909c9d2ab4db291174a33c17ef5b73b44 100644 (file)
--- a/crypto/threads/mttest.c
+++ b/crypto/threads/mttest.c
@@ -350,7 +350,7 @@ end:
                        fprintf(stderr,"-----\n");
                        lh_stats(SSL_CTX_sessions(s_ctx),stderr);
                        fprintf(stderr,"-----\n");
                        fprintf(stderr,"-----\n");
                        lh_stats(SSL_CTX_sessions(s_ctx),stderr);
                        fprintf(stderr,"-----\n");

-               /*      lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+               /*-     lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);

                        fprintf(stderr,"-----\n"); */
                        lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
                        fprintf(stderr,"-----\n");
                        fprintf(stderr,"-----\n"); */
                        lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
                        fprintf(stderr,"-----\n");


@@ -390,7 +390,7 @@ int ndoit(SSL_CTX *ssl_ctx[2])
        fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
        for (i=0; i<number_of_loops; i++)
                {
        fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
        for (i=0; i<number_of_loops; i++)
                {

-/*             fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+/*-            fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",

                        CRYPTO_thread_id(),i,
                        ssl_ctx[0]->references,
                        ssl_ctx[1]->references); */
                        CRYPTO_thread_id(),i,
                        ssl_ctx[0]->references,
                        ssl_ctx[1]->references); */

diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index cee1398a851021b6fecad6c5be5a1aff84275ba4..70b1a91c079b96beda018c59ddd91240722a1b81 100644 (file)
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -125,7 +125,7 @@ static struct
 
 /* Functions for verifying a signed TS_TST_INFO structure. */
 
 
 /* Functions for verifying a signed TS_TST_INFO structure. */
 

-/*
+/*-

  * This function carries out the following tasks:
  *     - Checks if there is one and only one signer.
  *     - Search for the signing certificate in 'certs' and in the response.
  * This function carries out the following tasks:
  *     - Checks if there is one and only one signer.
  *     - Search for the signing certificate in 'certs' and in the response.


@@ -353,7 +353,7 @@ static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
        return 0;
        }
 
        return 0;
        }
 

-/*
+/*-

  * Verifies whether 'response' contains a valid response with regards 
  * to the settings of the context:
  *     - Gives an error message if the TS_TST_INFO is not present.
  * Verifies whether 'response' contains a valid response with regards 
  * to the settings of the context:
  *     - Gives an error message if the TS_TST_INFO is not present.

diff --git a/crypto/ui/ui.h b/crypto/ui/ui.h
index 2d011862630377031ebc50a1f6c8880583c50121..dde8ecfe2e753617e8072fd75b2b2bf6a5510adb 100644 (file)
--- a/crypto/ui/ui.h
+++ b/crypto/ui/ui.h
@@ -157,34 +157,36 @@ int UI_dup_error_string(UI *ui, const char *text);
    might get confused. */
 #define UI_INPUT_FLAG_DEFAULT_PWD      0x02
 
    might get confused. */
 #define UI_INPUT_FLAG_DEFAULT_PWD      0x02
 

-/* The user of these routines may want to define flags of their own.  The core
-   UI won't look at those, but will pass them on to the method routines.  They
-   must use higher bits so they don't get confused with the UI bits above.
-   UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
-   example of use is this:
-
-       #define MY_UI_FLAG1     (0x01 << UI_INPUT_FLAG_USER_BASE)
-
+/*-
+ * The user of these routines may want to define flags of their own.  The core
+ * UI won't look at those, but will pass them on to the method routines.  They
+ * must use higher bits so they don't get confused with the UI bits above.
+ * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
+ * example of use is this:
+ *
+ *    #define MY_UI_FLAG1      (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *

 */
 #define UI_INPUT_FLAG_USER_BASE        16
 
 
 */
 #define UI_INPUT_FLAG_USER_BASE        16
 
 

