Remove some documentation for functions not in 1.0.x

A few functions in the recently added EVP_EncodeInit docs don't apply to the 1.0.x branches. Reviewed-by: Richard Levitte <levitte@openssl.org>
Add documentation for EVP_EncodeInit() and similar functions
2016-05-03 12:54:06 +01:00 · 2016-05-03 11:54:00 +01:00 · 2016-05-03 11:52:53 +01:00 · 2016-05-03 11:52:53 +01:00 · 2016-05-03 10:28:00 +01:00 · 2016-05-03 09:03:16 +01:00
1344 changed files with 276633 additions and 269857 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -1,22 +0,0 @@
-openssl.pc
-libcrypto.pc
-libssl.pc
-MINFO
-makefile.one
-tmp
-out
-outinc
-rehash.time
-testlog
-make.log
-maketest.log
-cctest
-cctest.c
-cctest.a
-*.flc
-semantic.cache
-Makefile
-*.dll*
-*.so*
-*.sl*
-*.dylib*
--- a/.gitignore
+++ b/.gitignore
@ -1,11 +1,13 @@
 # Object files
 *.o
+*.obj

 # editor artefacts
 *.swp
 .#*
 #*#
 *~
+/.dir-locals.el

 # Top level excludes
 /Makefile.bak
@ -47,6 +49,21 @@
 *.s
 !/crypto/bn/asm/pa-risc2.s
 !/crypto/bn/asm/pa-risc2W.s
+crypto/aes/asm/a_win32.asm
+crypto/bf/asm/b_win32.asm
+crypto/bn/asm/bn_win32.asm
+crypto/bn/asm/co_win32.asm
+crypto/bn/asm/mt_win32.asm
+crypto/cast/asm/c_win32.asm
+crypto/cpu_win32.asm
+crypto/des/asm/d_win32.asm
+crypto/des/asm/y_win32.asm
+crypto/md5/asm/m5_win32.asm
+crypto/rc4/asm/r4_win32.asm
+crypto/rc5/asm/r5_win32.asm
+crypto/ripemd/asm/rm_win32.asm
+crypto/sha/asm/s1_win32.asm
+crypto/sha/asm/sha512-sse2.asm

 # Executables
 /apps/openssl
@ -77,3 +94,21 @@ Makefile.save
 *.bak
 tags
 TAGS
+
+# Windows
+/tmp32
+/tmp32.dbg
+/tmp32dll
+/tmp32dll.dbg
+/out32
+/out32.dbg
+/out32dll
+/out32dll.dbg
+/inc32
+/MINFO
+ms/bcb.mak
+ms/libeay32.def
+ms/nt.mak
+ms/ntdll.mak
+ms/ssleay32.def
+ms/version32.rc
--- a/.travis-create-release.sh
+++ b/.travis-create-release.sh
@ -0,0 +1,10 @@
+#! /bin/sh
+
+# $1 is expected to be $TRAVIS_OS_NAME
+
+if [ "$1" == osx ]; then
+    make -f Makefile.org \
+	 DISTTARVARS="NAME=_srcdist TAR_COMMAND='\$\$(TAR) \$\$(TARFLAGS) -s \"|^|\$\$(NAME)/|\" -T \$\$(TARFILE).list -cvf -' TARFLAGS='-n' TARFILE=_srcdist.tar" SHELL='sh -vx' dist
+else
+    make -f Makefile.org DISTTARVARS='TARFILE=_srcdist.tar NAME=_srcdist' SHELL='sh -v' dist
+fi
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,60 @@
+language: c
+
+addons:
+    apt_packages:
+        - binutils-mingw-w64
+        - gcc-mingw-w64
+
+os:
+    - linux
+    - osx
+
+compiler:
+    - clang
+    - gcc
+    - i686-w64-mingw32-gcc
+    - x86_64-w64-mingw32-gcc
+
+env:
+    - CONFIG_OPTS=""
+    - CONFIG_OPTS="shared"
+    - CONFIG_OPTS="-d --strict-warnings"
+
+matrix:
+    exclude:
+        - os: osx
+          compiler: i686-w64-mingw32-gcc
+        - os: osx
+          compiler: x86_64-w64-mingw32-gcc
+        - compiler: i686-w64-mingw32-gcc
+          env: CONFIG_OPTS="-d --strict-warnings"
+        - compiler: x86_64-w64-mingw32-gcc
+          env: CONFIG_OPTS="-d --strict-warnings"
+
+before_script:
+    - sh .travis-create-release.sh $TRAVIS_OS_NAME
+    - tar -xvzf _srcdist.tar.gz
+    - cd _srcdist
+    - if [ "$CC" == i686-w64-mingw32-gcc ]; then
+          export CROSS_COMPILE=${CC%%gcc}; unset CC;
+          ./Configure mingw $CONFIG_OPTS;
+      elif [ "$CC" == x86_64-w64-mingw32-gcc ]; then
+          export CROSS_COMPILE=${CC%%gcc}; unset CC;
+          ./Configure mingw64 $CONFIG_OPTS;
+      else
+          ./config $CONFIG_OPTS;
+      fi
+    - cd ..
+
+script:
+    - cd _srcdist
+    - make
+    - if [ -z "$CROSS_COMPILE" ]; then make test; fi
+    - cd ..
+
+notifications:
+    recipient:
+        - openssl-commits@openssl.org
+    email:
+        on_success: change
+        on_failure: always
--- a/32
+++ b/32
@ -1,30 +1,2 @@
-The OpenSSL project depends on volunteer efforts and financial support from
-the end user community. That support comes in the form of donations and paid
-sponsorships, software support contracts, paid consulting services
-and commissioned software development.
-
-Since all these activities support the continued development and improvement
-of OpenSSL we consider all these clients and customers as sponsors of the
-OpenSSL project.
-
-We would like to identify and thank the following such sponsors for their past
-or current significant support of the OpenSSL project:
-
-Major support:
-
-	Qualys		http://www.qualys.com/
-
-Very significant support:
-
-	OpenGear:	http://www.opengear.com/
-
-Significant support:
-
-	PSW Group:	http://www.psw.net/
-	Acano Ltd.	http://acano.com/
-
-Please note that we ask permission to identify sponsors and that some sponsors
-we consider eligible for inclusion here have requested to remain anonymous.
-
-Additional sponsorship or financial support is always welcome: for more
-information please contact the OpenSSL Software Foundation.
+Please https://www.openssl.org/community/thanks.html for the current
+acknowledgements.
--- a/826
+++ b/826
--- a/38
+++ b/38
@ -0,0 +1,38 @@
+HOW TO CONTRIBUTE TO OpenSSL
+----------------------------
+
+Development is coordinated on the openssl-dev mailing list (see
+http://www.openssl.org for information on subscribing). If you
+would like to submit a patch, send it to rt@openssl.org with
+the string "[PATCH]" in the subject. Please be sure to include a
+textual explanation of what your patch does.
+
+You can also make GitHub pull requests. If you do this, please also send
+mail to rt@openssl.org with a brief description and a link to the PR so
+that we can more easily keep track of it.
+
+If you are unsure as to whether a feature will be useful for the general
+OpenSSL community please discuss it on the openssl-dev mailing list first.
+Someone may be already working on the same thing or there may be a good
+reason as to why that feature isn't implemented.
+
+Patches should be as up to date as possible, preferably relative to the
+current Git or the last snapshot. They should follow our coding style
+(see https://www.openssl.org/policies/codingstyle.html) and compile without
+warnings using the --strict-warnings flag.  OpenSSL compiles on many varied
+platforms: try to ensure you only use portable features.
+
+Our preferred format for patch files is "git format-patch" output. For example
+to provide a patch file containing the last commit in your local git repository
+use the following command:
+
+# git format-patch --stdout HEAD^ >mydiffs.patch
+
+Another method of creating an acceptable patch file without using git is as
+follows:
+
+# cd openssl-work
+# [your changes]
+# ./Configure dist; make clean
+# cd ..
+# diff -ur openssl-orig openssl-work > mydiffs.patch
--- a/164
+++ b/164
@ -58,6 +58,10 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
 #		library and will be loaded in run-time by the OpenSSL library.
 # sctp          include SCTP support
 # 386           generate 80386 code
+# enable-weak-ssl-ciphers
+#		Enable EXPORT and LOW SSLv3 ciphers that are disabled by
+#		default.  Note, weak SSLv2 ciphers are unconditionally
+#		disabled.
 # no-sse2	disables IA-32 SSE2 code, above option implies no-sse2
 # no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
 # -<xxx> +<xxx> compiler options are passed through 
@ -105,6 +109,11 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta

 my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";

+# Warn that "make depend" should be run?
+my $warn_make_depend = 0;
+
+my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Qunused-arguments";
+
 my $strict_warnings = 0;

 my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
@ -185,18 +194,19 @@ my %table=(
 "debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-linux-x86_64-clang","clang: -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 "dist",		"cc:-O::(unknown)::::::",

 # Basic configs that should work on any (32 and less bit) box
@ -230,12 +240,12 @@ my %table=(

 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
 "solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

 #### SPARC Solaris with Sun C setups
@ -252,20 +262,20 @@ my %table=(

 #### SunOS configs, assuming sparc for the gcc one.
 #"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
-"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
+"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",

 #### IRIX 5.x configs
 # -mips2 flag is added by ./config when appropriate.
-"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-gcc","gcc:-O3 -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### IRIX 6.x configs
 # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
 # './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
 # N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",

 #### Unified HP-UX ANSI C configs.
 # Special notes:
@ -345,23 +355,24 @@ my %table=(
 ####
 # *-generic* is endian-neutral target, but ./config is free to
 # throw in -D[BL]_ENDIAN, whichever appropriate...
-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc",	"gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # It's believed that majority of ARM toolchains predefine appropriate -march.
 # If you compiler does not, do complement config command line with one!
-"linux-armv4",	"gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-armv4",	"gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### IA-32 targets...
-"linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+"linux-ia32-icc",	"icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf",	"gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aout",	"gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
 ####
-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-"linux64-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-ia64",	"gcc:-DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64-clang","clang: -m64 -DL_ENDIAN -O3 -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux64-s390x",	"gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 #### So called "highgprs" target for z/Architecture CPUs
 # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
 # /proc/cpuinfo. The idea is to preserve most significant bits of
@ -375,16 +386,16 @@ my %table=(
 # ldconfig and run-time linker to autodiscover. Unfortunately it
 # doesn't work just yet, because of couple of bugs in glibc
 # sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
-"linux32-s390x",	"gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
+"linux32-s390x",	"gcc:-m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
 #### SPARC Linux setups
 # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
 # assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # it's a real mess with -mcpu=ultrasparc option under Linux, but
 # -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
 # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@ -398,30 +409,30 @@ my %table=(
 #
 #					<appro@fy.chalmers.se>
 #
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",

-# Android: linux-* but without -DTERMIO and pointers to headers and libs.
+# Android: linux-* but without pointers to headers and libs.
 "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

 #### *BSD [do see comment about ${BSDthreads} above!]
-"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86",	"gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86-elf",	"gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-BSD-x86-elf",	"gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8",	"gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

-"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
 # simply *happens* to work around a compiler bug in gcc 3.3.3,
 # triggered by RIPEMD160 code.
-"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64",	"gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-ia64",	"gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64",	"gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

 "bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

@ -433,8 +444,8 @@ my %table=(

 # QNX
 "qnx4",	"cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-"QNX6",       "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"QNX6-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6",       "gcc:::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386",  "gcc:-DL_ENDIAN -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

 # BeOS
 "beos-x86-r5",   "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
@ -507,7 +518,7 @@ my %table=(
 "SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",

 # SIEMENS BS2000/OSD: an EBCDIC-based mainframe
-"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",

 # OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
 # You need to compile using the c89.sh wrapper in the tools directory, because the
@ -567,7 +578,7 @@ my %table=(
 "netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",

 # DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",

 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@ -593,7 +604,7 @@ my %table=(
 "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",

 ##### GNU Hurd
-"hurd-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+"hurd-x86",  "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",

 ##### OS/2 EMX
 "OS2-EMX", "gcc::::::::",
@ -719,8 +730,10 @@ my %disabled = ( # "what"         => "comment" [or special keyword "experimental
 		 "rfc3779"	  => "default",
 		 "sctp"           => "default",
 		 "shared"         => "default",
+		 "ssl2"           => "default",
 		 "store"	  => "experimental",
 		 "unit-test"	  => "default",
+		 "weak-ssl-ciphers" => "default",
 		 "zlib"           => "default",
 		 "zlib-dynamic"   => "default"
 	       );
@ -1442,7 +1455,7 @@ if ($target =~ /\-icc$/)	# Intel C compiler
 # linker only when --prefix is not /usr.
 if ($target =~ /^BSD\-/)
 	{
-	$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
+	$shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
 	}

 if ($sys_id ne "")
@ -1574,11 +1587,20 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)

 if ($strict_warnings)
 	{
+	my $ecc = $cc;
+	$ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
 	my $wopt;
-	die "ERROR --strict-warnings requires gcc" unless ($cc =~ /gcc$/);
+	die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
 	foreach $wopt (split /\s+/, $gcc_devteam_warn)
 		{
-		$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
+		$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
+		}
+	if ($ecc eq "clang")
+		{
+		foreach $wopt (split /\s+/, $clang_devteam_warn)
+			{
+			$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
+			}
 		}
 	}

@ -1940,13 +1962,7 @@ EOF
 	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
 	}
 	if ($depflags ne $default_depflags && !$make_depend) {
-		print <<EOF;
-
-Since you've disabled or enabled at least one algorithm, you need to do
-the following before building:
-
-	make depend
-EOF
+            $warn_make_depend++;
        }
 }

@ -2026,12 +2042,18 @@ EOF

 print <<\EOF if ($no_shared_warn);

-You gave the option 'shared'.  Normally, that would give you shared libraries.
-Unfortunately, the OpenSSL configuration doesn't include shared library support
-for this platform yet, so it will pretend you gave the option 'no-shared'.  If
-you can inform the developpers (openssl-dev\@openssl.org) how to support shared
-libraries on this platform, they will at least look at it and try their best
-(but please first make sure you have tried with a current version of OpenSSL).
+You gave the option 'shared', which is not supported on this platform, so
+we will pretend you gave the option 'no-shared'.  If you know how to implement
+shared libraries, please let us know (but please first make sure you have
+tried with a current version of OpenSSL).
+EOF
+
+print <<EOF if ($warn_make_depend);
+
+*** Because of configuration changes, you MUST do the following before
+*** building:
+
+	make depend
 EOF

 exit(0);
--- a/1041
+++ b/1041
--- a/8
+++ b/8
@ -164,10 +164,10 @@
     standard headers).  If it is a problem with OpenSSL itself, please
     report the problem to <openssl-bugs@openssl.org> (note that your
     message will be recorded in the request tracker publicly readable
-     via http://www.openssl.org/support/rt.html and will be forwarded to a
-     public mailing list). Include the output of "make report" in your message.
-     Please check out the request tracker. Maybe the bug was already
-     reported or has already been fixed.
+     at https://www.openssl.org/community/index.html#bugs and will be
+     forwarded to a public mailing list). Include the output of "make
+     report" in your message.  Please check out the request tracker. Maybe
+     the bug was already reported or has already been fixed.

     [If you encounter assembler error messages, try the "no-asm"
     configuration option as an immediate fix.]
--- a/2
+++ b/2
@ -12,7 +12,7 @@
  ---------------

 /* ====================================================================
- * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2016 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
--- a/MacOS/GetHTTPS.src/MacSocket.h
+++ b/MacOS/GetHTTPS.src/MacSocket.h
@ -5,97 +5,98 @@
 extern "C" {
 #endif

-
-
-enum
-{
+enum {
    kMacSocket_TimeoutErr = -2
 };

-
 // Since MacSocket does busy waiting, I do a callback while waiting

-typedef OSErr (*MacSocket_IdleWaitCallback)(void *);
-
+typedef OSErr(*MacSocket_IdleWaitCallback) (void *);

 // Call this before anything else!

 OSErr MacSocket_Startup(void);

-
 // Call this to cleanup before quitting

 OSErr MacSocket_Shutdown(void);

-
-//	Call this to allocate a "socket" (reference number is returned in outSocketNum)
-//	Note that inDoThreadSwitching is pretty much irrelevant right now, since I ignore it
+// Call this to allocate a "socket" (reference number is returned in
+// outSocketNum)
+// Note that inDoThreadSwitching is pretty much irrelevant right now, since I
+// ignore it
 // The inTimeoutTicks parameter is applied during reads/writes of data
-//	The inIdleWaitCallback parameter specifies a callback which is called during busy-waiting periods
+// The inIdleWaitCallback parameter specifies a callback which is called
+// during busy-waiting periods
 // The inUserRefPtr parameter is passed back to the idle-wait callback

-OSErr MacSocket_socket(int *outSocketNum,const Boolean inDoThreadSwitching,const long inTimeoutTicks,MacSocket_IdleWaitCallback inIdleWaitCallback,void *inUserRefPtr);
-
+OSErr MacSocket_socket(int *outSocketNum, const Boolean inDoThreadSwitching,
+                       const long inTimeoutTicks,
+                       MacSocket_IdleWaitCallback inIdleWaitCallback,
+                       void *inUserRefPtr);

 // Call this to connect to an IP/DNS address
-//	Note that inTargetAddressAndPort is in "IP:port" format-- e.g. 10.1.1.1:123
-
-OSErr MacSocket_connect(const int inSocketNum,char *inTargetAddressAndPort);
+// Note that inTargetAddressAndPort is in "IP:port" format-- e.g.
+// 10.1.1.1:123

+OSErr MacSocket_connect(const int inSocketNum, char *inTargetAddressAndPort);

 // Call this to listen on a port
-//	Since this a low-performance implementation, I allow a maximum of 1 (one!) incoming request when I listen
-
-OSErr MacSocket_listen(const int inSocketNum,const int inPortNum);
+// Since this a low-performance implementation, I allow a maximum of 1 (one!)
+// incoming request when I listen

+OSErr MacSocket_listen(const int inSocketNum, const int inPortNum);

 // Call this to close a socket

 OSErr MacSocket_close(const int inSocketNum);

-
 // Call this to receive data on a socket
-//	Most parameters' purpose are obvious-- except maybe "inBlock" which controls whether I wait for data or return immediately
-
-int MacSocket_recv(const int inSocketNum,void *outBuff,int outBuffLength,const Boolean inBlock);
+// Most parameters' purpose are obvious-- except maybe "inBlock" which
+// controls whether I wait for data or return immediately

+int MacSocket_recv(const int inSocketNum, void *outBuff, int outBuffLength,
+                   const Boolean inBlock);

 // Call this to send data on a socket

-int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength);
+int MacSocket_send(const int inSocketNum, const void *inBuff,
+                   int inBuffLength);

-
-//	If zero bytes were read in a call to MacSocket_recv(), it may be that the remote end has done a half-close
+// If zero bytes were read in a call to MacSocket_recv(), it may be that the
+// remote end has done a half-close
 // This function will let you check whether that's true or not

 Boolean MacSocket_RemoteEndIsClosing(const int inSocketNum);

-
-//	Call this to see if the listen has completed after a call to MacSocket_listen()
+// Call this to see if the listen has completed after a call to
+// MacSocket_listen()

 Boolean MacSocket_ListenCompleted(const int inSocketNum);

-
 // These really aren't very useful anymore

 Boolean MacSocket_LocalEndIsOpen(const int inSocketNum);
 Boolean MacSocket_RemoteEndIsOpen(const int inSocketNum);

+// You may wish to change the userRefPtr for a socket callback-- use this to
+// do it

-//	You may wish to change the userRefPtr for a socket callback-- use this to do it
-
-void MacSocket_SetUserRefPtr(const int inSocketNum,void *inNewRefPtr);
-
+void MacSocket_SetUserRefPtr(const int inSocketNum, void *inNewRefPtr);

 // Call these to get the socket's IP:port descriptor

-void MacSocket_GetLocalIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength);
-void MacSocket_GetRemoteIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength);
-
+void MacSocket_GetLocalIPAndPort(const int inSocketNum, char *outIPAndPort,
+                                 const int inIPAndPortLength);
+void MacSocket_GetRemoteIPAndPort(const int inSocketNum, char *outIPAndPort,
+                                  const int inIPAndPortLength);

 // Call this to get error info from a socket

-void MacSocket_GetSocketErrorInfo(const int inSocketNum,int *outSocketErrCode,char *outSocketErrString,const int inSocketErrStringMaxLength);
+void MacSocket_GetSocketErrorInfo(const int inSocketNum,
+                                  int *outSocketErrCode,
+                                  char *outSocketErrString,
+                                  const int inSocketErrStringMaxLength);


 #ifdef __cplusplus
--- a/MacOS/Randomizer.h
+++ b/MacOS/Randomizer.h
@ -4,28 +4,27 @@

 #include <MacTypes.h>

-class CRandomizer
-{
-public:
-	CRandomizer (void);
-	void PeriodicAction (void);
+class CRandomizer {
+ public:
+    CRandomizer(void);
+    void PeriodicAction(void);

-private:
+ private:

    // Private calls

-	void		AddTimeSinceMachineStartup (void);
-	void		AddAbsoluteSystemStartupTime (void);
-	void		AddAppRunningTime (void);
-	void		AddStartupVolumeInfo (void);
-	void		AddFiller (void);
+    void AddTimeSinceMachineStartup(void);
+    void AddAbsoluteSystemStartupTime(void);
+    void AddAppRunningTime(void);
+    void AddStartupVolumeInfo(void);
+    void AddFiller(void);

-	void		AddCurrentMouse (void);
-	void		AddNow (double millisecondUncertainty);
-	void		AddBytes (void *data, long size, double entropy);
+    void AddCurrentMouse(void);
+    void AddNow(double millisecondUncertainty);
+    void AddBytes(void *data, long size, double entropy);

-	void		GetTimeBaseResolution (void);
-	unsigned long	SysTimer (void);
+    void GetTimeBaseResolution(void);
+    unsigned long SysTimer(void);

    // System Info
    bool mSupportsLargeVolumes;
--- a/MacOS/_MWERKS_GUSI_prefix.h
+++ b/MacOS/_MWERKS_GUSI_prefix.h
@ -1,9 +1,9 @@
 #include <MacHeaders.h>
 #define B_ENDIAN
 #ifdef __POWERPC__
-#pragma longlong on
+# pragma longlong on
 #endif
 #if 1
-#define MAC_OS_GUSI_SOURCE
+# define MAC_OS_GUSI_SOURCE
 #endif
 #define MONOLITH
--- a/MacOS/_MWERKS_prefix.h
+++ b/MacOS/_MWERKS_prefix.h
@ -1,9 +1,9 @@
 #include <MacHeaders.h>
 #define B_ENDIAN
 #ifdef __POWERPC__
-#pragma longlong on
+# pragma longlong on
 #endif
 #if 0
-#define MAC_OS_GUSI_SOURCE
+# define MAC_OS_GUSI_SOURCE
 #endif
 #define MONOLITH
--- a/MacOS/opensslconf.h
+++ b/MacOS/opensslconf.h
@ -1,116 +1,126 @@
 /* MacOS/opensslconf.h */

 #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
+# if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#  define OPENSSLDIR "/usr/local/ssl"
+# endif
 #endif

 #if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
+# define IDEA_INT unsigned int
 #endif

 #if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
+# define MD2_INT unsigned int
 #endif

 #if defined(HEADER_RC2_H) && !defined(RC2_INT)
 /* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
+# define RC2_INT unsigned int
 #endif

 #if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
+# if !defined(RC4_INT)
 /*
+ * using int types make the structure larger but make the code faster on most
+ * boxes I have tested - up to %20 faster.
+ */
+/*-
 * I don't know what does "most" mean, but declaring "int" is a must on:
 * - Intel P6 because partial register stalls are very expensive;
 * - elder Alpha because it lacks byte load/store instructions;
 */
-#define RC4_INT unsigned char
-#endif
-#if !defined(RC4_CHUNK)
+#  define RC4_INT unsigned char
+# endif
+# if !defined(RC4_CHUNK)
 /*
 * This enables code handling data aligned at natural CPU word
 * boundary. See crypto/rc4/rc4_enc.c for further details.
 */
-#define RC4_CHUNK unsigned long
-#endif
+#  define RC4_CHUNK unsigned long
+# endif
 #endif

 #if defined(HEADER_DES_H) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
+/*
+ * If this is set to 'unsigned int' on a DEC Alpha, this gives about a %20
+ * speed up (longs are 8 bytes, int's are 4).
+ */
+# ifndef DES_LONG
+#  define DES_LONG unsigned long
+# endif
 #endif

 #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#if __option(longlong)
+# define CONFIG_HEADER_BN_H
+# if __option(longlong)
 #  define BN_LLONG
-#else
+# else
 #  undef BN_LLONG
-#endif
+# endif

 /* Should we define BN_DIV2W here? */

 /* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
+/*
+ * The prime number generation stuff may not work when EIGHT_BIT but I don't
+ * care since I've only used this mode for debuging the bignum libraries
+ */
+# undef SIXTY_FOUR_BIT_LONG
+# undef SIXTY_FOUR_BIT
+# define THIRTY_TWO_BIT
+# undef SIXTEEN_BIT
+# undef EIGHT_BIT
 #endif

 #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
+# define CONFIG_HEADER_RC4_LOCL_H
+/*
+ * if this is defined data[i] is used instead of *data, this is a %20 speedup
+ * on x86
+ */
+# undef RC4_INDEX
 #endif

 #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#define BF_PTR
+# define CONFIG_HEADER_BF_LOCL_H
+# define BF_PTR
 #endif                          /* HEADER_BF_LOCL_H */

 #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#define DES_PTR
-#endif
+# define CONFIG_HEADER_DES_LOCL_H
+/*
+ * the following is tweaked from a config script, that is why it is a
+ * protected undef/define
+ */
+# ifndef DES_PTR
+#  define DES_PTR
+# endif

-/* This helps C compiler generate the correct code for multiple functional
+/*
+ * This helps C compiler generate the correct code for multiple functional
 * units.  It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#define DES_RISC1
-#endif
+ * registers
+ */
+# ifndef DES_RISC1
+#  define DES_RISC1
+# endif

-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#define DES_UNROLL
-#endif
+# ifndef DES_RISC2
+#  undef DES_RISC2
+# endif

+# if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED ! !!!!
+# endif
+/*
+ * Unroll the inner loop, this sometimes helps, sometimes hinders. Very mucy
+ * CPU dependant
+ */
+# ifndef DES_UNROLL
+#  define DES_UNROLL
+# endif
 #endif                          /* HEADER_DES_LOCL_H */
-
 #ifndef __POWERPC__
-#define MD32_XARRAY
+# define MD32_XARRAY
 #endif
--- a/Makefile.org
+++ b/Makefile.org
@ -179,12 +179,11 @@ SHARED_LDFLAGS=
 GENERAL=        Makefile
 BASENAME=       openssl
 NAME=           $(BASENAME)-$(VERSION)
-TARFILE=        $(NAME).tar
-WTARFILE=       $(NAME)-win.tar
+TARFILE=        ../$(NAME).tar
 EXHEADER=       e_os2.h
 HEADER=         e_os.h

-all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+all: Makefile build_all

 # as we stick to -e, CLEARENV ensures that local variables in lower
 # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@ -268,21 +267,25 @@ reflect:
 	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)

 sub_all: build_all
+
 build_all: build_libs build_apps build_tests build_tools

-build_libs: build_crypto build_ssl build_engines
+build_libs: build_libcrypto build_libssl openssl.pc
+
+build_libcrypto: build_crypto build_engines libcrypto.pc
+build_libssl: build_ssl libssl.pc

 build_crypto:
 	@dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
+build_ssl: build_crypto
 	@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
+build_engines: build_crypto
 	@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
+build_apps: build_libs
 	@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
+build_tests: build_libs
 	@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
+build_tools: build_libs
 	@dir=tools; target=all; $(BUILD_ONE_CMD)

 all_testapps: build_libs build_testapps
@ -459,6 +462,9 @@ tests: rehash
 report:
 	@$(PERL) util/selftest.pl

+update: errors stacks util/libeay.num util/ssleay.num TABLE
+	@set -e; target=update; $(RECURSIVE_BUILD_CMD)
+
 depend:
 	@set -e; target=depend; $(RECURSIVE_BUILD_CMD)

@ -483,60 +489,44 @@ util/libeay.num::
 util/ssleay.num::
 	$(PERL) util/mkdef.pl ssl update

-crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
-	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
-crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
-	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
-crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
-	$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
-
-apps/openssl-vms.cnf: apps/openssl.cnf
-	$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
-
-crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
-	$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
-
-
 TABLE: Configure
 	(echo 'Output of `Configure TABLE'"':"; \
 	$(PERL) Configure TABLE) > TABLE

-update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
-
 # Build distribution tar-file. As the list of files returned by "find" is
 # pretty long, on several platforms a "too many arguments" error or similar
 # would occur. Therefore the list of files is temporarily stored into a file
 # and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
 # tar does not support the --files-from option.
-tar:
+TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list \
+	                       --owner 0 --group 0 \
+			       --transform 's|^|$(NAME)/|' \
+			       -cvf -
+
+$(TARFILE).list:
+	find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
+	       \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \
+	       \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+	       \! -name '.#*' \! -name '*~' \! -type l \
+	    | sort > $(TARFILE).list
+
+tar: $(TARFILE).list
 	find . -type d -print | xargs chmod 755
 	find . -type f -print | xargs chmod a+r
 	find . -type f -perm -0100 -print | xargs chmod a+x
-	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
-	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
-	gzip --best >../$(TARFILE).gz; \
-	rm -f ../$(TARFILE).list; \
-	ls -l ../$(TARFILE).gz
+	$(TAR_COMMAND) | gzip --best > $(TARFILE).gz
+	rm -f $(TARFILE).list
+	ls -l $(TARFILE).gz

-tar-snap:
-	@$(TAR) $(TARFLAGS) -cvf - \
-		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
-	ls -l ../$(TARFILE)
+tar-snap: $(TARFILE).list
+	$(TAR_COMMAND) > $(TARFILE)
+	rm -f $(TARFILE).list
+	ls -l $(TARFILE)

 dist:   
 	$(PERL) Configure dist
-	@$(MAKE) dist_pem_h
 	@$(MAKE) SDIRS='$(SDIRS)' clean
-	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
-
-dist_pem_h:
-	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar

 install: all install_docs install_sw

--- a/130
+++ b/130
@ -5,6 +5,67 @@
  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.

+  Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [under development]
+
+      o
+
+  Major changes between OpenSSL 1.0.1r and OpenSSL 1.0.1s [1 Mar 2016]
+
+      o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
+      o Disable SSLv2 default build, default negotiation and weak ciphers
+        (CVE-2016-0800)
+      o Fix a double-free in DSA code (CVE-2016-0705)
+      o Disable SRP fake user seed to address a server memory leak
+        (CVE-2016-0798)
+      o Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
+        (CVE-2016-0797)
+      o Fix memory issues in BIO_*printf functions (CVE-2016-0799)
+      o Fix side channel attack on modular exponentiation (CVE-2016-0702)
+
+  Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016]
+
+      o Protection for DH small subgroup attacks
+      o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
+
+  Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015]
+
+      o Certificate verify crash with missing PSS parameter (CVE-2015-3194)
+      o X509_ATTRIBUTE memory leak (CVE-2015-3195)
+      o Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs
+      o In DSA_generate_parameters_ex, if the provided seed is too short,
+        return an error
+
+  Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015]
+
+      o Alternate chains certificate forgery (CVE-2015-1793)
+      o Race condition handling PSK identify hint (CVE-2015-3196)
+
+  Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015]
+
+      o Fix HMAC ABI incompatibility
+
+  Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]
+
+      o Malformed ECParameters causes infinite loop (CVE-2015-1788)
+      o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
+      o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
+      o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
+      o Race condition handling NewSessionTicket (CVE-2015-1791)
+
+  Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]
+
+      o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)
+      o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)
+      o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)
+      o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)
+      o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)
+      o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)
+      o Removed the export ciphers from the DEFAULT ciphers
+
+  Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
+
+      o Build fixes for the Windows and OpenVMS platforms
+
  Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]

      o Fix for CVE-2014-3571
@ -99,19 +160,6 @@
      o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
      o SRP support.

-  Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:
-
-      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
-      o Fix OCSP bad key DoS attack CVE-2013-0166
-
-  Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:
-
-      o Fix DTLS record length checking bug CVE-2012-2333
-
-  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:
-
-      o Fix for ASN1 overflow bug CVE-2012-2110
-
  Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:

      o Fix for CMS/PKCS#7 MMA CVE-2012-0884
@ -184,62 +232,6 @@
      o Opaque PRF Input TLS extension support.
      o Updated time routines to avoid OS limitations.

-  Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
-
-      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
-      o Fix OCSP bad key DoS attack CVE-2013-0166
-
-  Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
-
-      o Fix DTLS record length checking bug CVE-2012-2333
-
-  Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
-
-      o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
-
-  Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
-
-      o Fix for ASN1 overflow bug CVE-2012-2110
-
-  Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
-
-      o Fix for CMS/PKCS#7 MMA CVE-2012-0884
-      o Corrected fix for CVE-2011-4619
-      o Various DTLS fixes.
-
-  Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
-
-      o Fix for DTLS DoS issue CVE-2012-0050
-
-  Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
-
-      o Fix for DTLS plaintext recovery attack CVE-2011-4108
-      o Fix policy check double free error CVE-2011-4109
-      o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
-      o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
-      o Check for malformed RFC3779 data CVE-2011-4577
-
-  Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
-
-      o Fix for security issue CVE-2011-0014
-
-  Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
-
-      o Fix for security issue CVE-2010-4180
-      o Fix for CVE-2010-4252
-
-  Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
-
-      o Fix for security issue CVE-2010-3864.
-
-  Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
-
-      o Fix for security issue CVE-2010-0742.
-      o Various DTLS fixes.
-      o Recognise SHA2 certificates if only SSL algorithms added.
-      o Fix for no-rc4 compilation.
-      o Chil ENGINE unload workaround.
-
  Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:

      o CFB cipher definition fixes.
--- a/205
+++ b/205
@ -1,7 +1,7 @@

- OpenSSL 1.0.1k 8 Jan 2015
+ OpenSSL 1.0.1t-dev

- Copyright (c) 1998-2011 The OpenSSL Project
+ Copyright (c) 1998-2015 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
 All rights reserved.

@ -10,17 +10,17 @@

 The OpenSSL Project is a collaborative effort to develop a robust,
 commercial-grade, fully featured, and Open Source toolkit implementing the
- Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols as well as a full-strength general purpose cryptography library.
- The project is managed by a worldwide community of volunteers that use the
- Internet to communicate, plan, and develop the OpenSSL toolkit and its
- related documentation.
+ Secure Sockets Layer (SSLv3) and Transport Layer Security (TLS) protocols as
+ well as a full-strength general purpose cryptograpic library. The project is
+ managed by a worldwide community of volunteers that use the Internet to
+ communicate, plan, and develop the OpenSSL toolkit and its related
+ documentation.

- OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
+ OpenSSL is descended from the SSLeay library developed by Eric A. Young
 and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
- OpenSSL license plus the SSLeay license) situation, which basically means
- that you are free to get and use it for commercial and non-commercial
- purposes as long as you fulfill the conditions of both licenses.
+ OpenSSL license plus the SSLeay license), which means that you are free to
+ get and use it for commercial and non-commercial purposes as long as you
+ fulfill the conditions of both licenses.

 OVERVIEW
 --------
@ -28,116 +28,39 @@
 The OpenSSL toolkit includes:

 libssl.a:
-     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
-     both SSLv2, SSLv3 and TLSv1 in the one server and client.
+     Provides the client and server-side implementations for SSLv3 and TLS.

 libcrypto.a:
-     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
-     actually logically part of it. It includes routines for the following:
-
-     Ciphers
-        libdes - EAY's libdes DES encryption package which was floating
-                 around the net for a few years, and was then relicensed by
-                 him as part of SSLeay.  It includes 15 'modes/variations'
-                 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
-                 pcbc and a more general form of cfb and ofb) including desx
-                 in cbc mode, a fast crypt(3), and routines to read
-                 passwords from the keyboard.
-        RC4 encryption,
-        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
-        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
-        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
-
-     Digests
-        MD5 and MD2 message digest algorithms, fast implementations,
-        SHA (SHA-0) and SHA-1 message digest algorithms,
-        MDC2 message digest. A DES based hash that is popular on smart cards.
-
-     Public Key
-        RSA encryption/decryption/generation.
-            There is no limit on the number of bits.
-        DSA encryption/decryption/generation.
-            There is no limit on the number of bits.
-        Diffie-Hellman key-exchange/key generation.
-            There is no limit on the number of bits.
-
-     X.509v3 certificates
-        X509 encoding/decoding into/from binary ASN1 and a PEM
-             based ASCII-binary encoding which supports encryption with a
-             private key.  Program to generate RSA and DSA certificate
-             requests and to generate RSA and DSA certificates.
-
-     Systems
-        The normal digital envelope routines and base64 encoding.  Higher
-        level access to ciphers and digests by name.  New ciphers can be
-        loaded at run time.  The BIO io system which is a simple non-blocking
-        IO abstraction.  Current methods supported are file descriptors,
-        sockets, socket accept, socket connect, memory buffer, buffering, SSL
-        client/server, file pointer, encryption, digest, non-blocking testing
-        and null.
-
-     Data structures
-        A dynamically growing hashing system
-        A simple stack.
-        A Configuration loader that uses a format similar to MS .ini files.
+     Provides general cryptographic and X.509 support needed by SSL/TLS but
+     not logically part of it.

 openssl:
     A command line tool that can be used for:
-        Creation of RSA, DH and DSA key parameters
+        Creation of key parameters
        Creation of X.509 certificates, CSRs and CRLs
-        Calculation of Message Digests
-        Encryption and Decryption with Ciphers
-        SSL/TLS Client and Server Tests
+        Calculation of message digests
+        Encryption and decryption
+        SSL/TLS client and server tests
        Handling of S/MIME signed or encrypted mail
-
-
- PATENTS
- -------
-
- Various companies hold various patents for various algorithms in various
- locations around the world. _YOU_ are responsible for ensuring that your use
- of any algorithms is legal by checking if there are any patents in your
- country.  The file contains some of the patents that we know about or are
- rumored to exist. This is not a definitive list.
-
- RSA Security holds software patents on the RC5 algorithm.  If you
- intend to use this cipher, you must contact RSA Security for
- licensing conditions. Their web page is http://www.rsasecurity.com/.
-
- RC4 is a trademark of RSA Security, so use of this label should perhaps
- only be used with RSA Security's permission.
-
- The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
- Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They
- should be contacted if that algorithm is to be used; their web page is
- http://www.ascom.ch/.
-
- NTT and Mitsubishi have patents and pending patents on the Camellia
- algorithm, but allow use at no charge without requiring an explicit
- licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+        And more...

 INSTALLATION
 ------------

- To install this package under a Unix derivative, read the INSTALL file.  For
- a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
- INSTALL.VMS.
-
- Read the documentation in the doc/ directory.  It is quite rough, but it
- lists the functions; you will probably have to look at the code to work out
- how to use them. Look at the example programs.
-
- PROBLEMS
- --------
-
- For some platforms, there are some known problems that may affect the user
- or application author.  We try to collect those in doc/PROBLEMS, with current
- thoughts on how they should be solved in a future of OpenSSL.
+ See the appropriate file:
+        INSTALL         Linux, Unix, etc.
+        INSTALL.DJGPP   DOS platform with DJGPP
+        INSTALL.NW      Netware
+        INSTALL.OS2     OS/2
+        INSTALL.VMS     VMS
+        INSTALL.W32     Windows (32bit)
+        INSTALL.W64     Windows (64bit)
+        INSTALL.WCE     Windows CE

 SUPPORT
 -------

- See the OpenSSL website www.openssl.org for details of how to obtain
+ See the OpenSSL website www.openssl.org for details on how to obtain
 commercial technical support.

 If you have any problems with OpenSSL then please take the following steps
@ -161,58 +84,36 @@
    - Problem Description (steps that will reproduce the problem, if known)
    - Stack Traceback (if the application dumps core)

- Report the bug to the OpenSSL project via the Request Tracker
- (http://www.openssl.org/support/rt.html) by mail to:
+ Email the report to:

-    openssl-bugs@openssl.org
+    rt@openssl.org

- Note that the request tracker should NOT be used for general assistance
- or support queries. Just because something doesn't work the way you expect
- does not mean it is necessarily a bug in OpenSSL.
+ In order to avoid spam, this is a moderated mailing list, and it might
+ take a day for the ticket to show up.  (We also scan posts to make sure
+ that security disclosures aren't publically posted by mistake.) Mail
+ to this address is recorded in the public RT (request tracker) database
+ (see https://www.openssl.org/community/index.html#bugs for details) and
+ also forwarded the public openssl-dev mailing list.  Confidential mail
+ may be sent to openssl-security@openssl.org (PGP key available from the
+ key servers).

- Note that mail to openssl-bugs@openssl.org is recorded in the publicly
- readable request tracker database and is forwarded to a public
- mailing list. Confidential mail may be sent to openssl-security@openssl.org
- (PGP key available from the key servers).
+ Please do NOT use this for general assistance or support queries.
+ Just because something doesn't work the way you expect does not mean it
+ is necessarily a bug in OpenSSL.
+
+ You can also make GitHub pull requests. If you do this, please also send
+ mail to rt@openssl.org with a link to the PR so that we can more easily
+ keep track of it.

 HOW TO CONTRIBUTE TO OpenSSL
 ----------------------------

- Development is coordinated on the openssl-dev mailing list (see
- http://www.openssl.org for information on subscribing). If you
- would like to submit a patch, send it to openssl-bugs@openssl.org with
- the string "[PATCH]" in the subject. Please be sure to include a
- textual explanation of what your patch does.
+ See CONTRIBUTING

- If you are unsure as to whether a feature will be useful for the general
- OpenSSL community please discuss it on the openssl-dev mailing list first.
- Someone may be already working on the same thing or there may be a good
- reason as to why that feature isn't implemented.
-
- Patches should be as up to date as possible, preferably relative to the
- current Git or the last snapshot. They should follow the coding style of
- OpenSSL and compile without warnings. Some of the core team developer targets
- can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
- compiles on many varied platforms: try to ensure you only use portable
- features.
-
- Note: For legal reasons, contributions from the US can be accepted only
- if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov
- (formerly BXA) with a copy to the ENC Encryption Request Coordinator;
- please take some time to look at
-    http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
- and
-    http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e))
- for the details. If "your encryption source code is too large to serve as
- an email attachment", they are glad to receive it by fax instead; hope you
- have a cheap long-distance plan.
-
- Our preferred format for changes is "diff -u" output. You might
- generate it like this:
-
- # cd openssl-work
- # [your changes]
- # ./Configure dist; make clean
- # cd ..
- # diff -ur openssl-orig openssl-work > mydiffs.patch
+ LEGALITIES
+ ----------

+ A number of nations, in particular the U.S., restrict the use or export
+ of cryptography. If you are potentially subject to such restrictions
+ you should seek competent professional legal advice before attempting to
+ develop or distribute cryptographic code.
--- a/108
+++ b/108
@ -35,7 +35,7 @@ $multilib     =

 *** BS2000-OSD
 $cc           = c89
-$cflags       = -O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC
+$cflags       = -O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
@ -68,7 +68,7 @@ $multilib     =

 *** BSD-generic32
 $cc           = gcc
-$cflags       = -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags       = -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -101,7 +101,7 @@ $multilib     =

 *** BSD-generic64
 $cc           = gcc
-$cflags       = -DTERMIOS -O3 -Wall
+$cflags       = -O3 -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -134,7 +134,7 @@ $multilib     =

 *** BSD-ia64
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -Wall
+$cflags       = -DL_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -167,7 +167,7 @@ $multilib     =

 *** BSD-sparc64
 $cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall
+$cflags       = -DB_ENDIAN -O3 -DMD32_REG_T=int -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -200,7 +200,7 @@ $multilib     =

 *** BSD-sparcv8
 $cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall
+$cflags       = -DB_ENDIAN -O3 -mcpu=v8 -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -233,7 +233,7 @@ $multilib     =

 *** BSD-x86
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags       = -DL_ENDIAN -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -266,7 +266,7 @@ $multilib     =

 *** BSD-x86-elf
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall
+$cflags       = -DL_ENDIAN -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -299,7 +299,7 @@ $multilib     =

 *** BSD-x86_64
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -Wall
+$cflags       = -DL_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -398,7 +398,7 @@ $multilib     =

 *** DJGPP
 $cc           = gcc
-$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
+$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
 $unistd       = 
 $thread_cflag = 
 $sys_id       = MSDOS
@ -530,7 +530,7 @@ $multilib     =

 *** QNX6
 $cc           = gcc
-$cflags       = -DTERMIOS
+$cflags       = 
 $unistd       = 
 $thread_cflag = 
 $sys_id       = 
@ -563,7 +563,7 @@ $multilib     =

 *** QNX6-i386
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O2 -Wall
+$cflags       = -DL_ENDIAN -O2 -Wall
 $unistd       = 
 $thread_cflag = 
 $sys_id       = 
@ -1520,7 +1520,7 @@ $multilib     =

 *** debug-BSD-x86-elf
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -Wall -g
+$cflags       = -DL_ENDIAN -O3 -Wall -g
 $unistd       = 
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
@ -2213,7 +2213,7 @@ $multilib     =

 *** debug-levitte-linux-elf-extreme
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2279,7 +2279,7 @@ $multilib     =

 *** debug-levitte-linux-noasm-extreme
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2312,7 +2312,7 @@ $multilib     =

 *** debug-linux-elf
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2345,7 +2345,7 @@ $multilib     =

 *** debug-linux-elf-noefence
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2378,7 +2378,7 @@ $multilib     =

 *** debug-linux-generic32
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2411,7 +2411,7 @@ $multilib     =

 *** debug-linux-generic64
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2444,7 +2444,7 @@ $multilib     =

 *** debug-linux-ia32-aes
 $cc           = gcc
-$cflags       = -DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags       = -DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2477,7 +2477,7 @@ $multilib     =

 *** debug-linux-pentium
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2510,7 +2510,7 @@ $multilib     =

 *** debug-linux-ppro
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2543,7 +2543,7 @@ $multilib     =

 *** debug-linux-x86_64
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -2642,7 +2642,7 @@ $multilib     =

 *** debug-solaris-sparcv8-gcc
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3566,7 +3566,7 @@ $multilib     = /pa20_64

 *** hurd-x86
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall
+$cflags       = -DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3632,7 +3632,7 @@ $multilib     =

 *** irix-cc
 $cc           = cc
-$cflags       = -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN
+$cflags       = -O2 -use_readonly_const -DB_ENDIAN
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
@ -3665,7 +3665,7 @@ $multilib     =

 *** irix-gcc
 $cc           = gcc
-$cflags       = -O3 -DTERMIOS -DB_ENDIAN
+$cflags       = -O3 -DB_ENDIAN
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
@ -3698,7 +3698,7 @@ $multilib     =

 *** irix-mips3-cc
 $cc           = cc
-$cflags       = -n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
@ -3731,7 +3731,7 @@ $multilib     = 32

 *** irix-mips3-gcc
 $cc           = gcc
-$cflags       = -mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
@ -3764,7 +3764,7 @@ $multilib     = 32

 *** irix64-mips4-cc
 $cc           = cc
-$cflags       = -64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
@ -3797,7 +3797,7 @@ $multilib     = 64

 *** irix64-mips4-gcc
 $cc           = gcc
-$cflags       = -mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
@ -3830,7 +3830,7 @@ $multilib     = 64

 *** linux-alpha+bwx-ccc
 $cc           = ccc
-$cflags       = -fast -readonly_strings -DL_ENDIAN -DTERMIO
+$cflags       = -fast -readonly_strings -DL_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3863,7 +3863,7 @@ $multilib     =

 *** linux-alpha+bwx-gcc
 $cc           = gcc
-$cflags       = -O3 -DL_ENDIAN -DTERMIO
+$cflags       = -O3 -DL_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3896,7 +3896,7 @@ $multilib     =

 *** linux-alpha-ccc
 $cc           = ccc
-$cflags       = -fast -readonly_strings -DL_ENDIAN -DTERMIO
+$cflags       = -fast -readonly_strings -DL_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3929,7 +3929,7 @@ $multilib     =

 *** linux-alpha-gcc
 $cc           = gcc
-$cflags       = -O3 -DL_ENDIAN -DTERMIO
+$cflags       = -O3 -DL_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -3962,7 +3962,7 @@ $multilib     =

 *** linux-aout
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall
+$cflags       = -DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
@ -3995,7 +3995,7 @@ $multilib     =

 *** linux-armv4
 $cc           = gcc
-$cflags       = -DTERMIO -O3 -Wall
+$cflags       = -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4028,7 +4028,7 @@ $multilib     =

 *** linux-elf
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags       = -DL_ENDIAN -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4061,7 +4061,7 @@ $multilib     =

 *** linux-generic32
 $cc           = gcc
-$cflags       = -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags       = -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4094,7 +4094,7 @@ $multilib     =

 *** linux-generic64
 $cc           = gcc
-$cflags       = -DTERMIO -O3 -Wall
+$cflags       = -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4127,7 +4127,7 @@ $multilib     =

 *** linux-ia32-icc
 $cc           = icc
-$cflags       = -DL_ENDIAN -DTERMIO -O2 -no_cpprt
+$cflags       = -DL_ENDIAN -O2 -no_cpprt
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4160,7 +4160,7 @@ $multilib     =

 *** linux-ia64
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -DL_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4193,7 +4193,7 @@ $multilib     =

 *** linux-ia64-ecc
 $cc           = ecc
-$cflags       = -DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt
+$cflags       = -DL_ENDIAN -O2 -Wall -no_cpprt
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4226,7 +4226,7 @@ $multilib     =

 *** linux-ia64-icc
 $cc           = icc
-$cflags       = -DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt
+$cflags       = -DL_ENDIAN -O2 -Wall -no_cpprt
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4259,7 +4259,7 @@ $multilib     =

 *** linux-ppc
 $cc           = gcc
-$cflags       = -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -DB_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4292,7 +4292,7 @@ $multilib     =

 *** linux-ppc64
 $cc           = gcc
-$cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m64 -DB_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4325,7 +4325,7 @@ $multilib     = 64

 *** linux-sparcv8
 $cc           = gcc
-$cflags       = -mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
+$cflags       = -mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4358,7 +4358,7 @@ $multilib     =

 *** linux-sparcv9
 $cc           = gcc
-$cflags       = -m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W
+$cflags       = -m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
@ -4391,7 +4391,7 @@ $multilib     =

 *** linux-x86_64
 $cc           = gcc
-$cflags       = -m64 -DL_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m64 -DL_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4424,7 +4424,7 @@ $multilib     = 64

 *** linux32-s390x
 $cc           = gcc
-$cflags       = -m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4457,7 +4457,7 @@ $multilib     = /highgprs

 *** linux64-s390x
 $cc           = gcc
-$cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m64 -DB_ENDIAN -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -4490,7 +4490,7 @@ $multilib     = 64

 *** linux64-sparcv9
 $cc           = gcc
-$cflags       = -m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags       = -m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
@ -5315,7 +5315,7 @@ $multilib     =

 *** solaris-sparcv8-gcc
 $cc           = gcc
-$cflags       = -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
+$cflags       = -mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@ -5612,7 +5612,7 @@ $multilib     = /64

 *** sunos-gcc
 $cc           = gcc
-$cflags       = -O3 -mv8 -Dssize_t=int
+$cflags       = -O3 -mcpu=v8 -Dssize_t=int
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = SUNOS
--- a/apps/.cvsignore
+++ b/apps/.cvsignore
@ -1,8 +0,0 @@
-openssl
-Makefile.save
-der_chop
-der_chop.bak
-CA.pl
-*.flc
-semantic.cache
-*.dll
--- a/apps/Makefile
+++ b/apps/Makefile
@ -94,6 +94,9 @@ req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
 sreq.o: req.c 
 	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c

+openssl-vms.cnf: openssl.cnf
+	$(PERL) $(TOP)/VMS/VMSify-conf.pl < openssl.cnf > openssl-vms.cnf
+
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO

@ -127,12 +130,12 @@ links:
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff

-depend:
-	@if [ -z "$(THIS)" ]; then \
-	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
-	else \
-	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
-	fi
+update: openssl-vms.cnf local_depend
+
+depend: local_depend
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)

 dclean:
 	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@ -144,10 +147,10 @@ clean:
 	rm -f req

 $(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
+	(cd ..; $(MAKE) build_libssl)

 $(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
+	(cd ..; $(MAKE) build_libcrypto)

 $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
 	$(RM) $(EXE)
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@ -115,44 +115,44 @@
 #include <openssl/bio.h>
 #include <openssl/rand.h>

-
 static int seeded = 0;
 static int egdsocket = 0;

 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
-	{
+{
    int consider_randfile = (file == NULL);
    char buffer[200];

 #ifdef OPENSSL_SYS_WINDOWS
-	BIO_printf(bio_e,"Loading 'screen' into random state -");
+    BIO_printf(bio_e, "Loading 'screen' into random state -");
    BIO_flush(bio_e);
    RAND_screen();
-	BIO_printf(bio_e," done\n");
+    BIO_printf(bio_e, " done\n");
 #endif

    if (file == NULL)
        file = RAND_file_name(buffer, sizeof buffer);
-	else if (RAND_egd(file) > 0)
-		{
-		/* we try if the given filename is an EGD socket.
-		   if it is, we don't write anything back to the file. */
+    else if (RAND_egd(file) > 0) {
+        /*
+         * we try if the given filename is an EGD socket. if it is, we don't
+         * write anything back to the file.
+         */
        egdsocket = 1;
        return 1;
    }
-	if (file == NULL || !RAND_load_file(file, -1))
-		{
-		if (RAND_status() == 0)
-			{
-			if (!dont_warn)
-				{
-				BIO_printf(bio_e,"unable to load 'random state'\n");
-				BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
-				BIO_printf(bio_e,"with much random data.\n");
-				if (consider_randfile) /* explanation does not apply when a file is explicitly named */
-					{
-					BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
-					BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
+    if (file == NULL || !RAND_load_file(file, -1)) {
+        if (RAND_status() == 0) {
+            if (!dont_warn) {
+                BIO_printf(bio_e, "unable to load 'random state'\n");
+                BIO_printf(bio_e,
+                           "This means that the random number generator has not been seeded\n");
+                BIO_printf(bio_e, "with much random data.\n");
+                if (consider_randfile) { /* explanation does not apply when a
+                                          * file is explicitly named */
+                    BIO_printf(bio_e,
+                               "Consider setting the RANDFILE environment variable to point at a file that\n");
+                    BIO_printf(bio_e,
+                               "'random' data can be kept in (the file will be overwritten).\n");
                }
            }
            return 0;
@ -160,59 +160,61 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
    }
    seeded = 1;
    return 1;
-	}
+}

 long app_RAND_load_files(char *name)
-	{
-	char *p,*n;
+{
+    char *p, *n;
    int last;
-	long tot=0;
+    long tot = 0;
    int egd;

-	for (;;)
-		{
-		last=0;
-		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-		if (*p == '\0') last=1;
-		*p='\0';
-		n=name;
-		name=p+1;
-		if (*n == '\0') break;
+    for (;;) {
+        last = 0;
+        for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ;
+        if (*p == '\0')
+            last = 1;
+        *p = '\0';
+        n = name;
+        name = p + 1;
+        if (*n == '\0')
+            break;

-		egd=RAND_egd(n);
+        egd = RAND_egd(n);
        if (egd > 0)
-			tot+=egd;
+            tot += egd;
        else
-			tot+=RAND_load_file(n,-1);
-		if (last) break;
+            tot += RAND_load_file(n, -1);
+        if (last)
+            break;
    }
    if (tot > 512)
        app_RAND_allow_write_file();
-	return(tot);
-	}
+    return (tot);
+}

 int app_RAND_write_file(const char *file, BIO *bio_e)
-	{
+{
    char buffer[200];

    if (egdsocket || !seeded)
-		/* If we did not manage to read the seed file,
-		 * we should not write a low-entropy seed file back --
-		 * it would suppress a crucial warning the next time
-		 * we want to use it. */
+        /*
+         * If we did not manage to read the seed file, we should not write a
+         * low-entropy seed file back -- it would suppress a crucial warning
+         * the next time we want to use it.
+         */
        return 0;

    if (file == NULL)
        file = RAND_file_name(buffer, sizeof buffer);
-	if (file == NULL || !RAND_write_file(file))
-		{
-		BIO_printf(bio_e,"unable to write 'random state'\n");
+    if (file == NULL || !RAND_write_file(file)) {
+        BIO_printf(bio_e, "unable to write 'random state'\n");
        return 0;
    }
    return 1;
-	}
+}

 void app_RAND_allow_write_file(void)
-	{
+{
    seeded = 1;
-	}
+}
--- a/apps/apps.c
+++ b/apps/apps.c
--- a/apps/apps.h
+++ b/apps/apps.h
@ -110,75 +110,76 @@
 */

 #ifndef HEADER_APPS_H
-#define HEADER_APPS_H
+# define HEADER_APPS_H

-#include "e_os.h"
+# include "e_os.h"

-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/txt_db.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_OCSP
-#include <openssl/ocsp.h>
-#endif
-#include <openssl/ossl_typ.h>
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/lhash.h>
+# include <openssl/conf.h>
+# include <openssl/txt_db.h>
+# ifndef OPENSSL_NO_ENGINE
+#  include <openssl/engine.h>
+# endif
+# ifndef OPENSSL_NO_OCSP
+#  include <openssl/ocsp.h>
+# endif
+# include <openssl/ossl_typ.h>

 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
 int app_RAND_write_file(const char *file, BIO *bio_e);
-/* When `file' is NULL, use defaults.
- * `bio_e' is for error messages. */
+/*
+ * When `file' is NULL, use defaults. `bio_e' is for error messages.
+ */
 void app_RAND_allow_write_file(void);
 long app_RAND_load_files(char *file); /* `file' is a list of files to read,
                                       * separated by LIST_SEPARATOR_CHAR
                                       * (see e_os.h).  The string is
                                       * destroyed! */

-#ifndef MONOLITH
+# ifndef MONOLITH

-#define MAIN(a,v)	main(a,v)
+#  define MAIN(a,v)       main(a,v)

-#ifndef NON_MAIN
-CONF *config=NULL;
-BIO *bio_err=NULL;
-#else
+#  ifndef NON_MAIN
+CONF *config = NULL;
+BIO *bio_err = NULL;
+#  else
 extern CONF *config;
 extern BIO *bio_err;
-#endif
+#  endif

-#else
+# else

-#define MAIN(a,v)	PROG(a,v)
+#  define MAIN(a,v)       PROG(a,v)
 extern CONF *config;
 extern char *default_config_file;
 extern BIO *bio_err;

-#endif
+# endif

-#ifndef OPENSSL_SYS_NETWARE
-#include <signal.h>
-#endif
+# ifndef OPENSSL_SYS_NETWARE
+#  include <signal.h>
+# endif

-#ifdef SIGPIPE
-#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
-#else
-#define do_pipe_sig()
-#endif
+# ifdef SIGPIPE
+#  define do_pipe_sig()   signal(SIGPIPE,SIG_IGN)
+# else
+#  define do_pipe_sig()
+# endif

-#ifdef OPENSSL_NO_COMP
-#define zlib_cleanup() 
-#else
-#define zlib_cleanup() COMP_zlib_cleanup()
-#endif
+# ifdef OPENSSL_NO_COMP
+#  define zlib_cleanup()
+# else
+#  define zlib_cleanup() COMP_zlib_cleanup()
+# endif

-#if defined(MONOLITH) && !defined(OPENSSL_C)
+# if defined(MONOLITH) && !defined(OPENSSL_C)
 #  define apps_startup() \
                do_pipe_sig()
 #  define apps_shutdown()
-#else
+# else
 #  ifndef OPENSSL_NO_ENGINE
 #   define apps_startup() \
                        do { do_pipe_sig(); CRYPTO_malloc_init(); \
@ -202,30 +203,26 @@ extern BIO *bio_err;
                        RAND_cleanup(); \
                        ERR_free_strings(); zlib_cleanup(); } while(0)
 #  endif
-#endif
+# endif

-#ifdef OPENSSL_SYSNAME_WIN32
+# ifdef OPENSSL_SYSNAME_WIN32
 #  define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
-#else
+# else
 #  define openssl_fdset(a,b) FD_SET(a, b)
-#endif
+# endif

-
-typedef struct args_st
-	{
+typedef struct args_st {
    char **data;
    int count;
-	} ARGS;
+} ARGS;

-#define PW_MIN_LENGTH 4
-typedef struct pw_cb_data
-	{
+# define PW_MIN_LENGTH 4
+typedef struct pw_cb_data {
    const void *password;
    const char *prompt_info;
-	} PW_CB_DATA;
+} PW_CB_DATA;

