indent has problems with comments that are on the right hand side of a line.

Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Conflicts:
	crypto/bn/bn.h
	crypto/ec/ec_lcl.h
	crypto/rsa/rsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl.h
	ssl/ssl3.h

Conflicts:
	crypto/ec/ec_lcl.h
	ssl/tls1.h

Conflicts:
	crypto/ec/ecp_nistp224.c
	crypto/evp/evp.h
	ssl/d1_both.c
	ssl/ssl.h
	ssl/ssl_lib.c

Conflicts:
	crypto/bio/bss_file.c
	crypto/ec/ec_lcl.h
	crypto/evp/evp.h
	crypto/store/str_mem.c
	crypto/whrlpool/wp_block.c
	crypto/x509/x509_vfy.h
	ssl/ssl.h
	ssl/ssl3.h
	ssl/ssltest.c
	ssl/t1_lib.c
	ssl/tls1.h

Reviewed-by: Tim Hudson <tjh@openssl.org>

30 files changed, 426 insertions, 255 deletions

diff --git a/apps/s_client.c b/apps/s_client.c
index 857d5189b5..5ebbd2c709 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1464,7 +1464,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 		if (peer != NULL)
 			{
 			BIO_printf(bio,"Server certificate\n");
-			if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
+
+			/* Redundant if we showed the whole chain */
+			if (!(c_showcerts && got_a_chain))
 				PEM_write_bio_X509(bio,peer);
 			X509_NAME_oneline(X509_get_subject_name(peer),
 				buf,sizeof buf);
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index d31c028193..1aedec9a1e 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -291,13 +291,16 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
 		}
 #undef g2
 
-	return mktime(&tm)-offset*60; /* FIXME: mktime assumes the current timezone
-	                               * instead of UTC, and unless we rewrite OpenSSL
-				       * in Lisp we cannot locally change the timezone
-				       * without possibly interfering with other parts
-	                               * of the program. timegm, which uses UTC, is
-				       * non-standard.
-	                               * Also time_t is inappropriate for general
-	                               * UTC times because it may a 32 bit type. */
+	/*
+	 * FIXME: mktime assumes the current timezone
+	 * instead of UTC, and unless we rewrite OpenSSL
+	 * in Lisp we cannot locally change the timezone
+	 * without possibly interfering with other parts
+	 * of the program. timegm, which uses UTC, is
+	 * non-standard.
+	 * Also time_t is inappropriate for general
+	 * UTC times because it may a 32 bit type.
+	 */
+	return mktime(&tm)-offset*60; 
 	}
 #endif
diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
index 6360dbc820..0b887f8925 100644
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -295,8 +295,11 @@ static void xsyslog(BIO *bp, int priority, const char *string)
 	case LOG_DEBUG:
 		evtype = EVENTLOG_INFORMATION_TYPE;
 		break;
-	default:		/* Should never happen, but set it
-				   as error anyway. */
+	default:
+		/*
+		 * Should never happen, but set it
+		 * as error anyway.
+		 */
 		evtype = EVENTLOG_ERROR_TYPE;
 		break;
 		}
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 2062da202e..9cdbd62b63 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -245,16 +245,22 @@ extern "C" {
 
 #define BN_FLG_MALLOCED		0x01
 #define BN_FLG_STATIC_DATA	0x02
-#define BN_FLG_CONSTTIME	0x04 /* avoid leaking exponent information through timing,
-                                      * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
-                                      * BN_div() will call BN_div_no_branch,
-                                      * BN_mod_inverse() will call BN_mod_inverse_no_branch.
-                                      */
 
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
-                                      /* avoid leaking exponent information through timings
-                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ */
+#define BN_FLG_CONSTTIME	0x04 
+
+#ifdef OPENSSL_NO_DEPRECATED
+/* deprecated name for the flag */
+#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME 
+/*
+ * avoid leaking exponent information through timings
+ * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
+ */
 #endif
 
 #ifndef OPENSSL_NO_DEPRECATED
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index de139ee279..fedf864988 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -355,9 +355,12 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
 		case 3:	A[2]=B[2];
 		case 2:	A[1]=B[1];
 		case 1:	A[0]=B[0];
-		case 0: /* workaround for ultrix cc: without 'case 0', the optimizer does
-		         * the switch table by doing a=top&3; a--; goto jump_table[a];
-		         * which fails for top== 0 */
+		case 0:
+			/*
+			 * workaround for ultrix cc: without 'case 0', the optimizer does
+			 * the switch table by doing a=top&3; a--; goto jump_table[a];
+			 * which fails for top== 0
+			 */
 			;
 			}
 		}
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
index ce5fa00a37..5c82e2fdc1 100644
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -75,7 +75,8 @@
 #endif
 #endif
 
