indent has problems with comments that are on the right hand side of a line.

Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Conflicts: crypto/ec/ec_lcl.h ssl/tls1.h Conflicts: crypto/ec/ecp_nistp224.c crypto/evp/evp.h ssl/d1_both.c ssl/ssl.h ssl/ssl_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-01-21 11:09:58 +0000
committer: Matt Caswell <matt@openssl.org> 2015-01-22 09:44:02 +0000
commit: e16db4b3d75e9e3ea4dccdd5df65e75e62a320c3 (patch)
tree: f91d4a8ee4124337576ea8686112ac6f87739de9 /ssl
parent: 134d38bcde371839f5ffe33181a4d83858fc3469 (diff)
12 files changed, 192 insertions, 100 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 2f5b63d61d..18d47e7839 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -476,10 +476,15 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 again:
 	i = dtls1_get_message_fragment(s, st1, stn, max, ok);
 	if ( i == DTLS1_HM_BAD_FRAGMENT ||
-		i == DTLS1_HM_FRAGMENT_RETRY)  /* bad fragment received */
+		i == DTLS1_HM_FRAGMENT_RETRY)
+		{
+		/* bad fragment received */
 		goto again;
+		}
 	else if ( i <= 0 && !*ok)
+		{
 		return i;
+		}
 
 	p = (unsigned char *)s->init_buf->data;
 	msg_len = msg_hdr->msg_len;
@@ -1150,7 +1155,8 @@ int dtls1_read_failed(SSL *s, int code)
 		return code;
 		}
 
-	if ( ! SSL_in_init(s))  /* done, no need to send a retransmit */
+	/* done, no need to send a retransmit */
+	if ( ! SSL_in_init(s))
 		{
 		BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
 		return code;
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index bf4e44704f..96a3419355 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -335,8 +335,8 @@ dtls1_get_buffered_record(SSL *s)
 		(((PQ_64BIT)s->d1->handshake_read_seq) << 32) | 
 		((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
 	
-	if ( ! SSL_in_init(s))  /* if we're not (re)negotiating, 
-							   nothing buffered */
+    /* if we're not (re)negotiating, nothing buffered */
+	if ( ! SSL_in_init(s))
 		return 0;
 
 
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index c040c6f82f..7637150bc0 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -233,19 +233,21 @@ end:
 
 int ssl23_get_client_hello(SSL *s)
 	{
-	char buf_space[11]; /* Request this many bytes in initial read.
-	                     * We can detect SSL 3.0/TLS 1.0 Client Hellos
-	                     * ('type == 3') correctly only when the following
-	                     * is in a single record, which is not guaranteed by
-	                     * the protocol specification:
-	                     * Byte  Content
-	                     *  0     type            \
-	                     *  1/2   version          > record header
-	                     *  3/4   length          /
-	                     *  5     msg_type        \
-	                     *  6-8   length           > Client Hello message
-	                     *  9/10  client_version  /
-	                     */
+    /*-
+     * Request this many bytes in initial read.
+     * We can detect SSL 3.0/TLS 1.0 Client Hellos
+     * ('type == 3') correctly only when the following
+     * is in a single record, which is not guaranteed by
+     * the protocol specification:
+     * Byte  Content
+     *  0     type            \
+     *  1/2   version          > record header
+     *  3/4   length          /
+     *  5     msg_type        \
+     *  6-8   length           > Client Hello message
+     *  9/10  client_version  /
+     */
+	char buf_space[11]; 
 	char *buf= &(buf_space[0]);
 	unsigned char *p,*d,*d_len,*dd;
 	unsigned int i;
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 412d095d60..26a4e810f0 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -212,11 +212,12 @@ int ssl3_get_finished(SSL *s, int a, int b)
 	 * change cipher spec message and is in s->s3->tmp.peer_finish_md
 	 */ 
 