-int password_callback(char *buf, int bufsiz, int verify,
-	PW_CB_DATA *cb_data);
+int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);

 int setup_ui_method(void);
 void destroy_ui_method(void);
@ -233,12 +230,13 @@ void destroy_ui_method(void);
 int should_retry(int i);
 int args_from_file(char *file, int *argc, char **argv[]);
 int str2fmt(char *s);
-void program_name(char *in,char *out,int size);
-int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
-#ifdef HEADER_X509_H
+void program_name(char *in, char *out, int size);
+int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]);
+# ifdef HEADER_X509_H
 int dump_cert_text(BIO *out, X509 *x);
-void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
-#endif
+void print_name(BIO *out, const char *title, X509_NAME *nm,
+                unsigned long lflags);
+# endif
 int set_cert_ex(unsigned long *flags, const char *arg);
 int set_name_ex(unsigned long *flags, const char *arg);
 int set_ext_copy(int *copy_type, const char *arg);
@ -252,20 +250,22 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
 EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
                      const char *pass, ENGINE *e, const char *key_descrip);
 STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
+                           const char *pass, ENGINE *e,
+                           const char *cert_descrip);
 STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip);
+                              const char *pass, ENGINE *e,
+                              const char *cert_descrip);
 X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
 ENGINE *setup_engine(BIO *err, const char *engine, int debug);
-#endif
+# endif

-#ifndef OPENSSL_NO_OCSP
+# ifndef OPENSSL_NO_OCSP
 OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
-			char *host, char *path, char *port, int use_ssl,
-			STACK_OF(CONF_VALUE) *headers,
+                                 char *host, char *path, char *port,
+                                 int use_ssl, STACK_OF(CONF_VALUE) *headers,
                                 int req_timeout);
-#endif
+# endif

 int load_config(BIO *err, CONF *cnf);
 char *make_config_name(void);
@ -274,38 +274,39 @@ char *make_config_name(void);
 int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
                   ASN1_GENERALIZEDTIME **pinvtm, const char *str);

-#define DB_type         0
-#define DB_exp_date     1
-#define DB_rev_date     2
-#define DB_serial       3       /* index - unique */
-#define DB_file         4       
-#define DB_name         5       /* index - unique when active and not disabled */
-#define DB_NUMBER       6
+# define DB_type         0
+# define DB_exp_date     1
+# define DB_rev_date     2
+# define DB_serial       3      /* index - unique */
+# define DB_file         4
+# define DB_name         5      /* index - unique when active and not
+                                 * disabled */
+# define DB_NUMBER       6

-#define DB_TYPE_REV	'R'
-#define DB_TYPE_EXP	'E'
-#define DB_TYPE_VAL	'V'
+# define DB_TYPE_REV     'R'
+# define DB_TYPE_EXP     'E'
+# define DB_TYPE_VAL     'V'

-typedef struct db_attr_st
-	{
+typedef struct db_attr_st {
    int unique_subject;
-	} DB_ATTR;
-typedef struct ca_db_st
-	{
+} DB_ATTR;
+typedef struct ca_db_st {
    DB_ATTR attributes;
    TXT_DB *db;
-	} CA_DB;
+} CA_DB;

 BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
-int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
+int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
+                ASN1_INTEGER **retai);
 int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
 int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
 CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
 int index_index(CA_DB *db);
 int save_index(const char *dbfile, const char *suffix, CA_DB *db);
-int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix);
+int rotate_index(const char *dbfile, const char *new_suffix,
+                 const char *old_suffix);
 void free_index(CA_DB *db);
-#define index_name_cmp_noconst(a, b) \
+# define index_name_cmp_noconst(a, b) \
        index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
        (const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
 int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
@ -325,51 +326,52 @@ int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
                     STACK_OF(OPENSSL_STRING) *sigopts);
 int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
                     STACK_OF(OPENSSL_STRING) *sigopts);
-#ifndef OPENSSL_NO_PSK
+# ifndef OPENSSL_NO_PSK
 extern char *psk_key;
-#endif
-#ifndef OPENSSL_NO_JPAKE
+# endif
+# ifndef OPENSSL_NO_JPAKE
 void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
 void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
-#endif
+# endif

-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+# if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
 unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
-#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
+# endif                         /* !OPENSSL_NO_TLSEXT &&
+                                 * !OPENSSL_NO_NEXTPROTONEG */

-#define FORMAT_UNDEF    0
-#define FORMAT_ASN1     1
-#define FORMAT_TEXT     2
-#define FORMAT_PEM      3
-#define FORMAT_NETSCAPE 4
-#define FORMAT_PKCS12   5
-#define FORMAT_SMIME    6
-#define FORMAT_ENGINE   7
-#define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
+# define FORMAT_UNDEF    0
+# define FORMAT_ASN1     1
+# define FORMAT_TEXT     2
+# define FORMAT_PEM      3
+# define FORMAT_NETSCAPE 4
+# define FORMAT_PKCS12   5
+# define FORMAT_SMIME    6
+# define FORMAT_ENGINE   7
+# define FORMAT_IISSGC   8      /* XXX this stupid macro helps us to avoid
                                 * adding yet another param to load_*key() */
-#define FORMAT_PEMRSA	9	/* PEM RSAPubicKey format */
-#define FORMAT_ASN1RSA	10	/* DER RSAPubicKey format */
-#define FORMAT_MSBLOB	11	/* MS Key blob format */
-#define FORMAT_PVK	12	/* MS PVK file format */
+# define FORMAT_PEMRSA   9      /* PEM RSAPubicKey format */
+# define FORMAT_ASN1RSA  10     /* DER RSAPubicKey format */
+# define FORMAT_MSBLOB   11     /* MS Key blob format */
+# define FORMAT_PVK      12     /* MS PVK file format */

-#define EXT_COPY_NONE	0
-#define EXT_COPY_ADD	1
-#define EXT_COPY_ALL	2
+# define EXT_COPY_NONE   0
+# define EXT_COPY_ADD    1
+# define EXT_COPY_ALL    2

-#define NETSCAPE_CERT_HDR	"certificate"
+# define NETSCAPE_CERT_HDR       "certificate"

-#define APP_PASS_LEN	1024
+# define APP_PASS_LEN    1024

-#define SERIAL_RAND_BITS	64
+# define SERIAL_RAND_BITS        64

 int app_isdir(const char *);
-int raw_read_stdin(void *,int);
-int raw_write_stdout(const void *,int);
+int raw_read_stdin(void *, int);
+int raw_write_stdout(const void *, int);

-#define TM_START	0
-#define TM_STOP		1
-double app_tminterval (int stop,int usertime);
+# define TM_START        0
+# define TM_STOP         1
+double app_tminterval(int stop, int usertime);

-#define OPENSSL_NO_SSL_INTERN
+# define OPENSSL_NO_SSL_INTERN

 #endif
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@ -56,8 +56,9 @@
 * [including the GNU Public Licence.]
 */

-/* A nice addition from Dr Stephen Henson <steve@openssl.org> to 
- * add the -strparse option which parses nested binary structures
+/*
+ * A nice addition from Dr Stephen Henson <steve@openssl.org> to add the
+ * -strparse option which parses nested binary structures
 */

 #include <stdio.h>
@ -69,7 +70,8 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -in arg      - input file - default stdin
 * -i           - indent the details by depth
 * -offset      - where in the file to start
@ -85,145 +87,134 @@ int MAIN(int, char **);
 static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf);

 int MAIN(int argc, char **argv)
-	{
-	int i,badops=0,offset=0,ret=1,j;
-	unsigned int length=0;
-	long num,tmplen;
-	BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
-	int informat,indent=0, noout = 0, dump = 0;
-	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
-	char *genstr=NULL, *genconf=NULL;
+{
+    int i, badops = 0, offset = 0, ret = 1, j;
+    unsigned int length = 0;
+    long num, tmplen;
+    BIO *in = NULL, *out = NULL, *b64 = NULL, *derout = NULL;
+    int informat, indent = 0, noout = 0, dump = 0;
+    char *infile = NULL, *str = NULL, *prog, *oidfile = NULL, *derfile = NULL;
+    char *genstr = NULL, *genconf = NULL;
    unsigned char *tmpbuf;
    const unsigned char *ctmpbuf;
-	BUF_MEM *buf=NULL;
-	STACK_OF(OPENSSL_STRING) *osk=NULL;
-	ASN1_TYPE *at=NULL;
+    BUF_MEM *buf = NULL;
+    STACK_OF(OPENSSL_STRING) *osk = NULL;
+    ASN1_TYPE *at = NULL;

-	informat=FORMAT_PEM;
+    informat = FORMAT_PEM;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
-		{
-		BIO_printf(bio_err,"Memory allocation failure\n");
+    if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
        goto end;
    }
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			derfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-i") == 0)
-			{
-			indent=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0) noout = 1;
-		else if (strcmp(*argv,"-oid") == 0)
-			{
-			if (--argc < 1) goto bad;
-			oidfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-offset") == 0)
-			{
-			if (--argc < 1) goto bad;
-			offset= atoi(*(++argv));
-			}
-		else if (strcmp(*argv,"-length") == 0)
-			{
-			if (--argc < 1) goto bad;
-			length= atoi(*(++argv));
-			if (length == 0) goto bad;
-			}
-		else if (strcmp(*argv,"-dump") == 0)
-			{
-			dump= -1;
-			}
-		else if (strcmp(*argv,"-dlimit") == 0)
-			{
-			if (--argc < 1) goto bad;
-			dump= atoi(*(++argv));
-			if (dump <= 0) goto bad;
-			}
-		else if (strcmp(*argv,"-strparse") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sk_OPENSSL_STRING_push(osk,*(++argv));
-			}
-		else if (strcmp(*argv,"-genstr") == 0)
-			{
-			if (--argc < 1) goto bad;
-			genstr= *(++argv);
-			}
-		else if (strcmp(*argv,"-genconf") == 0)
-			{
-			if (--argc < 1) goto bad;
-			genconf= *(++argv);
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            derfile = *(++argv);
+        } else if (strcmp(*argv, "-i") == 0) {
+            indent = 1;
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-oid") == 0) {
+            if (--argc < 1)
+                goto bad;
+            oidfile = *(++argv);
+        } else if (strcmp(*argv, "-offset") == 0) {
+            if (--argc < 1)
+                goto bad;
+            offset = atoi(*(++argv));
+        } else if (strcmp(*argv, "-length") == 0) {
+            if (--argc < 1)
+                goto bad;
+            length = atoi(*(++argv));
+            if (length == 0)
+                goto bad;
+        } else if (strcmp(*argv, "-dump") == 0) {
+            dump = -1;
+        } else if (strcmp(*argv, "-dlimit") == 0) {
+            if (--argc < 1)
+                goto bad;
+            dump = atoi(*(++argv));
+            if (dump <= 0)
+                goto bad;
+        } else if (strcmp(*argv, "-strparse") == 0) {
+            if (--argc < 1)
+                goto bad;
+            sk_OPENSSL_STRING_push(osk, *(++argv));
+        } else if (strcmp(*argv, "-genstr") == 0) {
+            if (--argc < 1)
+                goto bad;
+            genstr = *(++argv);
+        } else if (strcmp(*argv, "-genconf") == 0) {
+            if (--argc < 1)
+                goto bad;
+            genconf = *(++argv);
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file (output format is always DER\n");
-		BIO_printf(bio_err," -noout arg    don't produce any output\n");
-		BIO_printf(bio_err," -offset arg   offset into file\n");
-		BIO_printf(bio_err," -length arg   length of section in file\n");
-		BIO_printf(bio_err," -i            indent entries\n");
-		BIO_printf(bio_err," -dump         dump unknown data in hex form\n");
-		BIO_printf(bio_err," -dlimit arg   dump the first arg bytes of unknown data in hex form\n");
-		BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
-		BIO_printf(bio_err," -strparse offset\n");
-		BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
-		BIO_printf(bio_err,"               ASN1 blob wrappings\n");
-		BIO_printf(bio_err," -genstr str   string to generate ASN1 structure from\n");
-		BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err,
+                   " -out arg      output file (output format is always DER\n");
+        BIO_printf(bio_err, " -noout arg    don't produce any output\n");
+        BIO_printf(bio_err, " -offset arg   offset into file\n");
+        BIO_printf(bio_err, " -length arg   length of section in file\n");
+        BIO_printf(bio_err, " -i            indent entries\n");
+        BIO_printf(bio_err, " -dump         dump unknown data in hex form\n");
+        BIO_printf(bio_err,
+                   " -dlimit arg   dump the first arg bytes of unknown data in hex form\n");
+        BIO_printf(bio_err, " -oid file     file of extra oid definitions\n");
+        BIO_printf(bio_err, " -strparse offset\n");
+        BIO_printf(bio_err,
+                   "               a series of these can be used to 'dig' into multiple\n");
+        BIO_printf(bio_err, "               ASN1 blob wrappings\n");
+        BIO_printf(bio_err,
+                   " -genstr str   string to generate ASN1 structure from\n");
+        BIO_printf(bio_err,
+                   " -genconf file file to generate ASN1 structure from\n");
        goto end;
    }

    ERR_load_crypto_strings();

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }
-	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+    BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
 #ifdef OPENSSL_SYS_VMS
    {
        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -231,11 +222,9 @@ bad:
    }
 #endif

-	if (oidfile != NULL)
-		{
-		if (BIO_read_filename(in,oidfile) <= 0)
-			{
-			BIO_printf(bio_err,"problems opening %s\n",oidfile);
+    if (oidfile != NULL) {
+        if (BIO_read_filename(in, oidfile) <= 0) {
+            BIO_printf(bio_err, "problems opening %s\n", oidfile);
            ERR_print_errors(bio_err);
            goto end;
        }
@ -243,164 +232,160 @@ bad:
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }

    if (derfile) {
-		if(!(derout = BIO_new_file(derfile, "wb"))) {
-			BIO_printf(bio_err,"problems opening %s\n",derfile);
+        if (!(derout = BIO_new_file(derfile, "wb"))) {
+            BIO_printf(bio_err, "problems opening %s\n", derfile);
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if ((buf=BUF_MEM_new()) == NULL) goto end;
-	if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
+    if ((buf = BUF_MEM_new()) == NULL)
+        goto end;
+    if (!BUF_MEM_grow(buf, BUFSIZ * 8))
+        goto end;               /* Pre-allocate :-) */

-	if (genstr || genconf)
-		{
+    if (genstr || genconf) {
        num = do_generate(bio_err, genstr, genconf, buf);
-		if (num < 0)
-			{
+        if (num < 0) {
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	else
-		{
+    else {

-		if (informat == FORMAT_PEM)
-			{
+        if (informat == FORMAT_PEM) {
            BIO *tmp;

-			if ((b64=BIO_new(BIO_f_base64())) == NULL)
+            if ((b64 = BIO_new(BIO_f_base64())) == NULL)
                goto end;
-			BIO_push(b64,in);
-			tmp=in;
-			in=b64;
-			b64=tmp;
+            BIO_push(b64, in);
+            tmp = in;
+            in = b64;
+            b64 = tmp;
        }

-		num=0;
-		for (;;)
-			{
-			if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
-			i=BIO_read(in,&(buf->data[num]),BUFSIZ);
-			if (i <= 0) break;
-			num+=i;
+        num = 0;
+        for (;;) {
+            if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
+                goto end;
+            i = BIO_read(in, &(buf->data[num]), BUFSIZ);
+            if (i <= 0)
+                break;
+            num += i;
        }
    }
-	str=buf->data;
+    str = buf->data;

    /* If any structs to parse go through in sequence */

-	if (sk_OPENSSL_STRING_num(osk))
-		{
-		tmpbuf=(unsigned char *)str;
-		tmplen=num;
-		for (i=0; i<sk_OPENSSL_STRING_num(osk); i++)
-			{
+    if (sk_OPENSSL_STRING_num(osk)) {
+        tmpbuf = (unsigned char *)str;
+        tmplen = num;
+        for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
            ASN1_TYPE *atmp;
            int typ;
-			j=atoi(sk_OPENSSL_STRING_value(osk,i));
-			if (j == 0)
-				{
-				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_OPENSSL_STRING_value(osk,i));
+            j = atoi(sk_OPENSSL_STRING_value(osk, i));
+            if (j == 0) {
+                BIO_printf(bio_err, "'%s' is an invalid number\n",
+                           sk_OPENSSL_STRING_value(osk, i));
                continue;
            }
-			tmpbuf+=j;
-			tmplen-=j;
+            tmpbuf += j;
+            tmplen -= j;
            atmp = at;
            ctmpbuf = tmpbuf;
-			at = d2i_ASN1_TYPE(NULL,&ctmpbuf,tmplen);
+            at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
            ASN1_TYPE_free(atmp);
-			if(!at)
-				{
-				BIO_printf(bio_err,"Error parsing structure\n");
+            if (!at) {
+                BIO_printf(bio_err, "Error parsing structure\n");
                ERR_print_errors(bio_err);
                goto end;
            }
            typ = ASN1_TYPE_get(at);
            if ((typ == V_ASN1_OBJECT)
-				|| (typ == V_ASN1_NULL))
-				{
-				BIO_printf(bio_err, "Can't parse %s type\n",
-					typ == V_ASN1_NULL ? "NULL" : "OBJECT");
+                || (typ == V_ASN1_BOOLEAN)
+                || (typ == V_ASN1_NULL)) {
+                BIO_printf(bio_err, "Can't parse %s type\n", ASN1_tag2str(typ));
                ERR_print_errors(bio_err);
                goto end;
            }
            /* hmm... this is a little evil but it works */
-			tmpbuf=at->value.asn1_string->data;
-			tmplen=at->value.asn1_string->length;
+            tmpbuf = at->value.asn1_string->data;
+            tmplen = at->value.asn1_string->length;
        }
-		str=(char *)tmpbuf;
-		num=tmplen;
+        str = (char *)tmpbuf;
+        num = tmplen;
    }

-	if (offset >= num)
-		{
+    if (offset >= num) {
        BIO_printf(bio_err, "Error: offset too large\n");
        goto end;
    }

    num -= offset;

-	if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
-	if(derout) {
-		if(BIO_write(derout, str + offset, length) != (int)length) {
+    if ((length == 0) || ((long)length > num))
+        length = (unsigned int)num;
+    if (derout) {
+        if (BIO_write(derout, str + offset, length) != (int)length) {
            BIO_printf(bio_err, "Error writing output\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
    if (!noout &&
-	    !ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
-		    indent,dump))
-		{
+        !ASN1_parse_dump(out, (unsigned char *)&(str[offset]), length,
+                         indent, dump)) {
        ERR_print_errors(bio_err);
        goto end;
    }
-	ret=0;
-end:
+    ret = 0;
+ end:
    BIO_free(derout);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (b64 != NULL) BIO_free(b64);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (b64 != NULL)
+        BIO_free(b64);
    if (ret != 0)
        ERR_print_errors(bio_err);
-	if (buf != NULL) BUF_MEM_free(buf);
-	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_OPENSSL_STRING_free(osk);
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (at != NULL)
+        ASN1_TYPE_free(at);
+    if (osk != NULL)
+        sk_OPENSSL_STRING_free(osk);
    OBJ_cleanup();
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
-	{
+{
    CONF *cnf = NULL;
    int len;
-	long errline;
+    long errline = 0;
    unsigned char *p;
    ASN1_TYPE *atyp = NULL;

-	if (genconf)
-		{
+    if (genconf) {
        cnf = NCONF_new(NULL);
        if (!NCONF_load(cnf, genconf, &errline))
            goto conferr;
        if (!genstr)
            genstr = NCONF_get_string(cnf, "default", "asn1");
-		if (!genstr)
-			{
+        if (!genstr) {
            BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
            goto err;
        }
@ -418,10 +403,10 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
    if (len <= 0)
        goto err;

-	if (!BUF_MEM_grow(buf,len))
+    if (!BUF_MEM_grow(buf, len))
        goto err;

-	p=(unsigned char *)buf->data;
+    p = (unsigned char *)buf->data;

    i2d_ASN1_TYPE(atyp, &p);

@ -442,4 +427,4 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)

    return -1;

-	}
+}
--- a/apps/ca.c
+++ b/apps/ca.c
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@ -60,7 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 #ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
+# define APPS_WIN16
 #endif
 #include "apps.h"
 #include <openssl/err.h>
@ -69,40 +69,40 @@
 #undef PROG
 #define PROG    ciphers_main

-static const char *ciphers_usage[]={
-"usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
-" -V          - even more verbose\n",
-" -ssl2       - SSL2 mode\n",
-" -ssl3       - SSL3 mode\n",
-" -tls1       - TLS1 mode\n",
-NULL
+static const char *ciphers_usage[] = {
+    "usage: ciphers args\n",
+    " -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+    " -V          - even more verbose\n",
+    " -ssl2       - SSL2 mode\n",
+    " -ssl3       - SSL3 mode\n",
+    " -tls1       - TLS1 mode\n",
+    NULL
 };

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
-	int verbose=0,Verbose=0;
+{
+    int ret = 1, i;
+    int verbose = 0, Verbose = 0;
    const char **pp;
    const char *p;
-	int badops=0;
-	SSL_CTX *ctx=NULL;
-	SSL *ssl=NULL;
-	char *ciphers=NULL;
-	const SSL_METHOD *meth=NULL;
+    int badops = 0;
+    SSL_CTX *ctx = NULL;
+    SSL *ssl = NULL;
+    char *ciphers = NULL;
+    const SSL_METHOD *meth = NULL;
    STACK_OF(SSL_CIPHER) *sk;
    char buf[512];
-	BIO *STDout=NULL;
+    BIO *STDout = NULL;

-	meth=SSLv23_server_method();
+    meth = SSLv23_server_method();

    apps_startup();

    if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
-	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
    {
        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -114,112 +114,112 @@ int MAIN(int argc, char **argv)

    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-v") == 0)
-			verbose=1;
-		else if (strcmp(*argv,"-V") == 0)
-			verbose=Verbose=1;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-v") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-V") == 0)
+            verbose = Verbose = 1;
 #ifndef OPENSSL_NO_SSL2
-		else if (strcmp(*argv,"-ssl2") == 0)
-			meth=SSLv2_client_method();
+        else if (strcmp(*argv, "-ssl2") == 0)
+            meth = SSLv2_client_method();
 #endif
 #ifndef OPENSSL_NO_SSL3
-		else if (strcmp(*argv,"-ssl3") == 0)
-			meth=SSLv3_client_method();
+        else if (strcmp(*argv, "-ssl3") == 0)
+            meth = SSLv3_client_method();
 #endif
 #ifndef OPENSSL_NO_TLS1
-		else if (strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
+        else if (strcmp(*argv, "-tls1") == 0)
+            meth = TLSv1_client_method();
 #endif
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-			 (strcmp(*argv,"-?") == 0))
-			{
-			badops=1;
+        else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
+            badops = 1;
            break;
-			}
-		else
-			{
-			ciphers= *argv;
+        } else {
+            ciphers = *argv;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-		for (pp=ciphers_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
+    if (badops) {
+        for (pp = ciphers_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
        goto end;
    }

    OpenSSL_add_ssl_algorithms();

-	ctx=SSL_CTX_new(meth);
-	if (ctx == NULL) goto err;
+    ctx = SSL_CTX_new(meth);
+    if (ctx == NULL)
+        goto err;
    if (ciphers != NULL) {
-		if(!SSL_CTX_set_cipher_list(ctx,ciphers)) {
+        if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
            BIO_printf(bio_err, "Error in cipher list\n");
            goto err;
        }
    }
-	ssl=SSL_new(ctx);
-	if (ssl == NULL) goto err;
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        goto err;

-
-	if (!verbose)
-		{
-		for (i=0; ; i++)
-			{
-			p=SSL_get_cipher_list(ssl,i);
-			if (p == NULL) break;
-			if (i != 0) BIO_printf(STDout,":");
-			BIO_printf(STDout,"%s",p);
+    if (!verbose) {
+        for (i = 0;; i++) {
+            p = SSL_get_cipher_list(ssl, i);
+            if (p == NULL)
+                break;
+            if (i != 0)
+                BIO_printf(STDout, ":");
+            BIO_printf(STDout, "%s", p);
        }
-		BIO_printf(STDout,"\n");
-		}
-	else /* verbose */
-		{
-		sk=SSL_get_ciphers(ssl);
+        BIO_printf(STDout, "\n");
+    } else {                    /* verbose */

-		for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-			{
+        sk = SSL_get_ciphers(ssl);
+
+        for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
            SSL_CIPHER *c;

-			c = sk_SSL_CIPHER_value(sk,i);
+            c = sk_SSL_CIPHER_value(sk, i);

-			if (Verbose)
-				{
+            if (Verbose) {
                unsigned long id = SSL_CIPHER_get_id(c);
                int id0 = (int)(id >> 24);
                int id1 = (int)((id >> 16) & 0xffL);
                int id2 = (int)((id >> 8) & 0xffL);
                int id3 = (int)(id & 0xffL);

-				if ((id & 0xff000000L) == 0x02000000L)
-					BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
-				else if ((id & 0xff000000L) == 0x03000000L)
-					BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
-				else
-					BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
-				}
-
-			BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
+                if ((id & 0xff000000L) == 0x02000000L) {
+                    /* SSL2 cipher */
+                    BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1,
+                               id2, id3);
+                } else if ((id & 0xff000000L) == 0x03000000L) {
+                    /* SSL3 cipher */
+                    BIO_printf(STDout, "          0x%02X,0x%02X - ", id2,
+                               id3);
+                } else {
+                    /* whatever */
+                    BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0,
+                               id1, id2, id3);
                }
            }

-	ret=0;
-	if (0)
-		{
-err:
+            BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
+        }
+    }
+
+    ret = 0;
+    if (0) {
+ err:
        SSL_load_error_strings();
        ERR_print_errors(bio_err);
    }
-end:
-	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (ssl != NULL) SSL_free(ssl);
-	if (STDout != NULL) BIO_free_all(STDout);
+ end:
+    if (ctx != NULL)
+        SSL_CTX_free(ctx);
+    if (ssl != NULL)
+        SSL_free(ssl);
+    if (STDout != NULL)
+        BIO_free_all(STDout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
-
+}
--- a/apps/cms.c
+++ b/apps/cms.c
--- a/apps/crl.c
+++ b/apps/crl.c
@ -72,47 +72,48 @@
 #undef POSTFIX
 #define POSTFIX ".rvk"

-static const char *crl_usage[]={
-"usage: crl args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -text           - print out a text format version\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -hash           - print hash value\n",
+static const char *crl_usage[] = {
+    "usage: crl args\n",
+    "\n",
+    " -inform arg     - input format - default PEM (DER or PEM)\n",
+    " -outform arg    - output format - default PEM\n",
+    " -text           - print out a text format version\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -hash           - print hash value\n",
 #ifndef OPENSSL_NO_MD5
-" -hash_old       - print old-style (MD5) hash value\n",
+    " -hash_old       - print old-style (MD5) hash value\n",
 #endif
-" -fingerprint    - print the crl fingerprint\n",
-" -issuer         - print issuer DN\n",
-" -lastupdate     - lastUpdate field\n",
-" -nextupdate     - nextUpdate field\n",
-" -crlnumber      - print CRL number\n",
-" -noout          - no CRL output\n",
-" -CAfile  name   - verify CRL using certificates in file \"name\"\n",
-" -CApath  dir    - verify CRL using certificates in \"dir\"\n",
-" -nameopt arg    - various certificate name options\n",
-NULL
+    " -fingerprint    - print the crl fingerprint\n",
+    " -issuer         - print issuer DN\n",
+    " -lastupdate     - lastUpdate field\n",
+    " -nextupdate     - nextUpdate field\n",
+    " -crlnumber      - print CRL number\n",
+    " -noout          - no CRL output\n",
+    " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
+    " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
+    " -nameopt arg    - various certificate name options\n",
+    NULL
 };

 static X509_CRL *load_crl(char *file, int format);
-static BIO *bio_out=NULL;
+static BIO *bio_out = NULL;

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    unsigned long nmflag = 0;
-	X509_CRL *x=NULL;
+    X509_CRL *x = NULL;
    char *CAfile = NULL, *CApath = NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL;
-	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
+    int ret = 1, i, num, badops = 0;
+    BIO *out = NULL;
+    int informat, outformat;
+    char *infile = NULL, *outfile = NULL;
+    int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout =
+        0, text = 0;
 #ifndef OPENSSL_NO_MD5
-       int hash_old=0;
+    int hash_old = 0;
 #endif
    int fingerprint = 0, crlnumber = 0;
    const char **pp;
@ -122,21 +123,20 @@ int MAIN(int argc, char **argv)
    X509_OBJECT xobj;
    EVP_PKEY *pkey;
    int do_ver = 0;
-	const EVP_MD *md_alg,*digest=EVP_sha1();
+    const EVP_MD *md_alg, *digest = EVP_sha1();

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

    if (bio_out == NULL)
-		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-			{
-			BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+        if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
+            BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
            {
                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -145,320 +145,290 @@ int MAIN(int argc, char **argv)
 #endif
        }

-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

    argc--;
    argv++;
-	num=0;
-	while (argc >= 1)
-		{
+    num = 0;
+    while (argc >= 1) {
 #ifdef undef
-		if	(strcmp(*argv,"-p") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
+        if (strcmp(*argv, "-p") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!args_from_file(++argv, Nargc, Nargv)) {
+                goto end;
            }
+        */}
 #endif
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-CApath") == 0)
-			{
-			if (--argc < 1) goto bad;
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
            CApath = *(++argv);
            do_ver = 1;
-			}
-		else if (strcmp(*argv,"-CAfile") == 0)
-			{
-			if (--argc < 1) goto bad;
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
            CAfile = *(++argv);
            do_ver = 1;
-			}
-		else if (strcmp(*argv,"-verify") == 0)
+        } else if (strcmp(*argv, "-verify") == 0)
            do_ver = 1;
-		else if (strcmp(*argv,"-text") == 0)
+        else if (strcmp(*argv, "-text") == 0)
            text = 1;
-		else if (strcmp(*argv,"-hash") == 0)
-			hash= ++num;
+        else if (strcmp(*argv, "-hash") == 0)
+            hash = ++num;
 #ifndef OPENSSL_NO_MD5
-		else if (strcmp(*argv,"-hash_old") == 0)
-			hash_old= ++num;
+        else if (strcmp(*argv, "-hash_old") == 0)
+            hash_old = ++num;
 #endif
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-issuer") == 0)
-			issuer= ++num;
-		else if (strcmp(*argv,"-lastupdate") == 0)
-			lastupdate= ++num;
-		else if (strcmp(*argv,"-nextupdate") == 0)
-			nextupdate= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-fingerprint") == 0)
-			fingerprint= ++num;
-		else if (strcmp(*argv,"-crlnumber") == 0)
-			crlnumber= ++num;
-		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
-			{
+        else if (strcmp(*argv, "-nameopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_name_ex(&nmflag, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-issuer") == 0)
+            issuer = ++num;
+        else if (strcmp(*argv, "-lastupdate") == 0)
+            lastupdate = ++num;
+        else if (strcmp(*argv, "-nextupdate") == 0)
+            nextupdate = ++num;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = ++num;
+        else if (strcmp(*argv, "-fingerprint") == 0)
+            fingerprint = ++num;
+        else if (strcmp(*argv, "-crlnumber") == 0)
+            crlnumber = ++num;
+        else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
            /* ok */
-			digest=md_alg;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+            digest = md_alg;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		for (pp=crl_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
+    if (badops) {
+ bad:
+        for (pp = crl_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
        goto end;
    }

    ERR_load_crypto_strings();
-	x=load_crl(infile,informat);
-	if (x == NULL) { goto end; }
+    x = load_crl(infile, informat);
+    if (x == NULL) {
+        goto end;
+    }

-	if(do_ver) {
+    if (do_ver) {
        store = X509_STORE_new();
-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
-			X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+        lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
+        if (lookup == NULL)
+            goto end;
+        if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM))
+            X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);

-		lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
-		if (lookup == NULL) goto end;
-		if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
-			X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+        lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
+        if (lookup == NULL)
+            goto end;
+        if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM))
+            X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
        ERR_clear_error();

-		if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
-			BIO_printf(bio_err,
-				"Error initialising X509 store\n");
+        if (!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
+            BIO_printf(bio_err, "Error initialising X509 store\n");
            goto end;
        }

        i = X509_STORE_get_by_subject(&ctx, X509_LU_X509,
                                      X509_CRL_get_issuer(x), &xobj);
-		if(i <= 0) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer certificate\n");
+        if (i <= 0) {
+            BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
            goto end;
        }
        pkey = X509_get_pubkey(xobj.data.x509);
        X509_OBJECT_free_contents(&xobj);
-		if(!pkey) {
-			BIO_printf(bio_err,
-				"Error getting CRL issuer public key\n");
+        if (!pkey) {
+            BIO_printf(bio_err, "Error getting CRL issuer public key\n");
            goto end;
        }
        i = X509_CRL_verify(x, pkey);
        EVP_PKEY_free(pkey);
-		if(i < 0) goto end;
-		if(i == 0) BIO_printf(bio_err, "verify failure\n");
-		else BIO_printf(bio_err, "verify OK\n");
+        if (i < 0)
+            goto end;
+        if (i == 0)
+            BIO_printf(bio_err, "verify failure\n");
+        else
+            BIO_printf(bio_err, "verify OK\n");
    }

-	if (num)
-		{
-		for (i=1; i<=num; i++)
-			{
-			if (issuer == i)
-				{
-				print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
+    if (num) {
+        for (i = 1; i <= num; i++) {
+            if (issuer == i) {
+                print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
+                           nmflag);
            }
-			if (crlnumber == i)
-				{
+            if (crlnumber == i) {
                ASN1_INTEGER *crlnum;
-				crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
-							      NULL, NULL);
-				BIO_printf(bio_out,"crlNumber=");
-				if (crlnum)
-					{
+                crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, NULL, NULL);
+                BIO_printf(bio_out, "crlNumber=");
+                if (crlnum) {
                    i2a_ASN1_INTEGER(bio_out, crlnum);
                    ASN1_INTEGER_free(crlnum);
-					}
-				else
+                } else
                    BIO_puts(bio_out, "<NONE>");
-				BIO_printf(bio_out,"\n");
+                BIO_printf(bio_out, "\n");
            }
-			if (hash == i)
-				{
-				BIO_printf(bio_out,"%08lx\n",
+            if (hash == i) {
+                BIO_printf(bio_out, "%08lx\n",
                           X509_NAME_hash(X509_CRL_get_issuer(x)));
            }
 #ifndef OPENSSL_NO_MD5
-			if (hash_old == i)
-				{
-				BIO_printf(bio_out,"%08lx\n",
-					X509_NAME_hash_old(
-						X509_CRL_get_issuer(x)));
+            if (hash_old == i) {
+                BIO_printf(bio_out, "%08lx\n",
+                           X509_NAME_hash_old(X509_CRL_get_issuer(x)));
            }
 #endif
-			if (lastupdate == i)
-				{
-				BIO_printf(bio_out,"lastUpdate=");
-				ASN1_TIME_print(bio_out,
-						X509_CRL_get_lastUpdate(x));
-				BIO_printf(bio_out,"\n");
+            if (lastupdate == i) {
+                BIO_printf(bio_out, "lastUpdate=");
+                ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
+                BIO_printf(bio_out, "\n");
            }
-			if (nextupdate == i)
-				{
-				BIO_printf(bio_out,"nextUpdate=");
+            if (nextupdate == i) {
+                BIO_printf(bio_out, "nextUpdate=");
                if (X509_CRL_get_nextUpdate(x))
-					ASN1_TIME_print(bio_out,
-						X509_CRL_get_nextUpdate(x));
+                    ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x));
                else
-					BIO_printf(bio_out,"NONE");
-				BIO_printf(bio_out,"\n");
+                    BIO_printf(bio_out, "NONE");
+                BIO_printf(bio_out, "\n");
            }
-			if (fingerprint == i)
-				{
+            if (fingerprint == i) {
                int j;
                unsigned int n;
                unsigned char md[EVP_MAX_MD_SIZE];

-				if (!X509_CRL_digest(x,digest,md,&n))
-					{
-					BIO_printf(bio_err,"out of memory\n");
+                if (!X509_CRL_digest(x, digest, md, &n)) {
+                    BIO_printf(bio_err, "out of memory\n");
                    goto end;
                }
-				BIO_printf(bio_out,"%s Fingerprint=",
+                BIO_printf(bio_out, "%s Fingerprint=",
                           OBJ_nid2sn(EVP_MD_type(digest)));
-				for (j=0; j<(int)n; j++)
-					{
-					BIO_printf(bio_out,"%02X%c",md[j],
-						(j+1 == (int)n)
-						?'\n':':');
+                for (j = 0; j < (int)n; j++) {
+                    BIO_printf(bio_out, "%02X%c", md[j], (j + 1 == (int)n)
+                               ? '\n' : ':');
                }
            }
        }
    }

-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
 #endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-	if (text) X509_CRL_print(out, x);
+    if (text)
+        X509_CRL_print(out, x);

-	if (noout) 
-		{
+    if (noout) {
        ret = 0;
        goto end;
    }

    if (outformat == FORMAT_ASN1)
-		i=(int)i2d_X509_CRL_bio(out,x);
+        i = (int)i2d_X509_CRL_bio(out, x);
    else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_X509_CRL(out,x);
-	else	
-		{
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
+        i = PEM_write_bio_X509_CRL(out, x);
+    else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
        goto end;
    }
-	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
-	ret=0;
-end:
+    if (!i) {
+        BIO_printf(bio_err, "unable to write CRL\n");
+        goto end;
+    }
+    ret = 0;
+ end:
    BIO_free_all(out);
    BIO_free_all(bio_out);
-	bio_out=NULL;
+    bio_out = NULL;
    X509_CRL_free(x);
-	if(store) {
+    if (store) {
        X509_STORE_CTX_cleanup(&ctx);
        X509_STORE_free(store);
    }
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static X509_CRL *load_crl(char *infile, int format)
-	{
-	X509_CRL *x=NULL;
-	BIO *in=NULL;
+{
+    X509_CRL *x = NULL;
+    BIO *in = NULL;

-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
+    in = BIO_new(BIO_s_file());
+    if (in == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }
    if (format == FORMAT_ASN1)
-		x=d2i_X509_CRL_bio(in,NULL);
+        x = d2i_X509_CRL_bio(in, NULL);
    else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
+        x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
    else {
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
+        BIO_printf(bio_err, "bad input format specified for input crl\n");
        goto end;
    }
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load CRL\n");
+    if (x == NULL) {
+        BIO_printf(bio_err, "unable to load CRL\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-end:
+ end:
    BIO_free(in);
-	return(x);
-	}
-
+    return (x);
+}
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@ -56,9 +56,11 @@
 * [including the GNU Public Licence.]
 */

-/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
- * and donated 'to the cause' along with lots and lots of other fixes to
- * the library. */
+/*
+ * This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu> and
+ * donated 'to the cause' along with lots and lots of other fixes to the
+ * library.
+ */

 #include <stdio.h>
 #include <string.h>
@ -75,7 +77,8 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
 #undef PROG
 #define PROG    crl2pkcs7_main

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -84,158 +87,149 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog,*certfile;
+{
+    int i, badops = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat;
+    char *infile, *outfile, *prog, *certfile;
    PKCS7 *p7 = NULL;
    PKCS7_SIGNED *p7s = NULL;
-	X509_CRL *crl=NULL;
-	STACK_OF(OPENSSL_STRING) *certflst=NULL;
-	STACK_OF(X509_CRL) *crl_stack=NULL;
-	STACK_OF(X509) *cert_stack=NULL;
-	int ret=1,nocrl=0;
+    X509_CRL *crl = NULL;
+    STACK_OF(OPENSSL_STRING) *certflst = NULL;
+    STACK_OF(X509_CRL) *crl_stack = NULL;
+    STACK_OF(X509) *cert_stack = NULL;
+    int ret = 1, nocrl = 0;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-nocrl") == 0)
-			{
-			nocrl=1;
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-certfile") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_OPENSSL_STRING_new_null();
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-nocrl") == 0) {
+            nocrl = 1;
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-certfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!certflst)
+                certflst = sk_OPENSSL_STRING_new_null();
            if (!certflst)
                goto end;
-			if (!sk_OPENSSL_STRING_push(certflst,*(++argv)))
-				{
+            if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
                sk_OPENSSL_STRING_free(certflst);
                goto end;
            }
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg    input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg   output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -certfile arg  certificates file of chain to a trusted CA\n");
-		BIO_printf(bio_err,"                (can be used more than once)\n");
-		BIO_printf(bio_err," -nocrl         no crl to load, just certs from '-certfile'\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg    input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg   output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg        input file\n");
+        BIO_printf(bio_err, " -out arg       output file\n");
+        BIO_printf(bio_err,
+                   " -certfile arg  certificates file of chain to a trusted CA\n");
+        BIO_printf(bio_err, "                (can be used more than once)\n");
+        BIO_printf(bio_err,
+                   " -nocrl         no crl to load, just certs from '-certfile'\n");
        ret = 1;
        goto end;
    }

    ERR_load_crypto_strings();

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (!nocrl)
-		{
+    if (!nocrl) {
        if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
                perror(infile);
                goto end;
            }
        }

        if (informat == FORMAT_ASN1)
-			crl=d2i_X509_CRL_bio(in,NULL);
+            crl = d2i_X509_CRL_bio(in, NULL);
        else if (informat == FORMAT_PEM)
-			crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
+            crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
        else {
-			BIO_printf(bio_err,"bad input format specified for input crl\n");
+            BIO_printf(bio_err, "bad input format specified for input crl\n");
            goto end;
        }
-		if (crl == NULL)
-			{
-			BIO_printf(bio_err,"unable to load CRL\n");
+        if (crl == NULL) {
+            BIO_printf(bio_err, "unable to load CRL\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if ((p7=PKCS7_new()) == NULL) goto end;
-	if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
-	p7->type=OBJ_nid2obj(NID_pkcs7_signed);
-	p7->d.sign=p7s;
-	p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
+    if ((p7 = PKCS7_new()) == NULL)
+        goto end;
+    if ((p7s = PKCS7_SIGNED_new()) == NULL)
+        goto end;
+    p7->type = OBJ_nid2obj(NID_pkcs7_signed);
+    p7->d.sign = p7s;
+    p7s->contents->type = OBJ_nid2obj(NID_pkcs7_data);

-	if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
-	if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end;
-	p7s->crl=crl_stack;
-	if (crl != NULL)
-		{
-		sk_X509_CRL_push(crl_stack,crl);
-		crl=NULL; /* now part of p7 for OPENSSL_freeing */
+    if (!ASN1_INTEGER_set(p7s->version, 1))
+        goto end;
+    if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
+        goto end;
+    p7s->crl = crl_stack;
+    if (crl != NULL) {
+        sk_X509_CRL_push(crl_stack, crl);
+        crl = NULL;             /* now part of p7 for OPENSSL_freeing */
    }

-	if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
-	p7s->cert=cert_stack;
+    if ((cert_stack = sk_X509_new_null()) == NULL)
+        goto end;
+    p7s->cert = cert_stack;

-	if(certflst) for(i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
+    if (certflst)
+        for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
            certfile = sk_OPENSSL_STRING_value(certflst, i);
-		if (add_certs_from_file(cert_stack,certfile) < 0)
-			{
+            if (add_certs_from_file(cert_stack, certfile) < 0) {
                BIO_printf(bio_err, "error loading certificates\n");
                ERR_print_errors(bio_err);
                goto end;
@ -244,51 +238,50 @@ bad:

    sk_OPENSSL_STRING_free(certflst);

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
 #endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

    if (outformat == FORMAT_ASN1)
-		i=i2d_PKCS7_bio(out,p7);
+        i = i2d_PKCS7_bio(out, p7);
    else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_PKCS7(out,p7);
+        i = PEM_write_bio_PKCS7(out, p7);
    else {
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
        goto end;
    }
-	if (!i)
-		{
-		BIO_printf(bio_err,"unable to write pkcs7 object\n");
+    if (!i) {
+        BIO_printf(bio_err, "unable to write pkcs7 object\n");
        ERR_print_errors(bio_err);
        goto end;
    }
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (p7 != NULL) PKCS7_free(p7);
-	if (crl != NULL) X509_CRL_free(crl);
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (p7 != NULL)
+        PKCS7_free(p7);
+    if (crl != NULL)
+        X509_CRL_free(crl);

    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

-/*
+/*-
 *----------------------------------------------------------------------
 * int add_certs_from_file
 *
@ -299,45 +292,43 @@ end:
 *----------------------------------------------------------------------
 */
 static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
-	{
-	BIO *in=NULL;
-	int count=0;
-	int ret= -1;
-	STACK_OF(X509_INFO) *sk=NULL;
+{
+    BIO *in = NULL;
+    int count = 0;
+    int ret = -1;
+    STACK_OF(X509_INFO) *sk = NULL;
    X509_INFO *xi;

-	in=BIO_new(BIO_s_file());
-	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
-		{
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
+    in = BIO_new(BIO_s_file());
+    if ((in == NULL) || (BIO_read_filename(in, certfile) <= 0)) {
+        BIO_printf(bio_err, "error opening the file, %s\n", certfile);
        goto end;
    }

    /* This loads from a file, a stack of x509/crl/pkey sets */
-	sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
+    sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
    if (sk == NULL) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
+        BIO_printf(bio_err, "error reading the file, %s\n", certfile);
        goto end;
    }

    /* scan over it and pull out the CRL's */
-	while (sk_X509_INFO_num(sk))
-		{
-		xi=sk_X509_INFO_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_X509_push(stack,xi->x509);
-			xi->x509=NULL;
+    while (sk_X509_INFO_num(sk)) {
+        xi = sk_X509_INFO_shift(sk);
+        if (xi->x509 != NULL) {
+            sk_X509_push(stack, xi->x509);
+            xi->x509 = NULL;
            count++;
        }
        X509_INFO_free(xi);
    }

-	ret=count;
-end:
+    ret = count;
+ end:
    /* never need to OPENSSL_free x */
-	if (in != NULL) BIO_free(in);
-	if (sk != NULL) sk_X509_INFO_free(sk);
-	return(ret);
-	}
-
+    if (in != NULL)
+        BIO_free(in);
+    if (sk != NULL)
+        sk_X509_INFO_free(sk);
+    return (ret);
+}
--- a/apps/dgst.c
+++ b/apps/dgst.c
@ -77,11 +77,11 @@
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen,
          const char *sig_name, const char *md_name,
-	  const char *file,BIO *bmd);
+          const char *file, BIO *bmd);

 static void list_md_fn(const EVP_MD *m,
                       const char *from, const char *to, void *arg)
-	{
+{
    const char *mname;
    /* Skip aliases */
    if (!m)
@ -94,27 +94,27 @@ static void list_md_fn(const EVP_MD *m,
    if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
        return;
    if (strchr(mname, ' '))
-		mname= EVP_MD_name(m);
+        mname = EVP_MD_name(m);
    BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
               mname, mname);
-	}
+}

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
-	unsigned char *buf=NULL;
-	int i,err=1;
-	const EVP_MD *md=NULL,*m;
-	BIO *in=NULL,*inp;
-	BIO *bmd=NULL;
+    unsigned char *buf = NULL;
+    int i, err = 1;
+    const EVP_MD *md = NULL, *m;
+    BIO *in = NULL, *inp;
+    BIO *bmd = NULL;
    BIO *out = NULL;
 #define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-	int separator=0;
-	int debug=0;
-	int keyform=FORMAT_PEM;
+    char pname[PROG_NAME_SIZE + 1];
+    int separator = 0;
+    int debug = 0;
+    int keyform = FORMAT_PEM;
    const char *outfile = NULL, *keyfile = NULL;
    const char *sigfile = NULL, *randfile = NULL;
    int out_bin = -1, want_pub = 0, do_verify = 0;
@ -123,211 +123,201 @@ int MAIN(int argc, char **argv)
    int siglen = 0;
    char *passargin = NULL, *passin = NULL;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif
-	char *hmac_key=NULL;
-	char *mac_name=NULL;
+    char *hmac_key = NULL;
+    char *mac_name = NULL;
    int non_fips_allow = 0;
    STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;

    apps_startup();

-	if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
+    if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
        goto end;
    }
    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

    /* first check the program name */
-	program_name(argv[0],pname,sizeof pname);
+    program_name(argv[0], pname, sizeof pname);

-	md=EVP_get_digestbyname(pname);
+    md = EVP_get_digestbyname(pname);

    argc--;
    argv++;
-	while (argc > 0)
-		{
-		if ((*argv)[0] != '-') break;
-		if (strcmp(*argv,"-c") == 0)
-			separator=1;
-		else if (strcmp(*argv,"-r") == 0)
-			separator=2;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) break;
-			randfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) break;
-			outfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-sign") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
-			}
-		else if (!strcmp(*argv,"-passin"))
-			{
+    while (argc > 0) {
+        if ((*argv)[0] != '-')
+            break;
+        if (strcmp(*argv, "-c") == 0)
+            separator = 1;
+        else if (strcmp(*argv, "-r") == 0)
+            separator = 2;
+        else if (strcmp(*argv, "-rand") == 0) {
            if (--argc < 1)
                break;
-			passargin=*++argv;
-			}
-		else if (strcmp(*argv,"-verify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
+            randfile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                break;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-sign") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
+        } else if (!strcmp(*argv, "-passin")) {
+            if (--argc < 1)
+                break;
+            passargin = *++argv;
+        } else if (strcmp(*argv, "-verify") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
            want_pub = 1;
            do_verify = 1;
-			}
-		else if (strcmp(*argv,"-prverify") == 0)
-			{
-			if (--argc < 1) break;
-			keyfile=*(++argv);
+        } else if (strcmp(*argv, "-prverify") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
            do_verify = 1;
-			}
-		else if (strcmp(*argv,"-signature") == 0)
-			{
-			if (--argc < 1) break;
-			sigfile=*(++argv);
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) break;
-			keyform=str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-signature") == 0) {
+            if (--argc < 1)
+                break;
+            sigfile = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                break;
+            keyform = str2fmt(*(++argv));
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) break;
-			engine= *(++argv);
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                break;
+            engine = *(++argv);
            e = setup_engine(bio_err, engine, 0);
        }
 #endif
-		else if (strcmp(*argv,"-hex") == 0)
+        else if (strcmp(*argv, "-hex") == 0)
            out_bin = 0;
-		else if (strcmp(*argv,"-binary") == 0)
+        else if (strcmp(*argv, "-binary") == 0)
            out_bin = 1;
-		else if (strcmp(*argv,"-d") == 0)
-			debug=1;
-		else if (!strcmp(*argv,"-fips-fingerprint"))
+        else if (strcmp(*argv, "-d") == 0)
+            debug = 1;
+        else if (!strcmp(*argv, "-fips-fingerprint"))
            hmac_key = "etaonrishdlcupfm";
-		else if (strcmp(*argv,"-non-fips-allow") == 0)
-			non_fips_allow=1;
-		else if (!strcmp(*argv,"-hmac"))
-			{
+        else if (strcmp(*argv, "-non-fips-allow") == 0)
+            non_fips_allow = 1;
+        else if (!strcmp(*argv, "-hmac")) {
            if (--argc < 1)
                break;
-			hmac_key=*++argv;
-			}
-		else if (!strcmp(*argv,"-mac"))
-			{
+            hmac_key = *++argv;
+        } else if (!strcmp(*argv, "-mac")) {
            if (--argc < 1)
                break;
-			mac_name=*++argv;
-			}
-		else if (strcmp(*argv,"-sigopt") == 0)
-			{
+            mac_name = *++argv;
+        } else if (strcmp(*argv, "-sigopt") == 0) {
            if (--argc < 1)
                break;
            if (!sigopts)
                sigopts = sk_OPENSSL_STRING_new_null();
            if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
                break;
-			}
-		else if (strcmp(*argv,"-macopt") == 0)
-			{
+        } else if (strcmp(*argv, "-macopt") == 0) {
            if (--argc < 1)
                break;
            if (!macopts)
                macopts = sk_OPENSSL_STRING_new_null();
            if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
                break;
-			}
-		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			md=m;
+        } else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+            md = m;
        else
            break;
        argc--;
        argv++;
    }

-
-	if(do_verify && !sigfile) {
-		BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
+    if (do_verify && !sigfile) {
+        BIO_printf(bio_err,
+                   "No signature to verify: use the -signature option\n");
        goto end;
    }

-	if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
-		{
-		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
-		BIO_printf(bio_err,"options are\n");
-		BIO_printf(bio_err,"-c              to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-r              to output the digest in coreutils format\n");
-		BIO_printf(bio_err,"-d              to output debug info\n");
-		BIO_printf(bio_err,"-hex            output as hex dump\n");
-		BIO_printf(bio_err,"-binary         output in binary form\n");
-		BIO_printf(bio_err,"-hmac arg       set the HMAC key to arg\n");
-		BIO_printf(bio_err,"-non-fips-allow allow use of non FIPS digest\n");
-		BIO_printf(bio_err,"-sign   file    sign digest using private key in file\n");
-		BIO_printf(bio_err,"-verify file    verify a signature using public key in file\n");
-		BIO_printf(bio_err,"-prverify file  verify a signature using private key in file\n");
-		BIO_printf(bio_err,"-keyform arg    key file format (PEM or ENGINE)\n");
-		BIO_printf(bio_err,"-out filename   output to filename rather than stdout\n");
-		BIO_printf(bio_err,"-signature file signature to verify\n");
-		BIO_printf(bio_err,"-sigopt nm:v    signature parameter\n");
-		BIO_printf(bio_err,"-hmac key       create hashed MAC with key\n");
-		BIO_printf(bio_err,"-mac algorithm  create MAC (not neccessarily HMAC)\n"); 
-		BIO_printf(bio_err,"-macopt nm:v    MAC algorithm parameters or key\n");
+    if ((argc > 0) && (argv[0][0] == '-')) { /* bad option */
+        BIO_printf(bio_err, "unknown option '%s'\n", *argv);
+        BIO_printf(bio_err, "options are\n");
+        BIO_printf(bio_err,
+                   "-c              to output the digest with separating colons\n");
+        BIO_printf(bio_err,
+                   "-r              to output the digest in coreutils format\n");
+        BIO_printf(bio_err, "-d              to output debug info\n");
+        BIO_printf(bio_err, "-hex            output as hex dump\n");
+        BIO_printf(bio_err, "-binary         output in binary form\n");
+        BIO_printf(bio_err, "-hmac arg       set the HMAC key to arg\n");
+        BIO_printf(bio_err, "-non-fips-allow allow use of non FIPS digest\n");
+        BIO_printf(bio_err,
+                   "-sign   file    sign digest using private key in file\n");
+        BIO_printf(bio_err,
+                   "-verify file    verify a signature using public key in file\n");
+        BIO_printf(bio_err,
+                   "-prverify file  verify a signature using private key in file\n");
+        BIO_printf(bio_err,
+                   "-keyform arg    key file format (PEM or ENGINE)\n");
+        BIO_printf(bio_err,
+                   "-out filename   output to filename rather than stdout\n");
+        BIO_printf(bio_err, "-signature file signature to verify\n");
+        BIO_printf(bio_err, "-sigopt nm:v    signature parameter\n");
+        BIO_printf(bio_err, "-hmac key       create hashed MAC with key\n");
+        BIO_printf(bio_err,
+                   "-mac algorithm  create MAC (not neccessarily HMAC)\n");
+        BIO_printf(bio_err,
+                   "-macopt nm:v    MAC algorithm parameters or key\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
 #endif

        EVP_MD_do_all_sorted(list_md_fn, bio_err);
        goto end;
    }

-	in=BIO_new(BIO_s_file());
-	bmd=BIO_new(BIO_f_md());
-	if (debug)
-		{
-		BIO_set_callback(in,BIO_debug_callback);
-		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,(char *)bio_err);
-		}
-
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
-		BIO_printf(bio_err, "Error getting password\n");
-		goto end;
-		}
-
-	if ((in == NULL) || (bmd == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    bmd = BIO_new(BIO_f_md());
+    if ((in == NULL) || (bmd == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

-	if(out_bin == -1) {
-		if(keyfile)
+    if (debug) {
+        BIO_set_callback(in, BIO_debug_callback);
+        /* needed for windows 3.1 */
+        BIO_set_callback_arg(in, (char *)bio_err);
+    }
+
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (out_bin == -1) {
+        if (keyfile)
            out_bin = 1;
        else
            out_bin = 0;
    }

-	if(randfile)
+    if (randfile)
        app_RAND_load_file(randfile, bio_err, 0);

-	if(outfile) {
-		if(out_bin)
+    if (outfile) {
+        if (out_bin)
            out = BIO_new_file(outfile, "wb");
-		else    out = BIO_new_file(outfile, "w");
+        else
+            out = BIO_new_file(outfile, "w");
    } else {
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
@ -338,58 +328,50 @@ int MAIN(int argc, char **argv)
 #endif
    }

-	if(!out) {
+    if (!out) {
        BIO_printf(bio_err, "Error opening output file %s\n",
                   outfile ? outfile : "(stdout)");
        ERR_print_errors(bio_err);
        goto end;
    }
-	if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
-		{
+    if ((! !mac_name + ! !keyfile + ! !hmac_key) > 1) {
        BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
        goto end;
    }

-	if(keyfile)
-		{
+    if (keyfile) {
        if (want_pub)
            sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
                                 e, "key file");
        else
            sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
                              e, "key file");
-		if (!sigkey)
-			{
-			/* load_[pub]key() has already printed an appropriate
-			   message */
+        if (!sigkey) {
+            /*
+             * load_[pub]key() has already printed an appropriate message
+             */
            goto end;
        }
    }

-	if (mac_name)
-		{
+    if (mac_name) {
        EVP_PKEY_CTX *mac_ctx = NULL;
        int r = 0;
-		if (!init_gen_str(bio_err, &mac_ctx, mac_name,e, 0))
+        if (!init_gen_str(bio_err, &mac_ctx, mac_name, e, 0))
            goto mac_end;
-		if (macopts)
-			{
+        if (macopts) {
            char *macopt;
-			for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++)
-				{
+            for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
                macopt = sk_OPENSSL_STRING_value(macopts, i);
-				if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
-					{
+                if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
                    BIO_printf(bio_err,
-						"MAC parameter error \"%s\"\n",
-						macopt);
+                               "MAC parameter error \"%s\"\n", macopt);
                    ERR_print_errors(bio_err);
                    goto mac_end;
                }
            }
        }
-		if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
-			{
+        if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0) {
            BIO_puts(bio_err, "Error generating key\n");
            ERR_print_errors(bio_err);
            goto mac_end;
@ -402,28 +384,24 @@ int MAIN(int argc, char **argv)
            goto end;
    }

-	if (non_fips_allow)
-		{
+    if (non_fips_allow) {
        EVP_MD_CTX *md_ctx;
-		BIO_get_md_ctx(bmd,&md_ctx);
+        BIO_get_md_ctx(bmd, &md_ctx);
        EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
    }

-	if (hmac_key)
-		{
+    if (hmac_key) {
        sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
                                      (unsigned char *)hmac_key, -1);
        if (!sigkey)
            goto end;
    }

-	if (sigkey)
-		{
+    if (sigkey) {
        EVP_MD_CTX *mctx = NULL;
        EVP_PKEY_CTX *pctx = NULL;
        int r;
-		if (!BIO_get_md_ctx(bmd, &mctx))
-			{
+        if (!BIO_get_md_ctx(bmd, &mctx)) {
            BIO_printf(bio_err, "Error getting context\n");
            ERR_print_errors(bio_err);
            goto end;
@ -432,23 +410,17 @@ int MAIN(int argc, char **argv)
            r = EVP_DigestVerifyInit(mctx, &pctx, md, NULL, sigkey);
        else
            r = EVP_DigestSignInit(mctx, &pctx, md, NULL, sigkey);
-		if (!r)
-			{
+        if (!r) {
            BIO_printf(bio_err, "Error setting context\n");
            ERR_print_errors(bio_err);
            goto end;
        }
-		if (sigopts)
-			{
+        if (sigopts) {
            char *sigopt;
-			for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++)
-				{
+            for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
                sigopt = sk_OPENSSL_STRING_value(sigopts, i);
-				if (pkey_ctrl_string(pctx, sigopt) <= 0)
-					{
-					BIO_printf(bio_err,
-						"parameter error \"%s\"\n",
-						sigopt);
+                if (pkey_ctrl_string(pctx, sigopt) <= 0) {
+                    BIO_printf(bio_err, "parameter error \"%s\"\n", sigopt);
                    ERR_print_errors(bio_err);
                    goto end;
                }
@ -456,60 +428,55 @@ int MAIN(int argc, char **argv)
        }
    }
    /* we use md as a filter, reading from 'in' */
-	else
-		{
+    else {
        if (md == NULL)
            md = EVP_md5();
-		if (!BIO_set_md(bmd,md))
-			{
+        if (!BIO_set_md(bmd, md)) {
            BIO_printf(bio_err, "Error setting digest %s\n", pname);
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if(sigfile && sigkey) {
+    if (sigfile && sigkey) {
        BIO *sigbio;
        sigbio = BIO_new_file(sigfile, "rb");
        siglen = EVP_PKEY_size(sigkey);
        sigbuf = OPENSSL_malloc(siglen);
-		if(!sigbio) {
-			BIO_printf(bio_err, "Error opening signature file %s\n",
-								sigfile);
+        if (!sigbio) {
+            BIO_printf(bio_err, "Error opening signature file %s\n", sigfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (!sigbuf) {
+            BIO_printf(bio_err, "Out of memory\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        siglen = BIO_read(sigbio, sigbuf, siglen);
        BIO_free(sigbio);
-		if(siglen <= 0) {
-			BIO_printf(bio_err, "Error reading signature file %s\n",
-								sigfile);
+        if (siglen <= 0) {
+            BIO_printf(bio_err, "Error reading signature file %s\n", sigfile);
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	inp=BIO_push(bmd,in);
+    inp = BIO_push(bmd, in);