-/* #define SIGACTION */ /* Define this if you have sigaction() */
+/* Define this if you have sigaction() */
+/* #define SIGACTION */
 
 #ifdef WIN16TTY
 #undef OPENSSL_SYS_WIN16
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 1c687054a5..175b1795b4 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -80,13 +80,16 @@
 #define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
 
 #define DH_FLAG_CACHE_MONT_P     0x01
-#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-                                       * implementation now uses constant time
-                                       * modular exponentiation for secret exponents
-                                       * by default. This flag causes the
-                                       * faster variable sliding window method to
-                                       * be used for all exponents.
-                                       */
+
+/*
+ * new with 0.9.7h; the built-in DH
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+#define DH_FLAG_NO_EXP_CONSTTIME 0x02
 
 #ifdef  __cplusplus
 extern "C" {
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index 80c0d6310e..5818d07f1d 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -200,34 +200,41 @@ struct ec_group_st {
 	/* The following members are handled by the method functions,
 	 * even if they appear generic */
 	
-	BIGNUM field; /* Field specification.
-	               * For curves over GF(p), this is the modulus;
-	               * for curves over GF(2^m), this is the 
-	               * irreducible polynomial defining the field.
-	               */
-
-	unsigned int poly[5]; /* Field specification for curves over GF(2^m).
-	                       * The irreducible f(t) is then of the form:
-	                       *     t^poly[0] + t^poly[1] + ... + t^poly[k]
-	                       * where m = poly[0] > poly[1] > ... > poly[k] = 0.
-	                       */
-
-	BIGNUM a, b; /* Curve coefficients.
-	              * (Here the assumption is that BIGNUMs can be used
-	              * or abused for all kinds of fields, not just GF(p).)
-	              * For characteristic  > 3,  the curve is defined
-	              * by a Weierstrass equation of the form
-	              *     y^2 = x^3 + a*x + b.
-	              * For characteristic  2,  the curve is defined by
-	              * an equation of the form
-	              *     y^2 + x*y = x^3 + a*x^2 + b.
-	              */
-
-	int a_is_minus3; /* enable optimized point arithmetics for special case */
-
-	void *field_data1; /* method-specific (e.g., Montgomery structure) */
-	void *field_data2; /* method-specific */
-	int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,	BN_CTX *); /* method-specific */
+	/* Field specification.
+	 * For curves over GF(p), this is the modulus;
+	 * for curves over GF(2^m), this is the 
+	 * irreducible polynomial defining the field.
+	 */
+	BIGNUM field;
+
+	/* Field specification for curves over GF(2^m).
+	 * The irreducible f(t) is then of the form:
+	 *     t^poly[0] + t^poly[1] + ... + t^poly[k]
+	 * where m = poly[0] > poly[1] > ... > poly[k] = 0.
+	 */
+	unsigned int poly[5];
+
+	/* Curve coefficients.
+	 * (Here the assumption is that BIGNUMs can be used
+	 * or abused for all kinds of fields, not just GF(p).)
+	 * For characteristic  > 3,  the curve is defined
+	 * by a Weierstrass equation of the form
+	 *     y^2 = x^3 + a*x + b.
+	 * For characteristic  2,  the curve is defined by
+	 * an equation of the form
+	 *     y^2 + x*y = x^3 + a*x^2 + b.
+	 */
+	BIGNUM a, b;
+
+	/* enable optimized point arithmetics for special case */
+	int a_is_minus3;
+
+	/* method-specific (e.g., Montgomery structure) */
+	void *field_data1;
+	/* method-specific */
+	void *field_data2;
+	/* method-specific */
+	int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,	BN_CTX *);
 } /* EC_GROUP */;
 
 struct ec_key_st {
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 9a0e790403..1f24aff2e7 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -260,10 +260,11 @@ typedef struct
 	void *key;
 	} EVP_MD_SVCTX;
 
-#define EVP_MD_FLAG_ONESHOT	0x0001 /* digest can only handle a single
-					* block */
+/* digest can only handle a single block */
+#define EVP_MD_FLAG_ONESHOT	0x0001
 