-/* The following function helps construct a prompt.  object_desc is a
-   textual short description of the object, for example "pass phrase",
-   and object_name is the name of the object (might be a card name or
-   a file name.
-   The returned string shall always be allocated on the heap with
-   OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
-
-   If the ui_method doesn't contain a pointer to a user-defined prompt
-   constructor, a default string is built, looking like this:
-
-       "Enter {object_desc} for {object_name}:"
-
-   So, if object_desc has the value "pass phrase" and object_name has
-   the value "foo.key", the resulting string is:
-
-       "Enter pass phrase for foo.key:"
+/*-
+ * The following function helps construct a prompt.  object_desc is a
+ * textual short description of the object, for example "pass phrase",
+ * and object_name is the name of the object (might be a card name or
+ * a file name.
+ * The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ *
+ * If the ui_method doesn't contain a pointer to a user-defined prompt
+ * constructor, a default string is built, looking like this:
+ *
+ *       "Enter {object_desc} for {object_name}:"
+ *
+ * So, if object_desc has the value "pass phrase" and object_name has
+ * the value "foo.key", the resulting string is:
+ *
+ *       "Enter pass phrase for foo.key:"

 */
 char *UI_construct_prompt(UI *ui_method,
        const char *object_desc, const char *object_name);
 */
 char *UI_construct_prompt(UI *ui_method,
        const char *object_desc, const char *object_name);

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index c6602dae4f58b88416a6d2cdbcbb4ab7d0868eaf..10adc06d2ee0371f260fcd9fbcd1ae77f729b9d5 100644 (file)
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -469,7 +469,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
                        /* If we were going to up the reference count,
                         * we would need to do it on a perl 'type'
                         * basis */
                        /* If we were going to up the reference count,
                         * we would need to do it on a perl 'type'
                         * basis */

-       /*              CRYPTO_add(&tmp->data.x509->references,1,
+       /*-             CRYPTO_add(&tmp->data.x509->references,1,

                                CRYPTO_LOCK_X509);*/
                        goto finish;
                        }
                                CRYPTO_LOCK_X509);*/
                        goto finish;
                        }

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index a691aab7a226a503cc3eee112c96ae2861cec086..de4ed5090e1240179f5fa5198f3b165cb2a58dfb 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -333,7 +333,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
                        return 0;
                }
 
                        return 0;
                }
 

-/*     if (ret->data.ptr != NULL)
+/*-    if (ret->data.ptr != NULL)

                X509_OBJECT_free_contents(ret); */
 
        ret->type=tmp->type;
                X509_OBJECT_free_contents(ret); */
 
        ret->type=tmp->type;

diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index 254a14693d99f0e1f343a8e97568a17c6c96aa5b..62b7fb54c4e9cd258977687d552b487a13bd1acd 100644 (file)
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -84,7 +84,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
                {
                if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
                if (!ASN1_INTEGER_set(xi->version,2)) goto err;
                {
                if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err;
                if (!ASN1_INTEGER_set(xi->version,2)) goto err;

-/*             xi->extensions=ri->attributes; <- bad, should not ever be done
+/*-            xi->extensions=ri->attributes; <- bad, should not ever be done

                ri->attributes=NULL; */
                }
 
                ri->attributes=NULL; */
                }
 

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 0d5c6b1c313fcac956ed0dbc80e8f7f1423090af..7a11e099bfbbe81ccd16ef77ab6c0f984ac9bf60 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -529,14 +529,15 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
        int allow_proxy_certs;
        cb=ctx->verify_cb;
 
        int allow_proxy_certs;
        cb=ctx->verify_cb;
 

-       /* must_be_ca can have 1 of 3 values:
-          -1: we accept both CA and non-CA certificates, to allow direct
-              use of self-signed certificates (which are marked as CA).
-          0:  we only accept non-CA certificates.  This is currently not
-              used, but the possibility is present for future extensions.
-          1:  we only accept CA certificates.  This is currently used for
-              all certificates in the chain except the leaf certificate.
-       */
+       /*-
+        *  must_be_ca can have 1 of 3 values:
+        * -1: we accept both CA and non-CA certificates, to allow direct
+        *     use of self-signed certificates (which are marked as CA).
+        * 0:  we only accept non-CA certificates.  This is currently not
+        *     used, but the possibility is present for future extensions.
+        * 1:  we only accept CA certificates.  This is currently used for
+        *     all certificates in the chain except the leaf certificate.
+        */

        must_be_ca = -1;
 
        /* CRL path validation */
        must_be_ca = -1;
 
        /* CRL path validation */

diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index c6b68ee221174eb7c4cae2bb506d029452f9e3e9..56ff367d12f37fa8ce46989d65aef6c6970a6962 100644 (file)
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -100,7 +100,8 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
        return extlist;
 }
 
        return extlist;
 }
 

-/* Currently two options:
+/*-
+ * Currently two options:

  * keyid: use the issuers subject keyid, the value 'always' means its is
  * an error if the issuer certificate doesn't have a key id.
  * issuer: use the issuers cert issuer and serial number. The default is
  * keyid: use the issuers subject keyid, the value 'always' means its is
  * an error if the issuer certificate doesn't have a key id.
  * issuer: use the issuers cert issuer and serial number. The default is

diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c
index 699930db513c37677bf9d411b1fc1daf18c392a1..753c4e11f24c26929533de1d284d71a8be56bc44 100644 (file)
--- a/demos/bio/saccept.c
+++ b/demos/bio/saccept.c
@@ -1,7 +1,8 @@
 /* NOCW */
 /* demos/bio/saccept.c */
 
 /* NOCW */
 /* demos/bio/saccept.c */
 

-/* A minimal program to serve an SSL connection.
+/*-
+ * A minimal program to serve an SSL connection.

  * It uses blocking.
  * saccept host:port
  * host is the interface IP to use.  If any interface, use *:port
  * It uses blocking.
  * saccept host:port
  * host is the interface IP to use.  If any interface, use *:port

diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c
index 880344eb78453b80b3c87a5c357b2b1114a82d77..d15c4132e5a20c55ccc626f16135c7874035f5bc 100644 (file)
--- a/demos/bio/sconnect.c
+++ b/demos/bio/sconnect.c
@@ -1,7 +1,8 @@
 /* NOCW */
 /* demos/bio/sconnect.c */
 
 /* NOCW */
 /* demos/bio/sconnect.c */
 

-/* A minimal program to do SSL to a passed host and port.
+/*-
+ * A minimal program to do SSL to a passed host and port.

  * It is actually using non-blocking IO but in a very simple manner
  * sconnect host:port - it does a 'GET / HTTP/1.0'
  *
  * It is actually using non-blocking IO but in a very simple manner
  * sconnect host:port - it does a 'GET / HTTP/1.0'
  *

diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c
index 952e537712740bafcbc6a097063484dce930f770..64090c41cacd21a99acdeffb331fe4675216e433 100644 (file)
--- a/demos/easy_tls/easy-tls.c
+++ b/demos/easy_tls/easy-tls.c
@@ -1,5 +1,5 @@
 /* -*- Mode: C; c-file-style: "bsd" -*- */
 /* -*- Mode: C; c-file-style: "bsd" -*- */

-/*
+/*-

  * easy-tls.c -- generic TLS proxy.
  * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $
  */
  * easy-tls.c -- generic TLS proxy.
  * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $
  */


@@ -62,7 +62,7 @@
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */

-/*
+/*-

  * Attribution for OpenSSL library:
  *
  * This product includes cryptographic software written by Eric Young
  * Attribution for OpenSSL library:
  *
  * This product includes cryptographic software written by Eric Young


@@ -124,7 +124,8 @@ static char const rcsid[] =
 # include TLS_APP
 #endif
 
 # include TLS_APP
 #endif
 

-/* Applications can define:
+/*-
+ * Applications can define:

  *   TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
  *   TLS_CUMULATE_ERRORS 
  *   TLS_ERROR_BUFSIZ
  *   TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
  *   TLS_CUMULATE_ERRORS 
  *   TLS_ERROR_BUFSIZ

diff --git a/demos/easy_tls/easy-tls.h b/demos/easy_tls/easy-tls.h
index 52b298e65471f3b4f98b498a77210cc5cd6f9a19..71ed87aeac2917fe8a67dafc2f5b2e4cf8eb001c 100644 (file)
--- a/demos/easy_tls/easy-tls.h
+++ b/demos/easy_tls/easy-tls.h
@@ -1,5 +1,5 @@
 /* -*- Mode: C; c-file-style: "bsd" -*- */
 /* -*- Mode: C; c-file-style: "bsd" -*- */

-/*
+/*-

  * easy-tls.h -- generic TLS proxy.
  * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
  */
  * easy-tls.h -- generic TLS proxy.
  * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
  */

diff --git a/demos/engines/ibmca/ica_openssl_api.h b/demos/engines/ibmca/ica_openssl_api.h
index c77e0fd5c0678288b1f82781307f46efa6137b20..b3739f604a87636bb5f0c834911392b8125e4827 100644 (file)
--- a/demos/engines/ibmca/ica_openssl_api.h
+++ b/demos/engines/ibmca/ica_openssl_api.h
@@ -62,7 +62,7 @@ typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE];
  | RSA Key Token format                           |
  *------------------------------------------------*/
 
  | RSA Key Token format                           |
  *------------------------------------------------*/
 