-	if (md == NULL)
-		{
+    if (md == NULL) {
        EVP_MD_CTX *tctx;
        BIO_get_md_ctx(bmd, &tctx);
        md = EVP_MD_CTX_md(tctx);
    }

-	if (argc == 0)
-		{
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,NULL,NULL,"stdin",bmd);
-		}
-	else
-		{
+    if (argc == 0) {
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+                    siglen, NULL, NULL, "stdin", bmd);
+    } else {
        const char *md_name = NULL, *sig_name = NULL;
-		if(!out_bin)
-			{
-			if (sigkey)
-				{
+        if (!out_bin) {
+            if (sigkey) {
                const EVP_PKEY_ASN1_METHOD *ameth;
                ameth = EVP_PKEY_get0_asn1(sigkey);
                if (ameth)
@ -519,30 +486,27 @@ int MAIN(int argc, char **argv)
            md_name = EVP_MD_name(md);
        }
        err = 0;
-		for (i=0; i<argc; i++)
-			{
+        for (i = 0; i < argc; i++) {
            int r;
-			if (BIO_read_filename(in,argv[i]) <= 0)
-				{
+            if (BIO_read_filename(in, argv[i]) <= 0) {
                perror(argv[i]);
                err++;
                continue;
-				}
-			else
-			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,sig_name,md_name, argv[i],bmd);
-			if(r)
-			    err=r;
+            } else
+                r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+                          siglen, sig_name, md_name, argv[i], bmd);
+            if (r)
+                err = r;
            (void)BIO_reset(bmd);
        }
    }
-end:
-	if (buf != NULL)
-		{
-		OPENSSL_cleanse(buf,BUFSIZE);
+ end:
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, BUFSIZE);
        OPENSSL_free(buf);
    }
-	if (in != NULL) BIO_free(in);
+    if (in != NULL)
+        BIO_free(in);
    if (passin)
        OPENSSL_free(passin);
    BIO_free_all(out);
@ -551,96 +515,84 @@ end:
        sk_OPENSSL_STRING_free(sigopts);
    if (macopts)
        sk_OPENSSL_STRING_free(macopts);
-	if(sigbuf) OPENSSL_free(sigbuf);
-	if (bmd != NULL) BIO_free(bmd);
+    if (sigbuf)
+        OPENSSL_free(sigbuf);
+    if (bmd != NULL)
+        BIO_free(bmd);
    apps_shutdown();
    OPENSSL_EXIT(err);
-	}
+}

 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
          EVP_PKEY *key, unsigned char *sigin, int siglen,
          const char *sig_name, const char *md_name,
-	  const char *file,BIO *bmd)
-	{
+          const char *file, BIO *bmd)
+{
    size_t len;
    int i;

-	for (;;)
-		{
-		i=BIO_read(bp,(char *)buf,BUFSIZE);
-		if(i < 0)
-			{
-			BIO_printf(bio_err, "Read Error in %s\n",file);
+    for (;;) {
+        i = BIO_read(bp, (char *)buf, BUFSIZE);
+        if (i < 0) {
+            BIO_printf(bio_err, "Read Error in %s\n", file);
            ERR_print_errors(bio_err);
            return 1;
        }
-		if (i == 0) break;
+        if (i == 0)
+            break;
    }
-	if(sigin)
-		{
+    if (sigin) {
        EVP_MD_CTX *ctx;
        BIO_get_md_ctx(bp, &ctx);
        i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
-		if(i > 0)
+        if (i > 0)
            BIO_printf(out, "Verified OK\n");
-		else if(i == 0)
-			{
+        else if (i == 0) {
            BIO_printf(out, "Verification Failure\n");
            return 1;
-			}
-		else
-			{
+        } else {
            BIO_printf(bio_err, "Error Verifying Data\n");
            ERR_print_errors(bio_err);
            return 1;
        }
        return 0;
    }
-	if(key)
-		{
+    if (key) {
        EVP_MD_CTX *ctx;
        BIO_get_md_ctx(bp, &ctx);
        len = BUFSIZE;
-		if(!EVP_DigestSignFinal(ctx, buf, &len)) 
-			{
+        if (!EVP_DigestSignFinal(ctx, buf, &len)) {
            BIO_printf(bio_err, "Error Signing Data\n");
            ERR_print_errors(bio_err);
            return 1;
        }
-		}
-	else
-		{
-		len=BIO_gets(bp,(char *)buf,BUFSIZE);
-		if ((int)len <0)
-			{
+    } else {
+        len = BIO_gets(bp, (char *)buf, BUFSIZE);
+        if ((int)len < 0) {
            ERR_print_errors(bio_err);
            return 1;
        }
    }

-	if(binout) BIO_write(out, buf, len);
-	else if (sep == 2)
-		{
-		for (i=0; i<(int)len; i++)
-			BIO_printf(out, "%02x",buf[i]);
+    if (binout)
+        BIO_write(out, buf, len);
+    else if (sep == 2) {
+        for (i = 0; i < (int)len; i++)
+            BIO_printf(out, "%02x", buf[i]);
        BIO_printf(out, " *%s\n", file);
-		}
-	else 
-		{
+    } else {
        if (sig_name)
            BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
        else if (md_name)
            BIO_printf(out, "%s(%s)= ", md_name, file);
        else
            BIO_printf(out, "(%s)= ", file);
-		for (i=0; i<(int)len; i++)
-			{
+        for (i = 0; i < (int)len; i++) {
            if (sep && (i != 0))
                BIO_printf(out, ":");
-			BIO_printf(out, "%02x",buf[i]);
+            BIO_printf(out, "%02x", buf[i]);
        }
        BIO_printf(out, "\n");
    }
    return 0;
-	}
-
+}
--- a/apps/dh.c
+++ b/apps/dh.c
@ -59,22 +59,23 @@

 #include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
 #ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#undef PROG
-#define PROG	dh_main
+# undef PROG
+# define PROG    dh_main

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -87,181 +88,164 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
+{
+    DH *dh = NULL;
+    int i, badops = 0, text = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog;
+# ifndef OPENSSL_NO_ENGINE
    char *engine;
-#endif
+# endif

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+# ifndef OPENSSL_NO_ENGINE
+    engine = NULL;
+# endif
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
        }
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+# endif
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg  output format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err, " -check        check the DH parameters\n");
+        BIO_printf(bio_err,
+                   " -text         print a text form of the DH parameters\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err, " -noout        no output\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
        goto end;
    }

    ERR_load_crypto_strings();

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

    if (informat == FORMAT_ASN1)
-		dh=d2i_DHparams_bio(in,NULL);
+        dh = d2i_DHparams_bio(in, NULL);
    else if (informat == FORMAT_PEM)
-		dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
+        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified\n");
        goto end;
    }
-	if (dh == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DH parameters\n");
+    if (dh == NULL) {
+        BIO_printf(bio_err, "unable to load DH parameters\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	
-
-	if (text)
-		{
-		DHparams_print(out,dh);
-#ifdef undef
+    if (text) {
+        DHparams_print(out, dh);
+# ifdef undef
        printf("p=");
-		BN_print(stdout,dh->p);
+        BN_print(stdout, dh->p);
        printf("\ng=");
-		BN_print(stdout,dh->g);
+        BN_print(stdout, dh->g);
        printf("\n");
        if (dh->length != 0)
-			printf("recommended private length=%ld\n",dh->length);
-#endif
+            printf("recommended private length=%ld\n", dh->length);
+# endif
    }

-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
+    if (check) {
+        if (!DH_check(dh, &i)) {
            ERR_print_errors(bio_err);
            goto end;
        }
@ -276,80 +260,78 @@ bad:
        if (i == 0)
            printf("DH parameters appear to be ok.\n");
    }
-	if (C)
-		{
+    if (C) {
        unsigned char *data;
-		int len,l,bits;
+        int len, l, bits;

-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
+        len = BN_num_bytes(dh->p);
+        bits = BN_num_bits(dh->p);
+        data = (unsigned char *)OPENSSL_malloc(len);
+        if (data == NULL) {
            perror("OPENSSL_malloc");
            goto end;
        }
-		l=BN_bn2bin(dh->p,data);
-		printf("static unsigned char dh%d_p[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dh->p, data);
+        printf("static unsigned char dh%d_p[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t};\n");

-		l=BN_bn2bin(dh->g,data);
-		printf("static unsigned char dh%d_g[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dh->g, data);
+        printf("static unsigned char dh%d_g[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t};\n\n");

-		printf("DH *get_dh%d()\n\t{\n",bits);
+        printf("DH *get_dh%d()\n\t{\n", bits);
        printf("\tDH *dh;\n\n");
        printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
        printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
+               bits, bits);
        printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
+               bits, bits);
        printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
        printf("\t\treturn(NULL);\n");
        printf("\treturn(dh);\n\t}\n");
        OPENSSL_free(data);
    }

-
-	if (!noout)
-		{
+    if (!noout) {
        if (outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
+            i = i2d_DHparams_bio(out, dh);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
+            i = PEM_write_bio_DHparams(out, dh);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DH parameters\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
 #else                           /* !OPENSSL_NO_DH */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@ -111,28 +111,29 @@

 #include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
 #ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+# endif

-#undef PROG
-#define PROG	dhparam_main
+# undef PROG
+# define PROG    dhparam_main

-#define DEFBITS	512
+# define DEFBITS 2048

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -148,190 +149,191 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	DH *dh=NULL;
-	int i,badops=0,text=0;
-#ifndef OPENSSL_NO_DSA
-	int dsaparam=0;
-#endif
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
+{
+    DH *dh = NULL;
+    int i, badops = 0, text = 0;
+# ifndef OPENSSL_NO_DSA
+    int dsaparam = 0;
+# endif
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog;
+    char *inrand = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
    int num = 0, g = 0;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
        }
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-#ifndef OPENSSL_NO_DSA
-		else if (strcmp(*argv,"-dsaparam") == 0)
-			dsaparam=1;
-#endif
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
+# endif
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+# ifndef OPENSSL_NO_DSA
+        else if (strcmp(*argv, "-dsaparam") == 0)
+            dsaparam = 1;
+# endif
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-2") == 0)
+            g = 2;
+        else if (strcmp(*argv, "-5") == 0)
+            g = 5;
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
            goto bad;
        argv++;
        argc--;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [numbits]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-#ifndef OPENSSL_NO_DSA
-		BIO_printf(bio_err," -dsaparam     read or generate DSA parameters, convert to DH\n");
-#endif
-		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
-		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
-		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"               the random number generator\n");
-		BIO_printf(bio_err," -noout        no output\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] [numbits]\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg  output format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+# ifndef OPENSSL_NO_DSA
+        BIO_printf(bio_err,
+                   " -dsaparam     read or generate DSA parameters, convert to DH\n");
+# endif
+        BIO_printf(bio_err, " -check        check the DH parameters\n");
+        BIO_printf(bio_err,
+                   " -text         print a text form of the DH parameters\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err,
+                   " -2            generate parameters using  2 as the generator value\n");
+        BIO_printf(bio_err,
+                   " -5            generate parameters using  5 as the generator value\n");
+        BIO_printf(bio_err,
+                   " numbits       number of bits in to generate (default 2048)\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "               - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "               the random number generator\n");
+        BIO_printf(bio_err, " -noout        no output\n");
        goto end;
    }

    ERR_load_crypto_strings();

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

    if (g && !num)
        num = DEFBITS;

-#ifndef OPENSSL_NO_DSA
-	if (dsaparam)
-		{
-		if (g)
-			{
-			BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
+# ifndef OPENSSL_NO_DSA
+    if (dsaparam) {
+        if (g) {
+            BIO_printf(bio_err,
+                       "generator may not be chosen for DSA parameters\n");
            goto end;
        }
-		}
-	else
-#endif
+    } else
+# endif
    {
        /* DH parameters */
        if (num && !g)
            g = 2;
    }

-	if(num) {
+    if (num) {

        BN_GENCB cb;
        BN_GENCB_set(&cb, dh_cb, bio_err);
-		if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-			{
-			BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+        if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+            BIO_printf(bio_err,
+                       "warning, not much extra random data, consider using the -rand option\n");
        }
        if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                       app_RAND_load_files(inrand));

-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
+# ifndef OPENSSL_NO_DSA
+        if (dsaparam) {
            DSA *dsa = DSA_new();

-			BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-			if(!dsa || !DSA_generate_parameters_ex(dsa, num,
-						NULL, 0, NULL, NULL, &cb))
-				{
-				if(dsa) DSA_free(dsa);
+            BIO_printf(bio_err,
+                       "Generating DSA parameters, %d bit long prime\n", num);
+            if (!dsa
+                || !DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL,
+                                               &cb)) {
+                if (dsa)
+                    DSA_free(dsa);
                ERR_print_errors(bio_err);
                goto end;
            }

            dh = DSA_dup_DH(dsa);
            DSA_free(dsa);
-			if (dh == NULL)
-				{
+            if (dh == NULL) {
                ERR_print_errors(bio_err);
                goto end;
            }
-			}
-		else
-#endif
+        } else
+# endif
        {
            dh = DH_new();
-			BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-			BIO_printf(bio_err,"This is going to take a long time\n");
-			if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
-				{
+            BIO_printf(bio_err,
+                       "Generating DH parameters, %d bit long safe prime, generator %d\n",
+                       num, g);
+            BIO_printf(bio_err, "This is going to take a long time\n");
+            if (!dh || !DH_generate_parameters_ex(dh, num, g, &cb)) {
                ERR_print_errors(bio_err);
                goto end;
            }
@ -340,65 +342,55 @@ bad:
        app_RAND_write_file(NULL, bio_err);
    } else {

-		in=BIO_new(BIO_s_file());
-		if (in == NULL)
-			{
+        in = BIO_new(BIO_s_file());
+        if (in == NULL) {
            ERR_print_errors(bio_err);
            goto end;
        }
        if (infile == NULL)
-			BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		else
-			{
-			if (BIO_read_filename(in,infile) <= 0)
-				{
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
                perror(infile);
                goto end;
            }
        }

-		if	(informat != FORMAT_ASN1 && informat != FORMAT_PEM)
-			{
-			BIO_printf(bio_err,"bad input format specified\n");
+        if (informat != FORMAT_ASN1 && informat != FORMAT_PEM) {
+            BIO_printf(bio_err, "bad input format specified\n");
            goto end;
        }
-
-#ifndef OPENSSL_NO_DSA
-		if (dsaparam)
-			{
+# ifndef OPENSSL_NO_DSA
+        if (dsaparam) {
            DSA *dsa;

            if (informat == FORMAT_ASN1)
-				dsa=d2i_DSAparams_bio(in,NULL);
+                dsa = d2i_DSAparams_bio(in, NULL);
            else                /* informat == FORMAT_PEM */
-				dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
+                dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);

-			if (dsa == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DSA parameters\n");
+            if (dsa == NULL) {
+                BIO_printf(bio_err, "unable to load DSA parameters\n");
                ERR_print_errors(bio_err);
                goto end;
            }

            dh = DSA_dup_DH(dsa);
            DSA_free(dsa);
-			if (dh == NULL)
-				{
+            if (dh == NULL) {
                ERR_print_errors(bio_err);
                goto end;
            }
-			}
-		else
-#endif
+        } else
+# endif
        {
            if (informat == FORMAT_ASN1)
-				dh=d2i_DHparams_bio(in,NULL);
+                dh = d2i_DHparams_bio(in, NULL);
            else                /* informat == FORMAT_PEM */
-				dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
+                dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);

-			if (dh == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DH parameters\n");
+            if (dh == NULL) {
+                BIO_printf(bio_err, "unable to load DH parameters\n");
                ERR_print_errors(bio_err);
                goto end;
            }
@ -407,41 +399,32 @@ bad:
        /* dh != NULL */
    }

-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-
-	if (text)
-		{
-		DHparams_print(out,dh);
+    if (text) {
+        DHparams_print(out, dh);
    }

-	if (check)
-		{
-		if (!DH_check(dh,&i))
-			{
+    if (check) {
+        if (!DH_check(dh, &i)) {
            ERR_print_errors(bio_err);
            goto end;
        }
@ -456,48 +439,45 @@ bad:
        if (i == 0)
            printf("DH parameters appear to be ok.\n");
    }
-	if (C)
-		{
+    if (C) {
        unsigned char *data;
-		int len,l,bits;
+        int len, l, bits;

-		len=BN_num_bytes(dh->p);
-		bits=BN_num_bits(dh->p);
-		data=(unsigned char *)OPENSSL_malloc(len);
-		if (data == NULL)
-			{
+        len = BN_num_bytes(dh->p);
+        bits = BN_num_bits(dh->p);
+        data = (unsigned char *)OPENSSL_malloc(len);
+        if (data == NULL) {
            perror("OPENSSL_malloc");
            goto end;
        }
        printf("#ifndef HEADER_DH_H\n"
-		       "#include <openssl/dh.h>\n"
-		       "#endif\n");
-		printf("DH *get_dh%d()\n\t{\n",bits);
+               "#include <openssl/dh.h>\n" "#endif\n");
+        printf("DH *get_dh%d()\n\t{\n", bits);

-		l=BN_bn2bin(dh->p,data);
-		printf("\tstatic unsigned char dh%d_p[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dh->p, data);
+        printf("\tstatic unsigned char dh%d_p[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t\t};\n");

-		l=BN_bn2bin(dh->g,data);
-		printf("\tstatic unsigned char dh%d_g[]={",bits);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dh->g, data);
+        printf("\tstatic unsigned char dh%d_g[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t\t};\n");

        printf("\tDH *dh;\n\n");
        printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
        printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
-			bits,bits);
+               bits, bits);
        printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
-			bits,bits);
+               bits, bits);
        printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
        printf("\t\t{ DH_free(dh); return(NULL); }\n");
        if (dh->length)
@ -506,54 +486,58 @@ bad:
        OPENSSL_free(data);
    }

-
-	if (!noout)
-		{
+    if (!noout) {
        if (outformat == FORMAT_ASN1)
-			i=i2d_DHparams_bio(out,dh);
+            i = i2d_DHparams_bio(out, dh);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DHparams(out,dh);
+            i = PEM_write_bio_DHparams(out, dh);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DH parameters\n");
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DH parameters\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 /* dh_cb is identical to dsa_cb in apps/dsaparam.c */
 static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
+{
+    char c = '*';

-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
    (void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
+# ifdef LINT
+    p = n;
+# endif
    return 1;
-	}
+}

 #else                           /* !OPENSSL_NO_DH */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/dsa.c
+++ b/apps/dsa.c
@ -58,23 +58,24 @@

 #include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
 #ifndef OPENSSL_NO_DSA
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/bn.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/dsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/bn.h>

-#undef PROG
-#define PROG	dsa_main
+# undef PROG
+# define PROG    dsa_main

-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
+/*-
+ * -inform arg  - input format - default PEM (one of DER, NET or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -95,177 +96,175 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
-	int ret=1;
-	DSA *dsa=NULL;
-	int i,badops=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,noout=0;
+    int ret = 1;
+    DSA *dsa = NULL;
+    int i, badops = 0;
+    const EVP_CIPHER *enc = NULL;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, text = 0, noout = 0;
    int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
-#ifndef OPENSSL_NO_ENGINE
+    char *infile, *outfile, *prog;
+# ifndef OPENSSL_NO_ENGINE
    char *engine;
-#endif
+# endif
    char *passargin = NULL, *passargout = NULL;
    char *passin = NULL, *passout = NULL;
-	int modulus=0;
+    int modulus = 0;

    int pvk_encr = 2;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-#ifndef OPENSSL_NO_ENGINE
-	engine=NULL;
-#endif
-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+# ifndef OPENSSL_NO_ENGINE
+    engine = NULL;
+# endif
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
        }
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-pvk-strong") == 0)
-			pvk_encr=2;
-		else if (strcmp(*argv,"-pvk-weak") == 0)
-			pvk_encr=1;
-		else if (strcmp(*argv,"-pvk-none") == 0)
-			pvk_encr=0;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+# endif
+        else if (strcmp(*argv, "-pvk-strong") == 0)
+            pvk_encr = 2;
+        else if (strcmp(*argv, "-pvk-weak") == 0)
+            pvk_encr = 1;
+        else if (strcmp(*argv, "-pvk-none") == 0)
+            pvk_encr = 0;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = 1;
+        else if (strcmp(*argv, "-pubin") == 0)
+            pubin = 1;
+        else if (strcmp(*argv, "-pubout") == 0)
+            pubout = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the DSA public value\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg     input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg    output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg         input file\n");
+        BIO_printf(bio_err,
+                   " -passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, " -out arg        output file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err,
+                   " -des            encrypt PEM output with cbc des\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt PEM output with cbc idea\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err,
+                   " -seed           encrypt PEM output with cbc seed\n");
+# endif
+        BIO_printf(bio_err, " -text           print the key in text\n");
+        BIO_printf(bio_err, " -noout          don't print key out\n");
+        BIO_printf(bio_err, " -modulus        print the DSA public value\n");
        goto end;
    }

    ERR_load_crypto_strings();

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }

-	BIO_printf(bio_err,"read DSA key\n");
+    BIO_printf(bio_err, "read DSA key\n");

    {
        EVP_PKEY *pkey;
@ -277,64 +276,60 @@ bad:
            pkey = load_key(bio_err, infile, informat, 1,
                            passin, e, "Private Key");

-		if (pkey)
-			{
+        if (pkey) {
            dsa = EVP_PKEY_get1_DSA(pkey);
            EVP_PKEY_free(pkey);
        }
    }
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Key\n");
+    if (dsa == NULL) {
+        BIO_printf(bio_err, "unable to load Key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

    if (text)
-		if (!DSA_print(out,dsa,0))
-			{
+        if (!DSA_print(out, dsa, 0)) {
            perror(outfile);
            ERR_print_errors(bio_err);
            goto end;
        }

-	if (modulus)
-		{
-		fprintf(stdout,"Public Key=");
-		BN_print(out,dsa->pub_key);
-		fprintf(stdout,"\n");
+    if (modulus) {
+        fprintf(stdout, "Public Key=");
+        BN_print(out, dsa->pub_key);
+        fprintf(stdout, "\n");
    }

-	if (noout) goto end;
-	BIO_printf(bio_err,"writing DSA key\n");
+    if (noout)
+        goto end;
+    BIO_printf(bio_err, "writing DSA key\n");
    if (outformat == FORMAT_ASN1) {
-		if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
-		else i=i2d_DSAPrivateKey_bio(out,dsa);
+        if (pubin || pubout)
+            i = i2d_DSA_PUBKEY_bio(out, dsa);
+        else
+            i = i2d_DSAPrivateKey_bio(out, dsa);
    } else if (outformat == FORMAT_PEM) {
-		if(pubin || pubout)
-			i=PEM_write_bio_DSA_PUBKEY(out,dsa);
-		else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
-							NULL,0,NULL, passout);
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
+        if (pubin || pubout)
+            i = PEM_write_bio_DSA_PUBKEY(out, dsa);
+        else
+            i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
+                                            NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
        EVP_PKEY *pk;
        pk = EVP_PKEY_new();
@ -346,31 +341,34 @@ bad:
        else
            i = i2b_PrivateKey_bio(out, pk);
        EVP_PKEY_free(pk);
-#endif
+# endif
    } else {
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
        goto end;
    }
-	if (i <= 0)
-		{
-		BIO_printf(bio_err,"unable to write private key\n");
+    if (i <= 0) {
+        BIO_printf(bio_err, "unable to write private key\n");
        ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(in != NULL) BIO_free(in);
-	if(out != NULL) BIO_free_all(out);
-	if(dsa != NULL) DSA_free(dsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
+    } else
+        ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
 #else                           /* !OPENSSL_NO_DSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@ -57,30 +57,33 @@
 */

 #include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
 #ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
 #endif

 #ifndef OPENSSL_NO_DSA
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <assert.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#undef PROG
-#define PROG	dsaparam_main
+# undef PROG
+# define PROG    dsaparam_main

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -94,354 +97,327 @@
 *  #endif
 */

-#ifdef GENCB_TEST
+# ifdef GENCB_TEST

 static int stop_keygen_flag = 0;

 static void timebomb_sigalarm(int foo)
-	{
+{
    stop_keygen_flag = 1;
-	}
+}

-#endif
+# endif

 static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb);

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	DSA *dsa=NULL;
-	int i,badops=0,text=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL;
-	int numbits= -1,num,genkey=0;
-	int need_rand=0;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-#ifdef GENCB_TEST
-	int timebomb=0;
-#endif
+{
+    DSA *dsa = NULL;
+    int i, badops = 0, text = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog, *inrand = NULL;
+    int numbits = -1, num, genkey = 0;
+    int need_rand = 0;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+# ifdef GENCB_TEST
+    int timebomb = 0;
+# endif

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
        }
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if(strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
            engine = *(++argv);
        }
-#endif
-#ifdef GENCB_TEST
-		else if(strcmp(*argv, "-timebomb") == 0)
-			{
-			if (--argc < 1) goto bad;
+# endif
+# ifdef GENCB_TEST
+        else if (strcmp(*argv, "-timebomb") == 0) {
+            if (--argc < 1)
+                goto bad;
            timebomb = atoi(*(++argv));
        }
-#endif
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-C") == 0)
-			C=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			{
-			genkey=1;
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			need_rand=1;
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (sscanf(*argv,"%d",&num) == 1)
-			{
+# endif
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-genkey") == 0) {
+            genkey = 1;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+            need_rand = 1;
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (sscanf(*argv, "%d", &num) == 1) {
            /* generate a key */
-			numbits=num;
-			need_rand=1;
-			}
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+            numbits = num;
+            need_rand = 1;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -text         print as text\n");
-		BIO_printf(bio_err," -C            Output C code\n");
-		BIO_printf(bio_err," -noout        no output\n");
-		BIO_printf(bio_err," -genkey       generate a DSA key\n");
-		BIO_printf(bio_err," -rand         files to use for random number input\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
-#endif
-#ifdef GENCB_TEST
-		BIO_printf(bio_err," -timebomb n   interrupt keygen after <n> seconds\n");
-#endif
-		BIO_printf(bio_err," number        number of bits to use for generating private key\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] [bits] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg  output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err, " -text         print as text\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err, " -noout        no output\n");
+        BIO_printf(bio_err, " -genkey       generate a DSA key\n");
+        BIO_printf(bio_err,
+                   " -rand         files to use for random number input\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
+# ifdef GENCB_TEST
+        BIO_printf(bio_err,
+                   " -timebomb n   interrupt keygen after <n> seconds\n");
+# endif
+        BIO_printf(bio_err,
+                   " number        number of bits to use for generating private key\n");
        goto end;
    }

    ERR_load_crypto_strings();

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if (need_rand)
-		{
+    if (need_rand) {
        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
        if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                       app_RAND_load_files(inrand));
    }

-	if (numbits > 0)
-		{
+    if (numbits > 0) {
        BN_GENCB cb;
        BN_GENCB_set(&cb, dsa_cb, bio_err);
        assert(need_rand);
        dsa = DSA_new();
-		if(!dsa)
-			{
-			BIO_printf(bio_err,"Error allocating DSA object\n");
+        if (!dsa) {
+            BIO_printf(bio_err, "Error allocating DSA object\n");
            goto end;
        }
-		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-	        BIO_printf(bio_err,"This could take some time\n");
-#ifdef GENCB_TEST
-		if(timebomb > 0)
-	{
+        BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n",
+                   num);
+        BIO_printf(bio_err, "This could take some time\n");
+# ifdef GENCB_TEST
+        if (timebomb > 0) {
            struct sigaction act;
            act.sa_handler = timebomb_sigalarm;
            act.sa_flags = 0;
-		BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n",
+            BIO_printf(bio_err,
+                       "(though I'll stop it if not done within %d secs)\n",
                       timebomb);
-		if(sigaction(SIGALRM, &act, NULL) != 0)
-			{
-			BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n");
+            if (sigaction(SIGALRM, &act, NULL) != 0) {
+                BIO_printf(bio_err, "Error, couldn't set SIGALRM handler\n");
                goto end;
            }
            alarm(timebomb);
        }
-#endif
-	        if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))
-			{
-#ifdef GENCB_TEST
-			if(stop_keygen_flag)
-				{
-				BIO_printf(bio_err,"DSA key generation time-stopped\n");
+# endif
+        if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, &cb)) {
+# ifdef GENCB_TEST
+            if (stop_keygen_flag) {
+                BIO_printf(bio_err, "DSA key generation time-stopped\n");
                /* This is an asked-for behaviour! */
                ret = 0;
                goto end;
            }
-#endif
+# endif
            ERR_print_errors(bio_err);
-			BIO_printf(bio_err,"Error, DSA key generation failed\n");
+            BIO_printf(bio_err, "Error, DSA key generation failed\n");
            goto end;
        }
-		}
-	else if	(informat == FORMAT_ASN1)
-		dsa=d2i_DSAparams_bio(in,NULL);
+    } else if (informat == FORMAT_ASN1)
+        dsa = d2i_DSAparams_bio(in, NULL);
    else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified\n");
+        dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified\n");
        goto end;
    }
-	if (dsa == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameters\n");
+    if (dsa == NULL) {
+        BIO_printf(bio_err, "unable to load DSA parameters\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (text)
-		{
-		DSAparams_print(out,dsa);
+    if (text) {
+        DSAparams_print(out, dsa);
    }

-	if (C)
-		{
+    if (C) {
        unsigned char *data;
-		int l,len,bits_p;
+        int l, len, bits_p;

-		len=BN_num_bytes(dsa->p);
-		bits_p=BN_num_bits(dsa->p);
-		data=(unsigned char *)OPENSSL_malloc(len+20);
-		if (data == NULL)
-			{
+        len = BN_num_bytes(dsa->p);
+        bits_p = BN_num_bits(dsa->p);
+        data = (unsigned char *)OPENSSL_malloc(len + 20);
+        if (data == NULL) {
            perror("OPENSSL_malloc");
            goto end;
        }
-		l=BN_bn2bin(dsa->p,data);
-		printf("static unsigned char dsa%d_p[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dsa->p, data);
+        printf("static unsigned char dsa%d_p[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t};\n");

-		l=BN_bn2bin(dsa->q,data);
-		printf("static unsigned char dsa%d_q[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dsa->q, data);
+        printf("static unsigned char dsa%d_q[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t};\n");

-		l=BN_bn2bin(dsa->g,data);
-		printf("static unsigned char dsa%d_g[]={",bits_p);
-		for (i=0; i<l; i++)
-			{
-			if ((i%12) == 0) printf("\n\t");
-			printf("0x%02X,",data[i]);
+        l = BN_bn2bin(dsa->g, data);
+        printf("static unsigned char dsa%d_g[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
        }
        printf("\n\t};\n\n");

-		printf("DSA *get_dsa%d()\n\t{\n",bits_p);
+        printf("DSA *get_dsa%d()\n\t{\n", bits_p);
        printf("\tDSA *dsa;\n\n");
        printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
        printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
-			bits_p,bits_p);
+               bits_p, bits_p);
        printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
-			bits_p,bits_p);
+               bits_p, bits_p);
        printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
-			bits_p,bits_p);
-		printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
+               bits_p, bits_p);
+        printf
+            ("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
        printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
        printf("\treturn(dsa);\n\t}\n");
    }

-
-	if (!noout)
-		{
+    if (!noout) {
        if (outformat == FORMAT_ASN1)
-			i=i2d_DSAparams_bio(out,dsa);
+            i = i2d_DSAparams_bio(out, dsa);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAparams(out,dsa);
+            i = PEM_write_bio_DSAparams(out, dsa);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }
-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write DSA parameters\n");
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DSA parameters\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	if (genkey)
-		{
+    if (genkey) {
        DSA *dsakey;

        assert(need_rand);
-		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
-		if (!DSA_generate_key(dsakey))
-			{
+        if ((dsakey = DSAparams_dup(dsa)) == NULL)
+            goto end;
+        if (!DSA_generate_key(dsakey)) {
            ERR_print_errors(bio_err);
            DSA_free(dsakey);
            goto end;
        }
        if (outformat == FORMAT_ASN1)
-			i=i2d_DSAPrivateKey_bio(out,dsakey);
+            i = i2d_DSAPrivateKey_bio(out, dsakey);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
+            i = PEM_write_bio_DSAPrivateKey(out, dsakey, NULL, NULL, 0, NULL,
+                                            NULL);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            DSA_free(dsakey);
            goto end;
        }
@ -449,38 +425,45 @@ bad:
    }
    if (need_rand)
        app_RAND_write_file(NULL, bio_err);
-	ret=0;
-end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
+{
+    char c = '*';

-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
    (void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-#ifdef GENCB_TEST
-	if(stop_keygen_flag)
+# ifdef LINT
+    p = n;
+# endif
+# ifdef GENCB_TEST
+    if (stop_keygen_flag)
        return 0;
-#endif
+# endif
    return 1;
-	}
+}
 #else                           /* !OPENSSL_NO_DSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/ec.c
+++ b/apps/ec.c
@ -58,19 +58,20 @@

 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_EC
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/pem.h>

-#undef PROG
-#define PROG	ec_main
+# undef PROG
+# define PROG    ec_main

-/* -inform arg    - input format - default PEM (one of DER, NET or PEM)
+/*-
+ * -inform arg    - input format - default PEM (one of DER, NET or PEM)
 * -outform arg   - output format - default PEM
 * -in arg        - input file - default stdin
 * -out arg       - output file - default stdout
@ -91,7 +92,7 @@ int MAIN(int argc, char **argv)
    int i, badops = 0;
    const EVP_CIPHER *enc = NULL;
    BIO *in = NULL, *out = NULL;
-	int 	informat, outformat, text=0, noout=0;
+    int informat, outformat, text = 0, noout = 0;
    int pubin = 0, pubout = 0, param_out = 0;
    char *infile, *outfile, *prog, *engine;
    char *passargin = NULL, *passargout = NULL;
@ -104,8 +105,8 @@ int MAIN(int argc, char **argv)
    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;
@ -119,49 +120,40 @@ int MAIN(int argc, char **argv)
    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else if (strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-		else if (strcmp(*argv, "-noout") == 0)
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        } else if (strcmp(*argv, "-noout") == 0)
            noout = 1;
        else if (strcmp(*argv, "-text") == 0)
            text = 1;
-		else if (strcmp(*argv, "-conv_form") == 0)
-			{
+        else if (strcmp(*argv, "-conv_form") == 0) {
            if (--argc < 1)
                goto bad;
            ++argv;
@ -174,9 +166,7 @@ int MAIN(int argc, char **argv)
                form = POINT_CONVERSION_HYBRID;
            else
                goto bad;
-			}
-		else if (strcmp(*argv, "-param_enc") == 0)
-			{
+        } else if (strcmp(*argv, "-param_enc") == 0) {
            if (--argc < 1)
                goto bad;
            ++argv;
@ -187,26 +177,23 @@ int MAIN(int argc, char **argv)
                asn1_flag = 0;
            else
                goto bad;
-			}
-		else if (strcmp(*argv, "-param_out") == 0)
+        } else if (strcmp(*argv, "-param_out") == 0)
            param_out = 1;
        else if (strcmp(*argv, "-pubin") == 0)
-			pubin=1;
+            pubin = 1;
        else if (strcmp(*argv, "-pubout") == 0)
-			pubout=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
+            pubout = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
            BIO_printf(bio_err, "unknown option %s\n", *argv);
-			badops=1;
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
+    if (badops) {
+ bad:
        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
        BIO_printf(bio_err, "where options are\n");
        BIO_printf(bio_err, " -inform arg     input format - "
@ -235,93 +222,75 @@ bad:
                   " compressed\n");
        BIO_printf(bio_err, "                                 "
                   " uncompressed (default)\n");
-		BIO_printf(bio_err, "                                  "
-				" hybrid\n");
+        BIO_printf(bio_err, "                                  " " hybrid\n");
        BIO_printf(bio_err, " -param_enc arg  specifies the way"
                   " the ec parameters are encoded\n");
-		BIO_printf(bio_err, "                 in the asn1 der "
-				"encoding\n");
+        BIO_printf(bio_err, "                 in the asn1 der " "encoding\n");
        BIO_printf(bio_err, "                 possible values:"
                   " named_curve (default)\n");
-		BIO_printf(bio_err,"                                  "
+        BIO_printf(bio_err, "                                  "
                   "explicit\n");
        goto end;
    }

    ERR_load_crypto_strings();

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
-		{
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

    in = BIO_new(BIO_s_file());
    out = BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
        BIO_set_fp(in, stdin, BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in, infile) <= 0)
-			{
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }

    BIO_printf(bio_err, "read EC key\n");
-	if (informat == FORMAT_ASN1) 
-		{
+    if (informat == FORMAT_ASN1) {
        if (pubin)
            eckey = d2i_EC_PUBKEY_bio(in, NULL);
        else
            eckey = d2i_ECPrivateKey_bio(in, NULL);
-		} 
-	else if (informat == FORMAT_PEM) 
-		{
+    } else if (informat == FORMAT_PEM) {
        if (pubin)
-			eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, 
-				NULL);
+            eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
        else
-			eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL,
-				passin);
-		} 
-	else
-		{
+            eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, passin);
+    } else {
        BIO_printf(bio_err, "bad input format specified for key\n");
        goto end;
    }
-	if (eckey == NULL)
-		{
-		BIO_printf(bio_err,"unable to load Key\n");
+    if (eckey == NULL) {
+        BIO_printf(bio_err, "unable to load Key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
+    if (outfile == NULL) {
        BIO_set_fp(out, stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out, outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
@ -336,31 +305,26 @@ bad:
        EC_KEY_set_asn1_flag(eckey, asn1_flag);

    if (text)
-		if (!EC_KEY_print(out, eckey, 0))
-			{
+        if (!EC_KEY_print(out, eckey, 0)) {
            perror(outfile);
            ERR_print_errors(bio_err);
            goto end;
        }

-	if (noout) 
-		{
+    if (noout) {
        ret = 0;
        goto end;
    }

    BIO_printf(bio_err, "writing EC key\n");
-	if (outformat == FORMAT_ASN1) 
-		{
+    if (outformat == FORMAT_ASN1) {
        if (param_out)
            i = i2d_ECPKParameters_bio(out, group);
        else if (pubin || pubout)
            i = i2d_EC_PUBKEY_bio(out, eckey);
        else
            i = i2d_ECPrivateKey_bio(out, eckey);
-		} 
-	else if (outformat == FORMAT_PEM) 
-		{
+    } else if (outformat == FORMAT_PEM) {
        if (param_out)
            i = PEM_write_bio_ECPKParameters(out, group);
        else if (pubin || pubout)
@ -368,22 +332,17 @@ bad:
        else
            i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
                                           NULL, 0, NULL, passout);
-		} 
-	else 
-		{
-		BIO_printf(bio_err, "bad output format specified for "
-			"outfile\n");
+    } else {
+        BIO_printf(bio_err, "bad output format specified for " "outfile\n");
        goto end;
    }

-	if (!i)
-		{
+    if (!i) {
        BIO_printf(bio_err, "unable to write private key\n");
        ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
+    } else
+        ret = 0;
+ end:
    if (in)
        BIO_free(in);
    if (out)
@ -400,7 +359,7 @@ end:
 #else                           /* !OPENSSL_NO_EC */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@ -71,23 +71,24 @@

 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_EC
-#include <assert.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <assert.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/ec.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#undef PROG
-#define PROG	ecparam_main
+# undef PROG
+# define PROG    ecparam_main

-/* -inform arg      - input format - default PEM (DER or PEM)
+/*-
+ * -inform arg      - input format - default PEM (DER or PEM)
 * -outform arg     - output format - default PEM
 * -in  arg         - input file  - default stdin
 * -out arg         - output file - default stdout
@ -111,13 +112,13 @@
 * -engine e        - use engine e, possibly a hardware device
 */

-
-static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *);
+static int ecparam_print_var(BIO *, BIGNUM *, const char *, int,
+                             unsigned char *);

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    EC_GROUP *group = NULL;
    point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
    int new_form = 0;
@ -138,56 +139,48 @@ int MAIN(int argc, char **argv)
    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-text") == 0)
            text = 1;
-		else if (strcmp(*argv,"-C") == 0)
+        else if (strcmp(*argv, "-C") == 0)
            C = 1;
-		else if (strcmp(*argv,"-check") == 0)
+        else if (strcmp(*argv, "-check") == 0)
            check = 1;
-		else if (strcmp (*argv, "-name") == 0)
-			{
+        else if (strcmp(*argv, "-name") == 0) {
            if (--argc < 1)
                goto bad;
            curve_name = *(++argv);
-			}
-		else if (strcmp(*argv, "-list_curves") == 0)
+        } else if (strcmp(*argv, "-list_curves") == 0)
            list_curves = 1;
-		else if (strcmp(*argv, "-conv_form") == 0)
-			{
+        else if (strcmp(*argv, "-conv_form") == 0) {
            if (--argc < 1)
                goto bad;
            ++argv;
@ -200,9 +193,7 @@ int MAIN(int argc, char **argv)
                form = POINT_CONVERSION_HYBRID;
            else
                goto bad;
-			}
-		else if (strcmp(*argv, "-param_enc") == 0)
-			{
+        } else if (strcmp(*argv, "-param_enc") == 0) {
            if (--argc < 1)
                goto bad;
            ++argv;
@ -213,41 +204,34 @@ int MAIN(int argc, char **argv)
                asn1_flag = 0;
            else
                goto bad;
-			}
-		else if (strcmp(*argv, "-no_seed") == 0)
+        } else if (strcmp(*argv, "-no_seed") == 0)
            no_seed = 1;
        else if (strcmp(*argv, "-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			{
-			genkey=1;
-			need_rand=1;
-			}
-		else if (strcmp(*argv, "-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			need_rand=1;
-			}
-		else if(strcmp(*argv, "-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
+            noout = 1;
+        else if (strcmp(*argv, "-genkey") == 0) {
+            genkey = 1;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+            need_rand = 1;
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
            engine = *(++argv);
-			}	
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
        BIO_printf(bio_err, "where options are\n");
        BIO_printf(bio_err, " -inform arg       input format - "
                   "default PEM (DER or PEM)\n");
@ -286,10 +270,8 @@ bad:
        BIO_printf(bio_err, "                                   "
                   " explicit\n");
        BIO_printf(bio_err, " -no_seed          if 'explicit'"
-				" parameters are chosen do not"
-				" use the seed\n");
-		BIO_printf(bio_err, " -genkey           generate ec"
-				" key\n");
+                   " parameters are chosen do not" " use the seed\n");
+        BIO_printf(bio_err, " -genkey           generate ec" " key\n");
        BIO_printf(bio_err, " -rand file        files to use for"
                   " random number input\n");
        BIO_printf(bio_err, " -engine e         use engine e, "
@ -299,49 +281,41 @@ bad:

    ERR_load_crypto_strings();

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }
-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if (list_curves)
-		{
+    if (list_curves) {
        EC_builtin_curve *curves = NULL;
        size_t crv_len = 0;
        size_t n = 0;
@ -353,15 +327,12 @@ bad:
        if (curves == NULL)
            goto end;

-		if (!EC_get_builtin_curves(curves, crv_len))
-			{
+        if (!EC_get_builtin_curves(curves, crv_len)) {
            OPENSSL_free(curves);
            goto end;
        }

-		
-		for (n = 0; n < crv_len; n++)
-			{
+        for (n = 0; n < crv_len; n++) {
            const char *comment;
            const char *sname;
            comment = curves[n].comment;
@ -380,64 +351,48 @@ bad:
        goto end;
    }

-	if (curve_name != NULL)
-		{
+    if (curve_name != NULL) {
        int nid;

-		/* workaround for the SECG curve names secp192r1
-		 * and secp256r1 (which are the same as the curves
-		 * prime192v1 and prime256v1 defined in X9.62)
+        /*
+         * workaround for the SECG curve names secp192r1 and secp256r1 (which
+         * are the same as the curves prime192v1 and prime256v1 defined in
+         * X9.62)
         */
-		if (!strcmp(curve_name, "secp192r1"))
-			{
+        if (!strcmp(curve_name, "secp192r1")) {
            BIO_printf(bio_err, "using curve name prime192v1 "
                       "instead of secp192r1\n");
            nid = NID_X9_62_prime192v1;
-			}
-		else if (!strcmp(curve_name, "secp256r1"))
-			{
+        } else if (!strcmp(curve_name, "secp256r1")) {
            BIO_printf(bio_err, "using curve name prime256v1 "
                       "instead of secp256r1\n");
            nid = NID_X9_62_prime256v1;
-			}
-		else
+        } else
            nid = OBJ_sn2nid(curve_name);

-		if (nid == 0)
-			{
-			BIO_printf(bio_err, "unknown curve name (%s)\n", 
-				curve_name);
+        if (nid == 0) {
+            BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
            goto end;
        }

        group = EC_GROUP_new_by_curve_name(nid);
-		if (group == NULL)
-			{
-			BIO_printf(bio_err, "unable to create curve (%s)\n", 
-				curve_name);
+        if (group == NULL) {
+            BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
            goto end;
        }
        EC_GROUP_set_asn1_flag(group, asn1_flag);
        EC_GROUP_set_point_conversion_form(group, form);
-		}
-	else if (informat == FORMAT_ASN1)
-		{
+    } else if (informat == FORMAT_ASN1) {
        group = d2i_ECPKParameters_bio(in, NULL);
-		}
-	else if (informat == FORMAT_PEM)
-		{
-		group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL);
-		}
-	else
-		{
+    } else if (informat == FORMAT_PEM) {
+        group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
+    } else {
        BIO_printf(bio_err, "bad input format specified\n");
        goto end;
    }

-	if (group == NULL)
-		{
-		BIO_printf(bio_err, 
-			"unable to load elliptic curve parameters\n");
+    if (group == NULL) {
+        BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
        ERR_print_errors(bio_err);
        goto end;
    }
@ -448,34 +403,27 @@ bad:
    if (new_asn1_flag)
        EC_GROUP_set_asn1_flag(group, asn1_flag);

-	if (no_seed)
-		{
+    if (no_seed) {
        EC_GROUP_set_seed(group, NULL, 0);
    }

-	if (text)
-		{
+    if (text) {
        if (!ECPKParameters_print(out, group, 0))
            goto end;
    }

-	if (check)
-		{
-		if (group == NULL)
-			BIO_printf(bio_err, "no elliptic curve parameters\n");
+    if (check) {
        BIO_printf(bio_err, "checking elliptic curve parameters: ");
-		if (!EC_GROUP_check(group, NULL))
-			{
+        if (!EC_GROUP_check(group, NULL)) {
            BIO_printf(bio_err, "failed\n");
            ERR_print_errors(bio_err);
+            goto end;
        }
-		else
        BIO_printf(bio_err, "ok\n");

    }

-	if (C)
-		{
+    if (C) {
        size_t buf_len = 0, tmp_len = 0;
        const EC_POINT *point;
        int is_prime, len = 0;
@ -484,23 +432,17 @@ bad:
        if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL ||
            (ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL ||
            (ec_order = BN_new()) == NULL ||
-		    (ec_cofactor = BN_new()) == NULL )
-			{
+            (ec_cofactor = BN_new()) == NULL) {
            perror("OPENSSL_malloc");
            goto end;
        }

-		is_prime = (EC_METHOD_get_field_type(meth) == 
-			NID_X9_62_prime_field);
+        is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field);

-		if (is_prime)
-			{
-			if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a,
-				ec_b, NULL))
+        if (is_prime) {
+            if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a, ec_b, NULL))
                goto end;
-			}
-		else
-			{
+        } else {
            /* TODO */
            goto end;
        }
@ -508,16 +450,15 @@ bad:
        if ((point = EC_GROUP_get0_generator(group)) == NULL)
            goto end;
        if (!EC_POINT_point2bn(group, point,
-			EC_GROUP_get_point_conversion_form(group), ec_gen, 
-			NULL))
+                               EC_GROUP_get_point_conversion_form(group),
+                               ec_gen, NULL))
            goto end;
        if (!EC_GROUP_get_order(group, ec_order, NULL))
            goto end;
        if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
            goto end;

-		if (!ec_p || !ec_a || !ec_b || !ec_gen || 
-			!ec_order || !ec_cofactor)
+        if (!ec_p || !ec_a || !ec_b || !ec_gen || !ec_order || !ec_cofactor)
            goto end;

        len = BN_num_bits(ec_order);
@ -537,8 +478,7 @@ bad:

        buffer = (unsigned char *)OPENSSL_malloc(buf_len);

-		if (buffer == NULL)
-			{
+        if (buffer == NULL) {
            perror("OPENSSL_malloc");
            goto end;
        }
@ -548,8 +488,7 @@ bad:
        ecparam_print_var(out, ec_b, "ec_b", len, buffer);
        ecparam_print_var(out, ec_gen, "ec_gen", len, buffer);
        ecparam_print_var(out, ec_order, "ec_order", len, buffer);
-		ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, 
-			buffer);
+        ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, buffer);

        BIO_printf(out, "\n\n");

@ -568,14 +507,11 @@ bad:
        BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, "
                   "sizeof(ec_b_%d), NULL)) == NULL)\n\t\t"
                   "goto err;\n", len, len);
-		if (is_prime)
-			{
+        if (is_prime) {
            BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_"
                       "GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)"
                       "\n\t\tgoto err;\n\n");
-			}
-		else
-			{
+        } else {
            /* TODO */
            goto end;
        }
@ -608,20 +544,17 @@ bad:
        BIO_printf(out, "\treturn(group);\n\t}\n");
    }

-	if (!noout)
-		{
+    if (!noout) {
        if (outformat == FORMAT_ASN1)
            i = i2d_ECPKParameters_bio(out, group);
        else if (outformat == FORMAT_PEM)
            i = PEM_write_bio_ECPKParameters(out, group);
-		else	
-			{
-			BIO_printf(bio_err,"bad output format specified for"
+        else {
+            BIO_printf(bio_err, "bad output format specified for"
                       " outfile\n");
            goto end;
        }
-		if (!i)
-			{
+        if (!i) {
            BIO_printf(bio_err, "unable to write elliptic "
                       "curve parameters\n");
            ERR_print_errors(bio_err);
@ -629,16 +562,14 @@ bad:
        }
    }

-	if (need_rand)
-		{
+    if (need_rand) {
        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
        if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                       app_RAND_load_files(inrand));
    }

-	if (genkey)
-		{
+    if (genkey) {
        EC_KEY *eckey = EC_KEY_new();

        if (eckey == NULL)
@ -649,8 +580,7 @@ bad:
        if (EC_KEY_set_group(eckey, group) == 0)
            goto end;

-		if (!EC_KEY_generate_key(eckey))
-			{
+        if (!EC_KEY_generate_key(eckey)) {
            EC_KEY_free(eckey);
            goto end;
        }
@ -659,8 +589,7 @@ bad:
        else if (outformat == FORMAT_PEM)
            i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
                                           NULL, 0, NULL, NULL);
-		else	
-			{
+        else {
            BIO_printf(bio_err, "bad output format specified "
                       "for outfile\n");
            EC_KEY_free(eckey);
@ -672,8 +601,8 @@ bad:
    if (need_rand)
        app_RAND_write_file(NULL, bio_err);

-	ret=0;
-end:
+    ret = 0;
+ end:
    if (ec_p)
        BN_free(ec_p);
    if (ec_a)
@ -700,32 +629,30 @@ end:

 static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
                             int len, unsigned char *buffer)
-	{
+{
    BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
    if (BN_is_zero(in))
        BIO_printf(out, "\n\t0x00");
-	else 
-		{
+    else {
        int i, l;

        l = BN_bn2bin(in, buffer);
-		for (i=0; i<l-1; i++)
-			{
-			if ((i%12) == 0) 
+        for (i = 0; i < l - 1; i++) {
+            if ((i % 12) == 0)
                BIO_printf(out, "\n\t");
            BIO_printf(out, "0x%02X,", buffer[i]);
        }
-		if ((i%12) == 0) 
+        if ((i % 12) == 0)
            BIO_printf(out, "\n\t");
        BIO_printf(out, "0x%02X", buffer[i]);
    }
    BIO_printf(out, "\n\t};\n\n");
    return 1;
-	}
+}
 #else                           /* !OPENSSL_NO_EC */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/enc.c
+++ b/apps/enc.c
--- a/apps/engine.c
+++ b/apps/engine.c
@ -1,6 +1,7 @@
-/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
+/* apps/engine.c */
+/*
+ * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
+ * 2000.
 */
 /* ====================================================================
 * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
@ -56,53 +57,49 @@
 *
 */

-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
+# define APPS_WIN16
 #endif
 #include "apps.h"
 #include <openssl/err.h>
 #ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#include <openssl/ssl.h>
+# include <openssl/engine.h>
+# include <openssl/ssl.h>

-#undef PROG
-#define PROG	engine_main
+# undef PROG
+# define PROG    engine_main

-static const char *engine_usage[]={
-"usage: engine opts [engine ...]\n",
-" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
-"               -vv will additionally display each command's description\n",
-"               -vvv will also add the input flags for each command\n",
-"               -vvvv will also show internal input flags\n",
-" -c          - for each engine, also list the capabilities\n",
-" -t[t]       - for each engine, check that they are really available\n",
-"               -tt will display error trace for unavailable engines\n",
-" -pre <cmd>  - runs command 'cmd' against the ENGINE before any attempts\n",
-"               to load it (if -t is used)\n",
-" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
-"               (only used if -t is also provided)\n",
-" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
-" line, or all supported ENGINEs if none are specified.\n",
-" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
-" argument \"/lib/libdriver.so\".\n",
-NULL
+static const char *engine_usage[] = {
+    "usage: engine opts [engine ...]\n",
+    " -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
+    "               -vv will additionally display each command's description\n",
+    "               -vvv will also add the input flags for each command\n",
+    "               -vvvv will also show internal input flags\n",
+    " -c          - for each engine, also list the capabilities\n",
+    " -t[t]       - for each engine, check that they are really available\n",
+    "               -tt will display error trace for unavailable engines\n",
+    " -pre <cmd>  - runs command 'cmd' against the ENGINE before any attempts\n",
+    "               to load it (if -t is used)\n",
+    " -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
+    "               (only used if -t is also provided)\n",
+    " NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
+    " line, or all supported ENGINEs if none are specified.\n",
+    " Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
+    " argument \"/lib/libdriver.so\".\n",
+    NULL
 };

 static void identity(char *ptr)
-	{
+{
    return;
-	}
+}

 static int append_buf(char **buf, const char *s, int *size, int step)
-	{
-	int l = strlen(s);
-
-	if (*buf == NULL)
-		{
+{
+    if (*buf == NULL) {
        *size = step;
        *buf = OPENSSL_malloc(*size);
        if (*buf == NULL)
@ -110,11 +107,7 @@ static int append_buf(char **buf, const char *s, int *size, int step)
        **buf = '\0';
    }

-	if (**buf != '\0')
-		l += 2;		/* ", " */
-
-	if (strlen(*buf) + strlen(s) >= (unsigned int)*size)
-		{
+    if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
        *size += step;
        *buf = OPENSSL_realloc(*buf, *size);
    }
@ -127,48 +120,45 @@ static int append_buf(char **buf, const char *s, int *size, int step)
    BUF_strlcat(*buf, s, *size);

    return 1;
-	}
+}

 static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
-	{
+{
    int started = 0, err = 0;
    /* Indent before displaying input flags */
    BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
-	if(flags == 0)
-		{
+    if (flags == 0) {
        BIO_printf(bio_out, "<no flags>\n");
        return 1;
    }
-        /* If the object is internal, mark it in a way that shows instead of
-         * having it part of all the other flags, even if it really is. */
-	if(flags & ENGINE_CMD_FLAG_INTERNAL)
-		{
+    /*
+     * If the object is internal, mark it in a way that shows instead of
+     * having it part of all the other flags, even if it really is.
+     */
+    if (flags & ENGINE_CMD_FLAG_INTERNAL) {
        BIO_printf(bio_out, "[Internal] ");
    }

-	if(flags & ENGINE_CMD_FLAG_NUMERIC)
-		{
+    if (flags & ENGINE_CMD_FLAG_NUMERIC) {
        BIO_printf(bio_out, "NUMERIC");
        started = 1;
    }
-	/* Now we check that no combinations of the mutually exclusive NUMERIC,
+    /*
+     * Now we check that no combinations of the mutually exclusive NUMERIC,
     * STRING, and NO_INPUT flags have been used. Future flags that can be
     * OR'd together with these would need to added after these to preserve
-	 * the testing logic. */
-	if(flags & ENGINE_CMD_FLAG_STRING)
-		{
-		if(started)
-			{
+     * the testing logic.
+     */
+    if (flags & ENGINE_CMD_FLAG_STRING) {
+        if (started) {
            BIO_printf(bio_out, "|");
            err = 1;
        }
        BIO_printf(bio_out, "STRING");
        started = 1;
    }
-	if(flags & ENGINE_CMD_FLAG_NO_INPUT)
-		{
-		if(started)
-			{
+    if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
+        if (started) {
            BIO_printf(bio_out, "|");
            err = 1;
        }
@ -178,21 +168,21 @@ static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
    /* Check for unknown flags */
    flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
        ~ENGINE_CMD_FLAG_STRING &
-			~ENGINE_CMD_FLAG_NO_INPUT &
-			~ENGINE_CMD_FLAG_INTERNAL;
-	if(flags)
-		{
-		if(started) BIO_printf(bio_out, "|");
+        ~ENGINE_CMD_FLAG_NO_INPUT & ~ENGINE_CMD_FLAG_INTERNAL;
+    if (flags) {
+        if (started)
+            BIO_printf(bio_out, "|");
        BIO_printf(bio_out, "<0x%04X>", flags);
    }
-	if(err)
+    if (err)
        BIO_printf(bio_out, "  <illegal flags!>");
    BIO_printf(bio_out, "\n");
    return 1;
-	}
+}

-static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent)
-	{
+static int util_verbose(ENGINE *e, int verbose, BIO *bio_out,
+                        const char *indent)
+{
    static const int line_wrap = 78;
    int num;
    int ret = 0;
@ -201,349 +191,322 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
    int flags;
    int xpos = 0;
    STACK_OF(OPENSSL_STRING) *cmds = NULL;
-	if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
+    if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
        ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
-					0, NULL, NULL)) <= 0))
-		{
-#if 0
+                            0, NULL, NULL)) <= 0)) {
+# if 0
        BIO_printf(bio_out, "%s<no control commands>\n", indent);
-#endif
+# endif
        return 1;
    }

    cmds = sk_OPENSSL_STRING_new_null();

-	if(!cmds)
+    if (!cmds)
        goto err;
    do {
        int len;
        /* Get the command input flags */
-		if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
+        if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
                                 NULL, NULL)) < 0)
            goto err;
-                if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4)
-                        {
+        if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4) {
            /* Get the command name */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
+            if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
                                   NULL, NULL)) <= 0)
                goto err;
-                        if((name = OPENSSL_malloc(len + 1)) == NULL)
+            if ((name = OPENSSL_malloc(len + 1)) == NULL)
                goto err;
-                        if(ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
+            if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
                            NULL) <= 0)
                goto err;
            /* Get the command description */
-                        if((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
+            if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
                                   NULL, NULL)) < 0)
                goto err;
-                        if(len > 0)
-                                {
-                                if((desc = OPENSSL_malloc(len + 1)) == NULL)
+            if (len > 0) {
+                if ((desc = OPENSSL_malloc(len + 1)) == NULL)
                    goto err;
-                                if(ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
+                if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
                                NULL) <= 0)
                    goto err;
            }
            /* Now decide on the output */
-                        if(xpos == 0)
+            if (xpos == 0)
                /* Do an indent */
                xpos = BIO_puts(bio_out, indent);
            else
                /* Otherwise prepend a ", " */
                xpos += BIO_printf(bio_out, ", ");
-                        if(verbose == 1)
-                                {
-                                /* We're just listing names, comma-delimited */
-                                if((xpos > (int)strlen(indent)) &&
-					(xpos + (int)strlen(name) > line_wrap))
-                                        {
+            if (verbose == 1) {
+                /*
+                 * We're just listing names, comma-delimited
+                 */
+                if ((xpos > (int)strlen(indent)) &&
+                    (xpos + (int)strlen(name) > line_wrap)) {
                    BIO_printf(bio_out, "\n");
                    xpos = BIO_puts(bio_out, indent);
                }
                xpos += BIO_printf(bio_out, "%s", name);
-                                }
-                        else
-                                {
+            } else {
                /* We're listing names plus descriptions */
                BIO_printf(bio_out, "%s: %s\n", name,
                           (desc == NULL) ? "<no description>" : desc);
                /* ... and sometimes input flags */
-                                if((verbose >= 3) && !util_flags(bio_out, flags,
-                                        indent))
+                if ((verbose >= 3) && !util_flags(bio_out, flags, indent))
                    goto err;
                xpos = 0;
            }
        }
-		OPENSSL_free(name); name = NULL;
-		if(desc) { OPENSSL_free(desc); desc = NULL; }
+        OPENSSL_free(name);
+        name = NULL;
+        if (desc) {
+            OPENSSL_free(desc);
+            desc = NULL;
+        }
        /* Move to the next command */
-		num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE,
-					num, NULL, NULL);
-		} while(num > 0);
-	if(xpos > 0)
+        num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE, num, NULL, NULL);
+    } while (num > 0);
+    if (xpos > 0)
        BIO_printf(bio_out, "\n");
    ret = 1;
-err:
-	if(cmds) sk_OPENSSL_STRING_pop_free(cmds, identity);
-	if(name) OPENSSL_free(name);
-	if(desc) OPENSSL_free(desc);
+ err:
+    if (cmds)
+        sk_OPENSSL_STRING_pop_free(cmds, identity);
+    if (name)
+        OPENSSL_free(name);
+    if (desc)
+        OPENSSL_free(desc);
    return ret;
-	}
+}

 static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
                         BIO *bio_out, const char *indent)
-	{
+{
    int loop, res, num = sk_OPENSSL_STRING_num(cmds);