+	/* 64 argument should actually be 36+4 :-) */
 	n=s->method->ssl_get_message(s,
 		a,
 		b,
 		SSL3_MT_FINISHED,
-		64, /* should actually be 36+4 :-) */
+		64,
 		&ok);
 
 	if (!ok) return((int)n);
diff --git a/ssl/ssl.h b/ssl/ssl.h
index bba674b130..74cd85c3a9 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -819,7 +819,8 @@ struct ssl_ctx_st
 	int verify_mode;
 	unsigned int sid_ctx_length;
 	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
+	/* called 'verify_callback' in the SSL */
+	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
 
 	/* Default generate session ID callback. */
 	GEN_SESSION_CB generate_session_id;
@@ -984,22 +985,28 @@ struct ssl_st
 	 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
 	 */
 	int version;
-	int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+	/* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+	int type;
 
-	const SSL_METHOD *method; /* SSLv3 */
+	/* SSLv3 */
+	const SSL_METHOD *method;
 
 	/* There are 2 BIO's even though they are normally both the
 	 * same.  This is so data can be read and written to different
 	 * handlers */
 
 #ifndef OPENSSL_NO_BIO
-	BIO *rbio; /* used by SSL_read */
-	BIO *wbio; /* used by SSL_write */
-	BIO *bbio; /* used during session-id reuse to concatenate
-		    * messages */
+	/* used by SSL_read */
+	BIO *rbio;
+	/* used by SSL_write */
+	BIO *wbio;
+	/* used during session-id reuse to concatenate messages */
+	BIO *bbio;
 #else
-	char *rbio; /* used by SSL_read */
-	char *wbio; /* used by SSL_write */
+	/* used by SSL_read */
+	char *rbio;
+	/* used by SSL_write */
+	char *wbio;
 	char *bbio;
 #endif
 	/* This holds a variable that indicates what we were doing
@@ -1020,19 +1027,26 @@ struct ssl_st
 	 * test instead of an "init" member.
 	 */
 
-	int server;	/* are we the server side? - mostly used by SSL_clear*/
+	/* are we the server side? - mostly used by SSL_clear*/
+	int server;
 
-	int new_session;/* 1 if we are to use a new session.
-	                 * 2 if we are a server and are inside a handshake
-	                 *   (i.e. not just sending a HelloRequest)
-	                 * NB: For servers, the 'new' session may actually be a previously
-	                 * cached session or even the previous session unless
-	                 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-	int quiet_shutdown;/* don't send shutdown packets */
-	int shutdown;	/* we have shut things down, 0x01 sent, 0x02
-			 * for received */
-	int state;	/* where we are */
-	int rstate;	/* where we are when reading */
+	/*
+	 * 1 if we are to use a new session.
+	 * 2 if we are a server and are inside a handshake
+	 *   (i.e. not just sending a HelloRequest)
+	 * NB: For servers, the 'new' session may actually be a previously
+	 * cached session or even the previous session unless
+	 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
+	 */
+	int new_session;
+	/* don't send shutdown packets */
+	int quiet_shutdown;
+	/* we have shut things down, 0x01 sent, 0x02 for received */
+	int shutdown;
+	/* where we are */
+	int state;
+	/* where we are when reading */
+	int rstate;
 
 	BUF_MEM *init_buf;	/* buffer used during init */
 	void *init_msg;   	/* pointer to handshake message body, set by ssl3_get_message() */
@@ -1104,17 +1118,25 @@ struct ssl_st
 	GEN_SESSION_CB generate_session_id;
 
 	/* Used in SSL2 and SSL3 */
-	int verify_mode;	/* 0 don't care about verify failure.
-				 * 1 fail if verify fails */
-	int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
+	/*
+	 * 0 don't care about verify failure.
+	 * 1 fail if verify fails
+	 */
+	int verify_mode;
+	/* fail if callback returns 0 */
+	int (*verify_callback)(int ok,X509_STORE_CTX *ctx);
 