-/*
+/*-

  * NOTE:  All the fields in the ICA_KEY_RSA_MODEXPO structure
  *        (lengths, offsets, exponents, modulus, etc.) are
  *        stored in big-endian format
  * NOTE:  All the fields in the ICA_KEY_RSA_MODEXPO structure
  *        (lengths, offsets, exponents, modulus, etc.) are
  *        stored in big-endian format


@@ -86,7 +86,7 @@ typedef struct _ICA_KEY_RSA_MODEXPO
 } ICA_KEY_RSA_MODEXPO;
 #define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC))
 
 } ICA_KEY_RSA_MODEXPO;
 #define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC))
 

-/*
+/*-

  * NOTE:  All the fields in the ICA_KEY_RSA_CRT structure
  *        (lengths, offsets, exponents, modulus, etc.) are
  *        stored in big-endian format
  * NOTE:  All the fields in the ICA_KEY_RSA_CRT structure
  *        (lengths, offsets, exponents, modulus, etc.) are
  *        stored in big-endian format

diff --git a/demos/engines/zencod/hw_zencod.h b/demos/engines/zencod/hw_zencod.h
index 415c9a6be8b27a11a7c3bb275049de6935d08b28..eef8ee6fe88fc8da5bf3894e8a94cd63f56971f1 100644 (file)
--- a/demos/engines/zencod/hw_zencod.h
+++ b/demos/engines/zencod/hw_zencod.h
@@ -114,7 +114,8 @@ typedef struct ZEN_data_st
 /* output : output data buffer */
 /* input : input data buffer */
 /* algo : hash algorithm, MD5 or SHA1 */
 /* output : output data buffer */
 /* input : input data buffer */
 /* algo : hash algorithm, MD5 or SHA1 */

-/* typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;
+/*-
+ * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;

  * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
  */
 /* For now separate this stuff that mad it easier to test */
  * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
  */
 /* For now separate this stuff that mad it easier to test */

diff --git a/demos/spkigen.c b/demos/spkigen.c
index 2cd5dfea970dd65223d10ce75c707940ac3f1ff5..a22b3ef340b8595e84bb410bbc8a2548354c2870 100644 (file)
--- a/demos/spkigen.c
+++ b/demos/spkigen.c
@@ -1,5 +1,6 @@
 /* NOCW */
 /* NOCW */

-/* demos/spkigen.c
+/*-
+ * demos/spkigen.c

  * 18-Mar-1997 - eay - A quick hack :-) 
  *             version 1.1, it would probably help to save or load the
  *             private key :-)
  * 18-Mar-1997 - eay - A quick hack :-) 
  *             version 1.1, it would probably help to save or load the
  *             private key :-)

diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c
index f6e452ae93579767944e8aba728c1a0efe0c4362..ba9a5681ff6fbff1d632e74202140b51cec581ce 100644 (file)
--- a/demos/tunala/cb.c
+++ b/demos/tunala/cb.c
@@ -5,7 +5,8 @@
 /* For callbacks generating output, here are their file-descriptors. */
 static FILE *fp_cb_ssl_info = NULL;
 static FILE *fp_cb_ssl_verify = NULL;
 /* For callbacks generating output, here are their file-descriptors. */
 static FILE *fp_cb_ssl_info = NULL;
 static FILE *fp_cb_ssl_verify = NULL;

-/* Output level:
+/*-
+ * Output level:

  *     0 = nothing,
  *     1 = minimal, just errors,
  *     2 = minimal, all steps,
  *     0 = nothing,
  *     1 = minimal, just errors,
  *     2 = minimal, all steps,

diff --git a/engines/e_cswift.c b/engines/e_cswift.c
index 2e64ff32770dbf130d3dda10e7e465db88226045..18c583d6893dc856f21815726d8522d2ea249d93 100644 (file)
--- a/engines/e_cswift.c
+++ b/engines/e_cswift.c
@@ -1065,9 +1065,11 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
        {
                largenum.value = buf;
                largenum.nbytes = sizeof(buf32);
        {
                largenum.value = buf;
                largenum.nbytes = sizeof(buf32);

-               /* tell CryptoSwift how many bytes we want and where we want it.
+               /*-
+                * tell CryptoSwift how many bytes we want and where we want it.