-	if(num < 0)
-		{
+    if (num < 0) {
        BIO_printf(bio_out, "[Error]: internal stack error\n");
        return;
    }
-	for(loop = 0; loop < num; loop++)
-		{
+    for (loop = 0; loop < num; loop++) {
        char buf[256];
        const char *cmd, *arg;
        cmd = sk_OPENSSL_STRING_value(cmds, loop);
        res = 1;                /* assume success */
        /* Check if this command has no ":arg" */
-		if((arg = strstr(cmd, ":")) == NULL)
-			{
-			if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
+        if ((arg = strstr(cmd, ":")) == NULL) {
+            if (!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
                res = 0;
-			}
-		else
-			{
-			if((int)(arg - cmd) > 254)
-				{
-				BIO_printf(bio_out,"[Error]: command name too long\n");
+        } else {
+            if ((int)(arg - cmd) > 254) {
+                BIO_printf(bio_out, "[Error]: command name too long\n");
                return;
            }
            memcpy(buf, cmd, (int)(arg - cmd));
-			buf[arg-cmd] = '\0';
+            buf[arg - cmd] = '\0';
            arg++;              /* Move past the ":" */
            /* Call the command with the argument */
-			if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
+            if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
                res = 0;
        }
-		if(res)
+        if (res)
            BIO_printf(bio_out, "[Success]: %s\n", cmd);
-		else
-			{
+        else {
            BIO_printf(bio_out, "[Failure]: %s\n", cmd);
            ERR_print_errors(bio_out);
        }
    }
-	}
+}

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	int ret=1,i;
+{
+    int ret = 1, i;
    const char **pp;
-	int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
+    int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
    ENGINE *e;
    STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
    STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
    STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
-	int badops=1;
-	BIO *bio_out=NULL;
+    int badops = 1;
+    BIO *bio_out = NULL;
    const char *indent = "     ";

    apps_startup();
    SSL_load_error_strings();

    if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;
-	bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
    {
        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
        bio_out = BIO_push(tmpbio, bio_out);
    }
-#endif
+# endif

    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if (strncmp(*argv,"-v",2) == 0)
-			{
-			if(strspn(*argv + 1, "v") < strlen(*argv + 1))
+    while (argc >= 1) {
+        if (strncmp(*argv, "-v", 2) == 0) {
+            if (strspn(*argv + 1, "v") < strlen(*argv + 1))
                goto skip_arg_loop;
-			if((verbose=strlen(*argv + 1)) > 4)
+            if ((verbose = strlen(*argv + 1)) > 4)
                goto skip_arg_loop;
-			}
-		else if (strcmp(*argv,"-c") == 0)
-			list_cap=1;
-		else if (strncmp(*argv,"-t",2) == 0)
-			{
-			test_avail=1;
-			if(strspn(*argv + 1, "t") < strlen(*argv + 1))
+        } else if (strcmp(*argv, "-c") == 0)
+            list_cap = 1;
+        else if (strncmp(*argv, "-t", 2) == 0) {
+            test_avail = 1;
+            if (strspn(*argv + 1, "t") < strlen(*argv + 1))
                goto skip_arg_loop;
-			if((test_avail_noise = strlen(*argv + 1) - 1) > 1)
+            if ((test_avail_noise = strlen(*argv + 1) - 1) > 1)
                goto skip_arg_loop;
-			}
-		else if (strcmp(*argv,"-pre") == 0)
-			{
-			argc--; argv++;
+        } else if (strcmp(*argv, "-pre") == 0) {
+            argc--;
+            argv++;
            if (argc == 0)
                goto skip_arg_loop;
-			sk_OPENSSL_STRING_push(pre_cmds,*argv);
-			}
-		else if (strcmp(*argv,"-post") == 0)
-			{
-			argc--; argv++;
+            sk_OPENSSL_STRING_push(pre_cmds, *argv);
+        } else if (strcmp(*argv, "-post") == 0) {
+            argc--;
+            argv++;
            if (argc == 0)
                goto skip_arg_loop;
-			sk_OPENSSL_STRING_push(post_cmds,*argv);
-			}
-		else if ((strncmp(*argv,"-h",2) == 0) ||
-				(strcmp(*argv,"-?") == 0))
+            sk_OPENSSL_STRING_push(post_cmds, *argv);
+        } else if ((strncmp(*argv, "-h", 2) == 0) ||
+                   (strcmp(*argv, "-?") == 0))
            goto skip_arg_loop;
        else
-			sk_OPENSSL_STRING_push(engines,*argv);
+            sk_OPENSSL_STRING_push(engines, *argv);
        argc--;
        argv++;
    }
    /* Looks like everything went OK */
    badops = 0;
-skip_arg_loop:
+ skip_arg_loop:

-	if (badops)
-		{
-		for (pp=engine_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
+    if (badops) {
+        for (pp = engine_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
        goto end;
    }

-	if (sk_OPENSSL_STRING_num(engines) == 0)
-		{
-		for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
-			{
-			sk_OPENSSL_STRING_push(engines,(char *)ENGINE_get_id(e));
+    if (sk_OPENSSL_STRING_num(engines) == 0) {
+        for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
+            sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
        }
    }

-	for (i=0; i<sk_OPENSSL_STRING_num(engines); i++)
-		{
-		const char *id = sk_OPENSSL_STRING_value(engines,i);
-		if ((e = ENGINE_by_id(id)) != NULL)
-			{
+    for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
+        const char *id = sk_OPENSSL_STRING_value(engines, i);
+        if ((e = ENGINE_by_id(id)) != NULL) {
            const char *name = ENGINE_get_name(e);
-			/* Do "id" first, then "name". Easier to auto-parse. */
+            /*
+             * Do "id" first, then "name". Easier to auto-parse.
+             */
            BIO_printf(bio_out, "(%s) %s\n", id, name);
            util_do_cmds(e, pre_cmds, bio_out, indent);
-			if (strcmp(ENGINE_get_id(e), id) != 0)
-				{
+            if (strcmp(ENGINE_get_id(e), id) != 0) {
                BIO_printf(bio_out, "Loaded: (%s) %s\n",
                           ENGINE_get_id(e), ENGINE_get_name(e));
            }
-			if (list_cap)
-				{
+            if (list_cap) {
                int cap_size = 256;
                char *cap_buf = NULL;
-				int k,n;
+                int k, n;
                const int *nids;
                ENGINE_CIPHERS_PTR fn_c;
                ENGINE_DIGESTS_PTR fn_d;
                ENGINE_PKEY_METHS_PTR fn_pk;

                if (ENGINE_get_RSA(e) != NULL
-					&& !append_buf(&cap_buf, "RSA",
-						&cap_size, 256))
+                    && !append_buf(&cap_buf, "RSA", &cap_size, 256))
                    goto end;
                if (ENGINE_get_DSA(e) != NULL
-					&& !append_buf(&cap_buf, "DSA",
-						&cap_size, 256))
+                    && !append_buf(&cap_buf, "DSA", &cap_size, 256))
                    goto end;
                if (ENGINE_get_DH(e) != NULL
-					&& !append_buf(&cap_buf, "DH",
-						&cap_size, 256))
+                    && !append_buf(&cap_buf, "DH", &cap_size, 256))
                    goto end;
                if (ENGINE_get_RAND(e) != NULL
-					&& !append_buf(&cap_buf, "RAND",
-						&cap_size, 256))
+                    && !append_buf(&cap_buf, "RAND", &cap_size, 256))
                    goto end;

                fn_c = ENGINE_get_ciphers(e);
-				if(!fn_c) goto skip_ciphers;
+                if (!fn_c)
+                    goto skip_ciphers;
                n = fn_c(e, NULL, &nids, 0);
-				for(k=0 ; k < n ; ++k)
-					if(!append_buf(&cap_buf,
-						       OBJ_nid2sn(nids[k]),
-						       &cap_size, 256))
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
                        goto end;

-skip_ciphers:
+ skip_ciphers:
                fn_d = ENGINE_get_digests(e);
-				if(!fn_d) goto skip_digests;
+                if (!fn_d)
+                    goto skip_digests;
                n = fn_d(e, NULL, &nids, 0);
-				for(k=0 ; k < n ; ++k)
-					if(!append_buf(&cap_buf,
-						       OBJ_nid2sn(nids[k]),
-						       &cap_size, 256))
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
                        goto end;

-skip_digests:
+ skip_digests:
                fn_pk = ENGINE_get_pkey_meths(e);
-				if(!fn_pk) goto skip_pmeths;
+                if (!fn_pk)
+                    goto skip_pmeths;
                n = fn_pk(e, NULL, &nids, 0);
-				for(k=0 ; k < n ; ++k)
-					if(!append_buf(&cap_buf,
-						       OBJ_nid2sn(nids[k]),
-						       &cap_size, 256))
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
                        goto end;
-skip_pmeths:
+ skip_pmeths:
                if (cap_buf && (*cap_buf != '\0'))
                    BIO_printf(bio_out, " [%s]\n", cap_buf);

                OPENSSL_free(cap_buf);
            }
-			if(test_avail)
-				{
+            if (test_avail) {
                BIO_printf(bio_out, "%s", indent);
-				if (ENGINE_init(e))
-					{
+                if (ENGINE_init(e)) {
                    BIO_printf(bio_out, "[ available ]\n");
                    util_do_cmds(e, post_cmds, bio_out, indent);
                    ENGINE_finish(e);
-					}
-				else
-					{
+                } else {
                    BIO_printf(bio_out, "[ unavailable ]\n");
-					if(test_avail_noise)
+                    if (test_avail_noise)
                        ERR_print_errors_fp(stdout);
                    ERR_clear_error();
                }
            }
-			if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
+            if ((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
                goto end;
            ENGINE_free(e);
-			}
-		else
+        } else
            ERR_print_errors(bio_err);
    }

-	ret=0;
-end:
+    ret = 0;
+ end:

    ERR_print_errors(bio_err);
    sk_OPENSSL_STRING_pop_free(engines, identity);
    sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
    sk_OPENSSL_STRING_pop_free(post_cmds, identity);
-	if (bio_out != NULL) BIO_free_all(bio_out);
+    if (bio_out != NULL)
+        BIO_free_all(bio_out);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
 #else

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/errstr.c
+++ b/apps/errstr.c
@ -71,58 +71,51 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
+{
+    int i, ret = 0;
    char buf[256];
    unsigned long l;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    SSL_load_error_strings();

-	if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
-		{
-		BIO *out=NULL;
+    if ((argc > 1) && (strcmp(argv[1], "-stats") == 0)) {
+        BIO *out = NULL;

-		out=BIO_new(BIO_s_file());
-		if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
-			{
+        out = BIO_new(BIO_s_file());
+        if ((out != NULL) && BIO_set_fp(out, stdout, BIO_NOCLOSE)) {
 #ifdef OPENSSL_SYS_VMS
            {
                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
                out = BIO_push(tmpbio, out);
            }
 #endif
-			lh_ERR_STRING_DATA_node_stats_bio(
-						  ERR_get_string_table(), out);
-			lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(),
+            lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(), out);
+            lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), out);
+            lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(),
                                                    out);
-			lh_ERR_STRING_DATA_node_usage_stats_bio(
-						    ERR_get_string_table(),out);
        }
-		if (out != NULL) BIO_free_all(out);
+        if (out != NULL)
+            BIO_free_all(out);
        argc--;
        argv++;
    }

-	for (i=1; i<argc; i++)
-		{
-		if (sscanf(argv[i],"%lx",&l))
-			{
+    for (i = 1; i < argc; i++) {
+        if (sscanf(argv[i], "%lx", &l)) {
            ERR_error_string_n(l, buf, sizeof buf);
-			printf("%s\n",buf);
-			}
-		else
-			{
-			printf("%s: bad error code\n",argv[i]);
+            printf("%s\n", buf);
+        } else {
+            printf("%s: bad error code\n", argv[i]);
            printf("usage: errstr [-stats] <errno> ...\n");
            ret++;
        }
    }
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
--- a/apps/gendh.c
+++ b/apps/gendh.c
@ -58,184 +58,191 @@
 */

 #include <openssl/opensslconf.h>
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
 #ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
 #endif

 #ifndef OPENSSL_NO_DH
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#define DEFBITS	512
-#undef PROG
-#define PROG gendh_main
+# define DEFBITS 2048
+# undef PROG
+# define PROG gendh_main

 static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    BN_GENCB cb;
-	DH *dh=NULL;
-	int ret=1,num=DEFBITS;
-	int g=2;
-	char *outfile=NULL;
-	char *inrand=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	BIO *out=NULL;
+    DH *dh = NULL;
+    int ret = 1, num = DEFBITS;
+    int g = 2;
+    char *outfile = NULL;
+    char *inrand = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    BIO *out = NULL;

    apps_startup();

    BN_GENCB_set(&cb, dh_cb, bio_err);
    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

    argv++;
    argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-2") == 0)
-			g=2;
-	/*	else if (strcmp(*argv,"-3") == 0)
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-2") == 0)
+            g = 2;
+/*-     else if (strcmp(*argv,"-3") == 0)
                g=3; */
-		else if (strcmp(*argv,"-5") == 0)
-			g=5;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
+        else if (strcmp(*argv, "-5") == 0)
+            g = 5;
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else
            break;
        argv++;
        argc--;
    }
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
-		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2        - use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3        - use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5        - use 5 as the generator value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
+    if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
+ bad:
+        BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
+        BIO_printf(bio_err, " -out file - output the key to 'file\n");
+        BIO_printf(bio_err, " -2        - use 2 as the generator value\n");
+        /*
+         * BIO_printf(bio_err," -3 - use 3 as the generator value\n");
+         */
+        BIO_printf(bio_err, " -5        - use 5 as the generator value\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e - use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "           - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "             the random number generator\n");
        goto end;
    }
-		
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	out=BIO_new(BIO_s_file());
-	if (out == NULL)
-		{
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
    }
    if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                   app_RAND_load_files(inrand));

-	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-	BIO_printf(bio_err,"This is going to take a long time\n");
+    BIO_printf(bio_err,
+               "Generating DH parameters, %d bit long safe prime, generator %d\n",
+               num, g);
+    BIO_printf(bio_err, "This is going to take a long time\n");

-	if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
+    if (((dh = DH_new()) == NULL)
+        || !DH_generate_parameters_ex(dh, num, g, &cb))
        goto end;

    app_RAND_write_file(NULL, bio_err);

-	if (!PEM_write_bio_DHparams(out,dh))
+    if (!PEM_write_bio_DHparams(out, dh))
        goto end;
-	ret=0;
-end:
+    ret = 0;
+ end:
    if (ret != 0)
        ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free_all(out);
-	if (dh != NULL) DH_free(dh);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
+{
+    char c = '*';

-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
    (void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
+# ifdef LINT
+    p = n;
+# endif
    return 1;
-	}
+}
 #else                           /* !OPENSSL_NO_DH */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@ -58,228 +58,230 @@

 #include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
 #ifndef OPENSSL_NO_DSA
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>

-#define DEFBITS	512
-#undef PROG
-#define PROG gendsa_main
+# define DEFBITS 512
+# undef PROG
+# define PROG gendsa_main

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	DSA *dsa=NULL;
-	int ret=1;
-	char *outfile=NULL;
-	char *inrand=NULL,*dsaparams=NULL;
+{
+    DSA *dsa = NULL;
+    int ret = 1;
+    char *outfile = NULL;
+    char *inrand = NULL, *dsaparams = NULL;
    char *passargout = NULL, *passout = NULL;
-	BIO *out=NULL,*in=NULL;
-	const EVP_CIPHER *enc=NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
+    BIO *out = NULL, *in = NULL;
+    const EVP_CIPHER *enc = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

    argv++;
    argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-		else if (strcmp(*argv,"-") == 0)
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
                goto bad;
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv,"-seed") == 0)
-			enc=EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (strcmp(*argv,"-camellia128") == 0)
-			enc=EVP_camellia_128_cbc();
-		else if (strcmp(*argv,"-camellia192") == 0)
-			enc=EVP_camellia_192_cbc();
-		else if (strcmp(*argv,"-camellia256") == 0)
-			enc=EVP_camellia_256_cbc();
-#endif
-		else if (**argv != '-' && dsaparams == NULL)
-			{
-			dsaparams = *argv;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
        }
-		else
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else if (strcmp(*argv, "-") == 0)
+            goto bad;
+# ifndef OPENSSL_NO_DES
+        else if (strcmp(*argv, "-des") == 0)
+            enc = EVP_des_cbc();
+        else if (strcmp(*argv, "-des3") == 0)
+            enc = EVP_des_ede3_cbc();
+# endif
+# ifndef OPENSSL_NO_IDEA
+        else if (strcmp(*argv, "-idea") == 0)
+            enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+        else if (strcmp(*argv, "-seed") == 0)
+            enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+        else if (strcmp(*argv, "-aes128") == 0)
+            enc = EVP_aes_128_cbc();
+        else if (strcmp(*argv, "-aes192") == 0)
+            enc = EVP_aes_192_cbc();
+        else if (strcmp(*argv, "-aes256") == 0)
+            enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        else if (strcmp(*argv, "-camellia128") == 0)
+            enc = EVP_camellia_128_cbc();
+        else if (strcmp(*argv, "-camellia192") == 0)
+            enc = EVP_camellia_192_cbc();
+        else if (strcmp(*argv, "-camellia256") == 0)
+            enc = EVP_camellia_256_cbc();
+# endif
+        else if (**argv != '-' && dsaparams == NULL) {
+            dsaparams = *argv;
+        } else
            goto bad;
        argv++;
        argc--;
    }

-	if (dsaparams == NULL)
-		{
-bad:
-		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-		BIO_printf(bio_err," -out file - output the key to 'file'\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," dsaparam-file\n");
-		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
+    if (dsaparams == NULL) {
+ bad:
+        BIO_printf(bio_err, "usage: gendsa [args] dsaparam-file\n");
+        BIO_printf(bio_err, " -out file - output the key to 'file'\n");
+# ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err,
+                   " -des      - encrypt the generated key with DES in cbc mode\n");
+        BIO_printf(bio_err,
+                   " -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+# endif
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea     - encrypt the generated key with IDEA in cbc mode\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, " -seed\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e - use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "           - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "             the random number generator\n");
+        BIO_printf(bio_err, " dsaparam-file\n");
+        BIO_printf(bio_err,
+                   "           - a DSA parameter file as generated by the dsaparam command\n");
        goto end;
    }
-
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
+    if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }

-
-	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,dsaparams)))
-		{
+    in = BIO_new(BIO_s_file());
+    if (!(BIO_read_filename(in, dsaparams))) {
        perror(dsaparams);
        goto end;
    }

-	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
-		{
-		BIO_printf(bio_err,"unable to load DSA parameter file\n");
+    if ((dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
+        BIO_printf(bio_err, "unable to load DSA parameter file\n");
        goto end;
    }
    BIO_free(in);
    in = NULL;

-	out=BIO_new(BIO_s_file());
-	if (out == NULL) goto end;
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        goto end;

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
    }
    if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                   app_RAND_load_files(inrand));

-	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-							BN_num_bits(dsa->p));
-	if (!DSA_generate_key(dsa)) goto end;
+    BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(dsa->p));
+    if (!DSA_generate_key(dsa))
+        goto end;

    app_RAND_write_file(NULL, bio_err);

-	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
+    if (!PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout))
        goto end;
-	ret=0;
-end:
+    ret = 0;
+ end:
    if (ret != 0)
        ERR_print_errors(bio_err);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
-	if (dsa != NULL) DSA_free(dsa);
-	if(passout) OPENSSL_free(passout);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    if (passout)
+        OPENSSL_free(passout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
 #else                           /* !OPENSSL_NO_DSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@ -1,6 +1,7 @@
 /* apps/genpkey.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
 */
 /* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
@ -62,7 +63,7 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
+# include <openssl/engine.h>
 #endif

 static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
@ -74,7 +75,7 @@ static int genpkey_cb(EVP_PKEY_CTX *ctx);
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
    char **args, *outfile = NULL;
    char *passarg = NULL;
@ -82,7 +83,7 @@ int MAIN(int argc, char **argv)
    const EVP_CIPHER *cipher = NULL;
    int outformat;
    int text = 0;
-	EVP_PKEY *pkey=NULL;
+    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *ctx = NULL;
    char *pass = NULL;
    int badarg = 0;
@ -91,42 +92,36 @@ int MAIN(int argc, char **argv)
    int do_param = 0;

    if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;

-	outformat=FORMAT_PEM;
+    outformat = FORMAT_PEM;

    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
                args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-pass"))
-			{
-			if (!args[1]) goto bad;
-			passarg= *(++args);
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-pass")) {
+            if (!args[1])
+                goto bad;
+            passarg = *(++args);
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
+        else if (strcmp(*args, "-engine") == 0) {
            if (!args[1])
                goto bad;
            e = setup_engine(bio_err, *(++args), 0);
        }
 #endif
-		else if (!strcmp (*args, "-paramfile"))
-			{
+        else if (!strcmp(*args, "-paramfile")) {
            if (!args[1])
                goto bad;
            args++;
@ -134,54 +129,38 @@ int MAIN(int argc, char **argv)
                goto bad;
            if (!init_keygen_file(bio_err, &ctx, *args, e))
                goto end;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
                args++;
                outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (strcmp(*args,"-algorithm") == 0)
-			{
+            } else
+                badarg = 1;
+        } else if (strcmp(*args, "-algorithm") == 0) {
            if (!args[1])
                goto bad;
-			if (!init_gen_str(bio_err, &ctx, *(++args),e, do_param))
+            if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param))
                goto end;
-			}
-		else if (strcmp(*args,"-pkeyopt") == 0)
-			{
+        } else if (strcmp(*args, "-pkeyopt") == 0) {
            if (!args[1])
                goto bad;
-			if (!ctx)
-				{
+            if (!ctx) {
                BIO_puts(bio_err, "No keytype specified\n");
                goto bad;
-				}
-			else if (pkey_ctrl_string(ctx, *(++args)) <= 0)
-				{
+            } else if (pkey_ctrl_string(ctx, *(++args)) <= 0) {
                BIO_puts(bio_err, "parameter setting error\n");
                ERR_print_errors(bio_err);
                goto end;
            }
-			}
-		else if (strcmp(*args,"-genparam") == 0)
-			{
+        } else if (strcmp(*args, "-genparam") == 0) {
            if (ctx)
                goto bad;
            do_param = 1;
-			}
-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else
-			{
+        } else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else {
            cipher = EVP_get_cipherbyname(*args + 1);
-			if (!cipher)
-				{
-				BIO_printf(bio_err, "Unknown cipher %s\n",
-								*args + 1);
+            if (!cipher) {
+                BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
                badarg = 1;
            }
            if (do_param == 1)
@ -193,46 +172,46 @@ int MAIN(int argc, char **argv)
    if (!ctx)
        badarg = 1;

-	if (badarg)
-		{
+    if (badarg) {
 bad:
        BIO_printf(bio_err, "Usage: genpkey [options]\n");
        BIO_printf(bio_err, "where options may be\n");
        BIO_printf(bio_err, "-out file          output file\n");
-		BIO_printf(bio_err, "-outform X         output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-pass arg          output file pass phrase source\n");
-		BIO_printf(bio_err, "-<cipher>          use cipher <cipher> to encrypt the key\n");
+        BIO_printf(bio_err,
+                   "-outform X         output format (DER or PEM)\n");
+        BIO_printf(bio_err,
+                   "-pass arg          output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-<cipher>          use cipher <cipher> to encrypt the key\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e          use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e          use engine e, possibly a hardware device.\n");
 #endif
        BIO_printf(bio_err, "-paramfile file    parameters file\n");
        BIO_printf(bio_err, "-algorithm alg     the public key algorithm\n");
-		BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n"
+        BIO_printf(bio_err,
+                   "-pkeyopt opt:value set the public key algorithm option <opt>\n"
                   "                   to value <value>\n");
-		BIO_printf(bio_err, "-genparam          generate parameters, not key\n");
+        BIO_printf(bio_err,
+                   "-genparam          generate parameters, not key\n");
        BIO_printf(bio_err, "-text              print the in text\n");
-		BIO_printf(bio_err, "NB: options order may be important!  See the manual page.\n");
+        BIO_printf(bio_err,
+                   "NB: options order may be important!  See the manual page.\n");
        goto end;
    }

-	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
-		{
+    if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
        BIO_puts(bio_err, "Error getting password\n");
        goto end;
    }

-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -244,19 +223,14 @@ int MAIN(int argc, char **argv)
    EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
    EVP_PKEY_CTX_set_app_data(ctx, bio_err);

-	if (do_param)
-		{
-		if (EVP_PKEY_paramgen(ctx, &pkey) <= 0)
-			{
+    if (do_param) {
+        if (EVP_PKEY_paramgen(ctx, &pkey) <= 0) {
            BIO_puts(bio_err, "Error generating parameters\n");
            ERR_print_errors(bio_err);
            goto end;
        }
-		}
-	else
-		{
-		if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
-			{
+    } else {
+        if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
            BIO_puts(bio_err, "Error generating key\n");
            ERR_print_errors(bio_err);
            goto end;
@ -266,31 +240,26 @@ int MAIN(int argc, char **argv)
    if (do_param)
        rv = PEM_write_bio_Parameters(out, pkey);
    else if (outformat == FORMAT_PEM)
-		rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0,
-								NULL, pass);
+        rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass);
    else if (outformat == FORMAT_ASN1)
        rv = i2d_PrivateKey_bio(out, pkey);
-	else
-		{
+    else {
        BIO_printf(bio_err, "Bad format specified for key\n");
        goto end;
    }

-	if (rv <= 0)
-		{
+    if (rv <= 0) {
        BIO_puts(bio_err, "Error writing key\n");
        ERR_print_errors(bio_err);
    }

-	if (text)
-		{
+    if (text) {
        if (do_param)
            rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
        else
            rv = EVP_PKEY_print_private(out, pkey, 0, NULL);

-		if (rv <= 0)
-			{
+        if (rv <= 0) {
            BIO_puts(bio_err, "Error printing key\n");
            ERR_print_errors(bio_err);
        }
@ -310,23 +279,21 @@ int MAIN(int argc, char **argv)
        OPENSSL_free(pass);

    return ret;
-	}
+}

 static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
                            const char *file, ENGINE *e)
-	{
+{
    BIO *pbio;
    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *ctx = NULL;
-	if (*pctx)
-		{
+    if (*pctx) {
        BIO_puts(err, "Parameters already set!\n");
        return 0;
    }

    pbio = BIO_new_file(file, "r");
-	if (!pbio)
-		{
+    if (!pbio) {
        BIO_printf(err, "Can't open parameter file %s\n", file);
        return 0;
    }
@ -334,8 +301,7 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
    pkey = PEM_read_bio_Parameters(pbio, NULL);
    BIO_free(pbio);

-	if (!pkey)
-		{
+    if (!pkey) {
        BIO_printf(bio_err, "Error reading parameter file %s\n", file);
        return 0;
    }
@ -358,18 +324,17 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
        EVP_PKEY_free(pkey);
    return 0;

-	}
+}

 int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
                 const char *algname, ENGINE *e, int do_param)
-	{
+{
    EVP_PKEY_CTX *ctx = NULL;
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *tmpeng = NULL;
    int pkey_id;

-	if (*pctx)
-		{
+    if (*pctx) {
        BIO_puts(err, "Algorithm already set!\n");
        return 0;
    }
@ -381,8 +346,7 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
        ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
 #endif

-	if (!ameth)
-		{
+    if (!ameth) {
        BIO_printf(bio_err, "Algorithm %s not found\n", algname);
        return 0;
    }
@ -398,13 +362,10 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,

    if (!ctx)
        goto err;
-	if (do_param)
-		{
+    if (do_param) {
        if (EVP_PKEY_paramgen_init(ctx) <= 0)
            goto err;
-		}
-	else
-		{
+    } else {
        if (EVP_PKEY_keygen_init(ctx) <= 0)
            goto err;
    }
@ -419,22 +380,26 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
        EVP_PKEY_CTX_free(ctx);
    return 0;

-	}
+}

 static int genpkey_cb(EVP_PKEY_CTX *ctx)
-	{
-	char c='*';
+{
+    char c = '*';
    BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
    int p;
    p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(b,&c,1);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(b, &c, 1);
    (void)BIO_flush(b);
 #ifdef LINT
-	p=n;
+    p = n;
 #endif
    return 1;
-	}
+}
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@ -57,279 +57,294 @@
 */

 #include <openssl/opensslconf.h>
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
 #ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
 #endif

 #ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/rsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/rand.h>

-#define DEFBITS	1024
-#undef PROG
-#define PROG genrsa_main
+# define DEFBITS 1024
+# undef PROG
+# define PROG genrsa_main

 static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    ENGINE *e = NULL;
-#endif
-	int ret=1;
-	int i,num=DEFBITS;
+# endif
+    int ret = 1;
+    int i, num = DEFBITS;
    long l;
-	const EVP_CIPHER *enc=NULL;
-	unsigned long f4=RSA_F4;
-	char *outfile=NULL;
+    const EVP_CIPHER *enc = NULL;
+    unsigned long f4 = RSA_F4;
+    char *outfile = NULL;
    char *passargout = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	char *inrand=NULL;
-	BIO *out=NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    char *inrand = NULL;
+    BIO *out = NULL;
    BIGNUM *bn = BN_new();
    RSA *rsa = NULL;

-	if(!bn) goto err;
+    if (!bn)
+        goto err;

    apps_startup();
    BN_GENCB_set(&cb, genrsa_cb, bio_err);

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto err;
-	if ((out=BIO_new(BIO_s_file())) == NULL)
-		{
-		BIO_printf(bio_err,"unable to create BIO for output\n");
+    if ((out = BIO_new(BIO_s_file())) == NULL) {
+        BIO_printf(bio_err, "unable to create BIO for output\n");
        goto err;
    }

    argv++;
    argc--;
-	for (;;)
-		{
-		if (argc <= 0) break;
-		if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-3") == 0)
+            f4 = 3;
+        else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
+            f4 = RSA_F4;
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-		else if (strcmp(*argv,"-3") == 0)
-			f4=3;
-		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
-			f4=RSA_F4;
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
        }
-#endif
-		else if (strcmp(*argv,"-rand") == 0)
-			{
-			if (--argc < 1) goto bad;
-			inrand= *(++argv);
-			}
-#ifndef OPENSSL_NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_SEED
-		else if (strcmp(*argv,"-seed") == 0)
-			enc=EVP_seed_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-		else if (strcmp(*argv,"-aes128") == 0)
-			enc=EVP_aes_128_cbc();
-		else if (strcmp(*argv,"-aes192") == 0)
-			enc=EVP_aes_192_cbc();
-		else if (strcmp(*argv,"-aes256") == 0)
-			enc=EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		else if (strcmp(*argv,"-camellia128") == 0)
-			enc=EVP_camellia_128_cbc();
-		else if (strcmp(*argv,"-camellia192") == 0)
-			enc=EVP_camellia_192_cbc();
-		else if (strcmp(*argv,"-camellia256") == 0)
-			enc=EVP_camellia_256_cbc();
-#endif
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-		else
+# ifndef OPENSSL_NO_DES
+        else if (strcmp(*argv, "-des") == 0)
+            enc = EVP_des_cbc();
+        else if (strcmp(*argv, "-des3") == 0)
+            enc = EVP_des_ede3_cbc();
+# endif
+# ifndef OPENSSL_NO_IDEA
+        else if (strcmp(*argv, "-idea") == 0)
+            enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+        else if (strcmp(*argv, "-seed") == 0)
+            enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+        else if (strcmp(*argv, "-aes128") == 0)
+            enc = EVP_aes_128_cbc();
+        else if (strcmp(*argv, "-aes192") == 0)
+            enc = EVP_aes_192_cbc();
+        else if (strcmp(*argv, "-aes256") == 0)
+            enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        else if (strcmp(*argv, "-camellia128") == 0)
+            enc = EVP_camellia_128_cbc();
+        else if (strcmp(*argv, "-camellia192") == 0)
+            enc = EVP_camellia_192_cbc();
+        else if (strcmp(*argv, "-camellia256") == 0)
+            enc = EVP_camellia_256_cbc();
+# endif
+        else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        } else
            break;
        argv++;
        argc--;
    }
-	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
-		{
-bad:
-		BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
-		BIO_printf(bio_err," -des            encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf(bio_err," -out file       output the key to 'file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
-		BIO_printf(bio_err," -3              use 3 for the E value\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
-		BIO_printf(bio_err,"                 the random number generator\n");
+    if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
+ bad:
+        BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");
+        BIO_printf(bio_err,
+                   " -des            encrypt the generated key with DES in cbc mode\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt the generated key with IDEA in cbc mode\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, " -seed\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err, " -out file       output the key to 'file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   " -f4             use F4 (0x10001) for the E value\n");
+        BIO_printf(bio_err, " -3              use 3 for the E value\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "                 load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "                 the random number generator\n");
        goto err;
    }

    ERR_load_crypto_strings();

-	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
+    if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto err;
    }
-
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto err;
        }
    }

    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
-		&& !RAND_status())
-		{
-		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+        && !RAND_status()) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
    }
    if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                   app_RAND_load_files(inrand));

-	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
+    BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
               num);
-#ifdef OPENSSL_NO_ENGINE
+# ifdef OPENSSL_NO_ENGINE
    rsa = RSA_new();
-#else
+# else
    rsa = RSA_new_method(e);
-#endif
+# endif
    if (!rsa)
        goto err;

-	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+    if (!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
        goto err;

    app_RAND_write_file(NULL, bio_err);

-	/* We need to do the following for when the base number size is <
-	 * long, esp windows 3.1 :-(. */
-	l=0L;
-	for (i=0; i<rsa->e->top; i++)
-		{
-#ifndef SIXTY_FOUR_BIT
-		l<<=BN_BITS4;
-		l<<=BN_BITS4;
-#endif
-		l+=rsa->e->d[i];
+    /*
+     * We need to do the following for when the base number size is < long,
+     * esp windows 3.1 :-(.
+     */
+    l = 0L;
+    for (i = 0; i < rsa->e->top; i++) {
+# ifndef SIXTY_FOUR_BIT
+        l <<= BN_BITS4;
+        l <<= BN_BITS4;
+# endif
+        l += rsa->e->d[i];
    }
-	BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
+    BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l);
    {
        PW_CB_DATA cb_data;
        cb_data.password = passout;
        cb_data.prompt_info = outfile;
-	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
-		(pem_password_cb *)password_callback,&cb_data))
+        if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
+                                         (pem_password_cb *)password_callback,
+                                         &cb_data))
            goto err;
    }

-	ret=0;
-err:
-	if (bn) BN_free(bn);
-	if (rsa) RSA_free(rsa);
-	if (out) BIO_free_all(out);
-	if(passout) OPENSSL_free(passout);
+    ret = 0;
+ err:
+    if (bn)
+        BN_free(bn);
+    if (rsa)
+        RSA_free(rsa);
+    if (out)
+        BIO_free_all(out);
+    if (passout)
+        OPENSSL_free(passout);
    if (ret != 0)
        ERR_print_errors(bio_err);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
+{
+    char c = '*';

-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
    (void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
+# ifdef LINT
+    p = n;
+# endif
    return 1;
-	}
+}
 #else                           /* !OPENSSL_NO_RSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/nseq.c
+++ b/apps/nseq.c
@ -1,6 +1,7 @@
 /* nseq.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
 */
 /* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
@ -76,47 +77,51 @@ int MAIN(int argc, char **argv)
    NETSCAPE_CERT_SEQUENCE *seq = NULL;
    int i, ret = 1;
    int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
    ERR_load_crypto_strings();
    args = argv + 1;
    while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-toseq")) toseq = 1;
-		else if (!strcmp (*args, "-in")) {
+        if (!strcmp(*args, "-toseq"))
+            toseq = 1;
+        else if (!strcmp(*args, "-in")) {
            if (args[1]) {
                args++;
                infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
            if (args[1]) {
                args++;
                outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
+            } else
+                badarg = 1;
+        } else
+            badarg = 1;
        args++;
    }

    if (badarg) {
-		BIO_printf (bio_err, "Netscape certificate sequence utility\n");
-		BIO_printf (bio_err, "Usage nseq [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-in file  input file\n");
-		BIO_printf (bio_err, "-out file output file\n");
-		BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
+        BIO_printf(bio_err, "Netscape certificate sequence utility\n");
+        BIO_printf(bio_err, "Usage nseq [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-in file  input file\n");
+        BIO_printf(bio_err, "-out file output file\n");
+        BIO_printf(bio_err, "-toseq    output NS Sequence file\n");
        OPENSSL_EXIT(1);
    }

    if (infile) {
-		if (!(in = BIO_new_file (infile, "r"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
+        if (!(in = BIO_new_file(infile, "r"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
            goto end;
        }
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);

    if (outfile) {
-		if (!(out = BIO_new_file (outfile, "w"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
+        if (!(out = BIO_new_file(outfile, "w"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
    } else {
@ -131,12 +136,11 @@ int MAIN(int argc, char **argv)
    if (toseq) {
        seq = NETSCAPE_CERT_SEQUENCE_new();
        seq->certs = sk_X509_new_null();
-		while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) 
-		    sk_X509_push(seq->certs,x509);
+        while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
+            sk_X509_push(seq->certs, x509);

-		if(!sk_X509_num(seq->certs))
-		{
-			BIO_printf (bio_err, "Error reading certs file %s\n", infile);
+        if (!sk_X509_num(seq->certs)) {
+            BIO_printf(bio_err, "Error reading certs file %s\n", infile);
            ERR_print_errors(bio_err);
            goto end;
        }
@ -146,22 +150,21 @@ int MAIN(int argc, char **argv)
    }

    if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
-		BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
+        BIO_printf(bio_err, "Error reading sequence file %s\n", infile);
        ERR_print_errors(bio_err);
        goto end;
    }

-	for(i = 0; i < sk_X509_num(seq->certs); i++) {
+    for (i = 0; i < sk_X509_num(seq->certs); i++) {
        x509 = sk_X509_value(seq->certs, i);
        dump_cert_text(out, x509);
        PEM_write_bio_X509(out, x509);
    }
    ret = 0;
-end:
+ end:
    BIO_free(in);
    BIO_free_all(out);
    NETSCAPE_CERT_SEQUENCE_free(seq);

    OPENSSL_EXIT(ret);
 }
-
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
--- a/apps/openssl.c
+++ b/apps/openssl.c
@ -109,11 +109,11 @@
 *
 */

-
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
+#define OPENSSL_C               /* tells apps.h to use complete
+                                 * apps_startup() */
 #include "apps.h"
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
@ -124,97 +124,90 @@
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
 #ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
+# include <openssl/engine.h>
 #endif
-#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
+#define USE_SOCKETS             /* needed for the _O_BINARY defs in the MS
+                                 * world */
 #include "progs.h"
 #include "s_apps.h"
 #include <openssl/err.h>
 #ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
+# include <openssl/fips.h>
 #endif

-/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
- * base prototypes (we cast each variable inside the function to the required
- * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
- * functions. */
+/*
+ * The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
+ * the base prototypes (we cast each variable inside the function to the
+ * required type of "FUNCTION*"). This removes the necessity for
+ * macro-generated wrapper functions.
+ */

-static LHASH_OF(FUNCTION) *prog_init(void );
-static int do_cmd(LHASH_OF(FUNCTION) *prog,int argc,char *argv[]);
+static LHASH_OF(FUNCTION) *prog_init(void);
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
 static void list_pkey(BIO *out);
 static void list_cipher(BIO *out);
 static void list_md(BIO *out);
-char *default_config_file=NULL;
+char *default_config_file = NULL;

 /* Make sure there is only one when MONOLITH is defined */
 #ifdef MONOLITH
-CONF *config=NULL;
-BIO *bio_err=NULL;
+CONF *config = NULL;
+BIO *bio_err = NULL;
 #endif

-
 static void lock_dbg_cb(int mode, int type, const char *file, int line)
-	{
+{
    static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
    const char *errstr = NULL;
    int rw;

-	rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
-	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
-		{
+    rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
+    if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
        errstr = "invalid mode";
        goto err;
    }

-	if (type < 0 || type >= CRYPTO_NUM_LOCKS)
-		{
+    if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
        errstr = "type out of bounds";
        goto err;
    }

-	if (mode & CRYPTO_LOCK)
-		{
-		if (modes[type])
-			{
+    if (mode & CRYPTO_LOCK) {
+        if (modes[type]) {
            errstr = "already locked";
-			/* must not happen in a single-threaded program
-			 * (would deadlock) */
+            /*
+             * must not happen in a single-threaded program (would deadlock)
+             */
            goto err;
        }

        modes[type] = rw;
-		}
-	else if (mode & CRYPTO_UNLOCK)
-		{
-		if (!modes[type])
-			{
+    } else if (mode & CRYPTO_UNLOCK) {
+        if (!modes[type]) {
            errstr = "not locked";
            goto err;
        }

-		if (modes[type] != rw)
-			{
+        if (modes[type] != rw) {
            errstr = (rw == CRYPTO_READ) ?
                "CRYPTO_r_unlock on write lock" :
                "CRYPTO_w_unlock on read lock";
        }

        modes[type] = 0;
-		}
-	else
-		{
+    } else {
        errstr = "invalid mode";
        goto err;
    }

 err:
-	if (errstr)
-		{
+    if (errstr) {
        /* we cannot use bio_err here */
-		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
+        fprintf(stderr,
+                "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
                errstr, mode, type, file, line);
    }
-	}
+}

 #if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
 # define ARGV _Argv
@ -223,22 +216,23 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
 #endif

 int main(int Argc, char *ARGV[])
-	{
+{
    ARGS arg;
 #define PROG_NAME_SIZE  39
-	char pname[PROG_NAME_SIZE+1];
-	FUNCTION f,*fp;
+    char pname[PROG_NAME_SIZE + 1];
+    FUNCTION f, *fp;
    MS_STATIC const char *prompt;
    MS_STATIC char buf[1024];
-	char *to_free=NULL;
-	int n,i,ret=0;
+    char *to_free = NULL;
+    int n, i, ret = 0;
    int argc;
-	char **argv,*p;
-	LHASH_OF(FUNCTION) *prog=NULL;
+    char **argv, *p;
+    LHASH_OF(FUNCTION) *prog = NULL;
    long errline;

 #if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
-	/* 2011-03-22 SMS.
+    /*-
+     * 2011-03-22 SMS.
     * If we have 32-bit pointers everywhere, then we're safe, and
     * we bypass this mess, as on non-VMS systems.  (See ARGV,
     * above.)
@ -261,46 +255,46 @@ int main(int Argc, char *ARGV[])
    char **Argv = NULL;
    int free_Argv = 0;

-	if ((sizeof( _Argv) < 8)        /* 32-bit argv[]. */
+    if ((sizeof(_Argv) < 8)     /* 32-bit argv[]. */
 # if !defined( VMS_TRUST_ARGV)
-	 || (_Argv[ Argc] != NULL)      /* Untrusted argv[argc] not NULL. */
+        || (_Argv[Argc] != NULL) /* Untrusted argv[argc] not NULL. */
 # endif
-		)
-		{
+        ) {
        int i;
-		Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *));
-		if (Argv == NULL)
-			{ ret = -1; goto end; }
-		for(i = 0; i < Argc; i++)
-			Argv[i] = _Argv[i];
-		Argv[ Argc] = NULL;     /* Certain NULL termination. */
-		free_Argv = 1;
+        Argv = OPENSSL_malloc((Argc + 1) * sizeof(char *));
+        if (Argv == NULL) {
+            ret = -1;
+            goto end;
        }
-	else
-		{
-		/* Use the known-good 32-bit argv[] (which needs the
-		 * type cast to satisfy the compiler), or the trusted or
-		 * tested-good 64-bit argv[] as-is. */
+        for (i = 0; i < Argc; i++)
+            Argv[i] = _Argv[i];
+        Argv[Argc] = NULL;      /* Certain NULL termination. */
+        free_Argv = 1;
+    } else {
+        /*
+         * Use the known-good 32-bit argv[] (which needs the type cast to
+         * satisfy the compiler), or the trusted or tested-good 64-bit argv[]
+         * as-is.
+         */
        Argv = (char **)_Argv;
    }
-#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */
+#endif                          /* defined( OPENSSL_SYS_VMS) &&
+                                 * (__INITIAL_POINTER_SIZE == 64) */

-	arg.data=NULL;
-	arg.count=0;
+    arg.data = NULL;
+    arg.count = 0;

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

-	if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
-		{
-		if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
-			{
+    if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) { /* if not defined, use
+                                                   * compiled-in library
+                                                   * defaults */
+        if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) {
            CRYPTO_malloc_debug_init();
            CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
-			}
-		else
-			{
+        } else {
            /* OPENSSL_DEBUG_MEMORY=off */
            CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
        }
@ -314,11 +308,11 @@ int main(int Argc, char *ARGV[])
        CRYPTO_set_locking_callback(lock_dbg_cb);
    }

-	if(getenv("OPENSSL_FIPS")) {
+    if (getenv("OPENSSL_FIPS")) {
 #ifdef OPENSSL_FIPS
        if (!FIPS_mode_set(1)) {
            ERR_load_crypto_strings();
-			ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+            ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
            EXIT(1);
        }
 #else
@ -330,129 +324,125 @@ int main(int Argc, char *ARGV[])
    apps_startup();

    /* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
+    p = getenv("OPENSSL_CONF");
    if (p == NULL)
-		p=getenv("SSLEAY_CONF");
+        p = getenv("SSLEAY_CONF");
    if (p == NULL)
-		p=to_free=make_config_name();
+        p = to_free = make_config_name();

-	default_config_file=p;
+    default_config_file = p;

-	config=NCONF_new(NULL);
-	i=NCONF_load(config,p,&errline);
-	if (i == 0)
-		{
+    config = NCONF_new(NULL);
+    i = NCONF_load(config, p, &errline);
+    if (i == 0) {
        if (ERR_GET_REASON(ERR_peek_last_error())
-		    == CONF_R_NO_SUCH_FILE)
-			{
-			BIO_printf(bio_err,
-				   "WARNING: can't open config file: %s\n",p);
+            == CONF_R_NO_SUCH_FILE) {
+            BIO_printf(bio_err, "WARNING: can't open config file: %s\n", p);
            ERR_clear_error();
            NCONF_free(config);
            config = NULL;
-			}
-		else
-			{
+        } else {
            ERR_print_errors(bio_err);
            NCONF_free(config);
            exit(1);
        }
    }

-	prog=prog_init();
+    prog = prog_init();

    /* first check the program name */
-	program_name(Argv[0],pname,sizeof pname);
+    program_name(Argv[0], pname, sizeof pname);

-	f.name=pname;
-	fp=lh_FUNCTION_retrieve(prog,&f);
-	if (fp != NULL)
-		{
-		Argv[0]=pname;
-		ret=fp->func(Argc,Argv);
+    f.name = pname;
+    fp = lh_FUNCTION_retrieve(prog, &f);
+    if (fp != NULL) {
+        Argv[0] = pname;
+        ret = fp->func(Argc, Argv);
        goto end;
    }

-	/* ok, now check that there are not arguments, if there are,
-	 * run with them, shifting the ssleay off the front */
-	if (Argc != 1)
-		{
+    /*
+     * ok, now check that there are not arguments, if there are, run with
+     * them, shifting the ssleay off the front
+     */
+    if (Argc != 1) {
        Argc--;
        Argv++;
-		ret=do_cmd(prog,Argc,Argv);
-		if (ret < 0) ret=0;
+        ret = do_cmd(prog, Argc, Argv);
+        if (ret < 0)
+            ret = 0;
        goto end;
    }

    /* ok, lets enter the old 'OpenSSL>' mode */

-	for (;;)
-		{
-		ret=0;
-		p=buf;
-		n=sizeof buf;
-		i=0;
-		for (;;)
-			{
-			p[0]='\0';
+    for (;;) {
+        ret = 0;
+        p = buf;
+        n = sizeof buf;
+        i = 0;
+        for (;;) {
+            p[0] = '\0';
            if (i++)
-				prompt=">";
-			else	prompt="OpenSSL> ";
-			fputs(prompt,stdout);
+                prompt = ">";
+            else
+                prompt = "OpenSSL> ";
+            fputs(prompt, stdout);
            fflush(stdout);
-			if (!fgets(p,n,stdin))
+            if (!fgets(p, n, stdin))
                goto end;
-			if (p[0] == '\0') goto end;
-			i=strlen(p);
-			if (i <= 1) break;
-			if (p[i-2] != '\\') break;
-			i-=2;
-			p+=i;
-			n-=i;
+            if (p[0] == '\0')
+                goto end;
+            i = strlen(p);
+            if (i <= 1)
+                break;
+            if (p[i - 2] != '\\')
+                break;
+            i -= 2;
+            p += i;
+            n -= i;
        }
-		if (!chopup_args(&arg,buf,&argc,&argv)) break;
+        if (!chopup_args(&arg, buf, &argc, &argv))
+            break;

-		ret=do_cmd(prog,argc,argv);
-		if (ret < 0)
-			{
-			ret=0;
+        ret = do_cmd(prog, argc, argv);
+        if (ret < 0) {
+            ret = 0;
            goto end;
        }
        if (ret != 0)
-			BIO_printf(bio_err,"error in %s\n",argv[0]);
+            BIO_printf(bio_err, "error in %s\n", argv[0]);
        (void)BIO_flush(bio_err);
    }
-	BIO_printf(bio_err,"bad exit\n");
-	ret=1;
-end:
+    BIO_printf(bio_err, "bad exit\n");
+    ret = 1;
+ end:
    if (to_free)
        OPENSSL_free(to_free);
-	if (config != NULL)
-		{
+    if (config != NULL) {
        NCONF_free(config);
-		config=NULL;
+        config = NULL;
    }
-	if (prog != NULL) lh_FUNCTION_free(prog);
-	if (arg.data != NULL) OPENSSL_free(arg.data);
+    if (prog != NULL)
+        lh_FUNCTION_free(prog);
+    if (arg.data != NULL)
+        OPENSSL_free(arg.data);

-
-	if (bio_err != NULL)
-		{
-		BIO_free(bio_err);
-		bio_err=NULL;
-		}
 #if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
    /* Free any duplicate Argv[] storage. */
-	if (free_Argv)
-		{
+    if (free_Argv) {
        OPENSSL_free(Argv);
    }
 #endif
    apps_shutdown();
    CRYPTO_mem_leaks(bio_err);
+    if (bio_err != NULL) {
+        BIO_free(bio_err);
+        bio_err = NULL;
+    }

    OPENSSL_EXIT(ret);
-	}
+}

 #define LIST_STANDARD_COMMANDS "list-standard-commands"
 #define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
@ -461,84 +451,74 @@ end:
 #define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
 #define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"

-
 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
-	{
-	FUNCTION f,*fp;
-	int i,ret=1,tp,nl;
+{
+    FUNCTION f, *fp;
+    int i, ret = 1, tp, nl;

-	if ((argc <= 0) || (argv[0] == NULL))
-		{ ret=0; goto end; }
-	f.name=argv[0];
-	fp=lh_FUNCTION_retrieve(prog,&f);
-	if (fp == NULL)
-		{
-		if (EVP_get_digestbyname(argv[0]))
-			{
+    if ((argc <= 0) || (argv[0] == NULL)) {
+        ret = 0;
+        goto end;
+    }
+    f.name = argv[0];
+    fp = lh_FUNCTION_retrieve(prog, &f);
+    if (fp == NULL) {
+        if (EVP_get_digestbyname(argv[0])) {
            f.type = FUNC_TYPE_MD;
            f.func = dgst_main;
            fp = &f;
-			}
-		else if (EVP_get_cipherbyname(argv[0]))
-			{
+        } else if (EVP_get_cipherbyname(argv[0])) {
            f.type = FUNC_TYPE_CIPHER;
            f.func = enc_main;
            fp = &f;
        }
    }
-	if (fp != NULL)
-		{
-		ret=fp->func(argc,argv);
-		}
-	else if ((strncmp(argv[0],"no-",3)) == 0)
-		{
-		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
+    if (fp != NULL) {
+        ret = fp->func(argc, argv);
+    } else if ((strncmp(argv[0], "no-", 3)) == 0) {
+        BIO *bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            bio_stdout = BIO_push(tmpbio, bio_stdout);
        }
 #endif
-		f.name=argv[0]+3;
-		ret = (lh_FUNCTION_retrieve(prog,&f) != NULL);
+        f.name = argv[0] + 3;
+        ret = (lh_FUNCTION_retrieve(prog, &f) != NULL);
        if (!ret)
            BIO_printf(bio_stdout, "%s\n", argv[0]);
        else
-			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
+            BIO_printf(bio_stdout, "%s\n", argv[0] + 3);
        BIO_free_all(bio_stdout);
        goto end;
-		}
-	else if ((strcmp(argv[0],"quit") == 0) ||
-		(strcmp(argv[0],"q") == 0) ||
-		(strcmp(argv[0],"exit") == 0) ||
-		(strcmp(argv[0],"bye") == 0))
-		{
-		ret= -1;
+    } else if ((strcmp(argv[0], "quit") == 0) ||
+               (strcmp(argv[0], "q") == 0) ||
+               (strcmp(argv[0], "exit") == 0) ||
+               (strcmp(argv[0], "bye") == 0)) {
+        ret = -1;
        goto end;
-		}
-	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) ||
-		(strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0))
-		{
+    } else if ((strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
+               (strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0) ||
+               (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)) {
        int list_type;
        BIO *bio_stdout;

-		if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
+        if (strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0)
            list_type = FUNC_TYPE_GENERAL;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
+        else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0)
            list_type = FUNC_TYPE_MD;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
+        else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
            list_type = FUNC_TYPE_MD_ALG;
-		else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)
+        else if (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)
            list_type = FUNC_TYPE_PKEY;
-		else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0)
+        else if (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0)
            list_type = FUNC_TYPE_CIPHER_ALG;
        else                    /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
            list_type = FUNC_TYPE_CIPHER;
-		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
+        bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -555,95 +535,83 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
            list_md(bio_stdout);
        if (list_type == FUNC_TYPE_CIPHER_ALG)
            list_cipher(bio_stdout);
-		else
-			{
-			for (fp=functions; fp->name != NULL; fp++)
+        else {
+            for (fp = functions; fp->name != NULL; fp++)
                if (fp->type == list_type)
-					BIO_printf(bio_stdout, "%s\n",
-								fp->name);
+                    BIO_printf(bio_stdout, "%s\n", fp->name);
        }
        BIO_free_all(bio_stdout);
-		ret=0;
+        ret = 0;
        goto end;
-		}
-	else
-		{
-		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
+    } else {
+        BIO_printf(bio_err, "openssl:Error: '%s' is an invalid command.\n",
                   argv[0]);
        BIO_printf(bio_err, "\nStandard commands");
-		i=0;
-		tp=0;
-		for (fp=functions; fp->name != NULL; fp++)
-			{
-			nl=0;
+        i = 0;
+        tp = 0;
+        for (fp = functions; fp->name != NULL; fp++) {
+            nl = 0;
 #ifdef OPENSSL_NO_CAMELLIA
            if (((i++) % 5) == 0)
 #else
            if (((i++) % 4) == 0)
 #endif
            {
-				BIO_printf(bio_err,"\n");
-				nl=1;
+                BIO_printf(bio_err, "\n");
+                nl = 1;
            }
-			if (fp->type != tp)
-				{
-				tp=fp->type;
-				if (!nl) BIO_printf(bio_err,"\n");
-				if (tp == FUNC_TYPE_MD)
-					{
-					i=1;
+            if (fp->type != tp) {
+                tp = fp->type;
+                if (!nl)
+                    BIO_printf(bio_err, "\n");
+                if (tp == FUNC_TYPE_MD) {
+                    i = 1;
                    BIO_printf(bio_err,
                               "\nMessage Digest commands (see the `dgst' command for more details)\n");
-					}
-				else if (tp == FUNC_TYPE_CIPHER)
-					{
-					i=1;
-					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
+                } else if (tp == FUNC_TYPE_CIPHER) {
+                    i = 1;
+                    BIO_printf(bio_err,
+                               "\nCipher commands (see the `enc' command for more details)\n");
                }
            }
 #ifdef OPENSSL_NO_CAMELLIA
-			BIO_printf(bio_err,"%-15s",fp->name);
+            BIO_printf(bio_err, "%-15s", fp->name);
 #else
-			BIO_printf(bio_err,"%-18s",fp->name);
+            BIO_printf(bio_err, "%-18s", fp->name);
 #endif
        }
-		BIO_printf(bio_err,"\n\n");
-		ret=0;
-		}
-end:
-	return(ret);
+        BIO_printf(bio_err, "\n\n");
+        ret = 0;
    }
+ end:
+    return (ret);
+}

-static int SortFnByName(const void *_f1,const void *_f2)
-    {
-    const FUNCTION *f1=_f1;
-    const FUNCTION *f2=_f2;
+static int SortFnByName(const void *_f1, const void *_f2)
+{
+    const FUNCTION *f1 = _f1;
+    const FUNCTION *f2 = _f2;

-    if(f1->type != f2->type)
-	return f1->type-f2->type;
-    return strcmp(f1->name,f2->name);
-    }
+    if (f1->type != f2->type)
+        return f1->type - f2->type;
+    return strcmp(f1->name, f2->name);
+}

 static void list_pkey(BIO *out)
-	{
+{
    int i;
-	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
-		{
+    for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
        const EVP_PKEY_ASN1_METHOD *ameth;
        int pkey_id, pkey_base_id, pkey_flags;
        const char *pinfo, *pem_str;
        ameth = EVP_PKEY_asn1_get0(i);
        EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
                                &pinfo, &pem_str, ameth);
-		if (pkey_flags & ASN1_PKEY_ALIAS)
-			{
-			BIO_printf(out, "Name: %s\n", 
-					OBJ_nid2ln(pkey_id));
+        if (pkey_flags & ASN1_PKEY_ALIAS) {
+            BIO_printf(out, "Name: %s\n", OBJ_nid2ln(pkey_id));
            BIO_printf(out, "\tType: Alias to %s\n",
                       OBJ_nid2ln(pkey_base_id));
-			}
-		else
-			{
+        } else {
            BIO_printf(out, "Name: %s\n", pinfo);
            BIO_printf(out, "\tType: %s Algorithm\n",
                       pkey_flags & ASN1_PKEY_DYNAMIC ?
@ -655,76 +623,74 @@ static void list_pkey(BIO *out)
        }

    }
-	}
+}

 static void list_cipher_fn(const EVP_CIPHER *c,
                           const char *from, const char *to, void *arg)
-	{
+{
    if (c)
        BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
-	else
-		{
+    else {
        if (!from)
            from = "<undefined>";
        if (!to)
            to = "<undefined>";
        BIO_printf(arg, "%s => %s\n", from, to);
    }
-	}
+}

 static void list_cipher(BIO *out)
-	{
+{
    EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
-	}
+}

 static void list_md_fn(const EVP_MD *m,
                       const char *from, const char *to, void *arg)
-	{
+{
    if (m)
        BIO_printf(arg, "%s\n", EVP_MD_name(m));
-	else
-		{
+    else {
        if (!from)
            from = "<undefined>";
        if (!to)
            to = "<undefined>";
        BIO_printf(arg, "%s => %s\n", from, to);
    }
-	}
+}

 static void list_md(BIO *out)
-	{
+{
    EVP_MD_do_all_sorted(list_md_fn, out);
-	}
+}
+
+static int MS_CALLBACK function_cmp(const FUNCTION * a, const FUNCTION * b)
+{
+    return strncmp(a->name, b->name, 8);
+}