-#define EVP_MD_FLAG_FIPS	0x0400 /* Note if suitable for use in FIPS mode */
+/* Note if suitable for use in FIPS mode */
+#define EVP_MD_FLAG_FIPS	0x0400
 
 #define EVP_MD_FLAG_SVCTX	0x0800 /* pass EVP_MD_SVCTX to sign/verify */
 
@@ -333,19 +334,33 @@ struct evp_cipher_st
 	{
 	int nid;
 	int block_size;
-	int key_len;		/* Default value for variable length ciphers */
+
+	/* Default value for variable length ciphers */
+	int key_len;
 	int iv_len;
-	unsigned long flags;	/* Various flags */
+
+	/* Various flags */
+	unsigned long flags;
+	
+	/* init key */
 	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-		    const unsigned char *iv, int enc);	/* init key */
+		    const unsigned char *iv, int enc);
+		    
+	/* encrypt/decrypt data */
 	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
-	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
-	int ctx_size;		/* how big ctx->cipher_data needs to be */
-	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
-	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
-	int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
-	void *app_data;		/* Application data */
+			 const unsigned char *in, unsigned int inl);
+	/* cleanup ctx */
+	int (*cleanup)(EVP_CIPHER_CTX *);
+	/* how big ctx->cipher_data needs to be */
+	int ctx_size;
+	/* Populate a ASN1_TYPE with parameters */
+	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
+	/* Get parameters from a ASN1_TYPE */
+	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
+	/* Miscellaneous operations */
+	int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
+	/* Application data */
+	void *app_data;
 	} /* EVP_CIPHER */;
 
 /* Values for cipher flags */
@@ -420,14 +435,22 @@ struct evp_cipher_ctx_st
 
 typedef struct evp_Encode_Ctx_st
 	{
-	int num;	/* number saved in a partial encode/decode */
-	int length;	/* The length is either the output line length
-			 * (in input bytes) or the shortest input line
-			 * length that is ok.  Once decoding begins,
-			 * the length is adjusted up each time a longer
-			 * line is decoded */
-	unsigned char enc_data[80];	/* data to encode */
-	int line_num;	/* number read on current line */
+	/* number saved in a partial encode/decode */
+	int num;
+
+	/* The length is either the output line length
+	 * (in input bytes) or the shortest input line
+	 * length that is ok.  Once decoding begins,
+	 * the length is adjusted up each time a longer
+	 * line is decoded
+	 */
+	int length;
+
+	/* data to encode */
+	unsigned char enc_data[80];
+
+	/* number read on current line */
+	int line_num;
 	int expect_nl;
 	} EVP_ENCODE_CTX;
 
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index 30778d183c..6ec7097885 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -177,12 +177,13 @@ typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
 
 #include <lmcons.h>
 #include <lmstats.h>
-#if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
-       * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
-       * was added to the Platform SDK to allow the NET API to be used in
-       * non-Unicode applications provided that Unicode strings were still
-       * used for input.  LMSTR is defined as LPWSTR.
-       */
+#if 1
+/* The NET API is Unicode only.  It requires the use of the UNICODE
+ * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
+ * was added to the Platform SDK to allow the NET API to be used in
+ * non-Unicode applications provided that Unicode strings were still
+ * used for input.  LMSTR is defined as LPWSTR.
+ */
 typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
         (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
 typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 99c90bead7..f93fdbc591 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -188,7 +188,9 @@ struct rsa_st
 # define OPENSSL_RSA_SMALL_MODULUS_BITS	3072
 #endif
 #ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-# define OPENSSL_RSA_MAX_PUBEXP_BITS	64 /* exponent limit enforced for "large" modulus only */
+
+/* exponent limit enforced for "large" modulus only */
+# define OPENSSL_RSA_MAX_PUBEXP_BITS	64
 #endif
 
 #define RSA_3	0x3L
@@ -211,30 +213,36 @@ struct rsa_st
  */
 #define RSA_FLAG_SIGN_VER		0x0040
 