-	void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
+	/* optional informational callback */
+	void (*info_callback)(const SSL *ssl,int type,int val);
 
-	int error;		/* error bytes to be written */
-	int error_code;		/* actual code */
+	/* error bytes to be written */
+	int error;
+	/* actual code */
+	int error_code;
 
 #ifndef OPENSSL_NO_KRB5
-	KSSL_CTX *kssl_ctx;     /* Kerberos 5 context */
+	/* Kerberos 5 context */
+	KSSL_CTX *kssl_ctx;
 #endif	/* OPENSSL_NO_KRB5 */
 
 #ifndef OPENSSL_NO_PSK
@@ -1138,12 +1160,14 @@ struct ssl_st
 	STACK_OF(X509_NAME) *client_CA;
 
 	int references;
-	unsigned long options; /* protocol behaviour */
-	unsigned long mode; /* API behaviour */
+	/* protocol behaviour */
+	unsigned long options;
+	/* API behaviour */
+	unsigned long mode;
 	long max_cert_list;
 	int first_packet;
-	int client_version;	/* what was passed, used for
-				 * SSLv3/TLS rollback check */
+	/* what was passed, used for SSLv3/TLS rollback check */
+	int client_version;
 	unsigned int max_send_fragment;
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extension debug callback */
@@ -1152,11 +1176,13 @@ struct ssl_st
 					void *arg);
 	void *tlsext_debug_arg;
 	char *tlsext_hostname;
-	int servername_done;   /* no further mod of servername 
-	                          0 : call the servername extension callback.
-	                          1 : prepare 2, allow last ack just after in server callback.
-	                          2 : don't call servername callback, no ack in server hello
-	                       */
+    /*-
+     * no further mod of servername 
+     * 0 : call the servername extension callback.
+     * 1 : prepare 2, allow last ack just after in server callback.
+     * 2 : don't call servername callback, no ack in server hello
+     */
+	int servername_done;
 	/* certificate status request info */
 	/* Status type or -1 if no status type */
 	int tlsext_status_type;
@@ -1173,9 +1199,11 @@ struct ssl_st
 	int tlsext_ticket_expected;
 #ifndef OPENSSL_NO_EC
 	size_t tlsext_ecpointformatlist_length;
-	unsigned char *tlsext_ecpointformatlist; /* our list */
+	/* our list */
+	unsigned char *tlsext_ecpointformatlist;
 	size_t tlsext_ellipticcurvelist_length;
-	unsigned char *tlsext_ellipticcurvelist; /* our list */
+	/* our list */
+	unsigned char *tlsext_ellipticcurvelist;
 #endif /* OPENSSL_NO_EC */
 
 	/* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 263d16dcbd..392c0452ea 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -346,23 +346,34 @@ extern "C" {
 
 typedef struct ssl3_record_st
 	{
-/*r */	int type;               /* type of record */
-/*rw*/	unsigned int length;    /* How many bytes available */
-/*r */	unsigned int off;       /* read/write offset into 'buf' */
-/*rw*/	unsigned char *data;    /* pointer to the record data */
-/*rw*/	unsigned char *input;   /* where the decode bytes are */
-/*r */	unsigned char *comp;    /* only used with decompression - malloc()ed */
-/*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
-/*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
+		/* type of record */
+/*r */	int type;
+		/* How many bytes available */
+/*rw*/	unsigned int length;
+		/* read/write offset into 'buf' */
+/*r */	unsigned int off;
+		/* pointer to the record data */
+/*rw*/	unsigned char *data;
+		/* where the decode bytes are */
+/*rw*/	unsigned char *input;
+		/* only used with decompression - malloc()ed */
+/*r */	unsigned char *comp;
+		/* epoch number, needed by DTLS1 */
+/*r */  unsigned long epoch;
+		/* sequence number, needed by DTLS1 */
+/*r */  unsigned char seq_num[8]; 
 	} SSL3_RECORD;
 
 typedef struct ssl3_buffer_st
 	{
-	unsigned char *buf;     /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
-	                         * see ssl3_setup_buffers() */
-	size_t len;             /* buffer size */
-	int offset;             /* where to 'copy from' */
-	int left;               /* how many bytes left */
+	/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
+	unsigned char *buf;
+	/* buffer size */
+	size_t len;
+	/* where to 'copy from' */
+	int offset;
+	/* how many bytes left */
+	int left;
 	} SSL3_BUFFER;
 