-static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
-	{
-	return strncmp(a->name,b->name,8);
-	}
 static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)

-static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
-	{
+static unsigned long MS_CALLBACK function_hash(const FUNCTION * a)
+{
    return lh_strhash(a->name);
-	}	
+}
+
 static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)

 static LHASH_OF(FUNCTION) *prog_init(void)
-	{
+{
    LHASH_OF(FUNCTION) *ret;
    FUNCTION *f;
    size_t i;

    /* Purely so it looks nice when the user hits ? */
-	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
-	    ;
-	qsort(functions,i,sizeof *functions,SortFnByName);
+    for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
+    qsort(functions, i, sizeof *functions, SortFnByName);

-	if ((ret=lh_FUNCTION_new()) == NULL)
-		return(NULL);
-
-	for (f=functions; f->name != NULL; f++)
-		(void)lh_FUNCTION_insert(ret,f);
-	return(ret);
-	}
+    if ((ret = lh_FUNCTION_new()) == NULL)
+        return (NULL);

+    for (f = functions; f->name != NULL; f++)
+        (void)lh_FUNCTION_insert(ret, f);
+    return (ret);
+}
--- a/apps/passwd.c
+++ b/apps/passwd.c
@ -6,44 +6,44 @@

 #if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)

-#include <assert.h>
-#include <string.h>
+# include <assert.h>
+# include <string.h>

-#include "apps.h"
+# include "apps.h"

-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_DES
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/rand.h>
+# ifndef OPENSSL_NO_DES
 #  include <openssl/des.h>
-#endif
-#ifndef NO_MD5CRYPT_1
+# endif
+# ifndef NO_MD5CRYPT_1
 #  include <openssl/md5.h>
-#endif
+# endif

+# undef PROG
+# define PROG passwd_main

-#undef PROG
-#define PROG passwd_main
-
-
-static unsigned const char cov_2char[64]={
+static unsigned const char cov_2char[64] = {
    /* from crypto/des/fcrypt.c */
-	0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-	0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-	0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-	0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-	0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-	0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-	0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-	0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
+    0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
+    0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
+    0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
+    0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
+    0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
+    0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
+    0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
+    0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
 };

 static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out, int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1);
+                     char *passwd, BIO *out, int quiet, int table,
+                     int reverse, size_t pw_maxlen, int usecrypt, int use1,
+                     int useapr1);

-/* -crypt        - standard Unix password algorithm (default)
+/*-
+ * -crypt        - standard Unix password algorithm (default)
 * -1            - MD5-based password algorithm
 * -apr1         - MD5-based password algorithm, Apache variant
 * -salt string  - salt
@ -58,7 +58,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    int ret = 1;
    char *infile = NULL;
    int in_stdin = 0;
@ -76,8 +76,8 @@ int MAIN(int argc, char **argv)
    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto err;
@ -85,54 +85,41 @@ int MAIN(int argc, char **argv)
    if (out == NULL)
        goto err;
    BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
+# ifdef OPENSSL_SYS_VMS
    {
        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
        out = BIO_push(tmpbio, out);
    }
-#endif
+# endif

    badopt = 0, opt_done = 0;
    i = 0;
-	while (!badopt && !opt_done && argv[++i] != NULL)
-		{
+    while (!badopt && !opt_done && argv[++i] != NULL) {
        if (strcmp(argv[i], "-crypt") == 0)
            usecrypt = 1;
        else if (strcmp(argv[i], "-1") == 0)
            use1 = 1;
        else if (strcmp(argv[i], "-apr1") == 0)
            useapr1 = 1;
-		else if (strcmp(argv[i], "-salt") == 0)
-			{
-			if ((argv[i+1] != NULL) && (salt == NULL))
-				{
+        else if (strcmp(argv[i], "-salt") == 0) {
+            if ((argv[i + 1] != NULL) && (salt == NULL)) {
                passed_salt = 1;
                salt = argv[++i];
-				}
-			else
+            } else
                badopt = 1;
-			}
-		else if (strcmp(argv[i], "-in") == 0)
-			{
-			if ((argv[i+1] != NULL) && !pw_source_defined)
-				{
+        } else if (strcmp(argv[i], "-in") == 0) {
+            if ((argv[i + 1] != NULL) && !pw_source_defined) {
                pw_source_defined = 1;
                infile = argv[++i];
-				}
-			else
+            } else
                badopt = 1;
-			}
-		else if (strcmp(argv[i], "-stdin") == 0)
-			{
-			if (!pw_source_defined)
-				{
+        } else if (strcmp(argv[i], "-stdin") == 0) {
+            if (!pw_source_defined) {
                pw_source_defined = 1;
                in_stdin = 1;
-				}
-			else
+            } else
                badopt = 1;
-			}
-		else if (strcmp(argv[i], "-noverify") == 0)
+        } else if (strcmp(argv[i], "-noverify") == 0)
            in_noverify = 1;
        else if (strcmp(argv[i], "-quiet") == 0)
            quiet = 1;
@ -148,8 +135,7 @@ int MAIN(int argc, char **argv)
            pw_source_defined = 1;
            passwds = &argv[i];
            opt_done = 1;
-			}
-		else
+        } else
            badopt = 1;
    }

@ -159,28 +145,33 @@ int MAIN(int argc, char **argv)
        badopt = 1;

    /* reject unsupported algorithms */
-#ifdef OPENSSL_NO_DES
-	if (usecrypt) badopt = 1;
-#endif
-#ifdef NO_MD5CRYPT_1
-	if (use1 || useapr1) badopt = 1;
-#endif
+# ifdef OPENSSL_NO_DES
+    if (usecrypt)
+        badopt = 1;
+# endif
+# ifdef NO_MD5CRYPT_1
+    if (use1 || useapr1)
+        badopt = 1;
+# endif

-	if (badopt) 
-		{
+    if (badopt) {
        BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
        BIO_printf(bio_err, "where options are\n");
-#ifndef OPENSSL_NO_DES
-		BIO_printf(bio_err, "-crypt             standard Unix password algorithm (default)\n");
-#endif
-#ifndef NO_MD5CRYPT_1
-		BIO_printf(bio_err, "-1                 MD5-based password algorithm\n");
-		BIO_printf(bio_err, "-apr1              MD5-based password algorithm, Apache variant\n");
-#endif
+# ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err,
+                   "-crypt             standard Unix password algorithm (default)\n");
+# endif
+# ifndef NO_MD5CRYPT_1
+        BIO_printf(bio_err,
+                   "-1                 MD5-based password algorithm\n");
+        BIO_printf(bio_err,
+                   "-apr1              MD5-based password algorithm, Apache variant\n");
+# endif
        BIO_printf(bio_err, "-salt string       use provided salt\n");
        BIO_printf(bio_err, "-in file           read passwords from file\n");
        BIO_printf(bio_err, "-stdin             read passwords from stdin\n");
-		BIO_printf(bio_err, "-noverify          never verify when reading password from terminal\n");
+        BIO_printf(bio_err,
+                   "-noverify          never verify when reading password from terminal\n");
        BIO_printf(bio_err, "-quiet             no warnings\n");
        BIO_printf(bio_err, "-table             format output as table\n");
        BIO_printf(bio_err, "-reverse           switch table columns\n");
@ -188,19 +179,15 @@ int MAIN(int argc, char **argv)
        goto err;
    }

-	if ((infile != NULL) || in_stdin)
-		{
+    if ((infile != NULL) || in_stdin) {
        in = BIO_new(BIO_s_file());
        if (in == NULL)
            goto err;
-		if (infile != NULL)
-			{
+        if (infile != NULL) {
            assert(in_stdin == 0);
            if (BIO_read_filename(in, infile) <= 0)
                goto err;
-			}
-		else
-			{
+        } else {
            assert(in_stdin);
            BIO_set_fp(in, stdin, BIO_NOCLOSE);
        }
@ -209,61 +196,59 @@ int MAIN(int argc, char **argv)
    if (usecrypt)
        pw_maxlen = 8;
    else if (use1 || useapr1)
-		pw_maxlen = 256; /* arbitrary limit, should be enough for most passwords */
+        pw_maxlen = 256;        /* arbitrary limit, should be enough for most
+                                 * passwords */

-	if (passwds == NULL)
-		{
+    if (passwds == NULL) {
        /* no passwords on the command line */

        passwd_malloc_size = pw_maxlen + 2;
-		/* longer than necessary so that we can warn about truncation */
+        /*
+         * longer than necessary so that we can warn about truncation
+         */
        passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
        if (passwd_malloc == NULL)
            goto err;
    }

-	if ((in == NULL) && (passwds == NULL))
-		{
+    if ((in == NULL) && (passwds == NULL)) {
        /* build a null-terminated list */
-		static char *passwds_static[2] = {NULL, NULL};
+        static char *passwds_static[2] = { NULL, NULL };

        passwds = passwds_static;
        if (in == NULL)
-			if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
+            if (EVP_read_pw_string
+                (passwd_malloc, passwd_malloc_size, "Password: ",
+                 !(passed_salt || in_noverify)) != 0)
                goto err;
        passwds[0] = passwd_malloc;
    }

-	if (in == NULL)
-		{
+    if (in == NULL) {
        assert(passwds != NULL);
        assert(*passwds != NULL);

-		do /* loop over list of passwords */
-			{
+        do {                    /* loop over list of passwords */
            passwd = *passwds++;
            if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-				quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
+                           quiet, table, reverse, pw_maxlen, usecrypt, use1,
+                           useapr1))
                goto err;
        }
        while (*passwds != NULL);
-		}
-	else
+    } else
        /* in != NULL */
    {
        int done;

-		assert (passwd != NULL);
-		do
-			{
+        assert(passwd != NULL);
+        do {
            int r = BIO_gets(in, passwd, pw_maxlen + 1);
-			if (r > 0)
-				{
-				char *c = (strchr(passwd, '\n')) ;
+            if (r > 0) {
+                char *c = (strchr(passwd, '\n'));
                if (c != NULL)
                    *c = 0;     /* truncate at newline */
-				else
-					{
+                else {
                    /* ignore rest of line */
                    char trash[BUFSIZ];
                    do
@ -272,7 +257,8 @@ int MAIN(int argc, char **argv)
                }

                if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
-					quiet, table, reverse, pw_maxlen, usecrypt, use1, useapr1))
+                               quiet, table, reverse, pw_maxlen, usecrypt,
+                               use1, useapr1))
                    goto err;
            }
            done = (r <= 0);
@ -281,7 +267,7 @@ int MAIN(int argc, char **argv)
    }
    ret = 0;

-err:
+ err:
    ERR_print_errors(bio_err);
    if (salt_malloc)
        OPENSSL_free(salt_malloc);
@ -293,28 +279,27 @@ err:
        BIO_free_all(out);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

-
-#ifndef NO_MD5CRYPT_1
-/* MD5-based password algorithm (should probably be available as a library
- * function; then the static buffer would not be acceptable).
- * For magic string "1", this should be compatible to the MD5-based BSD
- * password algorithm.
- * For 'magic' string "apr1", this is compatible to the MD5-based Apache
- * password algorithm.
- * (Apparently, the Apache password algorithm is identical except that the
- * 'magic' string was changed -- the laziest application of the NIH principle
- * I've ever encountered.)
+# ifndef NO_MD5CRYPT_1
+/*
+ * MD5-based password algorithm (should probably be available as a library
+ * function; then the static buffer would not be acceptable). For magic
+ * string "1", this should be compatible to the MD5-based BSD password
+ * algorithm. For 'magic' string "apr1", this is compatible to the MD5-based
+ * Apache password algorithm. (Apparently, the Apache password algorithm is
+ * identical except that the 'magic' string was changed -- the laziest
+ * application of the NIH principle I've ever encountered.)
 */
 static char *md5crypt(const char *passwd, const char *magic, const char *salt)
-	{
-	static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
+{
+    /* "$apr1$..salt..$.......md5hash..........\0" */
+    static char out_buf[6 + 9 + 24 + 2];
    unsigned char buf[MD5_DIGEST_LENGTH];
    char *salt_out;
    int n;
    unsigned int i;
-	EVP_MD_CTX md,md2;
+    EVP_MD_CTX md, md2;
    size_t passwd_len, salt_len;

    passwd_len = strlen(passwd);
@ -330,7 +315,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
    assert(salt_len <= 8);

    EVP_MD_CTX_init(&md);
-	EVP_DigestInit_ex(&md,EVP_md5(), NULL);
+    EVP_DigestInit_ex(&md, EVP_md5(), NULL);
    EVP_DigestUpdate(&md, passwd, passwd_len);
    EVP_DigestUpdate(&md, "$", 1);
    EVP_DigestUpdate(&md, magic, strlen(magic));
@ -338,7 +323,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
    EVP_DigestUpdate(&md, salt_out, salt_len);

    EVP_MD_CTX_init(&md2);
-	EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
+    EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
    EVP_DigestUpdate(&md2, passwd, passwd_len);
    EVP_DigestUpdate(&md2, salt_out, salt_len);
    EVP_DigestUpdate(&md2, passwd, passwd_len);
@ -349,23 +334,21 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
    EVP_DigestUpdate(&md, buf, i);

    n = passwd_len;
-	while (n)
-		{
+    while (n) {
        EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
        n >>= 1;
    }
    EVP_DigestFinal_ex(&md, buf, NULL);

-	for (i = 0; i < 1000; i++)
-		{
-		EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
+    for (i = 0; i < 1000; i++) {
+        EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+        EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
                         (i & 1) ? passwd_len : sizeof buf);
        if (i % 3)
            EVP_DigestUpdate(&md2, salt_out, salt_len);
        if (i % 7)
            EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
+        EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
                         (i & 1) ? sizeof buf : passwd_len);
        EVP_DigestFinal_ex(&md2, buf, NULL);
    }
@ -379,26 +362,27 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
        char *output;

        /* silly output permutation */
-		for (dest = 0, source = 0; dest < 14; dest++, source = (source + 6) % 17)
+        for (dest = 0, source = 0; dest < 14;
+             dest++, source = (source + 6) % 17)
            buf_perm[dest] = buf[source];
        buf_perm[14] = buf[5];
        buf_perm[15] = buf[11];
-#ifndef PEDANTIC /* Unfortunately, this generates a "no effect" warning */
+#  ifndef PEDANTIC              /* Unfortunately, this generates a "no
+                                 * effect" warning */
        assert(16 == sizeof buf_perm);
-#endif
+#  endif

        output = salt_out + salt_len;
        assert(output == out_buf + strlen(out_buf));

        *output++ = '$';

-		for (i = 0; i < 15; i += 3)
-			{
-			*output++ = cov_2char[buf_perm[i+2] & 0x3f];
-			*output++ = cov_2char[((buf_perm[i+1] & 0xf) << 2) |
-				                  (buf_perm[i+2] >> 6)];
+        for (i = 0; i < 15; i += 3) {
+            *output++ = cov_2char[buf_perm[i + 2] & 0x3f];
+            *output++ = cov_2char[((buf_perm[i + 1] & 0xf) << 2) |
+                                  (buf_perm[i + 2] >> 6)];
            *output++ = cov_2char[((buf_perm[i] & 3) << 4) |
-				                  (buf_perm[i+1] >> 4)];
+                                  (buf_perm[i + 1] >> 4)];
            *output++ = cov_2char[buf_perm[i] >> 2];
        }
        assert(i == 15);
@ -410,27 +394,24 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
    EVP_MD_CTX_cleanup(&md);

    return out_buf;
-	}
-#endif
-
+}
+# endif

 static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
-	char *passwd, BIO *out,	int quiet, int table, int reverse,
-	size_t pw_maxlen, int usecrypt, int use1, int useapr1)
-	{
+                     char *passwd, BIO *out, int quiet, int table,
+                     int reverse, size_t pw_maxlen, int usecrypt, int use1,
+                     int useapr1)
+{
    char *hash = NULL;

    assert(salt_p != NULL);
    assert(salt_malloc_p != NULL);

    /* first make sure we have a salt */
-	if (!passed_salt)
-		{
-#ifndef OPENSSL_NO_DES
-		if (usecrypt)
-			{
-			if (*salt_malloc_p == NULL)
-				{
+    if (!passed_salt) {
+# ifndef OPENSSL_NO_DES
+        if (usecrypt) {
+            if (*salt_malloc_p == NULL) {
                *salt_p = *salt_malloc_p = OPENSSL_malloc(3);
                if (*salt_malloc_p == NULL)
                    goto err;
@ -440,20 +421,18 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
            (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
            (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
            (*salt_p)[2] = 0;
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert
-			                                    * back to ASCII */
-#endif
+#  ifdef CHARSET_EBCDIC
+            ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert back
+                                                * to ASCII */
+#  endif
        }
-#endif /* !OPENSSL_NO_DES */
+# endif                         /* !OPENSSL_NO_DES */

-#ifndef NO_MD5CRYPT_1
-		if (use1 || useapr1)
-			{
+# ifndef NO_MD5CRYPT_1
+        if (use1 || useapr1) {
            int i;

-			if (*salt_malloc_p == NULL)
-				{
+            if (*salt_malloc_p == NULL) {
                *salt_p = *salt_malloc_p = OPENSSL_malloc(9);
                if (*salt_malloc_p == NULL)
                    goto err;
@ -465,30 +444,33 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
                (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
            (*salt_p)[8] = 0;
        }
-#endif /* !NO_MD5CRYPT_1 */
+# endif                         /* !NO_MD5CRYPT_1 */
    }

    assert(*salt_p != NULL);

    /* truncate password if necessary */
-	if ((strlen(passwd) > pw_maxlen))
-		{
+    if ((strlen(passwd) > pw_maxlen)) {
        if (!quiet)
-			/* XXX: really we should know how to print a size_t, not cast it */
-			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
+            /*
+             * XXX: really we should know how to print a size_t, not cast it
+             */
+            BIO_printf(bio_err,
+                       "Warning: truncating password to %u characters\n",
+                       (unsigned)pw_maxlen);
        passwd[pw_maxlen] = 0;
    }
    assert(strlen(passwd) <= pw_maxlen);

    /* now compute password hash */
-#ifndef OPENSSL_NO_DES
+# ifndef OPENSSL_NO_DES
    if (usecrypt)
        hash = DES_crypt(passwd, *salt_p);
-#endif
-#ifndef NO_MD5CRYPT_1
+# endif
+# ifndef NO_MD5CRYPT_1
    if (use1 || useapr1)
        hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
-#endif
+# endif
    assert(hash != NULL);

    if (table && !reverse)
@ -499,14 +481,14 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
        BIO_printf(out, "%s\n", hash);
    return 1;

-err:
+ err:
    return 0;
-	}
+}
 #else

 int MAIN(int argc, char **argv)
-	{
+{
    fputs("Program not available.\n", stderr)
        OPENSSL_EXIT(1);
-	}
+}
 #endif
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@ -71,7 +71,8 @@
 #undef PROG
 #define PROG    pkcs7_main

-/* -inform arg	- input format - default PEM (DER or PEM)
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -81,96 +82,92 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	PKCS7 *p7=NULL;
-	int i,badops=0;
-	BIO *in=NULL,*out=NULL;
-	int informat,outformat;
-	char *infile,*outfile,*prog;
-	int print_certs=0,text=0,noout=0,p7_print=0;
-	int ret=1;
+{
+    PKCS7 *p7 = NULL;
+    int i, badops = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat;
+    char *infile, *outfile, *prog;
+    int print_certs = 0, text = 0, noout = 0, p7_print = 0;
+    int ret = 1;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-print") == 0)
-			p7_print=1;
-		else if (strcmp(*argv,"-print_certs") == 0)
-			print_certs=1;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-print") == 0)
+            p7_print = 1;
+        else if (strcmp(*argv, "-print_certs") == 0)
+            print_certs = 1;
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
 #endif
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+        else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - DER or PEM\n");
-		BIO_printf(bio_err," -outform arg  output format - DER or PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file\n");
-		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
-		BIO_printf(bio_err," -text         print full details of certificates\n");
-		BIO_printf(bio_err," -noout        don't output encoded data\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg  output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err,
+                   " -print_certs  print any certs or crl in the input\n");
+        BIO_printf(bio_err,
+                   " -text         print full details of certificates\n");
+        BIO_printf(bio_err, " -noout        don't output encoded data\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
 #endif
        ret = 1;
        goto end;
@ -182,56 +179,47 @@ bad:
    setup_engine(bio_err, engine, 0);
 #endif

-	in=BIO_new(BIO_s_file());
-	out=BIO_new(BIO_s_file());
-	if ((in == NULL) || (out == NULL))
-		{
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-		if (in == NULL)
-			{
-			perror(infile);
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            BIO_printf(bio_err, "unable to load input file\n");
+            ERR_print_errors(bio_err);
            goto end;
        }
    }

    if (informat == FORMAT_ASN1)
-		p7=d2i_PKCS7_bio(in,NULL);
+        p7 = d2i_PKCS7_bio(in, NULL);
    else if (informat == FORMAT_PEM)
-		p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
-	else
-		{
-		BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
+        p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
        goto end;
    }
-	if (p7 == NULL)
-		{
-		BIO_printf(bio_err,"unable to load PKCS7 object\n");
+    if (p7 == NULL) {
+        BIO_printf(bio_err, "unable to load PKCS7 object\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
 #endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
@ -240,81 +228,85 @@ bad:
    if (p7_print)
        PKCS7_print_ctx(out, p7, 0, NULL);

-	if (print_certs)
-		{
-		STACK_OF(X509) *certs=NULL;
-		STACK_OF(X509_CRL) *crls=NULL;
+    if (print_certs) {
+        STACK_OF(X509) *certs = NULL;
+        STACK_OF(X509_CRL) *crls = NULL;

-		i=OBJ_obj2nid(p7->type);
-		switch (i)
-			{
+        i = OBJ_obj2nid(p7->type);
+        switch (i) {
        case NID_pkcs7_signed:
-			certs=p7->d.sign->cert;
-			crls=p7->d.sign->crl;
+            if (p7->d.sign != NULL) {
+                certs = p7->d.sign->cert;
+                crls = p7->d.sign->crl;
+            }
            break;
        case NID_pkcs7_signedAndEnveloped:
-			certs=p7->d.signed_and_enveloped->cert;
-			crls=p7->d.signed_and_enveloped->crl;
+            if (p7->d.signed_and_enveloped != NULL) {
+                certs = p7->d.signed_and_enveloped->cert;
+                crls = p7->d.signed_and_enveloped->crl;
+            }
            break;
        default:
            break;
        }

-		if (certs != NULL)
-			{
+        if (certs != NULL) {
            X509 *x;

-			for (i=0; i<sk_X509_num(certs); i++)
-				{
-				x=sk_X509_value(certs,i);
-				if(text) X509_print(out, x);
-				else dump_cert_text(out, x);
+            for (i = 0; i < sk_X509_num(certs); i++) {
+                x = sk_X509_value(certs, i);
+                if (text)
+                    X509_print(out, x);
+                else
+                    dump_cert_text(out, x);

-				if(!noout) PEM_write_bio_X509(out,x);
-				BIO_puts(out,"\n");
+                if (!noout)
+                    PEM_write_bio_X509(out, x);
+                BIO_puts(out, "\n");
            }
        }
-		if (crls != NULL)
-			{
+        if (crls != NULL) {
            X509_CRL *crl;

-			for (i=0; i<sk_X509_CRL_num(crls); i++)
-				{
-				crl=sk_X509_CRL_value(crls,i);
+            for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+                crl = sk_X509_CRL_value(crls, i);

                X509_CRL_print(out, crl);

-				if(!noout)PEM_write_bio_X509_CRL(out,crl);
-				BIO_puts(out,"\n");
+                if (!noout)
+                    PEM_write_bio_X509_CRL(out, crl);
+                BIO_puts(out, "\n");
            }
        }

-		ret=0;
+        ret = 0;
        goto end;
    }

-	if(!noout) {
+    if (!noout) {
        if (outformat == FORMAT_ASN1)
-			i=i2d_PKCS7_bio(out,p7);
+            i = i2d_PKCS7_bio(out, p7);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_PKCS7(out,p7);
+            i = PEM_write_bio_PKCS7(out, p7);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }

-		if (!i)
-			{
-			BIO_printf(bio_err,"unable to write pkcs7 object\n");
+        if (!i) {
+            BIO_printf(bio_err, "unable to write pkcs7 object\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	ret=0;
-end:
-	if (p7 != NULL) PKCS7_free(p7);
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+    ret = 0;
+ end:
+    if (p7 != NULL)
+        PKCS7_free(p7);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@ -1,6 +1,7 @@
 /* pkcs8.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999-2004.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999-2004.
 */
 /* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
@ -68,7 +69,7 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
    char **args, *infile = NULL, *outfile = NULL;
    char *passargin = NULL, *passargout = NULL;
@ -82,159 +83,141 @@ int MAIN(int argc, char **argv)
    int nocrypt = 0;
    X509_SIG *p8 = NULL;
    PKCS8_PRIV_KEY_INFO *p8inf = NULL;
-	EVP_PKEY *pkey=NULL;
+    EVP_PKEY *pkey = NULL;
    char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
    int badarg = 0;
    int ret = 1;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;

-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-v2"))
-			{
-			if (args[1])
-				{
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-v2")) {
+            if (args[1]) {
                args++;
-				cipher=EVP_get_cipherbyname(*args);
-				if (!cipher)
-					{
-					BIO_printf(bio_err,
-						 "Unknown cipher %s\n", *args);
+                cipher = EVP_get_cipherbyname(*args);
+                if (!cipher) {
+                    BIO_printf(bio_err, "Unknown cipher %s\n", *args);
                    badarg = 1;
                }
-				}
-			else
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-v1")) {
+            if (args[1]) {
+                args++;
+                pbe_nid = OBJ_txt2nid(*args);
+                if (pbe_nid == NID_undef) {
+                    BIO_printf(bio_err, "Unknown PBE algorithm %s\n", *args);
                    badarg = 1;
                }
-		else if (!strcmp(*args,"-v1"))
-			{
-			if (args[1])
-				{
-				args++;
-				pbe_nid=OBJ_txt2nid(*args);
-				if (pbe_nid == NID_undef)
-					{
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
+            } else
                badarg = 1;
-					}
-				}
-			else
+        } else if (!strcmp(*args, "-inform")) {
+            if (args[1]) {
+                args++;
+                informat = str2fmt(*args);
+            } else
                badarg = 1;
-			}
-		else if (!strcmp(*args,"-inform"))
-			{
-			if (args[1])
-				{
+        } else if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
                args++;
-				informat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
-				args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-topk8"))
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-topk8"))
            topk8 = 1;
-		else if (!strcmp (*args, "-noiter"))
+        else if (!strcmp(*args, "-noiter"))
            iter = 1;
-		else if (!strcmp (*args, "-nocrypt"))
+        else if (!strcmp(*args, "-nocrypt"))
            nocrypt = 1;
-		else if (!strcmp (*args, "-nooct"))
+        else if (!strcmp(*args, "-nooct"))
            p8_broken = PKCS8_NO_OCTET;
-		else if (!strcmp (*args, "-nsdb"))
+        else if (!strcmp(*args, "-nsdb"))
            p8_broken = PKCS8_NS_DB;
-		else if (!strcmp (*args, "-embed"))
+        else if (!strcmp(*args, "-embed"))
            p8_broken = PKCS8_EMBEDDED_PARAM;
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1]) goto bad;
-			passargin= *(++args);
-			}
-		else if (!strcmp(*args,"-passout"))
-			{
-			if (!args[1]) goto bad;
-			passargout= *(++args);
+        else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto bad;
+            passargin = *(++args);
+        } else if (!strcmp(*args, "-passout")) {
+            if (!args[1])
+                goto bad;
+            passargout = *(++args);
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
        }
 #endif
-		else if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
+        else if (!strcmp(*args, "-in")) {
+            if (args[1]) {
                args++;
                infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
                args++;
                outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else badarg = 1;
+            } else
+                badarg = 1;
+        } else
+            badarg = 1;
        args++;
    }

-	if (badarg)
-		{
+    if (badarg) {
 bad:
        BIO_printf(bio_err, "Usage pkcs8 [options]\n");
        BIO_printf(bio_err, "where options are\n");
        BIO_printf(bio_err, "-in file        input file\n");
        BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-passin arg     input file pass phrase source\n");
        BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
        BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-passout arg    output file pass phrase source\n");
        BIO_printf(bio_err, "-topk8          output PKCS8 file\n");
-		BIO_printf(bio_err, "-nooct          use (nonstandard) no octet format\n");
-		BIO_printf(bio_err, "-embed          use (nonstandard) embedded DSA parameters format\n");
-		BIO_printf(bio_err, "-nsdb           use (nonstandard) DSA Netscape DB format\n");
+        BIO_printf(bio_err,
+                   "-nooct          use (nonstandard) no octet format\n");
+        BIO_printf(bio_err,
+                   "-embed          use (nonstandard) embedded DSA parameters format\n");
+        BIO_printf(bio_err,
+                   "-nsdb           use (nonstandard) DSA Netscape DB format\n");
        BIO_printf(bio_err, "-noiter         use 1 as iteration count\n");
-		BIO_printf(bio_err, "-nocrypt        use or expect unencrypted private key\n");
-		BIO_printf(bio_err, "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
-		BIO_printf(bio_err, "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
+        BIO_printf(bio_err,
+                   "-nocrypt        use or expect unencrypted private key\n");
+        BIO_printf(bio_err,
+                   "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
+        BIO_printf(bio_err,
+                   "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
 #endif
        goto end;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
 #endif

-	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
-		{
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }
@ -242,30 +225,21 @@ int MAIN(int argc, char **argv)
    if ((pbe_nid == -1) && !cipher)
        pbe_nid = NID_pbeWithMD5AndDES_CBC;

-	if (infile)
-		{
-		if (!(in = BIO_new_file(infile, "rb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open input file %s\n", infile);
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "rb"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
            goto end;
        }
-		}
-	else
-		in = BIO_new_fp (stdin, BIO_NOCLOSE);
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);

-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -273,45 +247,37 @@ int MAIN(int argc, char **argv)
        }
 #endif
    }
-	if (topk8)
-		{
-		pkey = load_key(bio_err, infile, informat, 1,
-			passin, e, "key");
+    if (topk8) {
+        pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
        if (!pkey)
            goto end;
-		if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
-			{
+        if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
            BIO_printf(bio_err, "Error converting key\n");
            ERR_print_errors(bio_err);
            goto end;
        }
-		if (nocrypt)
-			{
+        if (nocrypt) {
            if (outformat == FORMAT_PEM)
                PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
            else if (outformat == FORMAT_ASN1)
                i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
-			else
-				{
+            else {
                BIO_printf(bio_err, "Bad format specified for key\n");
                goto end;
            }
-			}
-		else
-			{
+        } else {
            if (passout)
                p8pass = passout;
-			else
-				{
+            else {
                p8pass = pass;
-				if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
+                if (EVP_read_pw_string
+                    (pass, sizeof pass, "Enter Encryption Password:", 1))
                    goto end;
            }
            app_RAND_load_file(NULL, bio_err, 0);
            if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
                                     p8pass, strlen(p8pass),
-					NULL, 0, iter, p8inf)))
-				{
+                                     NULL, 0, iter, p8inf))) {
                BIO_printf(bio_err, "Error encrypting key\n");
                ERR_print_errors(bio_err);
                goto end;
@ -321,8 +287,7 @@ int MAIN(int argc, char **argv)
                PEM_write_bio_PKCS8(out, p8);
            else if (outformat == FORMAT_ASN1)
                i2d_PKCS8_bio(out, p8);
-			else
-				{
+            else {
                BIO_printf(bio_err, "Bad format specified for key\n");
                goto end;
            }
@ -332,65 +297,54 @@ int MAIN(int argc, char **argv)
        goto end;
    }

-	if (nocrypt)
-		{
+    if (nocrypt) {
        if (informat == FORMAT_PEM)
-			p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
+            p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, NULL, NULL);
        else if (informat == FORMAT_ASN1)
            p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
-		else
-			{
+        else {
            BIO_printf(bio_err, "Bad format specified for key\n");
            goto end;
        }
-		}
-	else
-		{
+    } else {
        if (informat == FORMAT_PEM)
            p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
        else if (informat == FORMAT_ASN1)
            p8 = d2i_PKCS8_bio(in, NULL);
-		else
-			{
+        else {
            BIO_printf(bio_err, "Bad format specified for key\n");
            goto end;
        }

-		if (!p8)
-			{
-			BIO_printf (bio_err, "Error reading key\n");
+        if (!p8) {
+            BIO_printf(bio_err, "Error reading key\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        if (passin)
            p8pass = passin;
-		else
-			{
+        else {
            p8pass = pass;
            EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
        }
        p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
    }

-	if (!p8inf)
-		{
+    if (!p8inf) {
        BIO_printf(bio_err, "Error decrypting key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (!(pkey = EVP_PKCS82PKEY(p8inf)))
-		{
+    if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
        BIO_printf(bio_err, "Error converting key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (p8inf->broken)
-		{
+    if (p8inf->broken) {
        BIO_printf(bio_err, "Warning: broken key encoding: ");
-		switch (p8inf->broken)
-			{
+        switch (p8inf->broken) {
        case PKCS8_NO_OCTET:
            BIO_printf(bio_err, "No Octet String in PrivateKey\n");
            break;
@ -417,8 +371,7 @@ int MAIN(int argc, char **argv)
        PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
    else if (outformat == FORMAT_ASN1)
        i2d_PrivateKey_bio(out, pkey);
-	else
-		{
+    else {
        BIO_printf(bio_err, "Bad format specified for key\n");
        goto end;
    }
@ -436,4 +389,4 @@ int MAIN(int argc, char **argv)
        OPENSSL_free(passout);

    return ret;
-	}
+}
--- a/apps/pkey.c
+++ b/apps/pkey.c
@ -1,6 +1,7 @@
 /* apps/pkey.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
 */
 /* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
@ -67,7 +68,7 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
    char **args, *infile = NULL, *outfile = NULL;
    char *passargin = NULL, *passargout = NULL;
@ -75,150 +76,124 @@ int MAIN(int argc, char **argv)
    const EVP_CIPHER *cipher = NULL;
    int informat, outformat;
    int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
-	EVP_PKEY *pkey=NULL;
+    EVP_PKEY *pkey = NULL;
    char *passin = NULL, *passout = NULL;
    int badarg = 0;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif
    int ret = 1;

    if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;

-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp(*args,"-inform"))
-			{
-			if (args[1])
-				{
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-inform")) {
+            if (args[1]) {
                args++;
-				informat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-outform"))
-			{
-			if (args[1])
-				{
+                informat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
                args++;
-				outformat=str2fmt(*args);
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp(*args,"-passin"))
-			{
-			if (!args[1]) goto bad;
-			passargin= *(++args);
-			}
-		else if (!strcmp(*args,"-passout"))
-			{
-			if (!args[1]) goto bad;
-			passargout= *(++args);
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto bad;
+            passargin = *(++args);
+        } else if (!strcmp(*args, "-passout")) {
+            if (!args[1])
+                goto bad;
+            passargout = *(++args);
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
        }
 #endif
-		else if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
+        else if (!strcmp(*args, "-in")) {
+            if (args[1]) {
                args++;
                infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
                args++;
                outfile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (strcmp(*args,"-pubin") == 0)
-			{
-			pubin=1;
-			pubout=1;
-			pubtext=1;
-			}
-		else if (strcmp(*args,"-pubout") == 0)
-			pubout=1;
-		else if (strcmp(*args,"-text_pub") == 0)
-			{
-			pubtext=1;
-			text=1;
-			}
-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else if (strcmp(*args,"-noout") == 0)
-			noout=1;
-		else
-			{
+            } else
+                badarg = 1;
+        } else if (strcmp(*args, "-pubin") == 0) {
+            pubin = 1;
+            pubout = 1;
+            pubtext = 1;
+        } else if (strcmp(*args, "-pubout") == 0)
+            pubout = 1;
+        else if (strcmp(*args, "-text_pub") == 0) {
+            pubtext = 1;
+            text = 1;
+        } else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else if (strcmp(*args, "-noout") == 0)
+            noout = 1;
+        else {
            cipher = EVP_get_cipherbyname(*args + 1);
-			if (!cipher)
-				{
-				BIO_printf(bio_err, "Unknown cipher %s\n",
-								*args + 1);
+            if (!cipher) {
+                BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
                badarg = 1;
            }
        }
        args++;
    }

-	if (badarg)
-		{
+    if (badarg) {
 bad:
        BIO_printf(bio_err, "Usage pkey [options]\n");
        BIO_printf(bio_err, "where options are\n");
        BIO_printf(bio_err, "-in file        input file\n");
        BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-passin arg     input file pass phrase source\n");
        BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
        BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-passout arg    output file pass phrase source\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
 #endif
        return 1;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
 #endif

-	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
-		{
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "wb")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -231,38 +206,30 @@ int MAIN(int argc, char **argv)
        pkey = load_pubkey(bio_err, infile, informat, 1,
                           passin, e, "Public Key");
    else
-		pkey = load_key(bio_err, infile, informat, 1,
-			passin, e, "key");
+        pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
    if (!pkey)
        goto end;

-	if (!noout)
-		{
-		if (outformat == FORMAT_PEM) 
-			{
+    if (!noout) {
+        if (outformat == FORMAT_PEM) {
            if (pubout)
-				PEM_write_bio_PUBKEY(out,pkey);
+                PEM_write_bio_PUBKEY(out, pkey);
            else
                PEM_write_bio_PrivateKey(out, pkey, cipher,
                                         NULL, 0, NULL, passout);
-			}
-		else if (outformat == FORMAT_ASN1)
-			{
+        } else if (outformat == FORMAT_ASN1) {
            if (pubout)
                i2d_PUBKEY_bio(out, pkey);
            else
                i2d_PrivateKey_bio(out, pkey);
-			}
-		else
-			{
+        } else {
            BIO_printf(bio_err, "Bad format specified for key\n");
            goto end;
        }

    }

-	if (text)
-		{
+    if (text) {
        if (pubtext)
            EVP_PKEY_print_public(out, pkey, 0, NULL);
        else
@ -281,4 +248,4 @@ int MAIN(int argc, char **argv)
        OPENSSL_free(passout);

    return ret;
-	}
+}
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@ -1,6 +1,7 @@
 /* apps/pkeyparam.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
 */
 /* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
@ -67,19 +68,19 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    char **args, *infile = NULL, *outfile = NULL;
    BIO *in = NULL, *out = NULL;
    int text = 0, noout = 0;
-	EVP_PKEY *pkey=NULL;
+    EVP_PKEY *pkey = NULL;
    int badarg = 0;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif
    int ret = 1;

    if (bio_err == NULL)
-		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;
@ -87,43 +88,36 @@ int MAIN(int argc, char **argv)
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    args = argv + 1;
-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp (*args, "-in"))
-			{
-			if (args[1])
-				{
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-in")) {
+            if (args[1]) {
                args++;
                infile = *args;
-				}
-			else badarg = 1;
-			}
-		else if (!strcmp (*args, "-out"))
-			{
-			if (args[1])
-				{
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
                args++;
                outfile = *args;
-				}
-			else badarg = 1;
+            } else
+                badarg = 1;
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*args,"-engine") == 0)
-			{
-			if (!args[1]) goto bad;
-			engine= *(++args);
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
        }
 #endif

-		else if (strcmp(*args,"-text") == 0)
-			text=1;
-		else if (strcmp(*args,"-noout") == 0)
-			noout=1;
+        else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else if (strcmp(*args, "-noout") == 0)
+            noout = 1;
        args++;
    }

-	if (badarg)
-		{
+    if (badarg) {
 #ifndef OPENSSL_NO_ENGINE
 bad:
 #endif
@ -132,41 +126,33 @@ int MAIN(int argc, char **argv)
        BIO_printf(bio_err, "-in file        input file\n");
        BIO_printf(bio_err, "-out file       output file\n");
        BIO_printf(bio_err, "-text           print parameters as text\n");
-		BIO_printf(bio_err, "-noout          don't output encoded parameters\n");
+        BIO_printf(bio_err,
+                   "-noout          don't output encoded parameters\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
 #endif
        return 1;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
 #endif

-	if (infile)
-		{
-		if (!(in = BIO_new_file (infile, "r")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open input file %s\n", infile);
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "r"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
            goto end;
        }
-		}
-	else
-		in = BIO_new_fp (stdin, BIO_NOCLOSE);
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);

-	if (outfile)
-		{
-		if (!(out = BIO_new_file (outfile, "w")))
-			{
-			BIO_printf(bio_err,
-				 "Can't open output file %s\n", outfile);
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "w"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
-		}
-	else
-		{
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -176,15 +162,14 @@ int MAIN(int argc, char **argv)
    }

    pkey = PEM_read_bio_Parameters(in, NULL);
-	if (!pkey)
-		{
+    if (!pkey) {
        BIO_printf(bio_err, "Error reading parameters\n");
        ERR_print_errors(bio_err);
        goto end;
    }

    if (!noout)
-		PEM_write_bio_Parameters(out,pkey);
+        PEM_write_bio_Parameters(out, pkey);

    if (text)
        EVP_PKEY_print_params(out, pkey, 0, NULL);
@ -197,4 +182,4 @@ int MAIN(int argc, char **argv)
    BIO_free(in);

    return ret;
-	}
+}
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@ -1,5 +1,6 @@
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
 */
 /* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
@ -55,7 +56,6 @@
 *
 */

-
 #include "apps.h"
 #include <string.h>
 #include <openssl/err.h>
@ -107,121 +107,108 @@ int MAIN(int argc, char **argv)
    argc--;
    argv++;

-	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();

-	while(argc >= 1)
-		{
-		if (!strcmp(*argv,"-in"))
-			{
-			if (--argc < 1) badarg = 1;
-                        else infile= *(++argv);
-			}
-		else if (!strcmp(*argv,"-out"))
-			{
-			if (--argc < 1) badarg = 1;
-			else outfile= *(++argv);
-			}
-		else if (!strcmp(*argv,"-sigfile"))
-			{
-			if (--argc < 1) badarg = 1;
-			else sigfile= *(++argv);
-			}
-		else if(!strcmp(*argv, "-inkey"))
-			{
+    while (argc >= 1) {
+        if (!strcmp(*argv, "-in")) {
            if (--argc < 1)
                badarg = 1;
            else
-				{
+                infile = *(++argv);
+        } else if (!strcmp(*argv, "-out")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                outfile = *(++argv);
+        } else if (!strcmp(*argv, "-sigfile")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                sigfile = *(++argv);
+        } else if (!strcmp(*argv, "-inkey")) {
+            if (--argc < 1)
+                badarg = 1;
+            else {
                ctx = init_ctx(&keysize,
                               *(++argv), keyform, key_type,
                               passargin, pkey_op, e);
-				if (!ctx)
-					{
-					BIO_puts(bio_err,
-						"Error initializing context\n");
+                if (!ctx) {
+                    BIO_puts(bio_err, "Error initializing context\n");
                    ERR_print_errors(bio_err);
                    badarg = 1;
                }
            }
-			}
-		else if (!strcmp(*argv,"-peerkey"))
-			{
+        } else if (!strcmp(*argv, "-peerkey")) {
            if (--argc < 1)
                badarg = 1;
            else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
                badarg = 1;
-			}
-		else if (!strcmp(*argv,"-passin"))
-			{
-			if (--argc < 1) badarg = 1;
-			else passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-peerform") == 0)
-			{
-			if (--argc < 1) badarg = 1;
-			else peerform=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-keyform") == 0)
-			{
-			if (--argc < 1) badarg = 1;
-			else keyform=str2fmt(*(++argv));
+        } else if (!strcmp(*argv, "-passin")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                passargin = *(++argv);
+        } else if (strcmp(*argv, "-peerform") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                peerform = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                keyform = str2fmt(*(++argv));
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if(!strcmp(*argv, "-engine"))
-			{
+        else if (!strcmp(*argv, "-engine")) {
            if (--argc < 1)
                badarg = 1;
            else
                e = setup_engine(bio_err, *(++argv), 0);
        }
 #endif
-		else if(!strcmp(*argv, "-pubin"))
+        else if (!strcmp(*argv, "-pubin"))
            key_type = KEY_PUBKEY;
-		else if(!strcmp(*argv, "-certin"))
+        else if (!strcmp(*argv, "-certin"))
            key_type = KEY_CERT;
-		else if(!strcmp(*argv, "-asn1parse"))
+        else if (!strcmp(*argv, "-asn1parse"))
            asn1parse = 1;
-		else if(!strcmp(*argv, "-hexdump"))
+        else if (!strcmp(*argv, "-hexdump"))
            hexdump = 1;
-		else if(!strcmp(*argv, "-sign"))
+        else if (!strcmp(*argv, "-sign"))
            pkey_op = EVP_PKEY_OP_SIGN;
-		else if(!strcmp(*argv, "-verify"))
+        else if (!strcmp(*argv, "-verify"))
            pkey_op = EVP_PKEY_OP_VERIFY;
-		else if(!strcmp(*argv, "-verifyrecover"))
+        else if (!strcmp(*argv, "-verifyrecover"))
            pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
-		else if(!strcmp(*argv, "-rev"))
+        else if (!strcmp(*argv, "-rev"))
            rev = 1;
-		else if(!strcmp(*argv, "-encrypt"))
+        else if (!strcmp(*argv, "-encrypt"))
            pkey_op = EVP_PKEY_OP_ENCRYPT;
-		else if(!strcmp(*argv, "-decrypt"))
+        else if (!strcmp(*argv, "-decrypt"))
            pkey_op = EVP_PKEY_OP_DECRYPT;
-		else if(!strcmp(*argv, "-derive"))
+        else if (!strcmp(*argv, "-derive"))
            pkey_op = EVP_PKEY_OP_DERIVE;
-		else if (strcmp(*argv,"-pkeyopt") == 0)
-			{
+        else if (strcmp(*argv, "-pkeyopt") == 0) {
            if (--argc < 1)
                badarg = 1;
-			else if (!ctx)
-				{
-				BIO_puts(bio_err,
-					"-pkeyopt command before -inkey\n");
+            else if (!ctx) {
+                BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
                badarg = 1;
-				}
-			else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
-				{
+            } else if (pkey_ctrl_string(ctx, *(++argv)) <= 0) {
                BIO_puts(bio_err, "parameter setting error\n");
                ERR_print_errors(bio_err);
                goto end;
            }
-			}
-		else badarg = 1;
-		if(badarg)
-			{
+        } else
+            badarg = 1;
+        if (badarg) {
            usage();
            goto end;
        }
@ -229,20 +216,17 @@ int MAIN(int argc, char **argv)
        argv++;
    }

-	if (!ctx)
-		{
+    if (!ctx) {
        usage();
        goto end;
    }

-	if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
-		{
+    if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
        BIO_puts(bio_err, "Signature file specified for non verify\n");
        goto end;
    }

-	if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
-		{
+    if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
        BIO_puts(bio_err, "No signature file specified for verify\n");
        goto end;
    }
@ -250,33 +234,24 @@ int MAIN(int argc, char **argv)
 /* FIXME: seed PRNG only if needed */
    app_RAND_load_file(NULL, bio_err, 0);

-	if (pkey_op != EVP_PKEY_OP_DERIVE)
-		{
-		if(infile)
-			{
-			if(!(in = BIO_new_file(infile, "rb")))
-				{
-				BIO_puts(bio_err,
-					"Error Opening Input File\n");
+    if (pkey_op != EVP_PKEY_OP_DERIVE) {
+        if (infile) {
+            if (!(in = BIO_new_file(infile, "rb"))) {
+                BIO_puts(bio_err, "Error Opening Input File\n");
                ERR_print_errors(bio_err);
                goto end;
            }
-			}
-		else
+        } else
            in = BIO_new_fp(stdin, BIO_NOCLOSE);
    }

-	if(outfile)
-		{
-		if(!(out = BIO_new_file(outfile, "wb")))
-			{
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
            BIO_printf(bio_err, "Error Creating Output File\n");
            ERR_print_errors(bio_err);
            goto end;
        }
-		}
-	else
-		{
+    } else {
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
@ -286,40 +261,32 @@ int MAIN(int argc, char **argv)
 #endif
    }

-	if (sigfile)
-		{
+    if (sigfile) {
        BIO *sigbio = BIO_new_file(sigfile, "rb");
-		if (!sigbio)
-			{
-			BIO_printf(bio_err, "Can't open signature file %s\n",
-								sigfile);
+        if (!sigbio) {
+            BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
            goto end;
        }
        siglen = bio_to_mem(&sig, keysize * 10, sigbio);
        BIO_free(sigbio);
-		if (siglen <= 0)
-			{
+        if (siglen <= 0) {
            BIO_printf(bio_err, "Error reading signature data\n");
            goto end;
        }
    }

-	if (in)
-		{
+    if (in) {
        /* Read the input data */
        buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
-		if(buf_inlen <= 0)
-			{
+        if (buf_inlen <= 0) {
            BIO_printf(bio_err, "Error reading input Data\n");
            exit(1);
        }
-		if(rev)
-			{
+        if (rev) {
            size_t i;
            unsigned char ctmp;
            size_t l = (size_t)buf_inlen;
-			for(i = 0; i < l/2; i++)
-				{
+            for (i = 0; i < l / 2; i++) {
                ctmp = buf_in[i];
                buf_in[i] = buf_in[l - 1 - i];
                buf_in[l - 1 - i] = ctmp;
@ -327,8 +294,7 @@ int MAIN(int argc, char **argv)
        }
    }

-	if(pkey_op == EVP_PKEY_OP_VERIFY)
-		{
+    if (pkey_op == EVP_PKEY_OP_VERIFY) {
        rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
                             buf_in, (size_t)buf_inlen);
        if (rv == 0)
@ -337,13 +303,10 @@ int MAIN(int argc, char **argv)
            BIO_puts(out, "Signature Verified Successfully\n");
        if (rv >= 0)
            goto end;
-		}
-	else
-		{	
+    } else {
        rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
                      buf_in, (size_t)buf_inlen);
-		if (rv > 0)
-			{
+        if (rv > 0) {
            buf_out = OPENSSL_malloc(buf_outlen);
            if (!buf_out)
                rv = -1;
@ -354,19 +317,16 @@ int MAIN(int argc, char **argv)
        }
    }

-	if(rv <= 0)
-		{
+    if (rv <= 0) {
        BIO_printf(bio_err, "Public Key operation error\n");
        ERR_print_errors(bio_err);
        goto end;
    }
    ret = 0;
-	if(asn1parse)
-		{
-		if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
+    if (asn1parse) {
+        if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
            ERR_print_errors(bio_err);
-		}
-	else if(hexdump)
+    } else if (hexdump)
        BIO_dump(out, (char *)buf_out, buf_outlen);
    else
        BIO_write(out, buf_out, buf_outlen);
@ -390,21 +350,25 @@ static void usage()
    BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
    BIO_printf(bio_err, "-in file        input file\n");
    BIO_printf(bio_err, "-out file       output file\n");
-	BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n");
+    BIO_printf(bio_err,
+               "-sigfile file signature file (verify operation only)\n");
    BIO_printf(bio_err, "-inkey file     input key\n");
    BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
    BIO_printf(bio_err, "-pubin          input is a public key\n");
-	BIO_printf(bio_err, "-certin         input is a certificate carrying a public key\n");
+    BIO_printf(bio_err,
+               "-certin         input is a certificate carrying a public key\n");
    BIO_printf(bio_err, "-pkeyopt X:Y    public key options\n");
    BIO_printf(bio_err, "-sign           sign with private key\n");
    BIO_printf(bio_err, "-verify         verify with public key\n");
-	BIO_printf(bio_err, "-verifyrecover  verify with public key, recover original data\n");
+    BIO_printf(bio_err,
+               "-verifyrecover  verify with public key, recover original data\n");
    BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
    BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
    BIO_printf(bio_err, "-derive         derive shared secret\n");
    BIO_printf(bio_err, "-hexdump        hex dump output\n");
 #ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+    BIO_printf(bio_err,
+               "-engine e       use engine e, possibly a hardware device.\n");
 #endif
    BIO_printf(bio_err, "-passin arg     pass phrase source\n");

@ -413,26 +377,23 @@ static void usage()
 static EVP_PKEY_CTX *init_ctx(int *pkeysize,
                              char *keyfile, int keyform, int key_type,
                              char *passargin, int pkey_op, ENGINE *e)
-	{
+{
    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *ctx = NULL;
    char *passin = NULL;
    int rv = -1;
    X509 *x;
-	if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT) 
+    if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
         || (pkey_op == EVP_PKEY_OP_DERIVE))
-		&& (key_type != KEY_PRIVKEY))
-		{
+        && (key_type != KEY_PRIVKEY)) {
        BIO_printf(bio_err, "A private key is needed for this operation\n");
        goto end;
    }
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }
-	switch(key_type)
-		{
+    switch (key_type) {
    case KEY_PRIVKEY:
        pkey = load_key(bio_err, keyfile, keyform, 0,
                        passin, e, "Private Key");
@ -444,10 +405,8 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
        break;

    case KEY_CERT:
-		x = load_cert(bio_err, keyfile, keyform,
-			NULL, e, "Certificate");
-		if(x)
-			{
+        x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
+        if (x) {
            pkey = X509_get_pubkey(x);
            X509_free(x);
        }
@ -467,8 +426,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
    if (!ctx)
        goto end;

-	switch(pkey_op)
-		{
+    switch (pkey_op) {
    case EVP_PKEY_OP_SIGN:
        rv = EVP_PKEY_sign_init(ctx);
        break;
@ -494,8 +452,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
        break;
    }

-	if (rv <= 0)
-		{
+    if (rv <= 0) {
        EVP_PKEY_CTX_free(ctx);
        ctx = NULL;
    }
@ -507,24 +464,21 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,

    return ctx;

-
-	}
+}

 static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
                      const char *file)
-	{
+{
    EVP_PKEY *peer = NULL;
    int ret;
-	if (!ctx)
-		{
+    if (!ctx) {
        BIO_puts(err, "-peerkey command before -inkey\n");
        return 0;
    }

    peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");

-	if (!peer)
-		{
+    if (!peer) {
        BIO_printf(bio_err, "Error reading peer key %s\n", file);
        ERR_print_errors(err);
        return 0;
@ -536,15 +490,14 @@ static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
    if (ret <= 0)
        ERR_print_errors(err);
    return ret;
-	}
+}

 static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
                    unsigned char *out, size_t *poutlen,
                    unsigned char *in, size_t inlen)
-	{
+{
    int rv = 0;
-	switch(pkey_op)
-		{
+    switch (pkey_op) {
    case EVP_PKEY_OP_VERIFYRECOVER:
        rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
        break;
@ -567,4 +520,4 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,

    }
    return rv;
-	}
+}
--- a/apps/prime.c
+++ b/apps/prime.c
@ -52,66 +52,61 @@
 #include "apps.h"
 #include <openssl/bn.h>

-
 #undef PROG
 #define PROG prime_main

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-    {
-    int hex=0;
-    int checks=20;
-    int generate=0;
-    int bits=0;
-    int safe=0;
-    BIGNUM *bn=NULL;
+{
+    int hex = 0;
+    int checks = 20;
+    int generate = 0;
+    int bits = 0;
+    int safe = 0;
+    BIGNUM *bn = NULL;
    BIO *bio_out;

    apps_startup();

    if (bio_err == NULL)
-	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-	    BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    --argc;
    ++argv;
-    while (argc >= 1 && **argv == '-')
-	{
-	if(!strcmp(*argv,"-hex"))
-	    hex=1;
-	else if(!strcmp(*argv,"-generate"))
-	    generate=1;
-	else if(!strcmp(*argv,"-bits"))
-	    if(--argc < 1)
+    while (argc >= 1 && **argv == '-') {
+        if (!strcmp(*argv, "-hex"))
+            hex = 1;
+        else if (!strcmp(*argv, "-generate"))
+            generate = 1;
+        else if (!strcmp(*argv, "-bits"))
+            if (--argc < 1)
                goto bad;
            else
-		bits=atoi(*++argv);
-	else if(!strcmp(*argv,"-safe"))
-	    safe=1;
-	else if(!strcmp(*argv,"-checks"))
-	    if(--argc < 1)
+                bits = atoi(*++argv);
+        else if (!strcmp(*argv, "-safe"))
+            safe = 1;
+        else if (!strcmp(*argv, "-checks"))
+            if (--argc < 1)
                goto bad;
            else
-		checks=atoi(*++argv);
-	else
-	    {
-	    BIO_printf(bio_err,"Unknown option '%s'\n",*argv);
+                checks = atoi(*++argv);
+        else {
+            BIO_printf(bio_err, "Unknown option '%s'\n", *argv);
            goto bad;
        }
        --argc;
        ++argv;
    }

-    if (argv[0] == NULL && !generate)
-	{
-	BIO_printf(bio_err,"No prime specified\n");
+    if (argv[0] == NULL && !generate) {
+        BIO_printf(bio_err, "No prime specified\n");
        goto bad;
    }

-    if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-	{
-	BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+    if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
+        BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@ -120,31 +115,27 @@ int MAIN(int argc, char **argv)
 #endif
    }

-    if(generate)
-	{
+    if (generate) {
        char *s;

-	if(!bits)
-	    {
-	    BIO_printf(bio_err,"Specifiy the number of bits.\n");
+        if (!bits) {
+            BIO_printf(bio_err, "Specifiy the number of bits.\n");
            return 1;
        }
-	bn=BN_new();
-	BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL);
-	s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
-	BIO_printf(bio_out,"%s\n",s);
+        bn = BN_new();
+        BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
+        s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
+        BIO_printf(bio_out, "%s\n", s);
        OPENSSL_free(s);
-	}
+    } else {
+        if (hex)
+            BN_hex2bn(&bn, argv[0]);
        else
-	{
-	if(hex)
-	    BN_hex2bn(&bn,argv[0]);
-	else
-	    BN_dec2bn(&bn,argv[0]);
+            BN_dec2bn(&bn, argv[0]);

-	BN_print(bio_out,bn);
-	BIO_printf(bio_out," is %sprime\n",
-		   BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not ");
+        BN_print(bio_out, bn);
+        BIO_printf(bio_out, " is %sprime\n",
+                   BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
    }

    BN_free(bn);
@ -153,8 +144,8 @@ int MAIN(int argc, char **argv)
    return 0;

 bad:
-    BIO_printf(bio_err,"options are\n");
-    BIO_printf(bio_err,"%-14s hex\n","-hex");
-    BIO_printf(bio_err,"%-14s number of checks\n","-checks <n>");
+    BIO_printf(bio_err, "options are\n");
+    BIO_printf(bio_err, "%-14s hex\n", "-hex");
+    BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
    return 1;
-    }
+}
--- a/apps/progs.h
+++ b/apps/progs.h
@ -1,52 +1,52 @@
 /* apps/progs.h */
 /* automatically generated by progs.pl for openssl.c */