-#define RSA_FLAG_NO_BLINDING		0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
-                                                * RSA implementation now uses blinding by
-                                                * default (ignoring RSA_FLAG_BLINDING),
-                                                * but other engines might not need it
-                                                */
-#define RSA_FLAG_NO_CONSTTIME		0x0100 /* new with 0.9.8f; the built-in RSA
-						* implementation now uses constant time
-						* operations by default in private key operations,
-						* e.g., constant time modular exponentiation, 
-                                                * modular inverse without leaking branches, 
-                                                * division without leaking branches. This 
-                                                * flag disables these constant time 
-                                                * operations and results in faster RSA 
-                                                * private key operations.
-                                                */ 
-#ifndef OPENSSL_NO_DEPRECATED
-#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
-                                                /* new with 0.9.7h; the built-in RSA
-                                                * implementation now uses constant time
-                                                * modular exponentiation for secret exponents
-                                                * by default. This flag causes the
-                                                * faster variable sliding window method to
-                                                * be used for all exponents.
-                                                */
+/*
+ * new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+#define RSA_FLAG_NO_BLINDING		0x0080
+/*
+ * new with 0.9.8f; the built-in RSA
+ * implementation now uses constant time
+ * operations by default in private key operations,
+ * e.g., constant time modular exponentiation, 
+ * modular inverse without leaking branches, 
+ * division without leaking branches. This 
+ * flag disables these constant time 
+ * operations and results in faster RSA 
+ * private key operations.
+ */ 
+#define RSA_FLAG_NO_CONSTTIME		0x0100
+#ifdef OPENSSL_USE_DEPRECATED
+/* deprecated name for the flag*/
+/*
+ * new with 0.9.7h; the built-in RSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME 
 #endif
 
 
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 203d702321..a249f91fe6 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -283,11 +283,12 @@ static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
 		{
 		/* resort to rsa->mt_blinding instead */
 
-		*local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert()
-		             * that the BN_BLINDING is shared, meaning that accesses
-		             * require locks, and that the blinding factor must be
-		             * stored outside the BN_BLINDING
-		             */
+		/* instructs rsa_blinding_convert(), rsa_blinding_invert()
+		 * that the BN_BLINDING is shared, meaning that accesses
+		 * require locks, and that the blinding factor must be
+		 * stored outside the BN_BLINDING
+		 */
+		*local = 0;
 
 		if (rsa->mt_blinding == NULL)
 			{
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
index 6965f3e2a3..9bc6a20336 100644
--- a/crypto/sha/sha.h
+++ b/crypto/sha/sha.h
@@ -158,9 +158,12 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
  * being exactly 64-bit wide. See Implementation Notes in sha512.c
  * for further details.
  */
-#define SHA512_CBLOCK	(SHA_LBLOCK*8)	/* SHA-512 treats input data as a
-					 * contiguous array of 64 bit
-					 * wide big-endian values. */
+/*
+ * SHA-512 treats input data as a
+ * contiguous array of 64 bit
+ * wide big-endian values.
+ */
+#define SHA512_CBLOCK	(SHA_LBLOCK*8)
 #if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
 #define SHA_LONG64 unsigned __int64
 #define U64(C)     C##UI64
diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index b59c6409e4..8cc4ae6ea6 100644
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -80,7 +80,8 @@ STACK_OF(type) \
     STACK stack; \
     };
 
-#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
+/* nada (obsolete in new safestack approach)*/
+#define IMPLEMENT_STACK_OF(type)
 
 /* SKM_sk_... stack macros are internal to safestack.h:
  * never use them directly, use sk_<type>_... instead */
diff --git a/crypto/store/str_mem.c b/crypto/store/str_mem.c
index 527757ae09..f713dc8f6a 100644
--- a/crypto/store/str_mem.c
+++ b/crypto/store/str_mem.c
@@ -85,21 +85,34 @@ struct mem_object_data_st
 
 struct mem_data_st
 	{
-	STACK *data;		/* A stack of mem_object_data_st,
-				   sorted with STORE_ATTR_INFO_compare(). */
-	unsigned int compute_components : 1; /* Currently unused, but can
-						be used to add attributes
-						from parts of the data. */
+	/*
+	 * A stack of mem_object_data_st,
+	 * sorted with STORE_ATTR_INFO_compare().
+	 */
+	STACK *data;
+	/* Currently unused, but can
+	 * be used to add attributes
+	 * from parts of the data.
+	 */
+	unsigned int compute_components : 1;
 	};
 
 struct mem_ctx_st
 	{
-	int type;		/* The type we're searching for */
-	STACK *search_attributes; /* Sets of attributes to search for.
-				     Each element is a STORE_ATTR_INFO. */
-	int search_index;	/* which of the search attributes we found a match
-				   for, -1 when we still haven't found any */
-	int index;		/* -1 as long as we're searching for the first */
+	/* The type we're searching for */
+	int type;
+	/*
+	 * Sets of attributes to search for.
+	 * Each element is a STORE_ATTR_INFO.
+	 */
+	STACK *search_attributes;
+	/*
+	 *  which of the search attributes we found a match
+	 * for, -1 when we still haven't found any
+	 */
+	int search_index;
+	/* -1 as long as we're searching for the first */
+	int index;
 	};
 
 static int mem_init(STORE *s);
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index d3c3fd2144..aa35ab33f9 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -190,14 +190,22 @@ struct x509_store_st
 	X509_VERIFY_PARAM *param;
 