 #define SSL3_CT_RSA_SIGN			1
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 9b6df7a36e..8a429ba187 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -198,10 +198,15 @@ int SSL_clear(SSL *s)
 	s->hit=0;
 	s->shutdown=0;
 
-#if 0 /* Disabled since version 1.10 of this file (early return not
-       * needed because SSL_clear is not called when doing renegotiation) */
-	/* This is set if we are doing dynamic renegotiation so keep
-	 * the old cipher.  It is sort of a SSL_clear_lite :-) */
+#if 0
+	/*
+	 * Disabled since version 1.10 of this file (early return not
+     * needed because SSL_clear is not called when doing renegotiation)
+     */
+	/*
+	 * This is set if we are doing dynamic renegotiation so keep
+	 * the old cipher.  It is sort of a SSL_clear_lite :-)
+	 */
 	if (s->new_session) return(1);
 #else
 	if (s->new_session)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index bb553aaefd..7ff5d32c9a 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -472,9 +472,12 @@ typedef struct cert_pkey_st
 typedef struct cert_st
 	{
 	/* Current active set */
-	CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
-			 * Probably it would make more sense to store
-			 * an index, not a pointer. */
+	/*
+	 * ALWAYS points to an element of the pkeys array
+	 * Probably it would make more sense to store
+	 * an index, not a pointer.
+	 */
+	CERT_PKEY *key;
  
 	/* The following masks are for the key and auth
 	 * algorithms that are supported by the certs below */
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 8e5d8a0972..005d60a1a4 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -955,9 +955,11 @@ static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
 	if ((s->next == NULL) || (s->prev == NULL)) return;
 
 	if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
-		{ /* last element in list */
+		{
+		/* last element in list */
 		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
-			{ /* only one element in list */
+			{
+			/* only one element in list */
 			ctx->session_cache_head=NULL;
 			ctx->session_cache_tail=NULL;
 			}
@@ -970,12 +972,14 @@ static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
 	else
 		{
 		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
-			{ /* first element in list */
+			{
+			/* first element in list */
 			ctx->session_cache_head=s->next;
 			s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
 			}
 		else
-			{ /* middle of list */
+			{
+			/* middle of list */
 			s->next->prev=s->prev;
 			s->prev->next=s->next;
 			}
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 46b449cf71..80f5a28799 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -140,8 +140,8 @@
  * OTHERWISE.
  */
 
-#define _BSD_SOURCE 1		/* Or gethostname won't be declared properly
-				   on Linux and GNU platforms. */
+/* Or gethostname won't be declared properly on Linux and GNU platforms. */
+#define _BSD_SOURCE 1
 
 #include <assert.h>
 #include <errno.h>
@@ -155,8 +155,8 @@
 #include "e_os.h"
 
 #ifdef OPENSSL_SYS_VMS
-#define _XOPEN_SOURCE 500	/* Or isascii won't be declared properly on
-				   VMS (at least with DECompHP C).  */
+/* Or isascii won't be declared properly on VMS (at least with DECompHP C).  */
+#define _XOPEN_SOURCE 500
 #endif
 
 #include <ctype.h>
@@ -183,11 +183,13 @@
 #endif
 #include <openssl/bn.h>
 
-#define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
-				     on Compaq platforms (at least with DEC C).
-				     Do not try to put it earlier, or IPv6 includes
-				     get screwed...
-				  */
+/*
+ * Or gethostname won't be declared properly
+ * on Compaq platforms (at least with DEC C).
+ * Do not try to put it earlier, or IPv6 includes
+ * get screwed...
+*/
+#define _XOPEN_SOURCE_EXTENDED	1 
 