                 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
                 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.

-                *       - CryptoSwift can only do multiple of 32-bits. */
+                *       - CryptoSwift can only do multiple of 32-bits.
+                */

                swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
                if (swrc != SW_OK)
                {
                swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
                if (swrc != SW_OK)
                {

diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 6fb33b78126b33c1f712ce162d35a4b8bec13893..50c536411f3110661bcc6fadb72cb023cacb5aec 100644 (file)
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -293,7 +293,7 @@ struct padlock_cipher_data
 static volatile struct padlock_cipher_data *padlock_saved_context;
 #endif
 
 static volatile struct padlock_cipher_data *padlock_saved_context;
 #endif
 

-/*
+/*-

  * =======================================================
  * Inline assembler section(s).
  * =======================================================
  * =======================================================
  * Inline assembler section(s).
  * =======================================================


@@ -854,7 +854,7 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
        return 1;
 }
 
        return 1;
 }
 

-/* 
+/*- 

  * Simplified version of padlock_aes_cipher() used when
  * 1) both input and output buffers are at aligned addresses.
  * or when
  * Simplified version of padlock_aes_cipher() used when
  * 1) both input and output buffers are at aligned addresses.
  * or when

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 78d7a4a201e774ba109883639a753199109e7ce7..9c5a1246b41d81eaf6e95376389660c07cb53129 100644 (file)
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -418,10 +418,12 @@ dtls1_process_record(SSL *s)
        rr->data=rr->input;
 
        enc_err = s->method->ssl3_enc->enc(s,0);
        rr->data=rr->input;
 
        enc_err = s->method->ssl3_enc->enc(s,0);

-       /* enc_err is:
+       /*-
+        * enc_err is:

         *    0: (in non-constant time) if the record is publically invalid.
         *    1: if the padding is valid
         *    0: (in non-constant time) if the record is publically invalid.
         *    1: if the padding is valid

-        *    -1: if the padding is invalid */
+        *   -1: if the padding is invalid
+        */

        if (enc_err == 0)
                {
                /* For DTLS we simply ignore bad packets. */
        if (enc_err == 0)
                {
                /* For DTLS we simply ignore bad packets. */


@@ -1046,9 +1048,11 @@ start:
                        }
                }
 
                        }
                }
 

-       /* s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
+       /*-
+        * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;

         * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
         * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.

-        * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
+        * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
+        */

 
        /* If we are a client, check for an incoming 'Hello Request': */
        if ((!s->server) &&
 
        /* If we are a client, check for an incoming 'Hello Request': */
        if ((!s->server) &&

diff --git a/ssl/kssl.c b/ssl/kssl.c
index 7ce81117084560148fff2d76582f1b3971c68bb6..f2b34bc876ffe68d823cd2c117859deb32becc8d 100644 (file)
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -1301,7 +1301,8 @@ kssl_TKT2tkt(     /* IN     */    krb5_context    krb5context,
        }
 
 
        }
 
 

-/*     Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
+/*-
+ *     Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),

  *             and krb5 AP_REQ message & message length,
  *     Return Kerberos session key and client principle
  *             to SSL Server in KSSL_CTX *kssl_ctx.
  *             and krb5 AP_REQ message & message length,
  *     Return Kerberos session key and client principle
  *             to SSL Server in KSSL_CTX *kssl_ctx.

diff --git a/ssl/kssl.h b/ssl/kssl.h
index c3d5492d4483e4916eed209603db72e5bf964ff1..c61dba7432ffc2d3e7aeb9b0b7b6e5abc80c90ba 100644 (file)
--- a/ssl/kssl.h
+++ b/ssl/kssl.h
@@ -99,7 +99,8 @@ typedef unsigned char krb5_octet;
 
 #endif
 
 
 #endif
 

-/*     Uncomment this to debug kssl problems or
+/*-
+ *     Uncomment this to debug kssl problems or

  *     to trace usage of the Kerberos session key
  *
  *     #define         KSSL_DEBUG
  *     to trace usage of the Kerberos session key
  *
  *     #define         KSSL_DEBUG

