Further comment amendments to preserve formatting prior to source reformat

Reviewed-by: Tim Hudson <tjh@openssl.org>

apps/apps.c

@@ -2917,7 +2917,8 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
 #endif
 
 #ifndef OPENSSL_NO_TLSEXT
-/* next_protos_parse parses a comma separated list of strings into a string
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
  *   outlen: (output) set to the length of the resulting buffer on success.
  *   err: (maybe NULL) on failure, an error message line is written to this BIO.

apps/ca.c

@@ -655,7 +655,7 @@ bad:
 			oid_bio=BIO_new_file(p,"r");
 			if (oid_bio == NULL) 
 				{
-				/*
+				/*-
 				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
 				ERR_print_errors(bio_err);
 				*/

apps/pkcs7.c

@@ -71,7 +71,8 @@
 #undef PROG
 #define PROG	pkcs7_main
 
-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg	- input format - default PEM (DER or PEM)
  * -outform arg - output format - default PEM
  * -in arg	- input file - default stdin
  * -out arg	- output file - default stdout

apps/req.c

@@ -506,7 +506,7 @@ bad:
 			oid_bio=BIO_new_file(p,"r");
 			if (oid_bio == NULL) 
 				{
-				/*
+				/*-
 				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
 				ERR_print_errors(bio_err);
 				*/

apps/s_cb.c

@@ -230,7 +230,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
 			return(0);
 			}
 
-		/*
+		/*-
 		In theory this is no longer needed 
 		ssl=SSL_new(ctx);
 		x509=SSL_get_certificate(ssl);

crypto/bio/b_sock.c

@@ -549,7 +549,8 @@ int BIO_socket_ioctl(int fd, long type, void *arg)
 	i=ioctlsocket(fd,type,(char *)arg);
 #else
 # if defined(OPENSSL_SYS_VMS)
-	/* 2011-02-18 SMS.
+	/*-
+	 * 2011-02-18 SMS.
 	 * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
 	 * observe that all the consumers pass in an "unsigned long *",
 	 * so we arrange a local copy with a short pointer, and use

crypto/bio/bf_null.c

@@ -102,9 +102,11 @@ static int nullf_new(BIO *bi)
 static int nullf_free(BIO *a)
 	{
 	if (a == NULL) return(0);
-/*	a->ptr=NULL;
+	/*-
+  	a->ptr=NULL;
 	a->init=0;
-	a->flags=0;*/
+	a->flags=0;
+	*/
 	return(1);
 	}
 	

crypto/bio/bss_rtcp.c

@@ -56,7 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+/*-
+ * Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
  * Date:   22-JUL-1996
  * Revised: 25-SEP-1997		Update for 0.8.1, BIO_CTRL_SET -> BIO_C_SET_FD
  */

crypto/bn/bn_ctx.c

@@ -67,7 +67,8 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-/* TODO list
+/*-
+ * TODO list
  *
  * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
  * check they can be safely removed.

crypto/des/des_old.c

@@ -1,6 +1,7 @@
 /* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
 
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
  *
  * The function names in here are deprecated and are only present to
  * provide an interface compatible with libdes.  OpenSSL now provides

crypto/des/set_key.c

@@ -152,7 +152,8 @@ int DES_is_weak_key(const_DES_cblock *key)
 	return(0);
 	}
 
-/* NOW DEFINED IN des_local.h
+/*-
+ * NOW DEFINED IN des_local.h
  * See ecb_encrypt.c for a pseudo description of these macros. 
  * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
  * 	(b)^=(t),\
@@ -322,7 +323,8 @@ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
 		}
 	}
 
-/* return 0 if key parity is odd (correct),
+/*-
+ * return 0 if key parity is odd (correct),
  * return -1 if key parity error,
  * return -2 if illegal weak key.
  */

crypto/ec/ec2_mult.c

@@ -77,7 +77,8 @@
 #ifndef OPENSSL_NO_EC2M
 
 
-/* Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective 
+/*-
+ * Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective 
  * coordinates.
  * Uses algorithm Mdouble in appendix of 
  *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
@@ -109,7 +110,8 @@ static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx
 	return ret;
 	}
 