-extern int verify_main(int argc,char *argv[]);
-extern int asn1parse_main(int argc,char *argv[]);
-extern int req_main(int argc,char *argv[]);
-extern int dgst_main(int argc,char *argv[]);
-extern int dh_main(int argc,char *argv[]);
-extern int dhparam_main(int argc,char *argv[]);
-extern int enc_main(int argc,char *argv[]);
-extern int passwd_main(int argc,char *argv[]);
-extern int gendh_main(int argc,char *argv[]);
-extern int errstr_main(int argc,char *argv[]);
-extern int ca_main(int argc,char *argv[]);
-extern int crl_main(int argc,char *argv[]);
-extern int rsa_main(int argc,char *argv[]);
-extern int rsautl_main(int argc,char *argv[]);
-extern int dsa_main(int argc,char *argv[]);
-extern int dsaparam_main(int argc,char *argv[]);
-extern int ec_main(int argc,char *argv[]);
-extern int ecparam_main(int argc,char *argv[]);
-extern int x509_main(int argc,char *argv[]);
-extern int genrsa_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
-extern int genpkey_main(int argc,char *argv[]);
-extern int s_server_main(int argc,char *argv[]);
-extern int s_client_main(int argc,char *argv[]);
-extern int speed_main(int argc,char *argv[]);
-extern int s_time_main(int argc,char *argv[]);
-extern int version_main(int argc,char *argv[]);
-extern int pkcs7_main(int argc,char *argv[]);
-extern int cms_main(int argc,char *argv[]);
-extern int crl2pkcs7_main(int argc,char *argv[]);
-extern int sess_id_main(int argc,char *argv[]);
-extern int ciphers_main(int argc,char *argv[]);
-extern int nseq_main(int argc,char *argv[]);
-extern int pkcs12_main(int argc,char *argv[]);
-extern int pkcs8_main(int argc,char *argv[]);
-extern int pkey_main(int argc,char *argv[]);
-extern int pkeyparam_main(int argc,char *argv[]);
-extern int pkeyutl_main(int argc,char *argv[]);
-extern int spkac_main(int argc,char *argv[]);
-extern int smime_main(int argc,char *argv[]);
-extern int rand_main(int argc,char *argv[]);
-extern int engine_main(int argc,char *argv[]);
-extern int ocsp_main(int argc,char *argv[]);
-extern int prime_main(int argc,char *argv[]);
-extern int ts_main(int argc,char *argv[]);
-extern int srp_main(int argc,char *argv[]);
+extern int verify_main(int argc, char *argv[]);
+extern int asn1parse_main(int argc, char *argv[]);
+extern int req_main(int argc, char *argv[]);
+extern int dgst_main(int argc, char *argv[]);
+extern int dh_main(int argc, char *argv[]);
+extern int dhparam_main(int argc, char *argv[]);
+extern int enc_main(int argc, char *argv[]);
+extern int passwd_main(int argc, char *argv[]);
+extern int gendh_main(int argc, char *argv[]);
+extern int errstr_main(int argc, char *argv[]);
+extern int ca_main(int argc, char *argv[]);
+extern int crl_main(int argc, char *argv[]);
+extern int rsa_main(int argc, char *argv[]);
+extern int rsautl_main(int argc, char *argv[]);
+extern int dsa_main(int argc, char *argv[]);
+extern int dsaparam_main(int argc, char *argv[]);
+extern int ec_main(int argc, char *argv[]);
+extern int ecparam_main(int argc, char *argv[]);
+extern int x509_main(int argc, char *argv[]);
+extern int genrsa_main(int argc, char *argv[]);
+extern int gendsa_main(int argc, char *argv[]);
+extern int genpkey_main(int argc, char *argv[]);
+extern int s_server_main(int argc, char *argv[]);
+extern int s_client_main(int argc, char *argv[]);
+extern int speed_main(int argc, char *argv[]);
+extern int s_time_main(int argc, char *argv[]);
+extern int version_main(int argc, char *argv[]);
+extern int pkcs7_main(int argc, char *argv[]);
+extern int cms_main(int argc, char *argv[]);
+extern int crl2pkcs7_main(int argc, char *argv[]);
+extern int sess_id_main(int argc, char *argv[]);
+extern int ciphers_main(int argc, char *argv[]);
+extern int nseq_main(int argc, char *argv[]);
+extern int pkcs12_main(int argc, char *argv[]);
+extern int pkcs8_main(int argc, char *argv[]);
+extern int pkey_main(int argc, char *argv[]);
+extern int pkeyparam_main(int argc, char *argv[]);
+extern int pkeyutl_main(int argc, char *argv[]);
+extern int spkac_main(int argc, char *argv[]);
+extern int smime_main(int argc, char *argv[]);
+extern int rand_main(int argc, char *argv[]);
+extern int engine_main(int argc, char *argv[]);
+extern int ocsp_main(int argc, char *argv[]);
+extern int prime_main(int argc, char *argv[]);
+extern int ts_main(int argc, char *argv[]);
+extern int srp_main(int argc, char *argv[]);

 #define FUNC_TYPE_GENERAL       1
 #define FUNC_TYPE_MD            2
@ -58,309 +58,309 @@ extern int srp_main(int argc,char *argv[]);
 typedef struct {
    int type;
    const char *name;
-	int (*func)(int argc,char *argv[]);
-	} FUNCTION;
+    int (*func) (int argc, char *argv[]);
+} FUNCTION;
 DECLARE_LHASH_OF(FUNCTION);

 FUNCTION functions[] = {
-	{FUNC_TYPE_GENERAL,"verify",verify_main},
-	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
-	{FUNC_TYPE_GENERAL,"req",req_main},
-	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
+    {FUNC_TYPE_GENERAL, "verify", verify_main},
+    {FUNC_TYPE_GENERAL, "asn1parse", asn1parse_main},
+    {FUNC_TYPE_GENERAL, "req", req_main},
+    {FUNC_TYPE_GENERAL, "dgst", dgst_main},
 #ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dh",dh_main},
+    {FUNC_TYPE_GENERAL, "dh", dh_main},
 #endif
 #ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
+    {FUNC_TYPE_GENERAL, "dhparam", dhparam_main},
 #endif
-	{FUNC_TYPE_GENERAL,"enc",enc_main},
-	{FUNC_TYPE_GENERAL,"passwd",passwd_main},
+    {FUNC_TYPE_GENERAL, "enc", enc_main},
+    {FUNC_TYPE_GENERAL, "passwd", passwd_main},
 #ifndef OPENSSL_NO_DH
-	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
+    {FUNC_TYPE_GENERAL, "gendh", gendh_main},
 #endif
-	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
-	{FUNC_TYPE_GENERAL,"ca",ca_main},
-	{FUNC_TYPE_GENERAL,"crl",crl_main},
+    {FUNC_TYPE_GENERAL, "errstr", errstr_main},
+    {FUNC_TYPE_GENERAL, "ca", ca_main},
+    {FUNC_TYPE_GENERAL, "crl", crl_main},
 #ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
+    {FUNC_TYPE_GENERAL, "rsa", rsa_main},
 #endif
 #ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
+    {FUNC_TYPE_GENERAL, "rsautl", rsautl_main},
 #endif
 #ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsa",dsa_main},
+    {FUNC_TYPE_GENERAL, "dsa", dsa_main},
 #endif
 #ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
+    {FUNC_TYPE_GENERAL, "dsaparam", dsaparam_main},
 #endif
 #ifndef OPENSSL_NO_EC
-	{FUNC_TYPE_GENERAL,"ec",ec_main},
+    {FUNC_TYPE_GENERAL, "ec", ec_main},
 #endif
 #ifndef OPENSSL_NO_EC
-	{FUNC_TYPE_GENERAL,"ecparam",ecparam_main},
+    {FUNC_TYPE_GENERAL, "ecparam", ecparam_main},
 #endif
-	{FUNC_TYPE_GENERAL,"x509",x509_main},
+    {FUNC_TYPE_GENERAL, "x509", x509_main},
 #ifndef OPENSSL_NO_RSA
-	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
+    {FUNC_TYPE_GENERAL, "genrsa", genrsa_main},
 #endif
 #ifndef OPENSSL_NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
+    {FUNC_TYPE_GENERAL, "gendsa", gendsa_main},
 #endif
-	{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
+    {FUNC_TYPE_GENERAL, "genpkey", genpkey_main},
 #if !defined(OPENSSL_NO_SOCK)
-	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
+    {FUNC_TYPE_GENERAL, "s_server", s_server_main},
 #endif
 #if !defined(OPENSSL_NO_SOCK)
-	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
+    {FUNC_TYPE_GENERAL, "s_client", s_client_main},
 #endif
 #ifndef OPENSSL_NO_SPEED
-	{FUNC_TYPE_GENERAL,"speed",speed_main},
+    {FUNC_TYPE_GENERAL, "speed", speed_main},
 #endif
 #if !defined(OPENSSL_NO_SOCK)
-	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
+    {FUNC_TYPE_GENERAL, "s_time", s_time_main},
 #endif
-	{FUNC_TYPE_GENERAL,"version",version_main},
-	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
+    {FUNC_TYPE_GENERAL, "version", version_main},
+    {FUNC_TYPE_GENERAL, "pkcs7", pkcs7_main},
 #ifndef OPENSSL_NO_CMS
-	{FUNC_TYPE_GENERAL,"cms",cms_main},
+    {FUNC_TYPE_GENERAL, "cms", cms_main},
 #endif
-	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
-	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
+    {FUNC_TYPE_GENERAL, "crl2pkcs7", crl2pkcs7_main},
+    {FUNC_TYPE_GENERAL, "sess_id", sess_id_main},
 #if !defined(OPENSSL_NO_SOCK)
-	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
+    {FUNC_TYPE_GENERAL, "ciphers", ciphers_main},
 #endif
-	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
+    {FUNC_TYPE_GENERAL, "nseq", nseq_main},
 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
+    {FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main},
 #endif
-	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
-	{FUNC_TYPE_GENERAL,"pkey",pkey_main},
-	{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
-	{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
-	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
-	{FUNC_TYPE_GENERAL,"smime",smime_main},
-	{FUNC_TYPE_GENERAL,"rand",rand_main},
+    {FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main},
+    {FUNC_TYPE_GENERAL, "pkey", pkey_main},
+    {FUNC_TYPE_GENERAL, "pkeyparam", pkeyparam_main},
+    {FUNC_TYPE_GENERAL, "pkeyutl", pkeyutl_main},
+    {FUNC_TYPE_GENERAL, "spkac", spkac_main},
+    {FUNC_TYPE_GENERAL, "smime", smime_main},
+    {FUNC_TYPE_GENERAL, "rand", rand_main},
 #ifndef OPENSSL_NO_ENGINE
-	{FUNC_TYPE_GENERAL,"engine",engine_main},
+    {FUNC_TYPE_GENERAL, "engine", engine_main},
 #endif
 #ifndef OPENSSL_NO_OCSP
-	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
+    {FUNC_TYPE_GENERAL, "ocsp", ocsp_main},
 #endif
-	{FUNC_TYPE_GENERAL,"prime",prime_main},
-	{FUNC_TYPE_GENERAL,"ts",ts_main},
+    {FUNC_TYPE_GENERAL, "prime", prime_main},
+    {FUNC_TYPE_GENERAL, "ts", ts_main},
 #ifndef OPENSSL_NO_SRP
-	{FUNC_TYPE_GENERAL,"srp",srp_main},
+    {FUNC_TYPE_GENERAL, "srp", srp_main},
 #endif
 #ifndef OPENSSL_NO_MD2
-	{FUNC_TYPE_MD,"md2",dgst_main},
+    {FUNC_TYPE_MD, "md2", dgst_main},
 #endif
 #ifndef OPENSSL_NO_MD4
-	{FUNC_TYPE_MD,"md4",dgst_main},
+    {FUNC_TYPE_MD, "md4", dgst_main},
 #endif
 #ifndef OPENSSL_NO_MD5
-	{FUNC_TYPE_MD,"md5",dgst_main},
+    {FUNC_TYPE_MD, "md5", dgst_main},
 #endif
 #ifndef OPENSSL_NO_SHA
-	{FUNC_TYPE_MD,"sha",dgst_main},
+    {FUNC_TYPE_MD, "sha", dgst_main},
 #endif
 #ifndef OPENSSL_NO_SHA1
-	{FUNC_TYPE_MD,"sha1",dgst_main},
+    {FUNC_TYPE_MD, "sha1", dgst_main},
 #endif
 #ifndef OPENSSL_NO_MDC2
-	{FUNC_TYPE_MD,"mdc2",dgst_main},
+    {FUNC_TYPE_MD, "mdc2", dgst_main},
 #endif
 #ifndef OPENSSL_NO_RMD160
-	{FUNC_TYPE_MD,"rmd160",dgst_main},
+    {FUNC_TYPE_MD, "rmd160", dgst_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-128-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-192-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-192-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-256-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_AES
-	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "aes-256-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-128-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-128-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-192-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-192-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-256-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-	{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "camellia-256-ecb", enc_main},
 #endif
-	{FUNC_TYPE_CIPHER,"base64",enc_main},
+    {FUNC_TYPE_CIPHER, "base64", enc_main},
 #ifdef ZLIB
-	{FUNC_TYPE_CIPHER,"zlib",enc_main},
+    {FUNC_TYPE_CIPHER, "zlib", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des",enc_main},
+    {FUNC_TYPE_CIPHER, "des", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des3",enc_main},
+    {FUNC_TYPE_CIPHER, "des3", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"desx",enc_main},
+    {FUNC_TYPE_CIPHER, "desx", enc_main},
 #endif
 #ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea",enc_main},
+    {FUNC_TYPE_CIPHER, "idea", enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed",enc_main},
+    {FUNC_TYPE_CIPHER, "seed", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4",enc_main},
+    {FUNC_TYPE_CIPHER, "rc4", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC4
-	{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
+    {FUNC_TYPE_CIPHER, "rc4-40", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2", enc_main},
 #endif
 #ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf",enc_main},
+    {FUNC_TYPE_CIPHER, "bf", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast",enc_main},
+    {FUNC_TYPE_CIPHER, "cast", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5",enc_main},
+    {FUNC_TYPE_CIPHER, "rc5", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede3", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "des-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede3-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede3-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_DES
-	{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "des-ede3-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "idea-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "idea-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "idea-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_IDEA
-	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "idea-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "seed-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "seed-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "seed-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
-	{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "seed-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-64-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
-	{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "rc2-40-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "bf-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "bf-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "bf-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_BF
-	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "bf-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "cast5-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "cast5-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "cast5-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "cast5-ofb", enc_main},
 #endif
 #ifndef OPENSSL_NO_CAST
-	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "cast-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+    {FUNC_TYPE_CIPHER, "rc5-cbc", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc5-ecb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc5-cfb", enc_main},
 #endif
 #ifndef OPENSSL_NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
+    {FUNC_TYPE_CIPHER, "rc5-ofb", enc_main},
 #endif
-	{0,NULL,NULL}
-	};
+    {0, NULL, NULL}
+};
--- a/apps/rand.c
+++ b/apps/rand.c
@ -66,7 +66,8 @@
 #undef PROG
 #define PROG rand_main

-/* -out file         - write to file
+/*-
+ * -out file         - write to file
 * -rand file:file   - PRNG seed files
 * -base64           - base64 encode output
 * -hex              - hex encode output
@ -76,7 +77,7 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    int i, r, ret = 1;
    int badopt;
    char *outfile = NULL;
@ -86,71 +87,58 @@ int MAIN(int argc, char **argv)
    BIO *out = NULL;
    int num = -1;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

    apps_startup();

    if (bio_err == NULL)
        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto err;

    badopt = 0;
    i = 0;
-	while (!badopt && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-out") == 0)
-			{
-			if ((argv[i+1] != NULL) && (outfile == NULL))
+    while (!badopt && argv[++i] != NULL) {
+        if (strcmp(argv[i], "-out") == 0) {
+            if ((argv[i + 1] != NULL) && (outfile == NULL))
                outfile = argv[++i];
            else
                badopt = 1;
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(argv[i], "-engine") == 0)
-			{
-			if ((argv[i+1] != NULL) && (engine == NULL))
+        else if (strcmp(argv[i], "-engine") == 0) {
+            if ((argv[i + 1] != NULL) && (engine == NULL))
                engine = argv[++i];
            else
                badopt = 1;
        }
 #endif
-		else if (strcmp(argv[i], "-rand") == 0)
-			{
-			if ((argv[i+1] != NULL) && (inrand == NULL))
+        else if (strcmp(argv[i], "-rand") == 0) {
+            if ((argv[i + 1] != NULL) && (inrand == NULL))
                inrand = argv[++i];
            else
                badopt = 1;
-			}
-		else if (strcmp(argv[i], "-base64") == 0)
-			{
+        } else if (strcmp(argv[i], "-base64") == 0) {
            if (!base64)
                base64 = 1;
            else
                badopt = 1;
-			}
-		else if (strcmp(argv[i], "-hex") == 0)
-			{
+        } else if (strcmp(argv[i], "-hex") == 0) {
            if (!hex)
                hex = 1;
            else
                badopt = 1;
-			}
-		else if (isdigit((unsigned char)argv[i][0]))
-			{
-			if (num < 0)
-				{
+        } else if (isdigit((unsigned char)argv[i][0])) {
+            if (num < 0) {
                r = sscanf(argv[i], "%d", &num);
                if (r == 0 || num < 0)
                    badopt = 1;
-				}
-			else
+            } else
                badopt = 1;
-			}
-		else
+        } else
            badopt = 1;
    }

@ -160,27 +148,27 @@ int MAIN(int argc, char **argv)
    if (num < 0)
        badopt = 1;

-	if (badopt) 
-		{
+    if (badopt) {
        BIO_printf(bio_err, "Usage: rand [options] num\n");
        BIO_printf(bio_err, "where options are\n");
        BIO_printf(bio_err, "-out file             - write to file\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, "-engine e             - use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e             - use engine e, possibly a hardware device.\n");
 #endif
-		BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n",
+                   LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
        BIO_printf(bio_err, "-base64               - base64 encode output\n");
        BIO_printf(bio_err, "-hex                  - hex encode output\n");
        goto err;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    setup_engine(bio_err, engine, 0);
 #endif

    app_RAND_load_file(NULL, bio_err, (inrand != NULL));
    if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                   app_RAND_load_files(inrand));

    out = BIO_new(BIO_s_file());
@ -188,8 +176,7 @@ int MAIN(int argc, char **argv)
        goto err;
    if (outfile != NULL)
        r = BIO_write_filename(out, outfile);
-	else
-		{
+    else {
        r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
 #ifdef OPENSSL_SYS_VMS
        {
@ -201,16 +188,14 @@ int MAIN(int argc, char **argv)
    if (r <= 0)
        goto err;

-	if (base64)
-		{
+    if (base64) {
        BIO *b64 = BIO_new(BIO_f_base64());
        if (b64 == NULL)
            goto err;
        out = BIO_push(b64, out);
    }

-	while (num > 0) 
-		{
+    while (num > 0) {
        unsigned char buf[4096];
        int chunk;

@ -222,8 +207,7 @@ int MAIN(int argc, char **argv)
            goto err;
        if (!hex)
            BIO_write(out, buf, chunk);
-		else
-			{
+        else {
            for (i = 0; i < chunk; i++)
                BIO_printf(out, "%02x", buf[i]);
        }
@ -236,10 +220,10 @@ int MAIN(int argc, char **argv)
    app_RAND_write_file(NULL, bio_err);
    ret = 0;

-err:
+ err:
    ERR_print_errors(bio_err);
    if (out)
        BIO_free_all(out);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
--- a/apps/req.c
+++ b/apps/req.c
--- a/apps/rsa.c
+++ b/apps/rsa.c
@ -58,23 +58,24 @@

 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_RSA
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/bn.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/rsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/bn.h>

-#undef PROG
-#define PROG	rsa_main
+# undef PROG
+# define PROG    rsa_main

-/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
+/*-
+ * -inform arg  - input format - default PEM (one of DER, NET or PEM)
 * -outform arg - output format - default PEM
 * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
@ -98,195 +99,195 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
-	int ret=1;
-	RSA *rsa=NULL;
-	int i,badops=0, sgckey=0;
-	const EVP_CIPHER *enc=NULL;
-	BIO *out=NULL;
-	int informat,outformat,text=0,check=0,noout=0;
+    int ret = 1;
+    RSA *rsa = NULL;
+    int i, badops = 0, sgckey = 0;
+    const EVP_CIPHER *enc = NULL;
+    BIO *out = NULL;
+    int informat, outformat, text = 0, check = 0, noout = 0;
    int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
+    char *infile, *outfile, *prog;
    char *passargin = NULL, *passargout = NULL;
    char *passin = NULL, *passout = NULL;
-#ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
-#endif
-	int modulus=0;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    int modulus = 0;

    int pvk_encr = 2;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

-	infile=NULL;
-	outfile=NULL;
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
        }
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-passout") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargout= *(++argv);
-			}
-#ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
-			}
-#endif
-		else if (strcmp(*argv,"-sgckey") == 0)
-			sgckey=1;
-		else if (strcmp(*argv,"-pubin") == 0)
-			pubin=1;
-		else if (strcmp(*argv,"-pubout") == 0)
-			pubout=1;
-		else if (strcmp(*argv,"-RSAPublicKey_in") == 0)
+# endif
+        else if (strcmp(*argv, "-sgckey") == 0)
+            sgckey = 1;
+        else if (strcmp(*argv, "-pubin") == 0)
+            pubin = 1;
+        else if (strcmp(*argv, "-pubout") == 0)
+            pubout = 1;
+        else if (strcmp(*argv, "-RSAPublicKey_in") == 0)
            pubin = 2;
-		else if (strcmp(*argv,"-RSAPublicKey_out") == 0)
+        else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
            pubout = 2;
-		else if (strcmp(*argv,"-pvk-strong") == 0)
-			pvk_encr=2;
-		else if (strcmp(*argv,"-pvk-weak") == 0)
-			pvk_encr=1;
-		else if (strcmp(*argv,"-pvk-none") == 0)
-			pvk_encr=0;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-text") == 0)
-			text=1;
-		else if (strcmp(*argv,"-modulus") == 0)
-			modulus=1;
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
-		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+        else if (strcmp(*argv, "-pvk-strong") == 0)
+            pvk_encr = 2;
+        else if (strcmp(*argv, "-pvk-weak") == 0)
+            pvk_encr = 1;
+        else if (strcmp(*argv, "-pvk-none") == 0)
+            pvk_encr = 0;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = 1;
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg     input format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -sgckey         Use IIS SGC key format\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
-		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
-		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_SEED
-		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
-#endif
-#ifndef OPENSSL_NO_AES
-		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
-		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
-#endif
-		BIO_printf(bio_err," -text           print the key in text\n");
-		BIO_printf(bio_err," -noout          don't print key out\n");
-		BIO_printf(bio_err," -modulus        print the RSA key modulus\n");
-		BIO_printf(bio_err," -check          verify key consistency\n");
-		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
-		BIO_printf(bio_err," -pubout         output a public key\n");
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
-#endif
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err,
+                   " -inform arg     input format - one of DER NET PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg    output format - one of DER NET PEM\n");
+        BIO_printf(bio_err, " -in arg         input file\n");
+        BIO_printf(bio_err, " -sgckey         Use IIS SGC key format\n");
+        BIO_printf(bio_err,
+                   " -passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, " -out arg        output file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   " -des            encrypt PEM output with cbc des\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt PEM output with cbc idea\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err,
+                   " -seed           encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err, " -text           print the key in text\n");
+        BIO_printf(bio_err, " -noout          don't print key out\n");
+        BIO_printf(bio_err, " -modulus        print the RSA key modulus\n");
+        BIO_printf(bio_err, " -check          verify key consistency\n");
+        BIO_printf(bio_err,
+                   " -pubin          expect a public key in input file\n");
+        BIO_printf(bio_err, " -pubout         output a public key\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
        goto end;
    }

    ERR_load_crypto_strings();

-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
-#endif
+# endif

-	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

-	if(check && pubin) {
+    if (check && pubin) {
        BIO_printf(bio_err, "Only private keys can be checked\n");
        goto end;
    }

-	out=BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());

    {
        EVP_PKEY *pkey;

-		if (pubin)
-			{
-			int tmpformat=-1;
-			if (pubin == 2)
-				{
+        if (pubin) {
+            int tmpformat = -1;
+            if (pubin == 2) {
                if (informat == FORMAT_PEM)
                    tmpformat = FORMAT_PEMRSA;
                else if (informat == FORMAT_ASN1)
                    tmpformat = FORMAT_ASN1RSA;
-				}
-			else if (informat == FORMAT_NETSCAPE && sgckey)
+            } else if (informat == FORMAT_NETSCAPE && sgckey)
                tmpformat = FORMAT_IISSGC;
            else
                tmpformat = informat;

            pkey = load_pubkey(bio_err, infile, tmpformat, 1,
                               passin, e, "Public Key");
-			}
-		else
+        } else
            pkey = load_key(bio_err, infile,
                            (informat == FORMAT_NETSCAPE && sgckey ?
                             FORMAT_IISSGC : informat), 1,
@ -297,119 +298,105 @@ bad:
        EVP_PKEY_free(pkey);
    }

-	if (rsa == NULL)
-		{
+    if (rsa == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile == NULL)
-		{
-		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
-		}
-	else
-		{
-		if (BIO_write_filename(out,outfile) <= 0)
-			{
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
            perror(outfile);
            goto end;
        }
    }

    if (text)
-		if (!RSA_print(out,rsa,0))
-			{
+        if (!RSA_print(out, rsa, 0)) {
            perror(outfile);
            ERR_print_errors(bio_err);
            goto end;
        }

-	if (modulus)
-		{
-		BIO_printf(out,"Modulus=");
-		BN_print(out,rsa->n);
-		BIO_printf(out,"\n");
+    if (modulus) {
+        BIO_printf(out, "Modulus=");
+        BN_print(out, rsa->n);
+        BIO_printf(out, "\n");
    }

-	if (check)
-		{
+    if (check) {
        int r = RSA_check_key(rsa);

        if (r == 1)
-			BIO_printf(out,"RSA key ok\n");
-		else if (r == 0)
-			{
+            BIO_printf(out, "RSA key ok\n");
+        else if (r == 0) {
            unsigned long err;

            while ((err = ERR_peek_error()) != 0 &&
                   ERR_GET_LIB(err) == ERR_LIB_RSA &&
                   ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
-				ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
-				{
-				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
+                   ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
+                BIO_printf(out, "RSA key error: %s\n",
+                           ERR_reason_error_string(err));
                ERR_get_error(); /* remove e from error stack */
            }
        }

-		if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
-			{
+        if (r == -1 || ERR_peek_error() != 0) { /* should happen only if r ==
+                                                 * -1 */
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if (noout)
-		{
+    if (noout) {
        ret = 0;
        goto end;
    }
-	BIO_printf(bio_err,"writing RSA key\n");
+    BIO_printf(bio_err, "writing RSA key\n");
    if (outformat == FORMAT_ASN1) {
-		if(pubout || pubin) 
-			{
+        if (pubout || pubin) {
            if (pubout == 2)
-				i=i2d_RSAPublicKey_bio(out,rsa);
+                i = i2d_RSAPublicKey_bio(out, rsa);
            else
-				i=i2d_RSA_PUBKEY_bio(out,rsa);
+                i = i2d_RSA_PUBKEY_bio(out, rsa);
+        } else
+            i = i2d_RSAPrivateKey_bio(out, rsa);
    }
-		else i=i2d_RSAPrivateKey_bio(out,rsa);
-	}
-#ifndef OPENSSL_NO_RC4
-	else if (outformat == FORMAT_NETSCAPE)
-		{
-		unsigned char *p,*pp;
+# ifndef OPENSSL_NO_RC4
+    else if (outformat == FORMAT_NETSCAPE) {
+        unsigned char *p, *pp;
        int size;

-		i=1;
-		size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
-		if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
-			{
-			BIO_printf(bio_err,"Memory allocation failure\n");
+        i = 1;
+        size = i2d_RSA_NET(rsa, NULL, NULL, sgckey);
+        if ((p = (unsigned char *)OPENSSL_malloc(size)) == NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
            goto end;
        }
-		pp=p;
-		i2d_RSA_NET(rsa,&p,NULL, sgckey);
-		BIO_write(out,(char *)pp,size);
+        pp = p;
+        i2d_RSA_NET(rsa, &p, NULL, sgckey);
+        BIO_write(out, (char *)pp, size);
        OPENSSL_free(pp);
    }
-#endif
+# endif
    else if (outformat == FORMAT_PEM) {
-		if(pubout || pubin)
-			{
+        if (pubout || pubin) {
            if (pubout == 2)
-		    		i=PEM_write_bio_RSAPublicKey(out,rsa);
+                i = PEM_write_bio_RSAPublicKey(out, rsa);
            else
-		    		i=PEM_write_bio_RSA_PUBKEY(out,rsa);
-			}
-		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
-						enc,NULL,0,NULL,passout);
-#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+                i = PEM_write_bio_RSA_PUBKEY(out, rsa);
+        } else
+            i = PEM_write_bio_RSAPrivateKey(out, rsa,
+                                            enc, NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
        EVP_PKEY *pk;
        pk = EVP_PKEY_new();
@ -421,30 +408,32 @@ bad:
        else
            i = i2b_PrivateKey_bio(out, pk);
        EVP_PKEY_free(pk);
-#endif
+# endif
    } else {
-		BIO_printf(bio_err,"bad output format specified for outfile\n");
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
        goto end;
    }
-	if (i <= 0)
-		{
-		BIO_printf(bio_err,"unable to write key\n");
+    if (i <= 0) {
+        BIO_printf(bio_err, "unable to write key\n");
        ERR_print_errors(bio_err);
-		}
-	else
-		ret=0;
-end:
-	if(out != NULL) BIO_free_all(out);
-	if(rsa != NULL) RSA_free(rsa);
-	if(passin) OPENSSL_free(passin);
-	if(passout) OPENSSL_free(passout);
+    } else
+        ret = 0;
+ end:
+    if (out != NULL)
+        BIO_free_all(out);
+    if (rsa != NULL)
+        RSA_free(rsa);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
 #else                           /* !OPENSSL_NO_RSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@ -1,6 +1,7 @@
 /* rsautl.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
 */
 /* ====================================================================
 * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
@ -59,26 +60,26 @@
 #include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_RSA

-#include "apps.h"
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/rsa.h>
+# include "apps.h"
+# include <string.h>
+# include <openssl/err.h>
+# include <openssl/pem.h>
+# include <openssl/rsa.h>

-#define RSA_SIGN 	1
-#define RSA_VERIFY 	2
-#define RSA_ENCRYPT 	3
-#define RSA_DECRYPT 	4
+# define RSA_SIGN        1
+# define RSA_VERIFY      2
+# define RSA_ENCRYPT     3
+# define RSA_DECRYPT     4

-#define KEY_PRIVKEY	1
-#define KEY_PUBKEY	2
-#define KEY_CERT	3
+# define KEY_PRIVKEY     1
+# define KEY_PUBKEY      2
+# define KEY_CERT        3

 static void usage(void);

-#undef PROG
+# undef PROG

-#define PROG rsautl_main
+# define PROG rsautl_main

 int MAIN(int argc, char **);

@ -87,9 +88,9 @@ int MAIN(int argc, char **argv)
    ENGINE *e = NULL;
    BIO *in = NULL, *out = NULL;
    char *infile = NULL, *outfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    char *engine = NULL;
-#endif
+# endif
    char *keyfile = NULL;
    char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
    int keyform = FORMAT_PEM;
@ -108,7 +109,8 @@ int MAIN(int argc, char **argv)
    argc--;
    argv++;

-	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;
@ -116,63 +118,72 @@ int MAIN(int argc, char **argv)
    OpenSSL_add_all_algorithms();
    pad = RSA_PKCS1_PADDING;

-	while(argc >= 1)
-	{
-		if (!strcmp(*argv,"-in")) {
+    while (argc >= 1) {
+        if (!strcmp(*argv, "-in")) {
            if (--argc < 1)
                badarg = 1;
            else
-				infile= *(++argv);
-		} else if (!strcmp(*argv,"-out")) {
+                infile = *(++argv);
+        } else if (!strcmp(*argv, "-out")) {
            if (--argc < 1)
                badarg = 1;
            else
-				outfile= *(++argv);
-		} else if(!strcmp(*argv, "-inkey")) {
+                outfile = *(++argv);
+        } else if (!strcmp(*argv, "-inkey")) {
            if (--argc < 1)
                badarg = 1;
            else
                keyfile = *(++argv);
-		} else if (!strcmp(*argv,"-passin")) {
+        } else if (!strcmp(*argv, "-passin")) {
            if (--argc < 1)
                badarg = 1;
            else
-				passargin= *(++argv);
-		} else if (strcmp(*argv,"-keyform") == 0) {
+                passargin = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
            if (--argc < 1)
                badarg = 1;
            else
-				keyform=str2fmt(*(++argv));
-#ifndef OPENSSL_NO_ENGINE
-		} else if(!strcmp(*argv, "-engine")) {
+                keyform = str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        } else if (!strcmp(*argv, "-engine")) {
            if (--argc < 1)
                badarg = 1;
            else
                engine = *(++argv);
-#endif
-		} else if(!strcmp(*argv, "-pubin")) {
+# endif
+        } else if (!strcmp(*argv, "-pubin")) {
            key_type = KEY_PUBKEY;
-		} else if(!strcmp(*argv, "-certin")) {
+        } else if (!strcmp(*argv, "-certin")) {
            key_type = KEY_CERT;
-		} 
-		else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
-		else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
-		else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
-		else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
-		else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
-		else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
-		else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
-		else if(!strcmp(*argv, "-sign")) {
+        } else if (!strcmp(*argv, "-asn1parse"))
+            asn1parse = 1;
+        else if (!strcmp(*argv, "-hexdump"))
+            hexdump = 1;
+        else if (!strcmp(*argv, "-raw"))
+            pad = RSA_NO_PADDING;
+        else if (!strcmp(*argv, "-oaep"))
+            pad = RSA_PKCS1_OAEP_PADDING;
+        else if (!strcmp(*argv, "-ssl"))
+            pad = RSA_SSLV23_PADDING;
+        else if (!strcmp(*argv, "-pkcs"))
+            pad = RSA_PKCS1_PADDING;
+        else if (!strcmp(*argv, "-x931"))
+            pad = RSA_X931_PADDING;
+        else if (!strcmp(*argv, "-sign")) {
            rsa_mode = RSA_SIGN;
            need_priv = 1;
-		} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
-		else if(!strcmp(*argv, "-rev")) rev = 1;
-		else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
-		else if(!strcmp(*argv, "-decrypt")) {
+        } else if (!strcmp(*argv, "-verify"))
+            rsa_mode = RSA_VERIFY;
+        else if (!strcmp(*argv, "-rev"))
+            rev = 1;
+        else if (!strcmp(*argv, "-encrypt"))
+            rsa_mode = RSA_ENCRYPT;
+        else if (!strcmp(*argv, "-decrypt")) {
            rsa_mode = RSA_DECRYPT;
            need_priv = 1;
-		} else badarg = 1;
-		if(badarg) {
+        } else
+            badarg = 1;
+        if (badarg) {
            usage();
            goto end;
        }
@ -180,15 +191,14 @@ int MAIN(int argc, char **argv)
        argv++;
    }

-	if(need_priv && (key_type != KEY_PRIVKEY)) {
+    if (need_priv && (key_type != KEY_PRIVKEY)) {
        BIO_printf(bio_err, "A private key is needed for this operation\n");
        goto end;
    }
-
-#ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
-#endif
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+# endif
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }
@ -196,7 +206,7 @@ int MAIN(int argc, char **argv)
 /* FIXME: seed PRNG only if needed */
    app_RAND_load_file(NULL, bio_err, 0);

-	switch(key_type) {
+    switch (key_type) {
    case KEY_PRIVKEY:
        pkey = load_key(bio_err, keyfile, keyform, 0,
                        passin, e, "Private Key");
@ -208,81 +218,86 @@ int MAIN(int argc, char **argv)
        break;

    case KEY_CERT:
-		x = load_cert(bio_err, keyfile, keyform,
-			NULL, e, "Certificate");
-		if(x) {
+        x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
+        if (x) {
            pkey = X509_get_pubkey(x);
            X509_free(x);
        }
        break;
    }

-	if(!pkey) {
+    if (!pkey) {
        return 1;
    }

    rsa = EVP_PKEY_get1_RSA(pkey);
    EVP_PKEY_free(pkey);

-	if(!rsa) {
+    if (!rsa) {
        BIO_printf(bio_err, "Error getting RSA key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-
-	if(infile) {
-		if(!(in = BIO_new_file(infile, "rb"))) {
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "rb"))) {
            BIO_printf(bio_err, "Error Reading Input File\n");
            ERR_print_errors(bio_err);
            goto end;
        }
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);

-	if(outfile) {
-		if(!(out = BIO_new_file(outfile, "wb"))) {
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
            BIO_printf(bio_err, "Error Reading Output File\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    } else {
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef OPENSSL_SYS_VMS
+# ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
-#endif
+# endif
    }

    keysize = RSA_size(rsa);

    rsa_in = OPENSSL_malloc(keysize * 2);
    rsa_out = OPENSSL_malloc(keysize);
+    if (!rsa_in || !rsa_out) {
+        BIO_printf(bio_err, "Out of memory\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }

    /* Read the input data */
    rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
-	if(rsa_inlen <= 0) {
+    if (rsa_inlen <= 0) {
        BIO_printf(bio_err, "Error reading input Data\n");
        exit(1);
    }
-	if(rev) {
+    if (rev) {
        int i;
        unsigned char ctmp;
-		for(i = 0; i < rsa_inlen/2; i++) {
+        for (i = 0; i < rsa_inlen / 2; i++) {
            ctmp = rsa_in[i];
            rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
            rsa_in[rsa_inlen - 1 - i] = ctmp;
        }
    }
-	switch(rsa_mode) {
+    switch (rsa_mode) {

    case RSA_VERIFY:
        rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
        break;

    case RSA_SIGN:
-			rsa_outlen  = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        rsa_outlen =
+            RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
        break;

    case RSA_ENCRYPT:
@ -290,30 +305,36 @@ int MAIN(int argc, char **argv)
        break;

    case RSA_DECRYPT:
-			rsa_outlen  = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        rsa_outlen =
+            RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
        break;

    }

-	if(rsa_outlen <= 0) {
+    if (rsa_outlen <= 0) {
        BIO_printf(bio_err, "RSA operation error\n");
        ERR_print_errors(bio_err);
        goto end;
    }
    ret = 0;
-	if(asn1parse) {
-		if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
+    if (asn1parse) {
+        if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
            ERR_print_errors(bio_err);
        }
-	} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
-	else BIO_write(out, rsa_out, rsa_outlen);
+    } else if (hexdump)
+        BIO_dump(out, (char *)rsa_out, rsa_outlen);
+    else
+        BIO_write(out, rsa_out, rsa_outlen);
 end:
    RSA_free(rsa);
    BIO_free(in);
    BIO_free_all(out);
-	if(rsa_in) OPENSSL_free(rsa_in);
-	if(rsa_out) OPENSSL_free(rsa_out);
-	if(passin) OPENSSL_free(passin);
+    if (rsa_in)
+        OPENSSL_free(rsa_in);
+    if (rsa_out)
+        OPENSSL_free(rsa_out);
+    if (passin)
+        OPENSSL_free(passin);
    return ret;
 }

@ -325,27 +346,30 @@ static void usage()
    BIO_printf(bio_err, "-inkey file     input key\n");
    BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
    BIO_printf(bio_err, "-pubin          input is an RSA public\n");
-	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
+    BIO_printf(bio_err,
+               "-certin         input is a certificate carrying an RSA public key\n");
    BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
    BIO_printf(bio_err, "-raw            use no padding\n");
-	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");
+    BIO_printf(bio_err,
+               "-pkcs           use PKCS#1 v1.5 padding (default)\n");
    BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");
    BIO_printf(bio_err, "-sign           sign with private key\n");
    BIO_printf(bio_err, "-verify         verify with public key\n");
    BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
    BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
    BIO_printf(bio_err, "-hexdump        hex dump output\n");
-#ifndef OPENSSL_NO_ENGINE
-	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
-	BIO_printf (bio_err, "-passin arg    pass phrase source\n");
-#endif
+# ifndef OPENSSL_NO_ENGINE
+    BIO_printf(bio_err,
+               "-engine e       use engine e, possibly a hardware device.\n");
+    BIO_printf(bio_err, "-passin arg    pass phrase source\n");
+# endif

 }

 #else                           /* !OPENSSL_NO_RSA */

 # if PEDANTIC
-static void *dummy=&dummy;
+static void *dummy = &dummy;
 # endif

 #endif
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@ -108,47 +108,52 @@
 * Hudson (tjh@cryptsoft.com).
 *
 */
-#if !defined(OPENSSL_SYS_NETWARE)  /* conflicts with winsock2 stuff on netware */
-#include <sys/types.h>
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
+# include <sys/types.h>
 #endif
 #include <openssl/opensslconf.h>

 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#include <conio.h>
+# include <conio.h>
 #endif

 #if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
-#define _kbhit kbhit
+# define _kbhit kbhit
 #endif

 #if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
-/* VAX C does not defined fd_set and friends, but it's actually quite simple */
+/*
+ * VAX C does not defined fd_set and friends, but it's actually quite simple
+ */
 /* These definitions are borrowed from SOCKETSHR.       /Richard Levitte */
-#define MAX_NOFILE	32
-#define	NBBY		 8		/* number of bits in a byte	*/
+# define MAX_NOFILE      32
+# define NBBY             8     /* number of bits in a byte */

-#ifndef	FD_SETSIZE
-#define	FD_SETSIZE	MAX_NOFILE
-#endif	/* FD_SETSIZE */
+# ifndef FD_SETSIZE
+#  define FD_SETSIZE      MAX_NOFILE
+# endif                         /* FD_SETSIZE */

 /* How many things we'll allow select to use. 0 if unlimited */
-#define MAXSELFD	MAX_NOFILE
+# define MAXSELFD        MAX_NOFILE
 typedef int fd_mask;            /* int here! VMS prototypes int, not long */
-#define NFDBITS	(sizeof(fd_mask) * NBBY)	/* bits per mask (power of 2!)*/
-#define NFDSHIFT 5				/* Shift based on above */
+# define NFDBITS (sizeof(fd_mask) * NBBY)/* bits per mask (power of 2!) */
+# define NFDSHIFT 5             /* Shift based on above */

 typedef fd_mask fd_set;
-#define	FD_SET(n, p)	(*(p) |= (1 << ((n) % NFDBITS)))
-#define	FD_CLR(n, p)	(*(p) &= ~(1 << ((n) % NFDBITS)))
-#define	FD_ISSET(n, p)	(*(p) & (1 << ((n) % NFDBITS)))
-#define FD_ZERO(p)	memset((char *)(p), 0, sizeof(*(p)))
+# define FD_SET(n, p)    (*(p) |= (1 << ((n) % NFDBITS)))
+# define FD_CLR(n, p)    (*(p) &= ~(1 << ((n) % NFDBITS)))
+# define FD_ISSET(n, p)  (*(p) & (1 << ((n) % NFDBITS)))
+# define FD_ZERO(p)      memset((char *)(p), 0, sizeof(*(p)))
 #endif

 #define PORT            4433
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"

-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
+int do_server(int port, int type, int *ret,
+              int (*cb) (char *hostname, int s, unsigned char *context),
+              unsigned char *context);
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 #endif
@ -159,18 +164,21 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
 int init_client(int *sock, char *server, int port, int type);
 int should_retry(int i);
 int extract_port(char *str, short *port_ptr);
-int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
+                      short *p);

 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
                                   int argi, long argl, long ret);

 #ifdef HEADER_SSL_H
 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
+void MS_CALLBACK msg_cb(int write_p, int version, int content_type,
+                        const void *buf, size_t len, SSL *ssl, void *arg);
 void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
-					unsigned char *data, int len,
-					void *arg);
+                           unsigned char *data, int len, void *arg);
 #endif

-int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len);
-int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len);
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                         unsigned int *cookie_len);
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                       unsigned int cookie_len);
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@ -111,6 +111,7 @@

 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h> /* for memcpy() */
 #define USE_SOCKETS
 #define NON_MAIN
 #include "apps.h"
@ -124,65 +125,58 @@

 #define COOKIE_SECRET_LENGTH    16

-int verify_depth=0;
-int verify_error=X509_V_OK;
-int verify_return_error=0;
+int verify_depth = 0;
+int verify_error = X509_V_OK;
+int verify_return_error = 0;
 unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
-int cookie_initialized=0;
+int cookie_initialized = 0;

 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
-	{
+{
    X509 *err_cert;
-	int err,depth;
+    int err, depth;

-	err_cert=X509_STORE_CTX_get_current_cert(ctx);
-	err=	X509_STORE_CTX_get_error(ctx);
-	depth=	X509_STORE_CTX_get_error_depth(ctx);
+    err_cert = X509_STORE_CTX_get_current_cert(ctx);
+    err = X509_STORE_CTX_get_error(ctx);
+    depth = X509_STORE_CTX_get_error_depth(ctx);

-	BIO_printf(bio_err,"depth=%d ",depth);
-	if (err_cert)
-		{
+    BIO_printf(bio_err, "depth=%d ", depth);
+    if (err_cert) {
        X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
                           0, XN_FLAG_ONELINE);
        BIO_puts(bio_err, "\n");
-		}
-	else
+    } else
        BIO_puts(bio_err, "<no cert>\n");
-	if (!ok)
-		{
-		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+    if (!ok) {
+        BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
                   X509_verify_cert_error_string(err));
-		if (verify_depth >= depth)
-			{
+        if (verify_depth >= depth) {
            if (!verify_return_error)
-				ok=1;
-			verify_error=X509_V_OK;
-			}
-		else
-			{
-			ok=0;
-			verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
+                ok = 1;
+            verify_error = X509_V_OK;
+        } else {
+            ok = 0;
+            verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
        }
    }
-	switch (err)
-		{
+    switch (err) {
    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		BIO_puts(bio_err,"issuer= ");
+        BIO_puts(bio_err, "issuer= ");
        X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
                           0, XN_FLAG_ONELINE);
        BIO_puts(bio_err, "\n");
        break;
    case X509_V_ERR_CERT_NOT_YET_VALID:
    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
-		BIO_printf(bio_err,"\n");
+        BIO_printf(bio_err, "notBefore=");
+        ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+        BIO_printf(bio_err, "\n");
        break;
    case X509_V_ERR_CERT_HAS_EXPIRED:
    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
-		BIO_printf(bio_err,"\n");
+        BIO_printf(bio_err, "notAfter=");
+        ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+        BIO_printf(bio_err, "\n");
        break;
    case X509_V_ERR_NO_EXPLICIT_POLICY:
        policies_print(bio_err, ctx);
@ -191,36 +185,35 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
    if (err == X509_V_OK && ok == 2)
        policies_print(bio_err, ctx);

-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
-	}
+    BIO_printf(bio_err, "verify return:%d\n", ok);
+    return (ok);
+}

 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
-	{
-	if (cert_file != NULL)
-		{
-		/*
+{
+    if (cert_file != NULL) {
+        /*-
        SSL *ssl;
        X509 *x509;
        */

-		if (SSL_CTX_use_certificate_file(ctx,cert_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
+        if (SSL_CTX_use_certificate_file(ctx, cert_file,
+                                         SSL_FILETYPE_PEM) <= 0) {
+            BIO_printf(bio_err, "unable to get certificate from '%s'\n",
+                       cert_file);
            ERR_print_errors(bio_err);
-			return(0);
+            return (0);
        }
-		if (key_file == NULL) key_file=cert_file;
-		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
-			SSL_FILETYPE_PEM) <= 0)
-			{
-			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
+        if (key_file == NULL)
+            key_file = cert_file;
+        if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) {
+            BIO_printf(bio_err, "unable to get private key from '%s'\n",
+                       key_file);
            ERR_print_errors(bio_err);
-			return(0);
+            return (0);
        }

-		/*
+        /*-
        In theory this is no longer needed
        ssl=SSL_new(ctx);
        x509=SSL_get_certificate(ssl);
@ -235,119 +228,115 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
        SSL_free(ssl);
        */

-		/* If we are using DSA, we can copy the parameters from
-		 * the private key */
+        /*
+         * If we are using DSA, we can copy the parameters from the private
+         * key
+         */

-
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-		if (!SSL_CTX_check_private_key(ctx))
-			{
-			BIO_printf(bio_err,"Private key does not match the certificate public key\n");
-			return(0);
+        /*
+         * Now we know that a key and cert have been set against the SSL
+         * context
+         */
+        if (!SSL_CTX_check_private_key(ctx)) {
+            BIO_printf(bio_err,
+                       "Private key does not match the certificate public key\n");
+            return (0);
        }
    }
-	return(1);
-	}
+    return (1);
+}

 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
-	{
+{
    if (cert == NULL)
        return 1;
-	if (SSL_CTX_use_certificate(ctx,cert) <= 0)
-		{
-		BIO_printf(bio_err,"error setting certificate\n");
+    if (SSL_CTX_use_certificate(ctx, cert) <= 0) {
+        BIO_printf(bio_err, "error setting certificate\n");
        ERR_print_errors(bio_err);
        return 0;
    }
-	if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
-		{
-		BIO_printf(bio_err,"error setting private key\n");
+    if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) {
+        BIO_printf(bio_err, "error setting private key\n");
        ERR_print_errors(bio_err);
        return 0;
    }

-		
-		/* Now we know that a key and cert have been set against
-		 * the SSL context */
-	if (!SSL_CTX_check_private_key(ctx))
-		{
-		BIO_printf(bio_err,"Private key does not match the certificate public key\n");
+    /*
+     * Now we know that a key and cert have been set against the SSL context
+     */
+    if (!SSL_CTX_check_private_key(ctx)) {
+        BIO_printf(bio_err,
+                   "Private key does not match the certificate public key\n");
        return 0;
    }
    return 1;
-	}
+}

 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
                                   int argi, long argl, long ret)
-	{
+{
    BIO *out;

-	out=(BIO *)BIO_get_callback_arg(bio);
-	if (out == NULL) return(ret);
+    out = (BIO *)BIO_get_callback_arg(bio);
+    if (out == NULL)
+        return (ret);

-	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
- 			(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		return(ret);
-		}
-	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-		{
-		BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
-			(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		}
-	return(ret);
+    if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
+        BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                   (void *)bio, argp, (unsigned long)argi, ret, ret);
+        BIO_dump(out, argp, (int)ret);
+        return (ret);
+    } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
+        BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                   (void *)bio, argp, (unsigned long)argi, ret, ret);
+        BIO_dump(out, argp, (int)ret);
    }
+    return (ret);
+}

 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
-	{
+{
    const char *str;
    int w;

-	w=where& ~SSL_ST_MASK;
+    w = where & ~SSL_ST_MASK;

-	if (w & SSL_ST_CONNECT) str="SSL_connect";
-	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-	else str="undefined";
+    if (w & SSL_ST_CONNECT)
+        str = "SSL_connect";
+    else if (w & SSL_ST_ACCEPT)
+        str = "SSL_accept";
+    else
+        str = "undefined";

-	if (where & SSL_CB_LOOP)
-		{
-		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
-		}
-	else if (where & SSL_CB_ALERT)
-		{
-		str=(where & SSL_CB_READ)?"read":"write";
-		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+    if (where & SSL_CB_LOOP) {
+        BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
+    } else if (where & SSL_CB_ALERT) {
+        str = (where & SSL_CB_READ) ? "read" : "write";
+        BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n",
                   str,
                   SSL_alert_type_string_long(ret),
                   SSL_alert_desc_string_long(ret));
-		}
-	else if (where & SSL_CB_EXIT)
-		{
+    } else if (where & SSL_CB_EXIT) {
        if (ret == 0)
-			BIO_printf(bio_err,"%s:failed in %s\n",
-				str,SSL_state_string_long(s));
-		else if (ret < 0)
-			{
-			BIO_printf(bio_err,"%s:error in %s\n",
-				str,SSL_state_string_long(s));
-			}
+            BIO_printf(bio_err, "%s:failed in %s\n",
+                       str, SSL_state_string_long(s));
+        else if (ret < 0) {
+            BIO_printf(bio_err, "%s:error in %s\n",
+                       str, SSL_state_string_long(s));
        }
    }
+}

-
-void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
-	{
+void MS_CALLBACK msg_cb(int write_p, int version, int content_type,
+                        const void *buf, size_t len, SSL *ssl, void *arg)
+{
    BIO *bio = arg;
-	const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
+    const char *str_write_p, *str_version, *str_content_type =
+        "", *str_details1 = "", *str_details2 = "";

    str_write_p = write_p ? ">>>" : "<<<";

-	switch (version)
-		{
+    switch (version) {
    case SSL2_VERSION:
        str_version = "SSL 2.0";
        break;
@ -373,23 +362,20 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        str_version = "???";
    }

-	if (version == SSL2_VERSION)
-		{
+    if (version == SSL2_VERSION) {
        str_details1 = "???";

-		if (len > 0)
-			{
-			switch (((const unsigned char*)buf)[0])
-				{
+        if (len > 0) {
+            switch (((const unsigned char *)buf)[0]) {
            case 0:
                str_details1 = ", ERROR:";
                str_details2 = " ???";
-					if (len >= 3)
-						{
-						unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
+                if (len >= 3) {
+                    unsigned err =
+                        (((const unsigned char *)buf)[1] << 8) +
+                        ((const unsigned char *)buf)[2];

-						switch (err)
-							{
+                    switch (err) {
                    case 0x0001:
                        str_details2 = " NO-CIPHER-ERROR";
                        break;
@ -438,11 +424,8 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        version == TLS1_VERSION ||
        version == TLS1_1_VERSION ||
        version == TLS1_2_VERSION ||
-	    version == DTLS1_VERSION ||
-	    version == DTLS1_BAD_VER)
-		{
-		switch (content_type)
-			{
+        version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
+        switch (content_type) {
        case 20:
            str_content_type = "ChangeCipherSpec";
            break;
@ -454,14 +437,11 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
            break;
        }

-		if (content_type == 21) /* Alert */
-			{
+        if (content_type == 21) { /* Alert */
            str_details1 = ", ???";

-			if (len == 2)
-				{
-				switch (((const unsigned char*)buf)[0])
-					{
+            if (len == 2) {
+                switch (((const unsigned char *)buf)[0]) {
                case 1:
                    str_details1 = ", warning";
                    break;
@ -471,8 +451,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                }

                str_details2 = " ???";
-				switch (((const unsigned char*)buf)[1])
-					{
+                switch (((const unsigned char *)buf)[1]) {
                case 0:
                    str_details2 = " close_notify";
                    break;
@ -564,14 +543,11 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
            }
        }

-		if (content_type == 22) /* Handshake */
-			{
+        if (content_type == 22) { /* Handshake */
            str_details1 = "???";

-			if (len > 0)
-				{
-				switch (((const unsigned char*)buf)[0])
-					{
+            if (len > 0) {
+                switch (((const unsigned char *)buf)[0]) {
                case 0:
                    str_details1 = ", HelloRequest";
                    break;
@ -608,16 +584,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                }
            }
        }
-
 #ifndef OPENSSL_NO_HEARTBEATS
-		if (content_type == 24) /* Heartbeat */
-			{
+        if (content_type == 24) { /* Heartbeat */
            str_details1 = ", Heartbeat";

-			if (len > 0)
-				{
-				switch (((const unsigned char*)buf)[0])
-					{
+            if (len > 0) {
+                switch (((const unsigned char *)buf)[0]) {
                case 1:
                    str_details1 = ", HeartbeatRequest";
                    break;
@ -630,10 +602,11 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 #endif
    }

-	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
+    BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version,
+               str_content_type, (unsigned long)len, str_details1,
+               str_details2);

-	if (len > 0)
-		{
+    if (len > 0) {
        size_t num, i;

        BIO_printf(bio, "   ");
@ -642,28 +615,25 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        if (num > 16)
            num = 16;
 #endif
-		for (i = 0; i < num; i++)
-			{
+        for (i = 0; i < num; i++) {
            if (i % 16 == 0 && i > 0)
                BIO_printf(bio, "\n   ");
-			BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
+            BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]);
        }
        if (i < len)
            BIO_printf(bio, " ...");
        BIO_printf(bio, "\n");
    }
    (void)BIO_flush(bio);
-	}
+}

 void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
-					unsigned char *data, int len,
-					void *arg)
-	{
+                           unsigned char *data, int len, void *arg)
+{
    BIO *bio = arg;
    char *extname;

-	switch(type)
-		{
+    switch (type) {
    case TLSEXT_TYPE_server_name:
        extname = "server name";
        break;
@ -758,14 +728,14 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
    }

    BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
-			client_server ? "server": "client",
-			extname, type, len);
+               client_server ? "server" : "client", extname, type, len);
    BIO_dump(bio, (char *)data, len);
    (void)BIO_flush(bio);
-	}
+}

-int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
-	{
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                         unsigned int *cookie_len)
+{
    unsigned char *buffer, result[EVP_MAX_MD_SIZE];
    unsigned int length, resultlength;
    union {
@ -777,11 +747,9 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
    } peer;

    /* Initialize a random secret */
-	if (!cookie_initialized)
-		{
-		if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
-			{
-			BIO_printf(bio_err,"error setting random cookie secret\n");
+    if (!cookie_initialized) {
+        if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
+            BIO_printf(bio_err, "error setting random cookie secret\n");
            return 0;
        }
        cookie_initialized = 1;
@ -792,8 +760,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign

    /* Create buffer with peer's address and port */
    length = 0;
-	switch (peer.sa.sa_family)
-		{
+    switch (peer.sa.sa_family) {
    case AF_INET:
        length += sizeof(struct in_addr);
        length += sizeof(peer.s4.sin_port);
@ -810,30 +777,22 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
    }
    buffer = OPENSSL_malloc(length);

-	if (buffer == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
+    if (buffer == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
        return 0;
    }

-	switch (peer.sa.sa_family)
-		{
+    switch (peer.sa.sa_family) {
    case AF_INET:
-		memcpy(buffer,
-		       &peer.s4.sin_port,
-		       sizeof(peer.s4.sin_port));
+        memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
        memcpy(buffer + sizeof(peer.s4.sin_port),
-		       &peer.s4.sin_addr,
-		       sizeof(struct in_addr));
+               &peer.s4.sin_addr, sizeof(struct in_addr));
        break;
 #if OPENSSL_USE_IPV6
    case AF_INET6:
-		memcpy(buffer,
-		       &peer.s6.sin6_port,
-		       sizeof(peer.s6.sin6_port));
+        memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
        memcpy(buffer + sizeof(peer.s6.sin6_port),
-		       &peer.s6.sin6_addr,
-		       sizeof(struct in6_addr));
+               &peer.s6.sin6_addr, sizeof(struct in6_addr));
        break;
 #endif
    default:
@ -850,10 +809,11 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign
    *cookie_len = resultlength;

    return 1;
-	}
+}

-int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
-	{
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                       unsigned int cookie_len)
+{
    unsigned char *buffer, result[EVP_MAX_MD_SIZE];
    unsigned int length, resultlength;
    union {
@ -873,8 +833,7 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned

    /* Create buffer with peer's address and port */
    length = 0;
-	switch (peer.sa.sa_family)
-		{
+    switch (peer.sa.sa_family) {
    case AF_INET:
        length += sizeof(struct in_addr);
        length += sizeof(peer.s4.sin_port);
@ -891,30 +850,22 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
    }
    buffer = OPENSSL_malloc(length);

-	if (buffer == NULL)
-		{
-		BIO_printf(bio_err,"out of memory\n");
+    if (buffer == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
        return 0;
    }

-	switch (peer.sa.sa_family)
-		{
+    switch (peer.sa.sa_family) {
    case AF_INET:
-		memcpy(buffer,
-		       &peer.s4.sin_port,
-		       sizeof(peer.s4.sin_port));
+        memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
        memcpy(buffer + sizeof(peer.s4.sin_port),
-		       &peer.s4.sin_addr,
-		       sizeof(struct in_addr));
+               &peer.s4.sin_addr, sizeof(struct in_addr));
        break;
 #if OPENSSL_USE_IPV6
    case AF_INET6:
-		memcpy(buffer,
-		       &peer.s6.sin6_port,
-		       sizeof(peer.s6.sin6_port));
+        memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
        memcpy(buffer + sizeof(peer.s6.sin6_port),
-		       &peer.s6.sin6_addr,
-		       sizeof(struct in6_addr));
+               &peer.s6.sin6_addr, sizeof(struct in6_addr));
        break;
 #endif
    default:
@ -927,8 +878,9 @@ int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned
         buffer, length, result, &resultlength);
    OPENSSL_free(buffer);

-	if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
+    if (cookie_len == resultlength
+        && memcmp(result, cookie, resultlength) == 0)
        return 1;

    return 0;
-	}
+}
--- a/apps/s_client.c
+++ b/apps/s_client.c
--- a/apps/s_server.c
+++ b/apps/s_server.c
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@ -1,4 +1,6 @@
-/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
+/*
+ * apps/s_socket.c - socket-related functions used by s_client and s_server
+ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@ -63,17 +65,19 @@
 #include <signal.h>

 #ifdef FLAT_INC
-#include "e_os2.h"
+# include "e_os2.h"
 #else
-#include "../e_os2.h"
+# include "../e_os2.h"
 #endif

-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
+/*
+ * With IPv6, it looks like Digital has mixed up the proper order of
+ * recursive header file inclusion, resulting in the compiler complaining
+ * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
+ * needed to have fileno() declared correctly...  So let's define u_int
+ */
 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
-#define __U_INT
+# define __U_INT
 typedef unsigned int u_int;
 #endif

@ -86,341 +90,342 @@ typedef unsigned int u_int;
 #include <openssl/ssl.h>

 #ifdef FLAT_INC
-#include "e_os.h"
+# include "e_os.h"
 #else
-#include "../e_os.h"
+# include "../e_os.h"
 #endif

 #ifndef OPENSSL_NO_SOCK

-#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
-#include "netdb.h"
-#endif
+# if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
+#  include "netdb.h"
+# endif

 static struct hostent *GetHostByName(char *name);
-#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
 static void ssl_sock_cleanup(void);
-#endif
+# endif
 static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
 static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port,char *ip, int type);
+static int init_server_long(int *sock, int port, char *ip, int type);
 static int do_accept(int acc_sock, int *sock, char **host);
 static int host_ip(char *str, unsigned char ip[4]);

-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
-#else
-#define SOCKET_PROTOCOL	IPPROTO_TCP
-#endif
+# ifdef OPENSSL_SYS_WIN16
+#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
+# else
+#  define SOCKET_PROTOCOL IPPROTO_TCP
+# endif

-#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-static int wsa_init_done=0;
-#endif
+# if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+static int wsa_init_done = 0;
+# endif

-#ifdef OPENSSL_SYS_WINDOWS
+# ifdef OPENSSL_SYS_WINDOWS
 static struct WSAData wsa_state;
-static int wsa_init_done=0;
+static int wsa_init_done = 0;