 #ifdef OPENSSL_SYS_WINDOWS
 #include <winsock.h>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 7cce96a74d..fcf8bc937b 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -942,8 +942,11 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 				return 0;
 				}
 
-			if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
+			if (s->s3->client_opaque_prf_input != NULL)
+				{
+				/* shouldn't really happen */
 				OPENSSL_free(s->s3->client_opaque_prf_input);
+				}
 				
 			/* dummy byte just to get non-NULL */
 			if (s->s3->client_opaque_prf_input_len == 0)
@@ -1216,12 +1219,20 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 				return 0;
 				}
 			
-			if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
+			if (s->s3->server_opaque_prf_input != NULL)
+				{
+				/* shouldn't really happen */
 				OPENSSL_free(s->s3->server_opaque_prf_input);
+				}
 			if (s->s3->server_opaque_prf_input_len == 0)
-				s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+				{
+				/* dummy byte just to get non-NULL */
+				s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+				}
 			else
+				{
 				s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
+				}
 
 			if (s->s3->server_opaque_prf_input == NULL)
 				{
@@ -1371,13 +1382,21 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
 
 		if (s->tlsext_opaque_prf_input != NULL)
 			{
-			if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
+			if (s->s3->client_opaque_prf_input != NULL)
+				{
+				/* shouldn't really happen */
 				OPENSSL_free(s->s3->client_opaque_prf_input);
+				}
 
 			if (s->tlsext_opaque_prf_input_len == 0)
-				s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+				{
+				/* dummy byte just to get non-NULL */
+				s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+				}
 			else
+				{
 				s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
+				}
 			if (s->s3->client_opaque_prf_input == NULL)
 				{
 				SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
@@ -1465,8 +1484,11 @@ int ssl_check_clienthello_tlsext_early(SSL *s)
 				}
 			}
 
-		if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
+		if (s->s3->server_opaque_prf_input != NULL)
+			{
+			/* shouldn't really happen */
 			OPENSSL_free(s->s3->server_opaque_prf_input);
+			}
 		s->s3->server_opaque_prf_input = NULL;
 
 		if (s->tlsext_opaque_prf_input != NULL)
@@ -1478,9 +1500,14 @@ int ssl_check_clienthello_tlsext_early(SSL *s)
 				 * of the same length as the client opaque PRF input! */
 
 				if (s->tlsext_opaque_prf_input_len == 0)
-					s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+					{
+					/* dummy byte just to get non-NULL */
+					s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+					}
 				else
+					{
 					s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
+					}
 				if (s->s3->server_opaque_prf_input == NULL)
 					{
 					ret = SSL_TLSEXT_ERR_ALERT_FATAL;
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 6eeb8dda6c..377e24212f 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -217,9 +217,12 @@ extern "C" {
 #define TLSEXT_TYPE_ec_point_formats		11
 #define TLSEXT_TYPE_session_ticket		35
 /* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
-#if 0 /* will have to be provided externally for now ,
-       * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
-       * using whatever extension number you'd like to try */
+#if 0
+/*
+ * will have to be provided externally for now ,
+ * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
+ * using whatever extension number you'd like to try
+ */
 # define TLSEXT_TYPE_opaque_prf_input		?? */
 #endif
author	Matt Caswell <matt@openssl.org>	2015-01-21 11:09:58 +0000
committer	Matt Caswell <matt@openssl.org>	2015-01-22 09:44:02 +0000
commit	e16db4b3d75e9e3ea4dccdd5df65e75e62a320c3 (patch)
tree	f91d4a8ee4124337576ea8686112ac6f87739de9 /ssl
parent	134d38bcde371839f5ffe33181a4d83858fc3469 (diff)