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index acd61dc546afb37c344d3d77c113b76b847528ec..d05b908f6cbef3fbca5748ae9de89aae6aa97695 100644 (file)
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -572,16 +572,20 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
                        }
                else if ((bs <= 1) && (!s->s2->escape))
                        {
                        }
                else if ((bs <= 1) && (!s->s2->escape))
                        {

-                       /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
-                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
+                       /*-
+                        * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
+                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+                        */

                        s->s2->three_byte_header=0;
                        p=0;
                        }
                else /* we may have to use a 3 byte header */
                        {
                        s->s2->three_byte_header=0;
                        p=0;
                        }
                else /* we may have to use a 3 byte header */
                        {

-                       /* If s->s2->escape is not set, then
+                       /*-
+                        * If s->s2->escape is not set, then

                         * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
                         * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus

-                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
+                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER.
+                        */

                        p=(j%bs);
                        p=(p == 0)?0:(bs-p);
                        if (s->s2->escape)
                        p=(j%bs);
                        p=(p == 0)?0:(bs-p);
                        if (s->s2->escape)


@@ -595,7 +599,8 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
                        }
                }
 
                        }
                }
 

-       /* Now
+       /*-
+        * Now

         *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
         * holds, and if s->s2->three_byte_header is set, then even
         *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
         *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
         * holds, and if s->s2->three_byte_header is set, then even
         *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index b55d0da6e8c1478039b3d1450f933e46a33a0d32..1fbdd2b0661a5a6cbac876bdf6d315fdd14a6176 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -487,7 +487,8 @@ void ssl3_cleanup_key_block(SSL *s)
        s->s3->tmp.key_block_length=0;
        }
 
        s->s3->tmp.key_block_length=0;
        }
 

-/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+/*-
+ * ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.

  *
  * Returns:
  *   0: (in non-constant time) if the record is publically invalid (i.e. too
  *
  * Returns:
  *   0: (in non-constant time) if the record is publically invalid (i.e. too


@@ -777,7 +778,8 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
                 * data we are hashing because that gives an attacker a
                 * timing-oracle. */
 
                 * data we are hashing because that gives an attacker a
                 * timing-oracle. */
 

-               /* npad is, at most, 48 bytes and that's with MD5:
+               /*-
+                * npad is, at most, 48 bytes and that's with MD5:

                 *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
                 *
                 * With SHA-1 (the largest hash speced for SSLv3) the hash size
                 *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
                 *
                 * With SHA-1 (the largest hash speced for SSLv3) the hash size

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 9178a81e7fec752ceb3e27b178d49572fd48e7af..d59f90abaff3d95ad18a03c8216d02fcb2d6be2b 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -171,7 +171,8 @@ extern "C" {
 #endif
 
 /* SSLeay version number for ASN.1 encoding of the session information */
 #endif
 
 /* SSLeay version number for ASN.1 encoding of the session information */

-/* Version 0 - initial version
+/*-
+ * Version 0 - initial version

  * Version 1 - added the optional peer certificate
  */
 #define SSL_SESSION_ASN1_VERSION 0x0001
  * Version 1 - added the optional peer certificate
  */
 #define SSL_SESSION_ASN1_VERSION 0x0001


@@ -1625,10 +1626,12 @@ extern "C" {
 #define SSL_ST_READ_BODY                       0xF1
 #define SSL_ST_READ_DONE                       0xF2
 
 #define SSL_ST_READ_BODY                       0xF1
 #define SSL_ST_READ_DONE                       0xF2
 

-/* Obtain latest Finished message
+/*-
+ * Obtain latest Finished message

  *   -- that we sent (SSL_get_finished)
  *   -- that we expected from peer (SSL_get_peer_finished).
  *   -- that we sent (SSL_get_finished)
  *   -- that we expected from peer (SSL_get_peer_finished).

- * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+ */

 size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
 size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 
 size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
 size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 590c84c19b70d4bc951407efa2c683d58098270b..bd85110b8a2d5443c7fcb71274629dbaa0d105ed 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -485,7 +485,7 @@
  * SSL_aDSS <- DSA_SIGN
  */
 
  * SSL_aDSS <- DSA_SIGN
  */
 

-/*
+/*-

 #define CERT_INVALID           0
 #define CERT_PUBLIC_KEY                1
 #define CERT_PRIVATE_KEY       2
 #define CERT_INVALID           0
 #define CERT_PUBLIC_KEY                1
 #define CERT_PRIVATE_KEY       2