Fix source where indent will not be able to cope

Conflicts:
	apps/ciphers.c
	ssl/s3_pkt.c

Conflicts:
	crypto/ec/ec_curve.c

Conflicts:
	crypto/ec/ec_curve.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c
	ssl/ssl_sess.c

Reviewed-by: Tim Hudson <tjh@openssl.org>

8 files changed, 45 insertions, 19 deletions

diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 1b1a249e4c..c040c6f82f 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -314,10 +314,11 @@ int ssl23_get_client_hello(SSL *s)
 
 				}
 			}
+		/* p[4] < 5 ... silly record length? */
 		else if ((p[0] == SSL3_RT_HANDSHAKE) &&
 			 (p[1] == SSL3_VERSION_MAJOR) &&
 			 (p[5] == SSL3_MT_CLIENT_HELLO) &&
-			 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
+			 ((p[3] == 0 && p[4] < 5)
 				|| (p[9] >= p[1])))
 			{
 			/*
@@ -437,8 +438,10 @@ int ssl23_get_client_hello(SSL *s)
 		if (j <= 0) return(j);
 
 		ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
+
+		/* CLIENT-HELLO */
 		if (s->msg_callback)
-			s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+			s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg);
 
 		p=s->packet;
 		p+=5;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index ff9e0e6ed1..8bb3302c02 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -747,7 +747,7 @@ int ssl3_get_server_hello(SSL *s)
 		SSL3_ST_CR_SRVR_HELLO_A,
 		SSL3_ST_CR_SRVR_HELLO_B,
 		-1,
-		20000, /* ?? */
+		20000,
 		&ok);
 
 	if (!ok) return((int)n);
@@ -2071,11 +2071,12 @@ int ssl3_get_server_done(SSL *s)
 	int ok,ret=0;
 	long n;
 
+	/* Second to last param should be very small, like 0 :-) */
 	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_SRVR_DONE_A,
 		SSL3_ST_CR_SRVR_DONE_B,
 		SSL3_MT_SERVER_DONE,
-		30, /* should be very small, like 0 :-) */
+		30,
 		&ok);
 
 	if (!ok) return((int)n);
@@ -3041,7 +3042,8 @@ int ssl3_check_cert_and_algorithm(SSL *s)
 		{
 		if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
 		    s->s3->tmp.new_cipher) == 0) 
-			{ /* check failed */
+			{
+			/* check failed */
 			SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT);
 			goto f_err;
 			}
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index f352645e0d..2c65f68674 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -764,13 +764,14 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 		header[j++] = rec->length >> 8;
 		header[j++] = rec->length & 0xff;
 
+		/* Final param == is SSLv3 */
 		ssl3_cbc_digest_record(
 			hash,
 			md, &md_size,
 			header, rec->input,
 			rec->length + md_size, orig_len,
 			mac_sec, md_size,
-			1 /* is SSLv3 */);
+			1);
 		}
 	else
 		{
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a082d40e2c..ab46fa04c3 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -935,8 +935,9 @@ int ssl3_get_client_hello(SSL *s)
 					}
 				/* else cookie verification succeeded */
 				}
+			/* default verification */
 			else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie, 
-						  s->d1->cookie_len) != 0) /* default verification */
+						  s->d1->cookie_len) != 0)
 				{
 					al=SSL_AD_HANDSHAKE_FAILURE;
 					SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, 
@@ -1993,7 +1994,7 @@ int ssl3_get_client_key_exchange(SSL *s)
 		SSL3_ST_SR_KEY_EXCH_A,
 		SSL3_ST_SR_KEY_EXCH_B,
 		SSL3_MT_CLIENT_KEY_EXCHANGE,
-		2048, /* ??? */
+		2048,
 		&ok);
 
 	if (!ok) return((int)n);
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 8fbe012a87..46b449cf71 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -1876,9 +1876,10 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 
 static void process_proxy_debug(int indent, const char *format, ...)
 	{
+	/* That's 80 > */
 	static const char indentation[] =
 		">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
-		">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
+		">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
 	char my_format[256];
 	va_list args;
 
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 7ce67bc82c..52808b32ca 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -923,6 +923,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 		 * timing-side channel information about how many blocks of
 		 * data we are hashing because that gives an attacker a
 		 * timing-oracle. */
+		 /* Final param == not SSLv3 */
 		ssl3_cbc_digest_record(
 			mac_ctx,
 			md, &md_size,
@@ -930,7 +931,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 			rec->length + md_size, orig_len,
 			ssl->s3->read_mac_secret,
 			ssl->s3->read_mac_secret_size,
-			0 /* not SSLv3 */);
+			0);
 		}
 	else
 		{
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index f925c0fe65..7cce96a74d 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -944,8 +944,10 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 
 			if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
 				OPENSSL_free(s->s3->client_opaque_prf_input);
+				
+			/* dummy byte just to get non-NULL */
 			if (s->s3->client_opaque_prf_input_len == 0)
-				s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+				s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
 			else
 				s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
 			if (s->s3->client_opaque_prf_input == NULL)
diff --git a/ssl/tls1.h b/ssl/tls1.h
index ac9361600f..6eeb8dda6c 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -524,21 +524,36 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 
 #ifdef CHARSET_EBCDIC
 #undef TLS_MD_CLIENT_FINISH_CONST
-#define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*client finished*/
+/*client finished*/
+#define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
 #undef TLS_MD_SERVER_FINISH_CONST
-#define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*server finished*/
+/*server finished*/
+#define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
 #undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
+/*server write key*/
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
 #undef TLS_MD_KEY_EXPANSION_CONST
-#define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"  /*key expansion*/
+/*key expansion*/
+#define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
+
 #undef TLS_MD_CLIENT_WRITE_KEY_CONST
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*client write key*/
+/*client write key*/
+#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
 #undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
+/*server write key*/
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
 #undef TLS_MD_IV_BLOCK_CONST
-#define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"  /*IV block*/
+/*IV block*/
+#define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
+
 #undef TLS_MD_MASTER_SECRET_CONST
-#define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
+/*master secret*/
+#define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
 #endif
 
 /* TLS Session Ticket extension struct */