 	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);	/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+	/* called to verify a certificate */
+	int (*verify)(X509_STORE_CTX *ctx);
+	/* error callback */
+	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);
+	/* get issuers cert from ctx */
+	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+	/* check issued */
+	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+	/* Check revocation status of chain */
+	int (*check_revocation)(X509_STORE_CTX *ctx);
+	/* retrieve CRL */
+	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+	/* Check CRL validity */
+	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl);
+	/* Check certificate against CRL */
+	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
 	int (*cleanup)(X509_STORE_CTX *ctx);
 
 	CRYPTO_EX_DATA ex_data;
@@ -226,42 +234,62 @@ struct x509_lookup_st
 struct x509_store_ctx_st      /* X509_STORE_CTX */
 	{
 	X509_STORE *ctx;
-	int current_method;	/* used when looking up certs */
+	/* used when looking up certs */
+	int current_method;
 
 	/* The following are set by the caller */
-	X509 *cert;		/* The cert to check */
-	STACK_OF(X509) *untrusted;	/* chain of X509s - untrusted - passed in */
-	STACK_OF(X509_CRL) *crls;	/* set of CRLs passed in */
+	/* The cert to check */
+	X509 *cert;
+	/* chain of X509s - untrusted - passed in */
+	STACK_OF(X509) *untrusted;
+	/* set of CRLs passed in */
+	STACK_OF(X509_CRL) *crls;
 
 	X509_VERIFY_PARAM *param;
-	void *other_ctx;	/* Other info for use with get_issuer() */
+	/* Other info for use with get_issuer() */
+	void *other_ctx;
 
 	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);		/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+	/* called to verify a certificate */
+	int (*verify)(X509_STORE_CTX *ctx);
+	/* error callback */
+	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);
+	/* get issuers cert from ctx */
+	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+	/* check issued */
+	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+	/* Check revocation status of chain */
+	int (*check_revocation)(X509_STORE_CTX *ctx);
+	/* retrieve CRL */
+	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+	/* Check CRL validity */
+	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl);
+	/* Check certificate against CRL */
+	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
 	int (*check_policy)(X509_STORE_CTX *ctx);
 	int (*cleanup)(X509_STORE_CTX *ctx);
 
 	/* The following is built up */
-	int valid;		/* if 0, rebuild chain */
-	int last_untrusted;	/* index of last untrusted cert */
-	STACK_OF(X509) *chain; 		/* chain of X509s - built up and trusted */
-	X509_POLICY_TREE *tree;	/* Valid policy tree */
-
-	int explicit_policy;	/* Require explicit policy value */
+	/* if 0, rebuild chain */
+	int valid;
+	/* index of last untrusted cert */
+	int last_untrusted;
+	/* chain of X509s - built up and trusted */
+	STACK_OF(X509) *chain;
+	/* Valid policy tree */
+	X509_POLICY_TREE *tree;
+
+	/* Require explicit policy value */
+	int explicit_policy;
 
 	/* When something goes wrong, this is why */
 	int error_depth;
 	int error;
 	X509 *current_cert;
-	X509 *current_issuer;	/* cert currently being tested as valid issuer */
-	X509_CRL *current_crl;	/* current CRL */
+	/* cert currently being tested as valid issuer */
+	X509 *current_issuer;
+	/* current CRL */
+	X509_CRL *current_crl;
 
 	CRYPTO_EX_DATA ex_data;
 	} /* X509_STORE_CTX */;
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
index 2cd994c5b0..86ea98c382 100644
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -112,8 +112,8 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
 		break;
 		}
 
-	if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look
-					   for, not bytes */
+	/* /8 because it's 1024 bits we look for, not bytes */
+	if (EVP_PKEY_size(pk) <= 1024/8)
 		ret|=EVP_PKT_EXP;
 	if(pkey==NULL) EVP_PKEY_free(pk);
 	return(ret);
diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c
index b433036715..e6b9b865c8 100644
--- a/demos/easy_tls/easy-tls.c
+++ b/