-#ifdef OPENSSL_SYS_WIN16
-static HWND topWnd=0;
-static FARPROC lpTopWndProc=NULL;
-static FARPROC lpTopHookProc=NULL;
+#  ifdef OPENSSL_SYS_WIN16
+static HWND topWnd = 0;
+static FARPROC lpTopWndProc = NULL;
+static FARPROC lpTopHookProc = NULL;
 extern HINSTANCE _hInstance;    /* nice global CRT provides */

 static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
                                   LPARAM lParam)
-	{
-	if (hwnd == topWnd)
-		{
-		switch(message)
-			{
+{
+    if (hwnd == topWnd) {
+        switch (message) {
        case WM_DESTROY:
        case WM_CLOSE:
-			SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
+            SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopWndProc);
            ssl_sock_cleanup();
            break;
        }
    }
-	return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
-	}
+    return CallWindowProc(lpTopWndProc, hwnd, message, wParam, lParam);
+}

-static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
-	{
-	topWnd=hwnd;
-	return(FALSE);
-	}
+static BOOL CALLBACK enumproc(HWND hwnd, LPARAM lParam)
+{
+    topWnd = hwnd;
+    return (FALSE);
+}

-#endif /* OPENSSL_SYS_WIN32 */
-#endif /* OPENSSL_SYS_WINDOWS */
+#  endif                        /* OPENSSL_SYS_WIN32 */
+# endif                         /* OPENSSL_SYS_WINDOWS */

-#ifdef OPENSSL_SYS_WINDOWS
+# ifdef OPENSSL_SYS_WINDOWS
 static void ssl_sock_cleanup(void)
-	{
-	if (wsa_init_done)
-		{
-		wsa_init_done=0;
-#ifndef OPENSSL_SYS_WINCE
+{
+    if (wsa_init_done) {
+        wsa_init_done = 0;
+#  ifndef OPENSSL_SYS_WINCE
        WSACancelBlockingCall();
-#endif
+#  endif
        WSACleanup();
    }
-	}
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+}
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
 static void sock_cleanup(void)
-    {
-    if (wsa_init_done)
-        {
-        wsa_init_done=0;
+{
+    if (wsa_init_done) {
+        wsa_init_done = 0;
        WSACleanup();
    }
-	}
-#endif
+}
+# endif

 static int ssl_sock_init(void)
-	{
-#ifdef WATT32
+{
+# ifdef WATT32
    extern int _watt_do_exit;
    _watt_do_exit = 0;
    if (sock_init())
        return (0);
-#elif defined(OPENSSL_SYS_WINDOWS)
-	if (!wsa_init_done)
-		{
+# elif defined(OPENSSL_SYS_WINDOWS)
+    if (!wsa_init_done) {
        int err;

-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
-#endif
-		wsa_init_done=1;
-		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
-			{
-			err=WSAGetLastError();
-			BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
-			return(0);
+#  ifdef SIGINT
+        signal(SIGINT, (void (*)(int))ssl_sock_cleanup);
+#  endif
+        wsa_init_done = 1;
+        memset(&wsa_state, 0, sizeof(wsa_state));
+        if (WSAStartup(0x0101, &wsa_state) != 0) {
+            err = WSAGetLastError();
+            BIO_printf(bio_err, "unable to start WINSOCK, error code=%d\n",
+                       err);
+            return (0);
        }
+#  ifdef OPENSSL_SYS_WIN16
+        EnumTaskWindows(GetCurrentTask(), enumproc, 0L);
+        lpTopWndProc = (FARPROC) GetWindowLong(topWnd, GWL_WNDPROC);
+        lpTopHookProc = MakeProcInstance((FARPROC) topHookProc, _hInstance);

-#ifdef OPENSSL_SYS_WIN16
-		EnumTaskWindows(GetCurrentTask(),enumproc,0L);
-		lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
-		lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
-
-		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
-#endif /* OPENSSL_SYS_WIN16 */
+        SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopHookProc);
+#  endif                        /* OPENSSL_SYS_WIN16 */
    }
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
    WORD wVerReq;
    WSADATA wsaData;
    int err;

-   if (!wsa_init_done)
-      {
+    if (!wsa_init_done) {

 #  ifdef SIGINT
-      signal(SIGINT,(void (*)(int))sock_cleanup);
+        signal(SIGINT, (void (*)(int))sock_cleanup);
 #  endif

-      wsa_init_done=1;
-      wVerReq = MAKEWORD( 2, 0 );
-      err = WSAStartup(wVerReq,&wsaData);
-      if (err != 0)
-         {
-         BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err);
-         return(0);
+        wsa_init_done = 1;
+        wVerReq = MAKEWORD(2, 0);
+        err = WSAStartup(wVerReq, &wsaData);
+        if (err != 0) {
+            BIO_printf(bio_err, "unable to start WINSOCK2, error code=%d\n",
+                       err);
+            return (0);
        }
    }
-#endif /* OPENSSL_SYS_WINDOWS */
-	return(1);
-	}
+# endif                         /* OPENSSL_SYS_WINDOWS */
+    return (1);
+}

 int init_client(int *sock, char *host, int port, int type)
-	{
+{
    unsigned char ip[4];

    memset(ip, '\0', sizeof ip);
-	if (!host_ip(host,&(ip[0])))
+    if (!host_ip(host, &(ip[0])))
        return 0;
-	return init_client_ip(sock,ip,port,type);
-	}
+    return init_client_ip(sock, ip, port, type);
+}

 static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
-	{
+{
    unsigned long addr;
    struct sockaddr_in them;
-	int s,i;
+    int s, i;

-	if (!ssl_sock_init()) return(0);
+    if (!ssl_sock_init())
+        return (0);

-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
+    memset((char *)&them, 0, sizeof(them));
+    them.sin_family = AF_INET;
+    them.sin_port = htons((unsigned short)port);
+    addr = (unsigned long)
+        ((unsigned long)ip[0] << 24L) |
+        ((unsigned long)ip[1] << 16L) |
+        ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
+    them.sin_addr.s_addr = htonl(addr);

    if (type == SOCK_STREAM)
-		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+        s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
    else                        /* ( type == SOCK_DGRAM) */
-		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
+        s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);

-	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
-	if (type == SOCK_STREAM)
-		{
-		i=0;
-		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-		if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
+    if (s == INVALID_SOCKET) {
+        perror("socket");
+        return (0);
    }
-#endif
-
-	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-		{ closesocket(s); perror("connect"); return(0); }
-	*sock=s;
-	return(1);
+# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
+    if (type == SOCK_STREAM) {
+        i = 0;
+        i = setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&i, sizeof(i));
+        if (i < 0) {
+            closesocket(s);
+            perror("keepalive");
+            return (0);
        }
+    }
+# endif

-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
-	{
+    if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
+        closesocket(s);
+        perror("connect");
+        return (0);
+    }
+    *sock = s;
+    return (1);
+}
+
+int do_server(int port, int type, int *ret,
+              int (*cb) (char *hostname, int s, unsigned char *context),
+              unsigned char *context)
+{
    int sock;
    char *name = NULL;
    int accept_socket = 0;
    int i;

-	if (!init_server(&accept_socket,port,type)) return(0);
+    if (!init_server(&accept_socket, port, type))
+        return (0);

-	if (ret != NULL)
-		{
-		*ret=accept_socket;
-		/* return(1);*/
+    if (ret != NULL) {
+        *ret = accept_socket;
+        /* return(1); */
    }
-  	for (;;)
-  		{
-		if (type==SOCK_STREAM)
-			{
-			if (do_accept(accept_socket,&sock,&name) == 0)
-				{
+    for (;;) {
+        if (type == SOCK_STREAM) {
+            if (do_accept(accept_socket, &sock, &name) == 0) {
                SHUTDOWN(accept_socket);
-				return(0);
+                return (0);
            }
-			}
-		else
+        } else
            sock = accept_socket;
-		i=(*cb)(name,sock, context);
-		if (name != NULL) OPENSSL_free(name);
-		if (type==SOCK_STREAM)
+        i = (*cb) (name, sock, context);
+        if (name != NULL)
+            OPENSSL_free(name);
+        if (type == SOCK_STREAM)
            SHUTDOWN2(sock);
-		if (i < 0)
-			{
+        if (i < 0) {
            SHUTDOWN2(accept_socket);
-			return(i);
-			}
+            return (i);
        }
    }
+}

 static int init_server_long(int *sock, int port, char *ip, int type)
-	{
-	int ret=0;
+{
+    int ret = 0;
    struct sockaddr_in server;
-	int s= -1;
+    int s = -1;

-	if (!ssl_sock_init()) return(0);
+    if (!ssl_sock_init())
+        return (0);

-	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons((unsigned short)port);
+    memset((char *)&server, 0, sizeof(server));
+    server.sin_family = AF_INET;
+    server.sin_port = htons((unsigned short)port);
    if (ip == NULL)
-		server.sin_addr.s_addr=INADDR_ANY;
+        server.sin_addr.s_addr = INADDR_ANY;
    else
 /* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-		memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-		memcpy(&server.sin_addr,ip,4);
-#endif
+# ifndef BIT_FIELD_LIMITS
+        memcpy(&server.sin_addr.s_addr, ip, 4);
+# else
+        memcpy(&server.sin_addr, ip, 4);
+# endif

    if (type == SOCK_STREAM)
-			s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+        s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
    else                        /* type == SOCK_DGRAM */
-			s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
+        s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);

-	if (s == INVALID_SOCKET) goto err;
-#if defined SOL_SOCKET && defined SO_REUSEADDR
+    if (s == INVALID_SOCKET)
+        goto err;
+# if defined SOL_SOCKET && defined SO_REUSEADDR
    {
        int j = 1;
-		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-			   (void *) &j, sizeof j);
+        setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
    }
-#endif
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
-		{
-#ifndef OPENSSL_SYS_WINDOWS
+# endif
+    if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
+# ifndef OPENSSL_SYS_WINDOWS
        perror("bind");
-#endif
+# endif
        goto err;
    }
    /* Make it 128 for linux */
-	if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
-	*sock=s;
-	ret=1;
-err:
-	if ((ret == 0) && (s != -1))
-		{
+    if (type == SOCK_STREAM && listen(s, 128) == -1)
+        goto err;
+    *sock = s;
+    ret = 1;
+ err:
+    if ((ret == 0) && (s != -1)) {
        SHUTDOWN(s);
    }
-	return(ret);
-	}
+    return (ret);
+}

 static int init_server(int *sock, int port, int type)
-	{
-	return(init_server_long(sock, port, NULL, type));
-	}
+{
+    return (init_server_long(sock, port, NULL, type));
+}

 static int do_accept(int acc_sock, int *sock, char **host)
-	{
+{
    int ret;
-	struct hostent *h1,*h2;
+    struct hostent *h1, *h2;
    static struct sockaddr_in from;
    int len;
 /*      struct linger ling; */

-	if (!ssl_sock_init()) return(0);
+    if (!ssl_sock_init())
+        return (0);

-#ifndef OPENSSL_SYS_WINDOWS
-redoit:
-#endif
+# ifndef OPENSSL_SYS_WINDOWS
+ redoit:
+# endif

-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
+    memset((char *)&from, 0, sizeof(from));
+    len = sizeof(from);
+    /*
+     * Note: under VMS with SOCKETSHR the fourth parameter is currently of
+     * type (int *) whereas under other systems it is (void *) if you don't
+     * have a cast it will choke the compiler: if you do have a cast then you
+     * can either go for (int *) or (void *).
     */
-	ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
-	if (ret == INVALID_SOCKET)
-		{
-#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+    ret = accept(acc_sock, (struct sockaddr *)&from, (void *)&len);
+    if (ret == INVALID_SOCKET) {
+# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
        int i;
-		i=WSAGetLastError();
-		BIO_printf(bio_err,"accept error %d\n",i);
-#else
-		if (errno == EINTR)
-			{
-			/*check_timeout(); */
+        i = WSAGetLastError();
+        BIO_printf(bio_err, "accept error %d\n", i);
+# else
+        if (errno == EINTR) {
+            /*
+             * check_timeout();
+             */
            goto redoit;
        }
-		fprintf(stderr,"errno=%d ",errno);
+        fprintf(stderr, "errno=%d ", errno);
        perror("accept");
-#endif
-		return(0);
+# endif
+        return (0);
    }

-/*
+/*-
    ling.l_onoff=1;
    ling.l_linger=0;
    i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
@ -430,193 +435,176 @@ redoit:
    if (i < 0) { perror("keepalive"); return(0); }
 */

-	if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
+    if (host == NULL)
+        goto end;
+# ifndef BIT_FIELD_LIMITS
    /* I should use WSAAsyncGetHostByName() under windows */
-	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
-		sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-	h1=gethostbyaddr((char *)&from.sin_addr,
-		sizeof(struct in_addr),AF_INET);
-#endif
-	if (h1 == NULL)
-		{
-		BIO_printf(bio_err,"bad gethostbyaddr\n");
-		*host=NULL;
+    h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
+                       sizeof(from.sin_addr.s_addr), AF_INET);
+# else
+    h1 = gethostbyaddr((char *)&from.sin_addr,
+                       sizeof(struct in_addr), AF_INET);
+# endif
+    if (h1 == NULL) {
+        BIO_printf(bio_err, "bad gethostbyaddr\n");
+        *host = NULL;
        /* return(0); */
-		}
-	else
-		{
-		if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
-			{
+    } else {
+        if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
            perror("OPENSSL_malloc");
            closesocket(ret);
-			return(0);
+            return (0);
        }
-		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
+        BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);

-		h2=GetHostByName(*host);
-		if (h2 == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
+        h2 = GetHostByName(*host);
+        if (h2 == NULL) {
+            BIO_printf(bio_err, "gethostbyname failure\n");
            closesocket(ret);
-			return(0);
+            return (0);
        }
-		if (h2->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+        if (h2->h_addrtype != AF_INET) {
+            BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
            closesocket(ret);
-			return(0);
+            return (0);
        }
    }
-end:
-	*sock=ret;
-	return(1);
-	}
+ end:
+    *sock = ret;
+    return (1);
+}

 int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
                      short *port_ptr)
-	{
-	char *h,*p;
+{
+    char *h, *p;

-	h=str;
-	p=strchr(str,':');
-	if (p == NULL)
-		{
-		BIO_printf(bio_err,"no port defined\n");
-		return(0);
+    h = str;
+    p = strchr(str, ':');
+    if (p == NULL) {
+        BIO_printf(bio_err, "no port defined\n");
+        return (0);
    }
-	*(p++)='\0';
+    *(p++) = '\0';

-	if ((ip != NULL) && !host_ip(str,ip))
+    if ((ip != NULL) && !host_ip(str, ip))
        goto err;
-	if (host_ptr != NULL) *host_ptr=h;
+    if (host_ptr != NULL)
+        *host_ptr = h;

-	if (!extract_port(p,port_ptr))
+    if (!extract_port(p, port_ptr))
        goto err;
-	return(1);
-err:
-	return(0);
-	}
+    return (1);
+ err:
+    return (0);
+}

 static int host_ip(char *str, unsigned char ip[4])
-	{
+{
    unsigned int in[4];
    int i;

-	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
-		{
-		for (i=0; i<4; i++)
-			if (in[i] > 255)
-				{
-				BIO_printf(bio_err,"invalid IP address\n");
+    if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
+        4) {
+        for (i = 0; i < 4; i++)
+            if (in[i] > 255) {
+                BIO_printf(bio_err, "invalid IP address\n");
                goto err;
            }
-		ip[0]=in[0];
-		ip[1]=in[1];
-		ip[2]=in[2];
-		ip[3]=in[3];
-		}
-	else
-		{ /* do a gethostbyname */
+        ip[0] = in[0];
+        ip[1] = in[1];
+        ip[2] = in[2];
+        ip[3] = in[3];
+    } else {                    /* do a gethostbyname */
        struct hostent *he;

-		if (!ssl_sock_init()) return(0);
+        if (!ssl_sock_init())
+            return (0);

-		he=GetHostByName(str);
-		if (he == NULL)
-			{
-			BIO_printf(bio_err,"gethostbyname failure\n");
+        he = GetHostByName(str);
+        if (he == NULL) {
+            BIO_printf(bio_err, "gethostbyname failure\n");
            goto err;
        }
        /* cast to short because of win16 winsock definition */
-		if ((short)he->h_addrtype != AF_INET)
-			{
-			BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
-			return(0);
+        if ((short)he->h_addrtype != AF_INET) {
+            BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+            return (0);
        }
-		ip[0]=he->h_addr_list[0][0];
-		ip[1]=he->h_addr_list[0][1];
-		ip[2]=he->h_addr_list[0][2];
-		ip[3]=he->h_addr_list[0][3];
-		}
-	return(1);
-err:
-	return(0);
+        ip[0] = he->h_addr_list[0][0];
+        ip[1] = he->h_addr_list[0][1];
+        ip[2] = he->h_addr_list[0][2];
+        ip[3] = he->h_addr_list[0][3];
    }
+    return (1);
+ err:
+    return (0);
+}

 int extract_port(char *str, short *port_ptr)
-	{
+{
    int i;
    struct servent *s;

-	i=atoi(str);
+    i = atoi(str);
    if (i != 0)
-		*port_ptr=(unsigned short)i;
-	else
-		{
-		s=getservbyname(str,"tcp");
-		if (s == NULL)
-			{
-			BIO_printf(bio_err,"getservbyname failure for %s\n",str);
-			return(0);
+        *port_ptr = (unsigned short)i;
+    else {
+        s = getservbyname(str, "tcp");
+        if (s == NULL) {
+            BIO_printf(bio_err, "getservbyname failure for %s\n", str);
+            return (0);
        }
-		*port_ptr=ntohs((unsigned short)s->s_port);
-		}
-	return(1);
+        *port_ptr = ntohs((unsigned short)s->s_port);
    }
+    return (1);
+}

-#define GHBN_NUM	4
-static struct ghbn_cache_st
-	{
+# define GHBN_NUM        4
+static struct ghbn_cache_st {
    char name[128];
    struct hostent ent;
    unsigned long order;
-	} ghbn_cache[GHBN_NUM];
+} ghbn_cache[GHBN_NUM];

-static unsigned long ghbn_hits=0L;
-static unsigned long ghbn_miss=0L;
+static unsigned long ghbn_hits = 0L;
+static unsigned long ghbn_miss = 0L;

 static struct hostent *GetHostByName(char *name)
-	{
+{
    struct hostent *ret;
-	int i,lowi=0;
-	unsigned long low= (unsigned long)-1;
+    int i, lowi = 0;
+    unsigned long low = (unsigned long)-1;

-	for (i=0; i<GHBN_NUM; i++)
-		{
-		if (low > ghbn_cache[i].order)
-			{
-			low=ghbn_cache[i].order;
-			lowi=i;
+    for (i = 0; i < GHBN_NUM; i++) {
+        if (low > ghbn_cache[i].order) {
+            low = ghbn_cache[i].order;
+            lowi = i;
        }
-		if (ghbn_cache[i].order > 0)
-			{
-			if (strncmp(name,ghbn_cache[i].name,128) == 0)
+        if (ghbn_cache[i].order > 0) {
+            if (strncmp(name, ghbn_cache[i].name, 128) == 0)
                break;
        }
    }
-	if (i == GHBN_NUM) /* no hit*/
-		{
+    if (i == GHBN_NUM) {        /* no hit */
        ghbn_miss++;
-		ret=gethostbyname(name);
-		if (ret == NULL) return(NULL);
+        ret = gethostbyname(name);
+        if (ret == NULL)
+            return (NULL);
        /* else add to cache */
-		if(strlen(name) < sizeof ghbn_cache[0].name)
-			{
-			strcpy(ghbn_cache[lowi].name,name);
-			memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
-			ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
+        if (strlen(name) < sizeof ghbn_cache[0].name) {
+            strcpy(ghbn_cache[lowi].name, name);
+            memcpy((char *)&(ghbn_cache[lowi].ent), ret,
+                   sizeof(struct hostent));
+            ghbn_cache[lowi].order = ghbn_miss + ghbn_hits;
        }
-		return(ret);
-		}
-	else
-		{
+        return (ret);
+    } else {
        ghbn_hits++;
-		ret= &(ghbn_cache[i].ent);
-		ghbn_cache[i].order=ghbn_miss+ghbn_hits;
-		return(ret);
-		}
+        ret = &(ghbn_cache[i].ent);
+        ghbn_cache[i].order = ghbn_miss + ghbn_hits;
+        return (ret);
    }
+}

 #endif
--- a/apps/s_time.c
+++ b/apps/s_time.c
@ -58,7 +58,7 @@

 #define NO_SHUTDOWN

-/*-----------------------------------------
+/* ----------------------------------------
   s_time - SSL client connection timer program
   Written and donated by Larry Streepy <streepy@healthcare.com>
  -----------------------------------------*/
@ -70,7 +70,7 @@
 #define USE_SOCKETS
 #include "apps.h"
 #ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
+# define APPS_WIN16
 #endif
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
@ -78,11 +78,11 @@
 #include "s_apps.h"
 #include <openssl/err.h>
 #ifdef WIN32_STUFF
-#include "winmain.h"
-#include "wintext.h"
+# include "winmain.h"
+# include "wintext.h"
 #endif
 #if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
+# include OPENSSL_UNISTD
 #endif

 #undef PROG
@ -93,7 +93,10 @@

 #define SSL_CONNECT_NAME        "localhost:4433"

-/*#define TEST_CERT "client.pem" */ /* no default cert. */
+/* no default cert. */
+/*
+ * #define TEST_CERT "client.pem"
+ */

 #undef BUFSIZZ
 #define BUFSIZZ 1024*10
@ -111,8 +114,8 @@ extern int verify_depth;
 extern int verify_error;

 static void s_time_usage(void);
-static int parseArgs( int argc, char **argv );
-static SSL *doConnection( SSL *scon );
+static int parseArgs(int argc, char **argv);
+static SSL *doConnection(SSL *scon);
 static void s_time_init(void);

 /***********************************************************************
@ -120,51 +123,51 @@ static void s_time_init(void);
 */

 /* static char *port=PORT_STR;*/
-static char *host=SSL_CONNECT_NAME;
-static char *t_cert_file=NULL;
-static char *t_key_file=NULL;
-static char *CApath=NULL;
-static char *CAfile=NULL;
-static char *tm_cipher=NULL;
+static char *host = SSL_CONNECT_NAME;
+static char *t_cert_file = NULL;
+static char *t_key_file = NULL;
+static char *CApath = NULL;
+static char *CAfile = NULL;
+static char *tm_cipher = NULL;
 static int tm_verify = SSL_VERIFY_NONE;
 static int maxTime = SECONDS;
-static SSL_CTX *tm_ctx=NULL;
-static const SSL_METHOD *s_time_meth=NULL;
-static char *s_www_path=NULL;
-static long bytes_read=0; 
-static int st_bugs=0;
-static int perform=0;
+static SSL_CTX *tm_ctx = NULL;
+static const SSL_METHOD *s_time_meth = NULL;
+static char *s_www_path = NULL;
+static long bytes_read = 0;
+static int st_bugs = 0;
+static int perform = 0;
 #ifdef FIONBIO
-static int t_nbio=0;
+static int t_nbio = 0;
 #endif
 #ifdef OPENSSL_SYS_WIN32
 static int exitNow = 0;         /* Set when it's time to exit main */
 #endif

 static void s_time_init(void)
-	{
-	host=SSL_CONNECT_NAME;
-	t_cert_file=NULL;
-	t_key_file=NULL;
-	CApath=NULL;
-	CAfile=NULL;
-	tm_cipher=NULL;
+{
+    host = SSL_CONNECT_NAME;
+    t_cert_file = NULL;
+    t_key_file = NULL;
+    CApath = NULL;
+    CAfile = NULL;
+    tm_cipher = NULL;
    tm_verify = SSL_VERIFY_NONE;
    maxTime = SECONDS;
-	tm_ctx=NULL;
-	s_time_meth=NULL;
-	s_www_path=NULL;
-	bytes_read=0; 
-	st_bugs=0;
-	perform=0;
+    tm_ctx = NULL;
+    s_time_meth = NULL;
+    s_www_path = NULL;
+    bytes_read = 0;
+    st_bugs = 0;
+    perform = 0;

 #ifdef FIONBIO
-	t_nbio=0;
+    t_nbio = 0;
 #endif
 #ifdef OPENSSL_SYS_WIN32
    exitNow = 0;                /* Set when it's time to exit main */
 #endif
-	}
+}

 /***********************************************************************
 * usage - display usage message
@ -181,9 +184,10 @@ static void s_time_usage(void)
 -CAfile arg   - PEM format file of CA's\n\
 -cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";

-	printf( "usage: s_time <args>\n\n" );
+    printf("usage: s_time <args>\n\n");

-	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
+    printf("-connect host:port - host:port to connect to (default is %s)\n",
+           SSL_CONNECT_NAME);
 #ifdef FIONBIO
    printf("-nbio         - Run with non-blocking IO\n");
    printf("-ssl2         - Just use SSLv2\n");
@ -193,7 +197,7 @@ static void s_time_usage(void)
    printf("-reuse        - Just time connection reuse\n");
    printf("-www page     - Retrieve 'page' from the site\n");
 #endif
-	printf( umsg,SECONDS );
+    printf(umsg, SECONDS);
 }

 /***********************************************************************
@ -205,99 +209,106 @@ static int parseArgs(int argc, char **argv)
 {
    int badop = 0;

-    verify_depth=0;
-    verify_error=X509_V_OK;
+    verify_depth = 0;
+    verify_error = X509_V_OK;

    argc--;
    argv++;

    while (argc >= 1) {
-	if (strcmp(*argv,"-connect") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
+        if (strcmp(*argv, "-connect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            host = *(++argv);
        }
 #if 0
-	else if( strcmp(*argv,"-host") == 0)
-		{
-		if (--argc < 1) goto bad;
-		host= *(++argv);
-		}
-	else if( strcmp(*argv,"-port") == 0)
-		{
-		if (--argc < 1) goto bad;
-		port= *(++argv);
+        else if (strcmp(*argv, "-host") == 0) {
+            if (--argc < 1)
+                goto bad;
+            host = *(++argv);
+        } else if (strcmp(*argv, "-port") == 0) {
+            if (--argc < 1)
+                goto bad;
+            port = *(++argv);
        }
 #endif
-	else if (strcmp(*argv,"-reuse") == 0)
-		perform=2;
-	else if (strcmp(*argv,"-new") == 0)
-		perform=1;
-	else if( strcmp(*argv,"-verify") == 0) {
+        else if (strcmp(*argv, "-reuse") == 0)
+            perform = 2;
+        else if (strcmp(*argv, "-new") == 0)
+            perform = 1;
+        else if (strcmp(*argv, "-verify") == 0) {

-	    tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
-	    if (--argc < 1) goto bad;
-	    verify_depth=atoi(*(++argv));
-	    BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+            tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
+            if (--argc < 1)
+                goto bad;
+            verify_depth = atoi(*(++argv));
+            BIO_printf(bio_err, "verify depth is %d\n", verify_depth);

-	} else if( strcmp(*argv,"-cert") == 0) {
+        } else if (strcmp(*argv, "-cert") == 0) {

-	    if (--argc < 1) goto bad;
-	    t_cert_file= *(++argv);
+            if (--argc < 1)
+                goto bad;
+            t_cert_file = *(++argv);

-	} else if( strcmp(*argv,"-key") == 0) {
+        } else if (strcmp(*argv, "-key") == 0) {

-	    if (--argc < 1) goto bad;
-	    t_key_file= *(++argv);
+            if (--argc < 1)
+                goto bad;
+            t_key_file = *(++argv);

-	} else if( strcmp(*argv,"-CApath") == 0) {
+        } else if (strcmp(*argv, "-CApath") == 0) {

-	    if (--argc < 1) goto bad;
-	    CApath= *(++argv);
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);

-	} else if( strcmp(*argv,"-CAfile") == 0) {
+        } else if (strcmp(*argv, "-CAfile") == 0) {

-	    if (--argc < 1) goto bad;
-	    CAfile= *(++argv);
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);

-	} else if( strcmp(*argv,"-cipher") == 0) {
+        } else if (strcmp(*argv, "-cipher") == 0) {

-	    if (--argc < 1) goto bad;
-	    tm_cipher= *(++argv);
+            if (--argc < 1)
+                goto bad;
+            tm_cipher = *(++argv);
        }
 #ifdef FIONBIO
-	else if(strcmp(*argv,"-nbio") == 0) {
-	    t_nbio=1;
+        else if (strcmp(*argv, "-nbio") == 0) {
+            t_nbio = 1;
        }
 #endif
-	else if(strcmp(*argv,"-www") == 0)
-		{
-		if (--argc < 1) goto bad;
-		s_www_path= *(++argv);
-		if(strlen(s_www_path) > MYBUFSIZ-100)
-			{
-			BIO_printf(bio_err,"-www option too long\n");
-			badop=1;
+        else if (strcmp(*argv, "-www") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_www_path = *(++argv);
+            if (strlen(s_www_path) > MYBUFSIZ - 100) {
+                BIO_printf(bio_err, "-www option too long\n");
+                badop = 1;
            }
-		}
-	else if(strcmp(*argv,"-bugs") == 0)
-	    st_bugs=1;
+        } else if (strcmp(*argv, "-bugs") == 0)
+            st_bugs = 1;
 #ifndef OPENSSL_NO_SSL2
-	else if(strcmp(*argv,"-ssl2") == 0)
-	    s_time_meth=SSLv2_client_method();
+        else if (strcmp(*argv, "-ssl2") == 0)
+            s_time_meth = SSLv2_client_method();
 #endif
 #ifndef OPENSSL_NO_SSL3
-	else if(strcmp(*argv,"-ssl3") == 0)
-	    s_time_meth=SSLv3_client_method();
+        else if (strcmp(*argv, "-ssl3") == 0)
+            s_time_meth = SSLv3_client_method();
 #endif
-	else if( strcmp(*argv,"-time") == 0) {
+        else if (strcmp(*argv, "-time") == 0) {

-	    if (--argc < 1) goto bad;
-	    maxTime= atoi(*(++argv));
+            if (--argc < 1)
+                goto bad;
+            maxTime = atoi(*(++argv));
+            if (maxTime <= 0) {
+                BIO_printf(bio_err, "time must be > 0\n");
+                badop = 1;
            }
-	else {
-	    BIO_printf(bio_err,"unknown option %s\n",*argv);
-	    badop=1;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badop = 1;
            break;
        }

@ -305,10 +316,11 @@ static int parseArgs(int argc, char **argv)
        argv++;
    }

-    if (perform == 0) perform=3;
+    if (perform == 0)
+        perform = 3;

-    if(badop) {
-bad:
+    if (badop) {
+ bad:
        s_time_usage();
        return -1;
    }
@ -323,9 +335,9 @@ bad:
 #define STOP    1

 static double tm_Time_F(int s)
-	{
-	return app_tminterval(s,1);
-	}
+{
+    return app_tminterval(s, 1);
+}

 /***********************************************************************
 * MAIN - main processing area for client
@ -334,43 +346,46 @@ static double tm_Time_F(int s)
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    double totalTime = 0.0;
    int nConn = 0;
-	SSL *scon=NULL;
-	long finishtime=0;
-	int ret=1,i;
-	MS_STATIC char buf[1024*8];
+    SSL *scon = NULL;
+    long finishtime = 0;
+    int ret = 1, i;
+    MS_STATIC char buf[1024 * 8];
    int ver;

    apps_startup();
    s_time_init();

    if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

-	s_time_meth=SSLv23_client_method();
+    s_time_meth = SSLv23_client_method();

    /* parse the command line arguments */
-	if( parseArgs( argc, argv ) < 0 )
+    if (parseArgs(argc, argv) < 0)
        goto end;

    OpenSSL_add_ssl_algorithms();
-	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
+    if ((tm_ctx = SSL_CTX_new(s_time_meth)) == NULL)
+        return (1);

-	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
+    SSL_CTX_set_quiet_shutdown(tm_ctx, 1);

-	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
-	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
-	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
+    if (st_bugs)
+        SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
+    SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
+    if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
        goto end;

    SSL_load_error_strings();

-	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
-		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
-		{
-		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
+    if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
+        /*
+         * BIO_printf(bio_err,"error setting default verify locations\n");
+         */
        ERR_print_errors(bio_err);
        /* goto end; */
    }
@ -378,43 +393,43 @@ int MAIN(int argc, char **argv)
    if (tm_cipher == NULL)
        tm_cipher = getenv("SSL_CIPHER");

-	if (tm_cipher == NULL ) {
-		fprintf( stderr, "No CIPHER specified\n" );
+    if (tm_cipher == NULL) {
+        fprintf(stderr, "No CIPHER specified\n");
    }

-	if (!(perform & 1)) goto next;
-	printf( "Collecting connection statistics for %d seconds\n", maxTime );
+    if (!(perform & 1))
+        goto next;
+    printf("Collecting connection statistics for %d seconds\n", maxTime);

    /* Loop and time how long it takes to make connections */

-	bytes_read=0;
-	finishtime=(long)time(NULL)+maxTime;
+    bytes_read = 0;
+    finishtime = (long)time(NULL) + maxTime;
    tm_Time_F(START);
-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
+    for (;;) {
+        if (finishtime < (long)time(NULL))
+            break;
 #ifdef WIN32_STUFF

-		if( flushWinMsgs(0) == -1 )
+        if (flushWinMsgs(0) == -1)
            goto end;

-		if( waitingToDie || exitNow )		/* we're dead */
+        if (waitingToDie || exitNow) /* we're dead */
            goto end;
 #endif

-		if( (scon = doConnection( NULL )) == NULL )
+        if ((scon = doConnection(NULL)) == NULL)
            goto end;

-		if (s_www_path != NULL)
-			{
-			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
+        if (s_www_path != NULL) {
+            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+                         s_www_path);
+            SSL_write(scon, buf, strlen(buf));
+            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
+                bytes_read += i;
        }
-
 #ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
 #else
        SSL_shutdown(scon);
 #endif
@ -422,53 +437,56 @@ int MAIN(int argc, char **argv)

        nConn += 1;
        if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
+            ver = 'r';
+        else {
+            ver = SSL_version(scon);
            if (ver == TLS1_VERSION)
-				ver='t';
+                ver = 't';
            else if (ver == SSL3_VERSION)
-				ver='3';
+                ver = '3';
            else if (ver == SSL2_VERSION)
-				ver='2';
+                ver = '2';
            else
-				ver='*';
+                ver = '*';
        }
-		fputc(ver,stdout);
+        fputc(ver, stdout);
        fflush(stdout);

-		SSL_free( scon );
-		scon=NULL;
+        SSL_free(scon);
+        scon = NULL;
    }
    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */

-	i=(int)((long)time(NULL)-finishtime+maxTime);
-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
+    i = (int)((long)time(NULL) - finishtime + maxTime);
+    printf
+        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
+         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
+    printf
+        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
+         nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);

-	/* Now loop and time connections using the same session id over and over */
+    /*
+     * Now loop and time connections using the same session id over and over
+     */

-next:
-	if (!(perform & 2)) goto end;
-	printf( "\n\nNow timing with session id reuse.\n" );
+ next:
+    if (!(perform & 2))
+        goto end;
+    printf("\n\nNow timing with session id reuse.\n");

    /* Get an SSL object so we can reuse the session id */
-	if( (scon = doConnection( NULL )) == NULL )
-		{
-		fprintf( stderr, "Unable to get connection\n" );
+    if ((scon = doConnection(NULL)) == NULL) {
+        fprintf(stderr, "Unable to get connection\n");
        goto end;
    }

-	if (s_www_path != NULL)
-		{
-		BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-		SSL_write(scon,buf,strlen(buf));
-		while (SSL_read(scon,buf,sizeof(buf)) > 0)
-			;
+    if (s_www_path != NULL) {
+        BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
+        SSL_write(scon, buf, strlen(buf));
+        while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
    }
 #ifdef NO_SHUTDOWN
-	SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+    SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
 #else
    SSL_shutdown(scon);
 #endif
@ -477,37 +495,36 @@ next:
    nConn = 0;
    totalTime = 0.0;

-	finishtime=(long)time(NULL)+maxTime;
+    finishtime = (long)time(NULL) + maxTime;

-	printf( "starting\n" );
-	bytes_read=0;
+    printf("starting\n");
+    bytes_read = 0;
    tm_Time_F(START);

-	for (;;)
-		{
-		if (finishtime < (long)time(NULL)) break;
+    for (;;) {
+        if (finishtime < (long)time(NULL))
+            break;

 #ifdef WIN32_STUFF
-		if( flushWinMsgs(0) == -1 )
+        if (flushWinMsgs(0) == -1)
            goto end;

-		if( waitingToDie || exitNow )	/* we're dead */
+        if (waitingToDie || exitNow) /* we're dead */
            goto end;
 #endif

-	 	if( (doConnection( scon )) == NULL )
+        if ((doConnection(scon)) == NULL)
            goto end;

-		if (s_www_path)
-			{
-			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
-			SSL_write(scon,buf,strlen(buf));
-			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
-				bytes_read+=i;
+        if (s_www_path) {
+            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+                         s_www_path);
+            SSL_write(scon, buf, strlen(buf));
+            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
+                bytes_read += i;
        }
-
 #ifdef NO_SHUTDOWN
-		SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
 #else
        SSL_shutdown(scon);
 #endif
@ -515,42 +532,45 @@ next:

        nConn += 1;
        if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
+            ver = 'r';
+        else {
+            ver = SSL_version(scon);
            if (ver == TLS1_VERSION)
-				ver='t';
+                ver = 't';
            else if (ver == SSL3_VERSION)
-				ver='3';
+                ver = '3';
            else if (ver == SSL2_VERSION)
-				ver='2';
+                ver = '2';
            else
-				ver='*';
+                ver = '*';
        }
-		fputc(ver,stdout);
+        fputc(ver, stdout);
        fflush(stdout);
    }
-	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
+    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */

+    printf
+        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
+         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
+    printf
+        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
+         nConn, (long)time(NULL) - finishtime + maxTime,
+         bytes_read / (nConn?nConn:1));

-	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
+    ret = 0;
+ end:
+    if (scon != NULL)
+        SSL_free(scon);

-	ret=0;
-end:
-	if (scon != NULL) SSL_free(scon);
-
-	if (tm_ctx != NULL)
-		{
+    if (tm_ctx != NULL) {
        SSL_CTX_free(tm_ctx);
-		tm_ctx=NULL;
+        tm_ctx = NULL;
    }
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

-/***********************************************************************
+/*-
 * doConnection - make a connection
 * Args:
 *              scon    = earlier ssl connection for session id, or NULL
@ -558,60 +578,57 @@ end:
 *              SSL *   = the connection pointer.
 */
 static SSL *doConnection(SSL *scon)
-	{
+{
    BIO *conn;
    SSL *serverCon;
    int width, i;
    fd_set readfds;

-	if ((conn=BIO_new(BIO_s_connect())) == NULL)
-		return(NULL);
+    if ((conn = BIO_new(BIO_s_connect())) == NULL)
+        return (NULL);

 /*      BIO_set_conn_port(conn,port);*/
-	BIO_set_conn_hostname(conn,host);
+    BIO_set_conn_hostname(conn, host);

    if (scon == NULL)
-		serverCon=SSL_new(tm_ctx);
-	else
-		{
-		serverCon=scon;
+        serverCon = SSL_new(tm_ctx);
+    else {
+        serverCon = scon;
        SSL_set_connect_state(serverCon);
    }

-	SSL_set_bio(serverCon,conn,conn);
+    SSL_set_bio(serverCon, conn, conn);

 #if 0
-	if( scon != NULL )
-		SSL_set_session(serverCon,SSL_get_session(scon));
+    if (scon != NULL)
+        SSL_set_session(serverCon, SSL_get_session(scon));
 #endif

    /* ok, lets connect */
-	for(;;) {
-		i=SSL_connect(serverCon);
-		if (BIO_sock_should_retry(i))
-			{
-			BIO_printf(bio_err,"DELAY\n");
+    for (;;) {
+        i = SSL_connect(serverCon);
+        if (BIO_sock_should_retry(i)) {
+            BIO_printf(bio_err, "DELAY\n");

-			i=SSL_get_fd(serverCon);
-			width=i+1;
+            i = SSL_get_fd(serverCon);
+            width = i + 1;
            FD_ZERO(&readfds);
-			openssl_fdset(i,&readfds);
-			/* Note: under VMS with SOCKETSHR the 2nd parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
+            openssl_fdset(i, &readfds);
+            /*
+             * Note: under VMS with SOCKETSHR the 2nd parameter is currently
+             * of type (int *) whereas under other systems it is (void *) if
+             * you don't have a cast it will choke the compiler: if you do
+             * have a cast then you can either go for (int *) or (void *).
             */
-			select(width,(void *)&readfds,NULL,NULL,NULL);
+            select(width, (void *)&readfds, NULL, NULL, NULL);
            continue;
        }
        break;
    }
-	if(i <= 0)
-		{
-		BIO_printf(bio_err,"ERROR\n");
+    if (i <= 0) {
+        BIO_printf(bio_err, "ERROR\n");
        if (verify_error != X509_V_OK)
-			BIO_printf(bio_err,"verify error:%s\n",
+            BIO_printf(bio_err, "verify error:%s\n",
                       X509_verify_cert_error_string(verify_error));
        else
            ERR_print_errors(bio_err);
@ -621,6 +638,4 @@ static SSL *doConnection(SSL *scon)
    }

    return serverCon;
-	}
-
-
+}
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@ -69,18 +69,18 @@
 #undef PROG
 #define PROG    sess_id_main

-static const char *sess_id_usage[]={
-"usage: sess_id args\n",
-"\n",
-" -inform arg     - input format - default PEM (DER or PEM)\n",
-" -outform arg    - output format - default PEM\n",
-" -in arg         - input file - default stdin\n",
-" -out arg        - output file - default stdout\n",
-" -text           - print ssl session id details\n",
-" -cert           - output certificate \n",
-" -noout          - no CRL output\n",
-" -context arg    - set the session ID context\n",
-NULL
+static const char *sess_id_usage[] = {
+    "usage: sess_id args\n",
+    "\n",
+    " -inform arg     - input format - default PEM (DER or PEM)\n",
+    " -outform arg    - output format - default PEM\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -text           - print ssl session id details\n",
+    " -cert           - output certificate \n",
+    " -noout          - no CRL output\n",
+    " -context arg    - set the session ID context\n",
+    NULL
 };

 static SSL_SESSION *load_sess_id(char *file, int format);
@ -88,235 +88,213 @@ static SSL_SESSION *load_sess_id(char *file, int format);
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	SSL_SESSION *x=NULL;
+{
+    SSL_SESSION *x = NULL;
    X509 *peer = NULL;
-	int ret=1,i,num,badops=0;
-	BIO *out=NULL;
-	int informat,outformat;
-	char *infile=NULL,*outfile=NULL,*context=NULL;
-	int cert=0,noout=0,text=0;
+    int ret = 1, i, num, badops = 0;
+    BIO *out = NULL;
+    int informat, outformat;
+    char *infile = NULL, *outfile = NULL, *context = NULL;
+    int cert = 0, noout = 0, text = 0;
    const char **pp;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;

    argc--;
    argv++;
-	num=0;
-	while (argc >= 1)
-		{
-		if 	(strcmp(*argv,"-inform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			informat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-outform") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outformat=str2fmt(*(++argv));
-			}
-		else if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-text") == 0)
-			text= ++num;
-		else if (strcmp(*argv,"-cert") == 0)
-			cert= ++num;
-		else if (strcmp(*argv,"-noout") == 0)
-			noout= ++num;
-		else if (strcmp(*argv,"-context") == 0)
-		    {
-		    if(--argc < 1) goto bad;
-		    context=*++argv;
-		    }
-		else
-			{
-			BIO_printf(bio_err,"unknown option %s\n",*argv);
-			badops=1;
+    num = 0;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-text") == 0)
+            text = ++num;
+        else if (strcmp(*argv, "-cert") == 0)
+            cert = ++num;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = ++num;
+        else if (strcmp(*argv, "-context") == 0) {
+            if (--argc < 1)
+                goto bad;
+            context = *++argv;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
            break;
        }
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		for (pp=sess_id_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
+    if (badops) {
+ bad:
+        for (pp = sess_id_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
        goto end;
    }

    ERR_load_crypto_strings();
-	x=load_sess_id(infile,informat);
-	if (x == NULL) { goto end; }
+    x = load_sess_id(infile, informat);
+    if (x == NULL) {
+        goto end;
+    }
    peer = SSL_SESSION_get0_peer(x);

-	if(context)
-	    {
+    if (context) {
        size_t ctx_len = strlen(context);
-	    if(ctx_len > SSL_MAX_SID_CTX_LENGTH)
-		{
-		BIO_printf(bio_err,"Context too long\n");
+        if (ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+            BIO_printf(bio_err, "Context too long\n");
            goto end;
        }
        SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
    }
-
 #ifdef undef
    /* just testing for memory leaks :-) */
    {
        SSL_SESSION *s;
-	char buf[1024*10],*p;
+        char buf[1024 * 10], *p;
        int i;

-	s=SSL_SESSION_new();
+        s = SSL_SESSION_new();

-	p= &buf;
-	i=i2d_SSL_SESSION(x,&p);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
-	p= &buf;
-	d2i_SSL_SESSION(&s,&p,(long)i);
+        p = &buf;
+        i = i2d_SSL_SESSION(x, &p);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
        SSL_SESSION_free(s);
    }
 #endif

-	if (!noout || text)
-		{
-		out=BIO_new(BIO_s_file());
-		if (out == NULL)
-			{
+    if (!noout || text) {
+        out = BIO_new(BIO_s_file());
+        if (out == NULL) {
            ERR_print_errors(bio_err);
            goto end;
        }

-		if (outfile == NULL)
-			{
-			BIO_set_fp(out,stdout,BIO_NOCLOSE);
+        if (outfile == NULL) {
+            BIO_set_fp(out, stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
            {
                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
                out = BIO_push(tmpbio, out);
            }
 #endif
-			}
-		else
-			{
-			if (BIO_write_filename(out,outfile) <= 0)
-				{
+        } else {
+            if (BIO_write_filename(out, outfile) <= 0) {
                perror(outfile);
                goto end;
            }
        }
    }

-	if (text)
-		{
-		SSL_SESSION_print(out,x);
+    if (text) {
+        SSL_SESSION_print(out, x);

-		if (cert)
-			{
+        if (cert) {
            if (peer == NULL)
-				BIO_puts(out,"No certificate present\n");
+                BIO_puts(out, "No certificate present\n");
            else
-				X509_print(out,peer);
+                X509_print(out, peer);
        }
    }

-	if (!noout && !cert)
-		{
+    if (!noout && !cert) {
        if (outformat == FORMAT_ASN1)
-			i=i2d_SSL_SESSION_bio(out,x);
+            i = i2d_SSL_SESSION_bio(out, x);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_SSL_SESSION(out,x);
+            i = PEM_write_bio_SSL_SESSION(out, x);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }
        if (!i) {
-			BIO_printf(bio_err,"unable to write SSL_SESSION\n");
+            BIO_printf(bio_err, "unable to write SSL_SESSION\n");
            goto end;
        }
-		}
-	else if (!noout && (peer != NULL)) /* just print the certificate */
-		{
+    } else if (!noout && (peer != NULL)) { /* just print the certificate */
        if (outformat == FORMAT_ASN1)
-			i=(int)i2d_X509_bio(out,peer);
+            i = (int)i2d_X509_bio(out, peer);
        else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_X509(out,peer);
+            i = PEM_write_bio_X509(out, peer);
        else {
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
            goto end;
        }
        if (!i) {
-			BIO_printf(bio_err,"unable to write X509\n");
+            BIO_printf(bio_err, "unable to write X509\n");
            goto end;
        }
    }
-	ret=0;
-end:
-	if (out != NULL) BIO_free_all(out);
-	if (x != NULL) SSL_SESSION_free(x);
+    ret = 0;
+ end:
+    if (out != NULL)
+        BIO_free_all(out);
+    if (x != NULL)
+        SSL_SESSION_free(x);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}

 static SSL_SESSION *load_sess_id(char *infile, int format)
-	{
-	SSL_SESSION *x=NULL;
-	BIO *in=NULL;
+{
+    SSL_SESSION *x = NULL;
+    BIO *in = NULL;

-	in=BIO_new(BIO_s_file());
-	if (in == NULL)
-		{
+    in = BIO_new(BIO_s_file());
+    if (in == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) <= 0)
-			{
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
            perror(infile);
            goto end;
        }
    }
    if (format == FORMAT_ASN1)
-		x=d2i_SSL_SESSION_bio(in,NULL);
+        x = d2i_SSL_SESSION_bio(in, NULL);
    else if (format == FORMAT_PEM)
-		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
+        x = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
    else {
-		BIO_printf(bio_err,"bad input format specified for input crl\n");
+        BIO_printf(bio_err, "bad input format specified for input crl\n");
        goto end;
    }
-	if (x == NULL)
-		{
-		BIO_printf(bio_err,"unable to load SSL_SESSION\n");
+    if (x == NULL) {
+        BIO_printf(bio_err, "unable to load SSL_SESSION\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-end:
-	if (in != NULL) BIO_free(in);
-	return(x);
-	}
-
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (x);
+}
--- a/apps/smime.c
+++ b/apps/smime.c
@ -1,5 +1,6 @@
 /* smime.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
 /* ====================================================================
@ -85,7 +86,7 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx);
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
    int operation = 0;
    int ret = 0;
@ -94,7 +95,7 @@ int MAIN(int argc, char **argv)
    char *infile = NULL, *outfile = NULL;
    char *signerfile = NULL, *recipfile = NULL;
    STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
-	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
+    char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
    const EVP_CIPHER *cipher = NULL;
    PKCS7 *p7 = NULL;
    X509_STORE *store = NULL;
@ -114,7 +115,7 @@ int MAIN(int argc, char **argv)
    int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
    int keyform = FORMAT_PEM;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

    X509_VERIFY_PARAM *vpm = NULL;
@ -124,95 +125,92 @@ int MAIN(int argc, char **argv)

    apps_startup();

-	if (bio_err == NULL)
-		{
+    if (bio_err == NULL) {
        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
    }

    if (!load_config(bio_err, NULL))
        goto end;

-	while (!badarg && *args && *args[0] == '-')
-		{
-		if (!strcmp (*args, "-encrypt"))
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-encrypt"))
            operation = SMIME_ENCRYPT;
-		else if (!strcmp (*args, "-decrypt"))
+        else if (!strcmp(*args, "-decrypt"))
            operation = SMIME_DECRYPT;
-		else if (!strcmp (*args, "-sign"))
+        else if (!strcmp(*args, "-sign"))
            operation = SMIME_SIGN;
-		else if (!strcmp (*args, "-resign"))
+        else if (!strcmp(*args, "-resign"))
            operation = SMIME_RESIGN;
-		else if (!strcmp (*args, "-verify"))
+        else if (!strcmp(*args, "-verify"))
            operation = SMIME_VERIFY;
-		else if (!strcmp (*args, "-pk7out"))
+        else if (!strcmp(*args, "-pk7out"))
            operation = SMIME_PK7OUT;
 #ifndef OPENSSL_NO_DES
-		else if (!strcmp (*args, "-des3")) 
+        else if (!strcmp(*args, "-des3"))
            cipher = EVP_des_ede3_cbc();
-		else if (!strcmp (*args, "-des")) 
+        else if (!strcmp(*args, "-des"))
            cipher = EVP_des_cbc();
 #endif
 #ifndef OPENSSL_NO_SEED
-		else if (!strcmp (*args, "-seed")) 
+        else if (!strcmp(*args, "-seed"))
            cipher = EVP_seed_cbc();
 #endif
 #ifndef OPENSSL_NO_RC2
-		else if (!strcmp (*args, "-rc2-40")) 
+        else if (!strcmp(*args, "-rc2-40"))
            cipher = EVP_rc2_40_cbc();
-		else if (!strcmp (*args, "-rc2-128")) 
+        else if (!strcmp(*args, "-rc2-128"))
            cipher = EVP_rc2_cbc();
-		else if (!strcmp (*args, "-rc2-64")) 
+        else if (!strcmp(*args, "-rc2-64"))
            cipher = EVP_rc2_64_cbc();
 #endif
 #ifndef OPENSSL_NO_AES
-		else if (!strcmp(*args,"-aes128"))
+        else if (!strcmp(*args, "-aes128"))
            cipher = EVP_aes_128_cbc();
-		else if (!strcmp(*args,"-aes192"))
+        else if (!strcmp(*args, "-aes192"))
            cipher = EVP_aes_192_cbc();
-		else if (!strcmp(*args,"-aes256"))
+        else if (!strcmp(*args, "-aes256"))
            cipher = EVP_aes_256_cbc();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-		else if (!strcmp(*args,"-camellia128"))
+        else if (!strcmp(*args, "-camellia128"))
            cipher = EVP_camellia_128_cbc();
-		else if (!strcmp(*args,"-camellia192"))
+        else if (!strcmp(*args, "-camellia192"))
            cipher = EVP_camellia_192_cbc();
-		else if (!strcmp(*args,"-camellia256"))
+        else if (!strcmp(*args, "-camellia256"))
            cipher = EVP_camellia_256_cbc();
 #endif
-		else if (!strcmp (*args, "-text")) 
+        else if (!strcmp(*args, "-text"))
            flags |= PKCS7_TEXT;
-		else if (!strcmp (*args, "-nointern")) 
+        else if (!strcmp(*args, "-nointern"))
            flags |= PKCS7_NOINTERN;
-		else if (!strcmp (*args, "-noverify")) 
+        else if (!strcmp(*args, "-noverify"))
            flags |= PKCS7_NOVERIFY;
-		else if (!strcmp (*args, "-nochain")) 
+        else if (!strcmp(*args, "-nochain"))
            flags |= PKCS7_NOCHAIN;
-		else if (!strcmp (*args, "-nocerts")) 
+        else if (!strcmp(*args, "-nocerts"))
            flags |= PKCS7_NOCERTS;
-		else if (!strcmp (*args, "-noattr")) 
+        else if (!strcmp(*args, "-noattr"))
            flags |= PKCS7_NOATTR;
-		else if (!strcmp (*args, "-nodetach")) 
+        else if (!strcmp(*args, "-nodetach"))
            flags &= ~PKCS7_DETACHED;
-		else if (!strcmp (*args, "-nosmimecap"))
+        else if (!strcmp(*args, "-nosmimecap"))
            flags |= PKCS7_NOSMIMECAP;
-		else if (!strcmp (*args, "-binary"))
+        else if (!strcmp(*args, "-binary"))
            flags |= PKCS7_BINARY;
-		else if (!strcmp (*args, "-nosigs"))
+        else if (!strcmp(*args, "-nosigs"))
            flags |= PKCS7_NOSIGS;
-		else if (!strcmp (*args, "-stream"))
+        else if (!strcmp(*args, "-stream"))
            indef = 1;
-		else if (!strcmp (*args, "-indef"))
+        else if (!strcmp(*args, "-indef"))
            indef = 1;
-		else if (!strcmp (*args, "-noindef"))
+        else if (!strcmp(*args, "-noindef"))
            indef = 0;
-		else if (!strcmp (*args, "-nooldmime"))
+        else if (!strcmp(*args, "-nooldmime"))
            flags |= PKCS7_NOOLDMIMETYPE;
-		else if (!strcmp (*args, "-crlfeol"))
+        else if (!strcmp(*args, "-crlfeol"))
            flags |= PKCS7_CRLFEOL;
-		else if (!strcmp(*args,"-rand"))
-			{
+        else if (!strcmp(*args, "-rand")) {
            if (!args[1])
                goto argerr;
            args++;
@ -220,45 +218,34 @@ int MAIN(int argc, char **argv)
            need_rand = 1;
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (!strcmp(*args,"-engine"))
-			{
+        else if (!strcmp(*args, "-engine")) {
            if (!args[1])
                goto argerr;
            engine = *++args;
        }
 #endif
-		else if (!strcmp(*args,"-passin"))
-			{
+        else if (!strcmp(*args, "-passin")) {
            if (!args[1])
                goto argerr;
            passargin = *++args;
-			}
-		else if (!strcmp (*args, "-to"))
-			{
+        } else if (!strcmp(*args, "-to")) {
            if (!args[1])
                goto argerr;
            to = *++args;
-			}
-		else if (!strcmp (*args, "-from"))
-			{
+        } else if (!strcmp(*args, "-from")) {
            if (!args[1])
                goto argerr;
            from = *++args;
-			}
-		else if (!strcmp (*args, "-subject"))
-			{
+        } else if (!strcmp(*args, "-subject")) {
            if (!args[1])
                goto argerr;
            subject = *++args;
-			}
-		else if (!strcmp (*args, "-signer"))
-			{
+        } else if (!strcmp(*args, "-signer")) {
            if (!args[1])
                goto argerr;
            /* If previous -signer argument add signer to list */

-			if (signerfile)
-				{
+            if (signerfile) {
                if (!sksigners)
                    sksigners = sk_OPENSSL_STRING_new_null();
                sk_OPENSSL_STRING_push(sksigners, signerfile);
@ -270,34 +257,24 @@ int MAIN(int argc, char **argv)
                keyfile = NULL;
            }
            signerfile = *++args;
-			}
-		else if (!strcmp (*args, "-recip"))
-			{
+        } else if (!strcmp(*args, "-recip")) {
            if (!args[1])
                goto argerr;
            recipfile = *++args;
-			}
-		else if (!strcmp (*args, "-md"))
-			{
+        } else if (!strcmp(*args, "-md")) {
            if (!args[1])
                goto argerr;
            sign_md = EVP_get_digestbyname(*++args);
-			if (sign_md == NULL)
-				{
-				BIO_printf(bio_err, "Unknown digest %s\n",
-							*args);
+            if (sign_md == NULL) {
+                BIO_printf(bio_err, "Unknown digest %s\n", *args);
                goto argerr;
            }
-			}
-		else if (!strcmp (*args, "-inkey"))
-			{
+        } else if (!strcmp(*args, "-inkey")) {
            if (!args[1])
                goto argerr;
            /* If previous -inkey arument add signer to list */
-			if (keyfile)
-				{
-				if (!signerfile)
-					{
+            if (keyfile) {
+                if (!signerfile) {
                    BIO_puts(bio_err, "Illegal -inkey without -signer\n");
                    goto argerr;
                }
@ -310,84 +287,61 @@ int MAIN(int argc, char **argv)
                sk_OPENSSL_STRING_push(skkeys, keyfile);
            }
            keyfile = *++args;
-			}
-		else if (!strcmp (*args, "-keyform"))
-			{
+        } else if (!strcmp(*args, "-keyform")) {
            if (!args[1])
                goto argerr;
            keyform = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-certfile"))
-			{
+        } else if (!strcmp(*args, "-certfile")) {
            if (!args[1])
                goto argerr;
            certfile = *++args;
-			}
-		else if (!strcmp (*args, "-CAfile"))
-			{
+        } else if (!strcmp(*args, "-CAfile")) {
            if (!args[1])
                goto argerr;
            CAfile = *++args;
-			}
-		else if (!strcmp (*args, "-CApath"))
-			{
+        } else if (!strcmp(*args, "-CApath")) {
            if (!args[1])
                goto argerr;
            CApath = *++args;
-			}
-		else if (!strcmp (*args, "-in"))
-			{
+        } else if (!strcmp(*args, "-in")) {
            if (!args[1])
                goto argerr;
            infile = *++args;
-			}
-		else if (!strcmp (*args, "-inform"))
-			{
+        } else if (!strcmp(*args, "-inform")) {
            if (!args[1])
                goto argerr;
            informat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-outform"))
-			{
+        } else if (!strcmp(*args, "-outform")) {
            if (!args[1])
                goto argerr;
            outformat = str2fmt(*++args);
-			}
-		else if (!strcmp (*args, "-out"))
-			{
+        } else if (!strcmp(*args, "-out")) {
            if (!args[1])
                goto argerr;
            outfile = *++args;
-			}
-		else if (!strcmp (*args, "-content"))
-			{
+        } else if (!strcmp(*args, "-content")) {
            if (!args[1])
                goto argerr;
            contfile = *++args;
-			}
-		else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
+        } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
            continue;
        else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
            badarg = 1;
        args++;
    }

-	if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
-		{
+    if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) {
        BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
        goto argerr;
    }