-/* Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery 
+/*-
+ * Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery 
  * projective coordinates.
  * Uses algorithm Madd in appendix of 
  *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 

crypto/ec/ec2_oct.c

@@ -73,7 +73,8 @@
 
 #ifndef OPENSSL_NO_EC2M
 
-/* Calculates and sets the affine coordinates of an EC_POINT from the given
+/*-
+ * Calculates and sets the affine coordinates of an EC_POINT from the given
  * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1. 
  * Note that the simple implementation only uses affine coordinates.
  *

crypto/ec/ecp_nistp224.c

@@ -341,7 +341,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 	}
 
 /******************************************************************************/
-/*				FIELD OPERATIONS
+/*-
+ *				FIELD OPERATIONS
  *
  * Field operations, using the internal representation of field elements.
  * NB! These operations are specific to our point multiplication and cannot be
@@ -516,7 +517,8 @@ static void felem_mul(widefelem out, const felem in1, const felem in2)
 	out[6] = ((widelimb) in1[3]) * in2[3];
 	}
 
-/* Reduce seven 128-bit coefficients to four 64-bit coefficients.
+/*-
+ * Reduce seven 128-bit coefficients to four 64-bit coefficients.
  * Requires in[i] < 2^126,
  * ensures out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16 */
 static void felem_reduce(felem out, const widefelem in)
@@ -748,7 +750,8 @@ copy_conditional(felem out, const felem in, limb icopy)
 	}
 
 /******************************************************************************/
-/*			 ELLIPTIC CURVE POINT OPERATIONS
+/*-
+ *			 ELLIPTIC CURVE POINT OPERATIONS
  *
  * Points are represented in Jacobian projective coordinates:
  * (X, Y, Z) corresponds to the affine point (X/Z^2, Y/Z^3),

crypto/ec/ecp_nistp256.c

@@ -175,8 +175,10 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
 	}
 
 
-/* Field operations
- * ---------------- */
+/*-
+ * Field operations
+ * ----------------
+ */
 
 static void smallfelem_one(smallfelem out)
 	{

crypto/ec/ecp_nistp521.c

@@ -207,8 +207,10 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 	}
 
 
-/* Field operations
- * ---------------- */
+/*-
+ * Field operations
+ * ----------------
+ */
 
 static void felem_one(felem out)
 	{

crypto/ec/ecp_smpl.c

@@ -114,13 +114,14 @@ const EC_METHOD *EC_GFp_simple_method(void)
 	}
 
 
-/* Most method functions in this file are designed to work with
+/*
+ * Most method functions in this file are designed to work with
  * non-trivial representations of field elements if necessary
  * (see ecp_mont.c): while standard modular addition and subtraction
  * are used, the field_mul and field_sqr methods will be used for
  * multiplication, and field_encode and field_decode (if defined)
  * will be used for converting between representations.
-
+ *
  * Functions ec_GFp_simple_points_make_affine() and
  * ec_GFp_simple_point_get_affine_coordinates() specifically assume
  * that if a non-trivial representation is used, it is a Montgomery

crypto/ecdh/ech_ossl.c

@@ -101,7 +101,8 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
 	}
 
 
-/* This implementation is based on the following primitives in the IEEE 1363 standard:
+/*-
+ * This implementation is based on the following primitives in the IEEE 1363 standard:
  *  - ECKAS-DH1
  *  - ECSVDP-DH
  * Finally an optional KDF is applied.

crypto/engine/eng_openssl.c

@@ -222,7 +222,8 @@ IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
 #endif /* ENGINE_DYNAMIC_SUPPORT */
 
 #ifdef TEST_ENG_OPENSSL_RC4
-/* This section of code compiles an "alternative implementation" of two modes of
+/*-
+ * This section of code compiles an "alternative implementation" of two modes of
  * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
  * should under normal circumstances go via this support rather than the default
  * EVP support. There are other symbols to tweak the testing;

crypto/md5/md5_locl.h

@@ -97,7 +97,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
 
 #include "md32_common.h"
 
-/*
+/*-
 #define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
 #define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
 */

crypto/objects/objects.h

@@ -604,7 +604,8 @@
 #define NID_pbeWithMD5AndCast5_CBC	112
 #define OBJ_pbeWithMD5AndCast5_CBC	1L,2L,840L,113533L,7L,66L,12L
 
-/* This is one sun will soon be using :-(
+/*-
+ * This is one sun will soon be using :-(
  * id-dsa-with-sha1 ID  ::= {
  *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
  */

crypto/ocsp/ocsp_ext.c

@@ -361,7 +361,8 @@ int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
 	return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val, len);
 	}
 
-/* Check nonce validity in a request and response.
+/*-
+ * Check nonce validity in a request and response.
  * Return value reflects result:
  *  1: nonces present and equal.
  *  2: nonces both absent.

crypto/pem/pem.h

@@ -176,7 +176,8 @@ typedef struct pem_ctx_st
 
 	struct	{
 		int cipher;
-	/* unused, and wrong size
+	/*-
+	   unused, and wrong size
 	   unsigned char iv[8]; */
 		} DEK_info;
 		
@@ -185,7 +186,8 @@ typedef struct pem_ctx_st
 	int num_recipient;
 	PEM_USER **recipient;
 
-	/* XXX(ben): don#t think this is used! 
+	/*-
+	    XXX(ben): don#t think this is used! 
 		STACK *x509_chain;	/ * certificate chain */
 	EVP_MD *md;		/* signature type */
 
@@ -196,7 +198,8 @@ typedef struct pem_ctx_st
 	EVP_CIPHER *dec;	/* date encryption cipher */
 	int key_len;		/* key length */
 	unsigned char *key;	/* key */
-	/* unused, and wrong size
+	/*-
+	    unused, and wrong size
 	   unsigned char iv[8]; */
 
 	

crypto/rand/rand_win.c

@@ -434,7 +434,8 @@ int RAND_poll(void)
 		FreeLibrary(user);
 		}
 
-	/* Toolhelp32 snapshot: enumerate processes, threads, modules and heap
+	/*-
+	 * Toolhelp32 snapshot: enumerate processes, threads, modules and heap
 	 * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
 	 * (Win 9x and 2000 only, not available on NT)
 	 *

crypto/rc2/rc2_ecb.c

@@ -62,7 +62,8 @@
 
 const char RC2_version[]="RC2" OPENSSL_VERSION_PTEXT;
 
-/* RC2 as implemented frm a posting from
+/*-
+ * RC2 as implemented frm a posting from
  * Newsgroups: sci.crypt
  * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
  * Subject: Specification for Ron Rivests Cipher No.2

crypto/stack/stack.c

@@ -56,7 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-/* Code for stacks
+/*-
+ * Code for stacks
  * Author - Eric Young v 1.0
  * 1.2 eay 12-Mar-97 -	Modified sk_find so that it _DOES_ return the
  *			lowest index for the searched item.

crypto/threads/mttest.c

@@ -863,7 +863,7 @@ void solaris_locking_callback(int mode, int type, char *file, int line)
 		(type&CRYPTO_READ)?"r":"w",file,line);
 #endif
 
-	/*
+	/*-
 	if (CRYPTO_LOCK_SSL_CERT == type)
 	fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
 		CRYPTO_thread_id(),
@@ -871,7 +871,8 @@ void solaris_locking_callback(int mode, int type, char *file, int line)
 	*/
 	if (mode & CRYPTO_LOCK)
 		{
-	/*	if (mode & CRYPTO_READ)
+	/*-
+		if (mode & CRYPTO_READ)
 			rw_rdlock(&(lock_cs[type]));
 		else
 			rw_wrlock(&(lock_cs[type])); */
@@ -1067,7 +1068,7 @@ void pthreads_locking_callback(int mode, int type, char *file,
 		(mode&CRYPTO_LOCK)?"l":"u",
 		(type&CRYPTO_READ)?"r":"w",file,line);
 #endif
-/*
+/*-
 	if (CRYPTO_LOCK_SSL_CERT == type)
 		fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
 		CRYPTO_thread_id(),

crypto/threads/th-lock.c

@@ -97,7 +97,8 @@ static unsigned long irix_thread_id(void );
 static unsigned long solaris_thread_id(void );
 static unsigned long pthreads_thread_id(void );
 
-/* usage:
+/*-
+ * usage:
  * CRYPTO_thread_setup();
  * application code
  * CRYPTO_thread_cleanup();

crypto/ui/ui_openssl.c

@@ -56,7 +56,8 @@
  *
  */
 
-/* The lowest level part of this file was previously in crypto/des/read_pwd.c,
+/*-
+ * The lowest level part of this file was previously in crypto/des/read_pwd.c,
  * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *

crypto/x509/x509_vfy.c

@@ -1335,7 +1335,8 @@ static int check_crl_chain(X509_STORE_CTX *ctx,
 	return 0;
 	}
 
-/* Check for match between two dist point names: three separate cases.
+/*-
+ * Check for match between two dist point names: three separate cases.
  * 1. Both are relative names and compare X509_NAME types.
  * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
  * 3. Both are full names and compare two GENERAL_NAMES.

crypto/x509v3/pcy_tree.c

@@ -133,7 +133,8 @@ static void tree_print(char *str, X509_POLICY_TREE *tree,
 
 #endif
 
-/* Initialize policy tree. Return values:
+/*-
+ * Initialize policy tree. Return values:
  *  0 Some internal error occurred.
  * -1 Inconsistent or invalid extensions in certificates.
  *  1 Tree initialized OK.

crypto/x509v3/v3_lib.c

@@ -176,7 +176,8 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
 	return method->d2i(NULL, &p, ext->value->length);
 }
 
-/* Get critical flag and decoded version of extension from a NID.
+/*-
+ * Get critical flag and decoded version of extension from a NID.
  * The "idx" variable returns the last found extension and can
  * be used to retrieve multiple extensions of the same NID.
  * However multiple extensions with the same NID is usually

crypto/x509v3/v3_pku.c

@@ -97,7 +97,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
 	return 1;
 }
 
-/*
+/*-
 static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
 X509V3_EXT_METHOD *method;
 X509V3_CTX *ctx;

engines/e_sureware.c

@@ -1,4 +1,5 @@
-/* Written by Corinne Dive-Reclus(cdive@baltimore.com)
+/*-
+*  Written by Corinne Dive-Reclus(cdive@baltimore.com)
 * 
 *
 * Redistribution and use in source and binary forms, with or without

ssl/kssl.c

@@ -907,7 +907,8 @@ static size_t  *populate_cksumlens(void)
 	return cklens;
 	}
 
-/*	Return pointer to start of real authenticator within authenticator, or
+/*-
+ *	Return pointer to start of real authenticator within authenticator, or
  *	return NULL on error.
  *	Decrypted authenticator looks like this:
  *		[0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]

ssl/s3_both.c

@@ -588,7 +588,8 @@ int ssl_verify_alarm_type(long type)
 	}
 
 #ifndef OPENSSL_NO_BUF_FREELISTS
-/* On some platforms, malloc() performance is bad enough that you can't just
+/*-
+ * On some platforms, malloc() performance is bad enough that you can't just
  * free() and malloc() buffers all the time, so we need to use freelists from
  * unused buffers.  Currently, each freelist holds memory chunks of only a
  * given size (list->chunklen); other sized chunks are freed and malloced.

ssl/s3_cbc.c

@@ -723,7 +723,8 @@ void tls_fips_digest_extra(
 	if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
 		return;
 	block_size = EVP_MD_CTX_block_size(mac_ctx);
-	/* We are in FIPS mode if we get this far so we know we have only SHA*
+	/*-
+	 * We are in FIPS mode if we get this far so we know we have only SHA*
 	 * digests and TLS to deal with.
 	 * Minimum digest padding length is 17 for SHA384/SHA512 and 9
 	 * otherwise.

ssl/ssl_lib.c

@@ -1924,7 +1924,8 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	ret->quiet_shutdown=0;
 
 /*	ret->cipher=NULL;*/
-/*	ret->s2->challenge=NULL;
+/*-
+	ret->s2->challenge=NULL;
 	ret->master_key=NULL;
 	ret->s2->conn_id=NULL; */
 

ssl/ssl_sess.c

@@ -425,7 +425,8 @@ int ssl_get_new_session(SSL *s, int session)
 	return(1);
 	}
 
-/* ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+/*-
+ * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
  * connection. It is only called by servers.
  *
  *   session_id: points at the session ID in the ClientHello. This code will

ssl/ssltest.c

@@ -375,7 +375,8 @@ static const char *alpn_server;
 static const char *alpn_expected;
 static unsigned char *alpn_selected;
 
-/* next_protos_parse parses a comma separated list of strings into a string
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
  *   outlen: (output) set to the length of the resulting buffer on success.
  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
@@ -2374,7 +2375,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
 			if (SSL_in_init(s_ssl))
 				printf("server waiting in SSL_accept - %s\n",
 					SSL_state_string_long(s_ssl));
-/*			else if (s_write)
+/*-
+			else if (s_write)
 				printf("server:SSL_write()\n");
 			else
 				printf("server:SSL_read()\n"); */
@@ -2385,7 +2387,8 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
 			if (SSL_in_init(c_ssl))
 				printf("client waiting in SSL_connect - %s\n",
 					SSL_state_string_long(c_ssl));
-/*			else if (c_write)
+/*-
+			else if (c_write)
 				printf("client:SSL_write()\n");
 			else
 				printf("client:SSL_read()\n"); */

ssl/t1_enc.c

@@ -694,7 +694,8 @@ err:
 	return(ret);
 	}
 
-/* tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+/*-
+ * tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
  *
  * Returns:
  *   0: (in non-constant time) if the record is publically invalid (i.e. too