-	if (operation & SMIME_SIGNERS)
-		{
+    if (operation & SMIME_SIGNERS) {
        /* Check to see if any final signer needs to be appended */
-		if (keyfile && !signerfile)
-			{
+        if (keyfile && !signerfile) {
            BIO_puts(bio_err, "Illegal -inkey without -signer\n");
            goto argerr;
        }
-		if (signerfile)
-			{
+        if (signerfile) {
            if (!sksigners)
                sksigners = sk_OPENSSL_STRING_new_null();
            sk_OPENSSL_STRING_push(sksigners, signerfile);
@ -397,116 +351,129 @@ int MAIN(int argc, char **argv)
                keyfile = signerfile;
            sk_OPENSSL_STRING_push(skkeys, keyfile);
        }
-		if (!sksigners)
-			{
+        if (!sksigners) {
            BIO_printf(bio_err, "No signer certificate specified\n");
            badarg = 1;
        }
        signerfile = NULL;
        keyfile = NULL;
        need_rand = 1;
-		}
-	else if (operation == SMIME_DECRYPT)
-		{
-		if (!recipfile && !keyfile)
-			{
-			BIO_printf(bio_err, "No recipient certificate or key specified\n");
+    } else if (operation == SMIME_DECRYPT) {
+        if (!recipfile && !keyfile) {
+            BIO_printf(bio_err,
+                       "No recipient certificate or key specified\n");
            badarg = 1;
        }
-		}
-	else if (operation == SMIME_ENCRYPT)
-		{
-		if (!*args)
-			{
+    } else if (operation == SMIME_ENCRYPT) {
+        if (!*args) {
            BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
            badarg = 1;
        }
        need_rand = 1;
-		}
-	else if (!operation)
+    } else if (!operation)
        badarg = 1;

-	if (badarg)
-		{
+    if (badarg) {
 argerr:
-		BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-encrypt       encrypt message\n");
-		BIO_printf (bio_err, "-decrypt       decrypt encrypted message\n");
-		BIO_printf (bio_err, "-sign          sign message\n");
-		BIO_printf (bio_err, "-verify        verify signed message\n");
-		BIO_printf (bio_err, "-pk7out        output PKCS#7 structure\n");
+        BIO_printf(bio_err, "Usage smime [options] cert.pem ...\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-encrypt       encrypt message\n");
+        BIO_printf(bio_err, "-decrypt       decrypt encrypted message\n");
+        BIO_printf(bio_err, "-sign          sign message\n");
+        BIO_printf(bio_err, "-verify        verify signed message\n");
+        BIO_printf(bio_err, "-pk7out        output PKCS#7 structure\n");
 #ifndef OPENSSL_NO_DES
-		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
-		BIO_printf (bio_err, "-des           encrypt with DES\n");
+        BIO_printf(bio_err, "-des3          encrypt with triple DES\n");
+        BIO_printf(bio_err, "-des           encrypt with DES\n");
 #endif
 #ifndef OPENSSL_NO_SEED
-		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
+        BIO_printf(bio_err, "-seed          encrypt with SEED\n");
 #endif
 #ifndef OPENSSL_NO_RC2
-		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
-		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
-		BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
+        BIO_printf(bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
+        BIO_printf(bio_err, "-rc2-64        encrypt with RC2-64\n");
+        BIO_printf(bio_err, "-rc2-128       encrypt with RC2-128\n");
 #endif
 #ifndef OPENSSL_NO_AES
-		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
+        BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
-		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
-		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
+        BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc camellia\n");
 #endif
-		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
-		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
-		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
-		BIO_printf (bio_err, "-nocerts       don't include signers certificate when signing\n");
-		BIO_printf (bio_err, "-nodetach      use opaque signing\n");
-		BIO_printf (bio_err, "-noattr        don't include any signed attributes\n");
-		BIO_printf (bio_err, "-binary        don't translate message to text\n");
-		BIO_printf (bio_err, "-certfile file other certificates file\n");
-		BIO_printf (bio_err, "-signer file   signer certificate file\n");
-		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
-		BIO_printf (bio_err, "-in file       input file\n");
-		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");
-		BIO_printf (bio_err, "-keyform arg   input private key format (PEM or ENGINE)\n");
-		BIO_printf (bio_err, "-out file      output file\n");
-		BIO_printf (bio_err, "-outform arg   output format SMIME (default), PEM or DER\n");
-		BIO_printf (bio_err, "-content file  supply or override content for detached signature\n");
-		BIO_printf (bio_err, "-to addr       to address\n");
-		BIO_printf (bio_err, "-from ad       from address\n");
-		BIO_printf (bio_err, "-subject s     subject\n");
-		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
-		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
-		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
-		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
+        BIO_printf(bio_err,
+                   "-nointern      don't search certificates in message for signer\n");
+        BIO_printf(bio_err,
+                   "-nosigs        don't verify message signature\n");
+        BIO_printf(bio_err,
+                   "-noverify      don't verify signers certificate\n");
+        BIO_printf(bio_err,
+                   "-nocerts       don't include signers certificate when signing\n");
+        BIO_printf(bio_err, "-nodetach      use opaque signing\n");
+        BIO_printf(bio_err,
+                   "-noattr        don't include any signed attributes\n");
+        BIO_printf(bio_err,
+                   "-binary        don't translate message to text\n");
+        BIO_printf(bio_err, "-certfile file other certificates file\n");
+        BIO_printf(bio_err, "-signer file   signer certificate file\n");
+        BIO_printf(bio_err,
+                   "-recip  file   recipient certificate file for decryption\n");
+        BIO_printf(bio_err, "-in file       input file\n");
+        BIO_printf(bio_err,
+                   "-inform arg    input format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-inkey file    input private key (if not signer or recipient)\n");
+        BIO_printf(bio_err,
+                   "-keyform arg   input private key format (PEM or ENGINE)\n");
+        BIO_printf(bio_err, "-out file      output file\n");
+        BIO_printf(bio_err,
+                   "-outform arg   output format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-content file  supply or override content for detached signature\n");
+        BIO_printf(bio_err, "-to addr       to address\n");
+        BIO_printf(bio_err, "-from ad       from address\n");
+        BIO_printf(bio_err, "-subject s     subject\n");
+        BIO_printf(bio_err,
+                   "-text          include or delete text MIME headers\n");
+        BIO_printf(bio_err,
+                   "-CApath dir    trusted certificates directory\n");
+        BIO_printf(bio_err, "-CAfile file   trusted certificates file\n");
+        BIO_printf(bio_err,
+                   "-no_alt_chains only ever use the first certificate chain found\n");
+        BIO_printf(bio_err,
+                   "-crl_check     check revocation status of signer's certificate using CRLs\n");
+        BIO_printf(bio_err,
+                   "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   "-engine e      use engine e, possibly a hardware device.\n");
 #endif
-		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "-passin arg    input file pass phrase source\n");
+        BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "               load the file (or the files in the directory) into\n");
        BIO_printf(bio_err, "               the random number generator\n");
-		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
+        BIO_printf(bio_err,
+                   "cert.pem       recipient certificate(s) for encryption\n");
        goto end;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
 #endif

-	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
-		{
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }

-	if (need_rand)
-		{
+    if (need_rand) {
        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
        if (inrand != NULL)
-			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                       app_RAND_load_files(inrand));
    }

@ -515,32 +482,24 @@ int MAIN(int argc, char **argv)
    if (!(operation & SMIME_SIGNERS))
        flags &= ~PKCS7_DETACHED;

-	if (operation & SMIME_OP)
-		{
+    if (operation & SMIME_OP) {
        if (outformat == FORMAT_ASN1)
            outmode = "wb";
-		}
-	else
-		{
+    } else {
        if (flags & PKCS7_BINARY)
            outmode = "wb";
    }

-	if (operation & SMIME_IP)
-		{
+    if (operation & SMIME_IP) {
        if (informat == FORMAT_ASN1)
            inmode = "rb";
-		}
-	else
-		{
+    } else {
        if (flags & PKCS7_BINARY)
            inmode = "rb";
    }

-	if (operation == SMIME_ENCRYPT)
-		{
-		if (!cipher)
-			{
+    if (operation == SMIME_ENCRYPT) {
+        if (!cipher) {
 #ifndef OPENSSL_NO_DES
            cipher = EVP_des_ede3_cbc();
 #else
@ -549,13 +508,13 @@ int MAIN(int argc, char **argv)
 #endif
        }
        encerts = sk_X509_new_null();
-		while (*args)
-			{
-			if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
-				NULL, e, "recipient certificate file")))
-				{
+        while (*args) {
+            if (!(cert = load_cert(bio_err, *args, FORMAT_PEM,
+                                   NULL, e, "recipient certificate file"))) {
 #if 0                           /* An appropriate message is already printed */
-				BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
+                BIO_printf(bio_err,
+                           "Can't read recipient certificate file %s\n",
+                           *args);
 #endif
                goto end;
            }
@ -565,99 +524,77 @@ int MAIN(int argc, char **argv)
        }
    }

-	if (certfile)
-		{
-		if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
-			e, "certificate file")))
-			{
+    if (certfile) {
+        if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL,
+                                 e, "certificate file"))) {
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if (recipfile && (operation == SMIME_DECRYPT))
-		{
-		if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
-			e, "recipient certificate file")))
-			{
+    if (recipfile && (operation == SMIME_DECRYPT)) {
+        if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL,
+                                e, "recipient certificate file"))) {
            ERR_print_errors(bio_err);
            goto end;
        }
    }

-	if (operation == SMIME_DECRYPT)
-		{
+    if (operation == SMIME_DECRYPT) {
        if (!keyfile)
            keyfile = recipfile;
-		}
-	else if (operation == SMIME_SIGN)
-		{
+    } else if (operation == SMIME_SIGN) {
        if (!keyfile)
            keyfile = signerfile;
-		}
-	else keyfile = NULL;
+    } else
+        keyfile = NULL;

-	if (keyfile)
-		{
+    if (keyfile) {
        key = load_key(bio_err, keyfile, keyform, 0, passin, e,
                       "signing key file");
        if (!key)
            goto end;
    }

-	if (infile)
-		{
-		if (!(in = BIO_new_file(infile, inmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
+    if (infile) {
+        if (!(in = BIO_new_file(infile, inmode))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
            goto end;
        }
-		}
-	else
+    } else
        in = BIO_new_fp(stdin, BIO_NOCLOSE);

-	if (operation & SMIME_IP)
-		{
+    if (operation & SMIME_IP) {
        if (informat == FORMAT_SMIME)
            p7 = SMIME_read_PKCS7(in, &indata);
        else if (informat == FORMAT_PEM)
            p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
        else if (informat == FORMAT_ASN1)
            p7 = d2i_PKCS7_bio(in, NULL);
-		else
-			{
+        else {
            BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
            goto end;
        }

-		if (!p7)
-			{
+        if (!p7) {
            BIO_printf(bio_err, "Error reading S/MIME message\n");
            goto end;
        }
-		if (contfile)
-			{
+        if (contfile) {
            BIO_free(indata);
-			if (!(indata = BIO_new_file(contfile, "rb")))
-				{
+            if (!(indata = BIO_new_file(contfile, "rb"))) {
                BIO_printf(bio_err, "Can't read content file %s\n", contfile);
                goto end;
            }
        }
    }

-	if (outfile)
-		{
-		if (!(out = BIO_new_file(outfile, outmode)))
-			{
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, outmode))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
            goto end;
        }
-		}
-	else
-		{
+    } else {
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
        {
@ -667,8 +604,7 @@ int MAIN(int argc, char **argv)
 #endif
    }

-	if (operation == SMIME_VERIFY)
-		{
+    if (operation == SMIME_VERIFY) {
        if (!(store = setup_verify(bio_err, CAfile, CApath)))
            goto end;
        X509_STORE_set_verify_cb(store, smime_cb);
@ -676,42 +612,34 @@ int MAIN(int argc, char **argv)
            X509_STORE_set1_param(store, vpm);
    }

-
    ret = 3;

-	if (operation == SMIME_ENCRYPT)
-		{
+    if (operation == SMIME_ENCRYPT) {
        if (indef)
            flags |= PKCS7_STREAM;
        p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-		}
-	else if (operation & SMIME_SIGNERS)
-		{
+    } else if (operation & SMIME_SIGNERS) {
        int i;
-		/* If detached data content we only enable streaming if
-		 * S/MIME output format.
+        /*
+         * If detached data content we only enable streaming if S/MIME output
+         * format.
         */
-		if (operation == SMIME_SIGN)
-			{
-			if (flags & PKCS7_DETACHED)
-				{
+        if (operation == SMIME_SIGN) {
+            if (flags & PKCS7_DETACHED) {
                if (outformat == FORMAT_SMIME)
                    flags |= PKCS7_STREAM;
-				}
-			else if (indef)
+            } else if (indef)
                flags |= PKCS7_STREAM;
            flags |= PKCS7_PARTIAL;
            p7 = PKCS7_sign(NULL, NULL, other, in, flags);
            if (!p7)
                goto end;
-			}
-		else
+        } else
            flags |= PKCS7_REUSE_DIGEST;
-		for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
-			{
+        for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
            signerfile = sk_OPENSSL_STRING_value(sksigners, i);
            keyfile = sk_OPENSSL_STRING_value(skkeys, i);
-			signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
+            signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
                               e, "signer certificate");
            if (!signer)
                goto end;
@ -719,8 +647,7 @@ int MAIN(int argc, char **argv)
                           "signing key file");
            if (!key)
                goto end;
-			if (!PKCS7_sign_add_signer(p7, signer, key,
-						sign_md, flags))
+            if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags))
                goto end;
            X509_free(signer);
            signer = NULL;
@ -728,80 +655,67 @@ int MAIN(int argc, char **argv)
            key = NULL;
        }
        /* If not streaming or resigning finalize structure */
-		if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM))
-			{
+        if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM)) {
            if (!PKCS7_final(p7, in, flags))
                goto end;
        }
    }

-	if (!p7)
-		{
+    if (!p7) {
        BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
        goto end;
    }

    ret = 4;
-	if (operation == SMIME_DECRYPT)
-		{
-		if (!PKCS7_decrypt(p7, key, recip, out, flags))
-			{
+    if (operation == SMIME_DECRYPT) {
+        if (!PKCS7_decrypt(p7, key, recip, out, flags)) {
            BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
            goto end;
        }
-		}
-	else if (operation == SMIME_VERIFY)
-		{
+    } else if (operation == SMIME_VERIFY) {
        STACK_OF(X509) *signers;
        if (PKCS7_verify(p7, other, store, indata, out, flags))
            BIO_printf(bio_err, "Verification successful\n");
-		else
-			{
+        else {
            BIO_printf(bio_err, "Verification failure\n");
            goto end;
        }
        signers = PKCS7_get0_signers(p7, other, flags);
-		if (!save_certs(signerfile, signers))
-			{
-			BIO_printf(bio_err, "Error writing signers to %s\n",
-								signerfile);
+        if (!save_certs(signerfile, signers)) {
+            BIO_printf(bio_err, "Error writing signers to %s\n", signerfile);
            ret = 5;
            goto end;
        }
        sk_X509_free(signers);
-		}
-	else if (operation == SMIME_PK7OUT)
+    } else if (operation == SMIME_PK7OUT)
        PEM_write_bio_PKCS7(out, p7);
-	else
-		{
+    else {
        if (to)
            BIO_printf(out, "To: %s\n", to);
        if (from)
            BIO_printf(out, "From: %s\n", from);
        if (subject)
            BIO_printf(out, "Subject: %s\n", subject);
-		if (outformat == FORMAT_SMIME) 
-			{
+        if (outformat == FORMAT_SMIME) {
            if (operation == SMIME_RESIGN)
                SMIME_write_PKCS7(out, p7, indata, flags);
            else
                SMIME_write_PKCS7(out, p7, in, flags);
-			}
-		else if (outformat == FORMAT_PEM) 
+        } else if (outformat == FORMAT_PEM)
            PEM_write_bio_PKCS7_stream(out, p7, in, flags);
        else if (outformat == FORMAT_ASN1)
-			i2d_PKCS7_bio_stream(out,p7, in, flags);
-		else
-			{
+            i2d_PKCS7_bio_stream(out, p7, in, flags);
+        else {
            BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
            goto end;
        }
    }
    ret = 0;
-end:
+ end:
    if (need_rand)
        app_RAND_write_file(NULL, bio_err);
-	if (ret) ERR_print_errors(bio_err);
+    if (ret)
+        ERR_print_errors(bio_err);
    sk_X509_pop_free(encerts, X509_free);
    sk_X509_pop_free(other, X509_free);
    if (vpm)
@ -819,29 +733,30 @@ end:
    BIO_free(in);
    BIO_free(indata);
    BIO_free_all(out);
-	if (passin) OPENSSL_free(passin);
+    if (passin)
+        OPENSSL_free(passin);
    return (ret);
 }

 static int save_certs(char *signerfile, STACK_OF(X509) *signers)
-	{
+{
    int i;
    BIO *tmp;
    if (!signerfile)
        return 1;
    tmp = BIO_new_file(signerfile, "w");
-	if (!tmp) return 0;
-	for(i = 0; i < sk_X509_num(signers); i++)
+    if (!tmp)
+        return 0;
+    for (i = 0; i < sk_X509_num(signers); i++)
        PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
    BIO_free(tmp);
    return 1;
-	}
-	
+}

 /* Minimal callback just to output policy info (if any) */

 static int smime_cb(int ok, X509_STORE_CTX *ctx)
-	{
+{
    int error;

    error = X509_STORE_CTX_get_error(ctx);
@ -854,4 +769,4 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx)

    return ok;

-	}
+}
--- a/apps/speed.c
+++ b/apps/speed.c
--- a/apps/spkac.c
+++ b/apps/spkac.c
@ -1,8 +1,8 @@
 /* apps/spkac.c */

-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999. Based on an original idea by Massimiliano Pala
- * (madwolf@openca.org).
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999. Based on an original idea by Massimiliano Pala (madwolf@openca.org).
 */
 /* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
@ -73,19 +73,20 @@
 #undef PROG
 #define PROG    spkac_main

-/* -in arg	- input file - default stdin
+/*-
+ * -in arg      - input file - default stdin
 * -out arg     - output file - default stdout
 */

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
-	int i,badops=0, ret = 1;
-	BIO *in = NULL,*out = NULL;
-	int verify=0,noout=0,pubkey=0;
-	char *infile = NULL,*outfile = NULL,*prog;
+    int i, badops = 0, ret = 1;
+    BIO *in = NULL, *out = NULL;
+    int verify = 0, noout = 0, pubkey = 0;
+    char *infile = NULL, *outfile = NULL, *prog;
    char *passargin = NULL, *passin = NULL;
    const char *spkac = "SPKAC", *spksect = "default";
    char *spkstr = NULL;
@ -94,119 +95,117 @@ int MAIN(int argc, char **argv)
    NETSCAPE_SPKI *spki = NULL;
    EVP_PKEY *pkey = NULL;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

    apps_startup();

-	if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);

    if (!load_config(bio_err, NULL))
        goto end;

-	prog=argv[0];
+    prog = argv[0];
    argc--;
    argv++;
-	while (argc >= 1)
-		{
-		if (strcmp(*argv,"-in") == 0)
-			{
-			if (--argc < 1) goto bad;
-			infile= *(++argv);
-			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			outfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-passin") == 0)
-			{
-			if (--argc < 1) goto bad;
-			passargin= *(++argv);
-			}
-		else if (strcmp(*argv,"-key") == 0)
-			{
-			if (--argc < 1) goto bad;
-			keyfile= *(++argv);
-			}
-		else if (strcmp(*argv,"-challenge") == 0)
-			{
-			if (--argc < 1) goto bad;
-			challenge= *(++argv);
-			}
-		else if (strcmp(*argv,"-spkac") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spkac= *(++argv);
-			}
-		else if (strcmp(*argv,"-spksect") == 0)
-			{
-			if (--argc < 1) goto bad;
-			spksect= *(++argv);
+    while (argc >= 1) {
+        if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+        } else if (strcmp(*argv, "-challenge") == 0) {
+            if (--argc < 1)
+                goto bad;
+            challenge = *(++argv);
+        } else if (strcmp(*argv, "-spkac") == 0) {
+            if (--argc < 1)
+                goto bad;
+            spkac = *(++argv);
+        } else if (strcmp(*argv, "-spksect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            spksect = *(++argv);
        }
 #ifndef OPENSSL_NO_ENGINE
-		else if (strcmp(*argv,"-engine") == 0)
-			{
-			if (--argc < 1) goto bad;
-			engine= *(++argv);
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
        }
 #endif
-		else if (strcmp(*argv,"-noout") == 0)
-			noout=1;
-		else if (strcmp(*argv,"-pubkey") == 0)
-			pubkey=1;
-		else if (strcmp(*argv,"-verify") == 0)
-			verify=1;
-		else badops = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-pubkey") == 0)
+            pubkey = 1;
+        else if (strcmp(*argv, "-verify") == 0)
+            verify = 1;
+        else
+            badops = 1;
        argc--;
        argv++;
    }

-	if (badops)
-		{
-bad:
-		BIO_printf(bio_err,"%s [options]\n",prog);
-		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -in arg        input file\n");
-		BIO_printf(bio_err," -out arg       output file\n");
-		BIO_printf(bio_err," -key arg       create SPKAC using private key\n");
-		BIO_printf(bio_err," -passin arg    input file pass phrase source\n");
-		BIO_printf(bio_err," -challenge arg challenge string\n");
-		BIO_printf(bio_err," -spkac arg     alternative SPKAC name\n");
-		BIO_printf(bio_err," -noout         don't print SPKAC\n");
-		BIO_printf(bio_err," -pubkey        output public key\n");
-		BIO_printf(bio_err," -verify        verify SPKAC signature\n");
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options]\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -in arg        input file\n");
+        BIO_printf(bio_err, " -out arg       output file\n");
+        BIO_printf(bio_err,
+                   " -key arg       create SPKAC using private key\n");
+        BIO_printf(bio_err,
+                   " -passin arg    input file pass phrase source\n");
+        BIO_printf(bio_err, " -challenge arg challenge string\n");
+        BIO_printf(bio_err, " -spkac arg     alternative SPKAC name\n");
+        BIO_printf(bio_err, " -noout         don't print SPKAC\n");
+        BIO_printf(bio_err, " -pubkey        output public key\n");
+        BIO_printf(bio_err, " -verify        verify SPKAC signature\n");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device.\n");
+        BIO_printf(bio_err,
+                   " -engine e      use engine e, possibly a hardware device.\n");
 #endif
        goto end;
    }

    ERR_load_crypto_strings();
-	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }
-
 #ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
 #endif

-	if(keyfile) {
+    if (keyfile) {
        pkey = load_key(bio_err,
                        strcmp(keyfile, "-") ? keyfile : NULL,
                        FORMAT_PEM, 1, passin, e, "private key");
-		if(!pkey) {
+        if (!pkey) {
            goto end;
        }
        spki = NETSCAPE_SPKI_new();
-		if(challenge) ASN1_STRING_set(spki->spkac->challenge,
+        if (challenge)
+            ASN1_STRING_set(spki->spkac->challenge,
                            challenge, (int)strlen(challenge));
        NETSCAPE_SPKI_set_pubkey(spki, pkey);
        NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
        spkstr = NETSCAPE_SPKI_b64_encode(spki);

-		if (outfile) out = BIO_new_file(outfile, "w");
+        if (outfile)
+            out = BIO_new_file(outfile, "w");
        else {
            out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
@ -217,7 +216,7 @@ bad:
 #endif
        }

-		if(!out) {
+        if (!out) {
            BIO_printf(bio_err, "Error opening output file\n");
            ERR_print_errors(bio_err);
            goto end;
@ -228,12 +227,12 @@ bad:
        goto end;
    }

+    if (infile)
+        in = BIO_new_file(infile, "r");
+    else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);

-
-	if (infile) in = BIO_new_file(infile, "r");
-	else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if(!in) {
+    if (!in) {
        BIO_printf(bio_err, "Error opening input file\n");
        ERR_print_errors(bio_err);
        goto end;
@ -242,7 +241,7 @@ bad:
    conf = NCONF_new(NULL);
    i = NCONF_load_bio(conf, in, NULL);

-	if(!i) {
+    if (!i) {
        BIO_printf(bio_err, "Error parsing config file\n");
        ERR_print_errors(bio_err);
        goto end;
@ -250,7 +249,7 @@ bad:

    spkstr = NCONF_get_string(conf, spksect, spkac);

-	if(!spkstr) {
+    if (!spkstr) {
        BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
        ERR_print_errors(bio_err);
        goto end;
@ -258,13 +257,14 @@ bad:

    spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);

-	if(!spki) {
+    if (!spki) {
        BIO_printf(bio_err, "Error loading SPKAC\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if (outfile) out = BIO_new_file(outfile, "w");
+    if (outfile)
+        out = BIO_new_file(outfile, "w");
    else {
        out = BIO_new_fp(stdout, BIO_NOCLOSE);
 #ifdef OPENSSL_SYS_VMS
@ -275,34 +275,38 @@ bad:
 #endif
    }

-	if(!out) {
+    if (!out) {
        BIO_printf(bio_err, "Error opening output file\n");
        ERR_print_errors(bio_err);
        goto end;
    }

-	if(!noout) NETSCAPE_SPKI_print(out, spki);
+    if (!noout)
+        NETSCAPE_SPKI_print(out, spki);
    pkey = NETSCAPE_SPKI_get_pubkey(spki);
-	if(verify) {
+    if (verify) {
        i = NETSCAPE_SPKI_verify(spki, pkey);
-		if (i > 0) BIO_printf(bio_err, "Signature OK\n");
+        if (i > 0)
+            BIO_printf(bio_err, "Signature OK\n");
        else {
            BIO_printf(bio_err, "Signature Failure\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
-	if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
+    if (pubkey)
+        PEM_write_bio_PUBKEY(out, pkey);

    ret = 0;

-end:
+ end:
    NCONF_free(conf);
    NETSCAPE_SPKI_free(spki);
    BIO_free(in);
    BIO_free_all(out);
    EVP_PKEY_free(pkey);
-	if(passin) OPENSSL_free(passin);
+    if (passin)
+        OPENSSL_free(passin);
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
--- a/apps/srp.c
+++ b/apps/srp.c
--- a/apps/testdsa.h
+++ b/apps/testdsa.h
@ -1,217 +1,233 @@
 /* NOCW */
 /* used by apps/speed.c */
-DSA *get_dsa512(void );
-DSA *get_dsa1024(void );
-DSA *get_dsa2048(void );
+DSA *get_dsa512(void);
+DSA *get_dsa1024(void);
+DSA *get_dsa2048(void);
 static unsigned char dsa512_priv[] = {
-	0x65,0xe5,0xc7,0x38,0x60,0x24,0xb5,0x89,0xd4,0x9c,0xeb,0x4c,
-	0x9c,0x1d,0x7a,0x22,0xbd,0xd1,0xc2,0xd2,
-	};
+    0x65, 0xe5, 0xc7, 0x38, 0x60, 0x24, 0xb5, 0x89, 0xd4, 0x9c, 0xeb, 0x4c,
+    0x9c, 0x1d, 0x7a, 0x22, 0xbd, 0xd1, 0xc2, 0xd2,
+};
+
 static unsigned char dsa512_pub[] = {
-	0x00,0x95,0xa7,0x0d,0xec,0x93,0x68,0xba,0x5f,0xf7,0x5f,0x07,
-	0xf2,0x3b,0xad,0x6b,0x01,0xdc,0xbe,0xec,0xde,0x04,0x7a,0x3a,
-	0x27,0xb3,0xec,0x49,0xfd,0x08,0x43,0x3d,0x7e,0xa8,0x2c,0x5e,
-	0x7b,0xbb,0xfc,0xf4,0x6e,0xeb,0x6c,0xb0,0x6e,0xf8,0x02,0x12,
-	0x8c,0x38,0x5d,0x83,0x56,0x7d,0xee,0x53,0x05,0x3e,0x24,0x84,
-	0xbe,0xba,0x0a,0x6b,0xc8,
-	};
-static unsigned char dsa512_p[]={
-	0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
-	0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
-	0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
-	0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
-	0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
-	0xA2,0x76,0x7D,0x31,
-	};
-static unsigned char dsa512_q[]={
-	0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
-	0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
-	};
-static unsigned char dsa512_g[]={
-	0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
-	0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
-	0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
-	0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
-	0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
-	0xA2,0x03,0x9D,0x20,
-	};
+    0x00, 0x95, 0xa7, 0x0d, 0xec, 0x93, 0x68, 0xba, 0x5f, 0xf7, 0x5f, 0x07,
+    0xf2, 0x3b, 0xad, 0x6b, 0x01, 0xdc, 0xbe, 0xec, 0xde, 0x04, 0x7a, 0x3a,
+    0x27, 0xb3, 0xec, 0x49, 0xfd, 0x08, 0x43, 0x3d, 0x7e, 0xa8, 0x2c, 0x5e,
+    0x7b, 0xbb, 0xfc, 0xf4, 0x6e, 0xeb, 0x6c, 0xb0, 0x6e, 0xf8, 0x02, 0x12,
+    0x8c, 0x38, 0x5d, 0x83, 0x56, 0x7d, 0xee, 0x53, 0x05, 0x3e, 0x24, 0x84,
+    0xbe, 0xba, 0x0a, 0x6b, 0xc8,
+};
+
+static unsigned char dsa512_p[] = {
+    0x9D, 0x1B, 0x69, 0x8E, 0x26, 0xDB, 0xF2, 0x2B, 0x11, 0x70, 0x19, 0x86,
+    0xF6, 0x19, 0xC8, 0xF8, 0x19, 0xF2, 0x18, 0x53, 0x94, 0x46, 0x06, 0xD0,
+    0x62, 0x50, 0x33, 0x4B, 0x02, 0x3C, 0x52, 0x30, 0x03, 0x8B, 0x3B, 0xF9,
+    0x5F, 0xD1, 0x24, 0x06, 0x4F, 0x7B, 0x4C, 0xBA, 0xAA, 0x40, 0x9B, 0xFD,
+    0x96, 0xE4, 0x37, 0x33, 0xBB, 0x2D, 0x5A, 0xD7, 0x5A, 0x11, 0x40, 0x66,
+    0xA2, 0x76, 0x7D, 0x31,
+};
+
+static unsigned char dsa512_q[] = {
+    0xFB, 0x53, 0xEF, 0x50, 0xB4, 0x40, 0x92, 0x31, 0x56, 0x86, 0x53, 0x7A,
+    0xE8, 0x8B, 0x22, 0x9A, 0x49, 0xFB, 0x71, 0x8F,
+};
+
+static unsigned char dsa512_g[] = {
+    0x83, 0x3E, 0x88, 0xE5, 0xC5, 0x89, 0x73, 0xCE, 0x3B, 0x6C, 0x01, 0x49,
+    0xBF, 0xB3, 0xC7, 0x9F, 0x0A, 0xEA, 0x44, 0x91, 0xE5, 0x30, 0xAA, 0xD9,
+    0xBE, 0x5B, 0x5F, 0xB7, 0x10, 0xD7, 0x89, 0xB7, 0x8E, 0x74, 0xFB, 0xCF,
+    0x29, 0x1E, 0xEB, 0xA8, 0x2C, 0x54, 0x51, 0xB8, 0x10, 0xDE, 0xA0, 0xCE,
+    0x2F, 0xCC, 0x24, 0x6B, 0x90, 0x77, 0xDE, 0xA2, 0x68, 0xA6, 0x52, 0x12,
+    0xA2, 0x03, 0x9D, 0x20,
+};

 DSA *get_dsa512()
-	{
+{
    DSA *dsa;

-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa512_priv,sizeof(dsa512_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa512_pub,sizeof(dsa512_pub),NULL);
-	dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
-	dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
-	dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa512_priv, sizeof(dsa512_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa512_pub, sizeof(dsa512_pub), NULL);
+    dsa->p = BN_bin2bn(dsa512_p, sizeof(dsa512_p), NULL);
+    dsa->q = BN_bin2bn(dsa512_q, sizeof(dsa512_q), NULL);
+    dsa->g = BN_bin2bn(dsa512_g, sizeof(dsa512_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}

-static unsigned char dsa1024_priv[]={
-	0x7d,0x21,0xda,0xbb,0x62,0x15,0x47,0x36,0x07,0x67,0x12,0xe8,
-	0x8c,0xaa,0x1c,0xcd,0x38,0x12,0x61,0x18,
-	};
-static unsigned char dsa1024_pub[]={
-	0x3c,0x4e,0x9c,0x2a,0x7f,0x16,0xc1,0x25,0xeb,0xac,0x78,0x63,
-	0x90,0x14,0x8c,0x8b,0xf4,0x68,0x43,0x3c,0x2d,0xee,0x65,0x50,
-	0x7d,0x9c,0x8f,0x8c,0x8a,0x51,0xd6,0x11,0x2b,0x99,0xaf,0x1e,
-	0x90,0x97,0xb5,0xd3,0xa6,0x20,0x25,0xd6,0xfe,0x43,0x02,0xd5,
-	0x91,0x7d,0xa7,0x8c,0xdb,0xc9,0x85,0xa3,0x36,0x48,0xf7,0x68,
-	0xaa,0x60,0xb1,0xf7,0x05,0x68,0x3a,0xa3,0x3f,0xd3,0x19,0x82,
-	0xd8,0x82,0x7a,0x77,0xfb,0xef,0xf4,0x15,0x0a,0xeb,0x06,0x04,
-	0x7f,0x53,0x07,0x0c,0xbc,0xcb,0x2d,0x83,0xdb,0x3e,0xd1,0x28,
-	0xa5,0xa1,0x31,0xe0,0x67,0xfa,0x50,0xde,0x9b,0x07,0x83,0x7e,
-	0x2c,0x0b,0xc3,0x13,0x50,0x61,0xe5,0xad,0xbd,0x36,0xb8,0x97,
-	0x4e,0x40,0x7d,0xe8,0x83,0x0d,0xbc,0x4b
-	};
-static unsigned char dsa1024_p[]={
-	0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
-	0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
-	0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
-	0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
-	0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
-	0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
-	0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
-	0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
-	0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
-	0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
-	0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
-	};
-static unsigned char dsa1024_q[]={
-	0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
-	0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
-	};
-static unsigned char dsa1024_g[]={
-	0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
-	0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
-	0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
-	0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
-	0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
-	0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
-	0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
-	0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
-	0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
-	0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
-	0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
-	};
+static unsigned char dsa1024_priv[] = {
+    0x7d, 0x21, 0xda, 0xbb, 0x62, 0x15, 0x47, 0x36, 0x07, 0x67, 0x12, 0xe8,
+    0x8c, 0xaa, 0x1c, 0xcd, 0x38, 0x12, 0x61, 0x18,
+};
+
+static unsigned char dsa1024_pub[] = {
+    0x3c, 0x4e, 0x9c, 0x2a, 0x7f, 0x16, 0xc1, 0x25, 0xeb, 0xac, 0x78, 0x63,
+    0x90, 0x14, 0x8c, 0x8b, 0xf4, 0x68, 0x43, 0x3c, 0x2d, 0xee, 0x65, 0x50,
+    0x7d, 0x9c, 0x8f, 0x8c, 0x8a, 0x51, 0xd6, 0x11, 0x2b, 0x99, 0xaf, 0x1e,
+    0x90, 0x97, 0xb5, 0xd3, 0xa6, 0x20, 0x25, 0xd6, 0xfe, 0x43, 0x02, 0xd5,
+    0x91, 0x7d, 0xa7, 0x8c, 0xdb, 0xc9, 0x85, 0xa3, 0x36, 0x48, 0xf7, 0x68,
+    0xaa, 0x60, 0xb1, 0xf7, 0x05, 0x68, 0x3a, 0xa3, 0x3f, 0xd3, 0x19, 0x82,
+    0xd8, 0x82, 0x7a, 0x77, 0xfb, 0xef, 0xf4, 0x15, 0x0a, 0xeb, 0x06, 0x04,
+    0x7f, 0x53, 0x07, 0x0c, 0xbc, 0xcb, 0x2d, 0x83, 0xdb, 0x3e, 0xd1, 0x28,
+    0xa5, 0xa1, 0x31, 0xe0, 0x67, 0xfa, 0x50, 0xde, 0x9b, 0x07, 0x83, 0x7e,
+    0x2c, 0x0b, 0xc3, 0x13, 0x50, 0x61, 0xe5, 0xad, 0xbd, 0x36, 0xb8, 0x97,
+    0x4e, 0x40, 0x7d, 0xe8, 0x83, 0x0d, 0xbc, 0x4b
+};
+
+static unsigned char dsa1024_p[] = {
+    0xA7, 0x3F, 0x6E, 0x85, 0xBF, 0x41, 0x6A, 0x29, 0x7D, 0xF0, 0x9F, 0x47,
+    0x19, 0x30, 0x90, 0x9A, 0x09, 0x1D, 0xDA, 0x6A, 0x33, 0x1E, 0xC5, 0x3D,
+    0x86, 0x96, 0xB3, 0x15, 0xE0, 0x53, 0x2E, 0x8F, 0xE0, 0x59, 0x82, 0x73,
+    0x90, 0x3E, 0x75, 0x31, 0x99, 0x47, 0x7A, 0x52, 0xFB, 0x85, 0xE4, 0xD9,
+    0xA6, 0x7B, 0x38, 0x9B, 0x68, 0x8A, 0x84, 0x9B, 0x87, 0xC6, 0x1E, 0xB5,
+    0x7E, 0x86, 0x4B, 0x53, 0x5B, 0x59, 0xCF, 0x71, 0x65, 0x19, 0x88, 0x6E,
+    0xCE, 0x66, 0xAE, 0x6B, 0x88, 0x36, 0xFB, 0xEC, 0x28, 0xDC, 0xC2, 0xD7,
+    0xA5, 0xBB, 0xE5, 0x2C, 0x39, 0x26, 0x4B, 0xDA, 0x9A, 0x70, 0x18, 0x95,
+    0x37, 0x95, 0x10, 0x56, 0x23, 0xF6, 0x15, 0xED, 0xBA, 0x04, 0x5E, 0xDE,
+    0x39, 0x4F, 0xFD, 0xB7, 0x43, 0x1F, 0xB5, 0xA4, 0x65, 0x6F, 0xCD, 0x80,
+    0x11, 0xE4, 0x70, 0x95, 0x5B, 0x50, 0xCD, 0x49,
+};
+
+static unsigned char dsa1024_q[] = {
+    0xF7, 0x07, 0x31, 0xED, 0xFA, 0x6C, 0x06, 0x03, 0xD5, 0x85, 0x8A, 0x1C,
+    0xAC, 0x9C, 0x65, 0xE7, 0x50, 0x66, 0x65, 0x6F,
+};
+
+static unsigned char dsa1024_g[] = {
+    0x4D, 0xDF, 0x4C, 0x03, 0xA6, 0x91, 0x8A, 0xF5, 0x19, 0x6F, 0x50, 0x46,
+    0x25, 0x99, 0xE5, 0x68, 0x6F, 0x30, 0xE3, 0x69, 0xE1, 0xE5, 0xB3, 0x5D,
+    0x98, 0xBB, 0x28, 0x86, 0x48, 0xFC, 0xDE, 0x99, 0x04, 0x3F, 0x5F, 0x88,
+    0x0C, 0x9C, 0x73, 0x24, 0x0D, 0x20, 0x5D, 0xB9, 0x2A, 0x9A, 0x3F, 0x18,
+    0x96, 0x27, 0xE4, 0x62, 0x87, 0xC1, 0x7B, 0x74, 0x62, 0x53, 0xFC, 0x61,
+    0x27, 0xA8, 0x7A, 0x91, 0x09, 0x9D, 0xB6, 0xF1, 0x4D, 0x9C, 0x54, 0x0F,
+    0x58, 0x06, 0xEE, 0x49, 0x74, 0x07, 0xCE, 0x55, 0x7E, 0x23, 0xCE, 0x16,
+    0xF6, 0xCA, 0xDC, 0x5A, 0x61, 0x01, 0x7E, 0xC9, 0x71, 0xB5, 0x4D, 0xF6,
+    0xDC, 0x34, 0x29, 0x87, 0x68, 0xF6, 0x5E, 0x20, 0x93, 0xB3, 0xDB, 0xF5,
+    0xE4, 0x09, 0x6C, 0x41, 0x17, 0x95, 0x92, 0xEB, 0x01, 0xB5, 0x73, 0xA5,
+    0x6A, 0x7E, 0xD8, 0x32, 0xED, 0x0E, 0x02, 0xB8,
+};

 DSA *get_dsa1024()
-	{
+{
    DSA *dsa;

-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa1024_priv,sizeof(dsa1024_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa1024_pub,sizeof(dsa1024_pub),NULL);
-	dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
-	dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
-	dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa1024_priv, sizeof(dsa1024_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa1024_pub, sizeof(dsa1024_pub), NULL);
+    dsa->p = BN_bin2bn(dsa1024_p, sizeof(dsa1024_p), NULL);
+    dsa->q = BN_bin2bn(dsa1024_q, sizeof(dsa1024_q), NULL);
+    dsa->g = BN_bin2bn(dsa1024_g, sizeof(dsa1024_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}

-static unsigned char dsa2048_priv[]={
-	0x32,0x67,0x92,0xf6,0xc4,0xe2,0xe2,0xe8,0xa0,0x8b,0x6b,0x45,
-	0x0c,0x8a,0x76,0xb0,0xee,0xcf,0x91,0xa7,
-	};
-static unsigned char dsa2048_pub[]={
-	0x17,0x8f,0xa8,0x11,0x84,0x92,0xec,0x83,0x47,0xc7,0x6a,0xb0,
-	0x92,0xaf,0x5a,0x20,0x37,0xa3,0x64,0x79,0xd2,0xd0,0x3d,0xcd,
-	0xe0,0x61,0x88,0x88,0x21,0xcc,0x74,0x5d,0xce,0x4c,0x51,0x47,
-	0xf0,0xc5,0x5c,0x4c,0x82,0x7a,0xaf,0x72,0xad,0xb9,0xe0,0x53,
-	0xf2,0x78,0xb7,0xf0,0xb5,0x48,0x7f,0x8a,0x3a,0x18,0xd1,0x9f,
-	0x8b,0x7d,0xa5,0x47,0xb7,0x95,0xab,0x98,0xf8,0x7b,0x74,0x50,
-	0x56,0x8e,0x57,0xf0,0xee,0xf5,0xb7,0xba,0xab,0x85,0x86,0xf9,
-	0x2b,0xef,0x41,0x56,0xa0,0xa4,0x9f,0xb7,0x38,0x00,0x46,0x0a,
-	0xa6,0xf1,0xfc,0x1f,0xd8,0x4e,0x85,0x44,0x92,0x43,0x21,0x5d,
-	0x6e,0xcc,0xc2,0xcb,0x26,0x31,0x0d,0x21,0xc4,0xbd,0x8d,0x24,
-	0xbc,0xd9,0x18,0x19,0xd7,0xdc,0xf1,0xe7,0x93,0x50,0x48,0x03,
-	0x2c,0xae,0x2e,0xe7,0x49,0x88,0x5f,0x93,0x57,0x27,0x99,0x36,
-	0xb4,0x20,0xab,0xfc,0xa7,0x2b,0xf2,0xd9,0x98,0xd7,0xd4,0x34,
-	0x9d,0x96,0x50,0x58,0x9a,0xea,0x54,0xf3,0xee,0xf5,0x63,0x14,
-	0xee,0x85,0x83,0x74,0x76,0xe1,0x52,0x95,0xc3,0xf7,0xeb,0x04,
-	0x04,0x7b,0xa7,0x28,0x1b,0xcc,0xea,0x4a,0x4e,0x84,0xda,0xd8,
-	0x9c,0x79,0xd8,0x9b,0x66,0x89,0x2f,0xcf,0xac,0xd7,0x79,0xf9,
-	0xa9,0xd8,0x45,0x13,0x78,0xb9,0x00,0x14,0xc9,0x7e,0x22,0x51,
-	0x86,0x67,0xb0,0x9f,0x26,0x11,0x23,0xc8,0x38,0xd7,0x70,0x1d,
-	0x15,0x8e,0x4d,0x4f,0x95,0x97,0x40,0xa1,0xc2,0x7e,0x01,0x18,
-	0x72,0xf4,0x10,0xe6,0x8d,0x52,0x16,0x7f,0xf2,0xc9,0xf8,0x33,
-	0x8b,0x33,0xb7,0xce,
-	};
-static unsigned char dsa2048_p[]={
-	0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
-	0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
-	0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
-	0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
-	0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
-	0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
-	0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
-	0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
-	0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
-	0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
-	0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
-	0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
-	0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
-	0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
-	0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
-	0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
-	0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
-	0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
-	0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
-	0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
-	0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
-	0xF8,0x68,0xCF,0x9B,
-	};
-static unsigned char dsa2048_q[]={
-	0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
-	0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
-	};
-static unsigned char dsa2048_g[]={
-	0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
-	0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
-	0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
-	0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
-	0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
-	0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
-	0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
-	0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
-	0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
-	0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
-	0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
-	0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
-	0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
-	0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
-	0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
-	0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
-	0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
-	0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
-	0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
-	0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
-	0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
-	0xF8,0xB2,0xE5,0x38,
-	};
+static unsigned char dsa2048_priv[] = {
+    0x32, 0x67, 0x92, 0xf6, 0xc4, 0xe2, 0xe2, 0xe8, 0xa0, 0x8b, 0x6b, 0x45,
+    0x0c, 0x8a, 0x76, 0xb0, 0xee, 0xcf, 0x91, 0xa7,
+};
+
+static unsigned char dsa2048_pub[] = {
+    0x17, 0x8f, 0xa8, 0x11, 0x84, 0x92, 0xec, 0x83, 0x47, 0xc7, 0x6a, 0xb0,
+    0x92, 0xaf, 0x5a, 0x20, 0x37, 0xa3, 0x64, 0x79, 0xd2, 0xd0, 0x3d, 0xcd,
+    0xe0, 0x61, 0x88, 0x88, 0x21, 0xcc, 0x74, 0x5d, 0xce, 0x4c, 0x51, 0x47,
+    0xf0, 0xc5, 0x5c, 0x4c, 0x82, 0x7a, 0xaf, 0x72, 0xad, 0xb9, 0xe0, 0x53,
+    0xf2, 0x78, 0xb7, 0xf0, 0xb5, 0x48, 0x7f, 0x8a, 0x3a, 0x18, 0xd1, 0x9f,
+    0x8b, 0x7d, 0xa5, 0x47, 0xb7, 0x95, 0xab, 0x98, 0xf8, 0x7b, 0x74, 0x50,
+    0x56, 0x8e, 0x57, 0xf0, 0xee, 0xf5, 0xb7, 0xba, 0xab, 0x85, 0x86, 0xf9,
+    0x2b, 0xef, 0x41, 0x56, 0xa0, 0xa4, 0x9f, 0xb7, 0x38, 0x00, 0x46, 0x0a,
+    0xa6, 0xf1, 0xfc, 0x1f, 0xd8, 0x4e, 0x85, 0x44, 0x92, 0x43, 0x21, 0x5d,
+    0x6e, 0xcc, 0xc2, 0xcb, 0x26, 0x31, 0x0d, 0x21, 0xc4, 0xbd, 0x8d, 0x24,
+    0xbc, 0xd9, 0x18, 0x19, 0xd7, 0xdc, 0xf1, 0xe7, 0x93, 0x50, 0x48, 0x03,
+    0x2c, 0xae, 0x2e, 0xe7, 0x49, 0x88, 0x5f, 0x93, 0x57, 0x27, 0x99, 0x36,
+    0xb4, 0x20, 0xab, 0xfc, 0xa7, 0x2b, 0xf2, 0xd9, 0x98, 0xd7, 0xd4, 0x34,
+    0x9d, 0x96, 0x50, 0x58, 0x9a, 0xea, 0x54, 0xf3, 0xee, 0xf5, 0x63, 0x14,
+    0xee, 0x85, 0x83, 0x74, 0x76, 0xe1, 0x52, 0x95, 0xc3, 0xf7, 0xeb, 0x04,
+    0x04, 0x7b, 0xa7, 0x28, 0x1b, 0xcc, 0xea, 0x4a, 0x4e, 0x84, 0xda, 0xd8,
+    0x9c, 0x79, 0xd8, 0x9b, 0x66, 0x89, 0x2f, 0xcf, 0xac, 0xd7, 0x79, 0xf9,
+    0xa9, 0xd8, 0x45, 0x13, 0x78, 0xb9, 0x00, 0x14, 0xc9, 0x7e, 0x22, 0x51,
+    0x86, 0x67, 0xb0, 0x9f, 0x26, 0x11, 0x23, 0xc8, 0x38, 0xd7, 0x70, 0x1d,
+    0x15, 0x8e, 0x4d, 0x4f, 0x95, 0x97, 0x40, 0xa1, 0xc2, 0x7e, 0x01, 0x18,
+    0x72, 0xf4, 0x10, 0xe6, 0x8d, 0x52, 0x16, 0x7f, 0xf2, 0xc9, 0xf8, 0x33,
+    0x8b, 0x33, 0xb7, 0xce,
+};
+
+static unsigned char dsa2048_p[] = {
+    0xA0, 0x25, 0xFA, 0xAD, 0xF4, 0x8E, 0xB9, 0xE5, 0x99, 0xF3, 0x5D, 0x6F,
+    0x4F, 0x83, 0x34, 0xE2, 0x7E, 0xCF, 0x6F, 0xBF, 0x30, 0xAF, 0x6F, 0x81,
+    0xEB, 0xF8, 0xC4, 0x13, 0xD9, 0xA0, 0x5D, 0x8B, 0x5C, 0x8E, 0xDC, 0xC2,
+    0x1D, 0x0B, 0x41, 0x32, 0xB0, 0x1F, 0xFE, 0xEF, 0x0C, 0xC2, 0xA2, 0x7E,
+    0x68, 0x5C, 0x28, 0x21, 0xE9, 0xF5, 0xB1, 0x58, 0x12, 0x63, 0x4C, 0x19,
+    0x4E, 0xFF, 0x02, 0x4B, 0x92, 0xED, 0xD2, 0x07, 0x11, 0x4D, 0x8C, 0x58,
+    0x16, 0x5C, 0x55, 0x8E, 0xAD, 0xA3, 0x67, 0x7D, 0xB9, 0x86, 0x6E, 0x0B,
+    0xE6, 0x54, 0x6F, 0x40, 0xAE, 0x0E, 0x67, 0x4C, 0xF9, 0x12, 0x5B, 0x3C,
+    0x08, 0x7A, 0xF7, 0xFC, 0x67, 0x86, 0x69, 0xE7, 0x0A, 0x94, 0x40, 0xBF,
+    0x8B, 0x76, 0xFE, 0x26, 0xD1, 0xF2, 0xA1, 0x1A, 0x84, 0xA1, 0x43, 0x56,
+    0x28, 0xBC, 0x9A, 0x5F, 0xD7, 0x3B, 0x69, 0x89, 0x8A, 0x36, 0x2C, 0x51,
+    0xDF, 0x12, 0x77, 0x2F, 0x57, 0x7B, 0xA0, 0xAA, 0xDD, 0x7F, 0xA1, 0x62,
+    0x3B, 0x40, 0x7B, 0x68, 0x1A, 0x8F, 0x0D, 0x38, 0xBB, 0x21, 0x5D, 0x18,
+    0xFC, 0x0F, 0x46, 0xF7, 0xA3, 0xB0, 0x1D, 0x23, 0xC3, 0xD2, 0xC7, 0x72,
+    0x51, 0x18, 0xDF, 0x46, 0x95, 0x79, 0xD9, 0xBD, 0xB5, 0x19, 0x02, 0x2C,
+    0x87, 0xDC, 0xE7, 0x57, 0x82, 0x7E, 0xF1, 0x8B, 0x06, 0x3D, 0x00, 0xA5,
+    0x7B, 0x6B, 0x26, 0x27, 0x91, 0x0F, 0x6A, 0x77, 0xE4, 0xD5, 0x04, 0xE4,
+    0x12, 0x2C, 0x42, 0xFF, 0xD2, 0x88, 0xBB, 0xD3, 0x92, 0xA0, 0xF9, 0xC8,
+    0x51, 0x64, 0x14, 0x5C, 0xD8, 0xF9, 0x6C, 0x47, 0x82, 0xB4, 0x1C, 0x7F,
+    0x09, 0xB8, 0xF0, 0x25, 0x83, 0x1D, 0x3F, 0x3F, 0x05, 0xB3, 0x21, 0x0A,
+    0x5D, 0xA7, 0xD8, 0x54, 0xC3, 0x65, 0x7D, 0xC3, 0xB0, 0x1D, 0xBF, 0xAE,
+    0xF8, 0x68, 0xCF, 0x9B,
+};
+
+static unsigned char dsa2048_q[] = {
+    0x97, 0xE7, 0x33, 0x4D, 0xD3, 0x94, 0x3E, 0x0B, 0xDB, 0x62, 0x74, 0xC6,
+    0xA1, 0x08, 0xDD, 0x19, 0xA3, 0x75, 0x17, 0x1B,
+};
+
+static unsigned char dsa2048_g[] = {
+    0x2C, 0x78, 0x16, 0x59, 0x34, 0x63, 0xF4, 0xF3, 0x92, 0xFC, 0xB5, 0xA5,
+    0x4F, 0x13, 0xDE, 0x2F, 0x1C, 0xA4, 0x3C, 0xAE, 0xAD, 0x38, 0x3F, 0x7E,
+    0x90, 0xBF, 0x96, 0xA6, 0xAE, 0x25, 0x90, 0x72, 0xF5, 0x8E, 0x80, 0x0C,
+    0x39, 0x1C, 0xD9, 0xEC, 0xBA, 0x90, 0x5B, 0x3A, 0xE8, 0x58, 0x6C, 0x9E,
+    0x30, 0x42, 0x37, 0x02, 0x31, 0x82, 0xBC, 0x6A, 0xDF, 0x6A, 0x09, 0x29,
+    0xE3, 0xC0, 0x46, 0xD1, 0xCB, 0x85, 0xEC, 0x0C, 0x30, 0x5E, 0xEA, 0xC8,
+    0x39, 0x8E, 0x22, 0x9F, 0x22, 0x10, 0xD2, 0x34, 0x61, 0x68, 0x37, 0x3D,
+    0x2E, 0x4A, 0x5B, 0x9A, 0xF5, 0xC1, 0x48, 0xC6, 0xF6, 0xDC, 0x63, 0x1A,
+    0xD3, 0x96, 0x64, 0xBA, 0x34, 0xC9, 0xD1, 0xA0, 0xD1, 0xAE, 0x6C, 0x2F,
+    0x48, 0x17, 0x93, 0x14, 0x43, 0xED, 0xF0, 0x21, 0x30, 0x19, 0xC3, 0x1B,
+    0x5F, 0xDE, 0xA3, 0xF0, 0x70, 0x78, 0x18, 0xE1, 0xA8, 0xE4, 0xEE, 0x2E,
+    0x00, 0xA5, 0xE4, 0xB3, 0x17, 0xC8, 0x0C, 0x7D, 0x6E, 0x42, 0xDC, 0xB7,
+    0x46, 0x00, 0x36, 0x4D, 0xD4, 0x46, 0xAA, 0x3D, 0x3C, 0x46, 0x89, 0x40,
+    0xBF, 0x1D, 0x84, 0x77, 0x0A, 0x75, 0xF3, 0x87, 0x1D, 0x08, 0x4C, 0xA6,
+    0xD1, 0xA9, 0x1C, 0x1E, 0x12, 0x1E, 0xE1, 0xC7, 0x30, 0x28, 0x76, 0xA5,
+    0x7F, 0x6C, 0x85, 0x96, 0x2B, 0x6F, 0xDB, 0x80, 0x66, 0x26, 0xAE, 0xF5,
+    0x93, 0xC7, 0x8E, 0xAE, 0x9A, 0xED, 0xE4, 0xCA, 0x04, 0xEA, 0x3B, 0x72,
+    0xEF, 0xDC, 0x87, 0xED, 0x0D, 0xA5, 0x4C, 0x4A, 0xDD, 0x71, 0x22, 0x64,
+    0x59, 0x69, 0x4E, 0x8E, 0xBF, 0x43, 0xDC, 0xAB, 0x8E, 0x66, 0xBB, 0x01,
+    0xB6, 0xF4, 0xE7, 0xFD, 0xD2, 0xAD, 0x9F, 0x36, 0xC1, 0xA0, 0x29, 0x99,
+    0xD1, 0x96, 0x70, 0x59, 0x06, 0x78, 0x35, 0xBD, 0x65, 0x55, 0x52, 0x9E,
+    0xF8, 0xB2, 0xE5, 0x38,
+};

 DSA *get_dsa2048()
-	{
+{
    DSA *dsa;

-	if ((dsa=DSA_new()) == NULL) return(NULL);
-	dsa->priv_key=BN_bin2bn(dsa2048_priv,sizeof(dsa2048_priv),NULL);
-	dsa->pub_key=BN_bin2bn(dsa2048_pub,sizeof(dsa2048_pub),NULL);
-	dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
-	dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
-	dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
-	if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL) ||
-				(dsa->q == NULL) || (dsa->g == NULL))
-		return(NULL);
-	return(dsa);
-	}
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa2048_priv, sizeof(dsa2048_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa2048_pub, sizeof(dsa2048_pub), NULL);
+    dsa->p = BN_bin2bn(dsa2048_p, sizeof(dsa2048_p), NULL);
+    dsa->q = BN_bin2bn(dsa2048_q, sizeof(dsa2048_q), NULL);
+    dsa->g = BN_bin2bn(dsa2048_g, sizeof(dsa2048_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}

-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
 static int rnd_fake = 0;
--- a/apps/testrsa.h
+++ b/apps/testrsa.h
@ -57,462 +57,462 @@
 * [including the GNU Public Licence.]
 */

-static unsigned char test512[]={
-	0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
-	0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
-	0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
-	0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
-	0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
-	0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
-	0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
-	0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
-	0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
-	0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
-	0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
-	0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
-	0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
-	0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
-	0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
-	0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
-	0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
-	0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
-	0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
-	0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
-	0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
-	0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
-	0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
-	0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
-	0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
-	0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
-	0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
-	0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
-	0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
-	0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
-	0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
-	};
+static unsigned char test512[] = {
+    0x30, 0x82, 0x01, 0x3a, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
+    0xd6, 0x33, 0xb9, 0xc8, 0xfb, 0x4f, 0x3c, 0x7d, 0xc0, 0x01,
+    0x86, 0xd0, 0xe7, 0xa0, 0x55, 0xf2, 0x95, 0x93, 0xcc, 0x4f,
+    0xb7, 0x5b, 0x67, 0x5b, 0x94, 0x68, 0xc9, 0x34, 0x15, 0xde,
+    0xa5, 0x2e, 0x1c, 0x33, 0xc2, 0x6e, 0xfc, 0x34, 0x5e, 0x71,
+    0x13, 0xb7, 0xd6, 0xee, 0xd8, 0xa5, 0x65, 0x05, 0x72, 0x87,
+    0xa8, 0xb0, 0x77, 0xfe, 0x57, 0xf5, 0xfc, 0x5f, 0x55, 0x83,
+    0x87, 0xdd, 0x57, 0x49, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
+    0x41, 0x00, 0xa7, 0xf7, 0x91, 0xc5, 0x0f, 0x84, 0x57, 0xdc,
+    0x07, 0xf7, 0x6a, 0x7f, 0x60, 0x52, 0xb3, 0x72, 0xf1, 0x66,
+    0x1f, 0x7d, 0x97, 0x3b, 0x9e, 0xb6, 0x0a, 0x8f, 0x8c, 0xcf,
+    0x42, 0x23, 0x00, 0x04, 0xd4, 0x28, 0x0e, 0x1c, 0x90, 0xc4,
+    0x11, 0x25, 0x25, 0xa5, 0x93, 0xa5, 0x2f, 0x70, 0x02, 0xdf,
+    0x81, 0x9c, 0x49, 0x03, 0xa0, 0xf8, 0x6d, 0x54, 0x2e, 0x26,
+    0xde, 0xaa, 0x85, 0x59, 0xa8, 0x31, 0x02, 0x21, 0x00, 0xeb,
+    0x47, 0xd7, 0x3b, 0xf6, 0xc3, 0xdd, 0x5a, 0x46, 0xc5, 0xb9,
+    0x2b, 0x9a, 0xa0, 0x09, 0x8f, 0xa6, 0xfb, 0xf3, 0x78, 0x7a,
+    0x33, 0x70, 0x9d, 0x0f, 0x42, 0x6b, 0x13, 0x68, 0x24, 0xd3,
+    0x15, 0x02, 0x21, 0x00, 0xe9, 0x10, 0xb0, 0xb3, 0x0d, 0xe2,
+    0x82, 0x68, 0x77, 0x8a, 0x6e, 0x7c, 0xda, 0xbc, 0x3e, 0x53,
+    0x83, 0xfb, 0xd6, 0x22, 0xe7, 0xb5, 0xae, 0x6e, 0x80, 0xda,
+    0x00, 0x55, 0x97, 0xc1, 0xd0, 0x65, 0x02, 0x20, 0x4c, 0xf8,
+    0x73, 0xb1, 0x6a, 0x49, 0x29, 0x61, 0x1f, 0x46, 0x10, 0x0d,
+    0xf3, 0xc7, 0xe7, 0x58, 0xd7, 0x88, 0x15, 0x5e, 0x94, 0x9b,
+    0xbf, 0x7b, 0xa2, 0x42, 0x58, 0x45, 0x41, 0x0c, 0xcb, 0x01,
+    0x02, 0x20, 0x12, 0x11, 0xba, 0x31, 0x57, 0x9d, 0x3d, 0x11,
+    0x0e, 0x5b, 0x8c, 0x2f, 0x5f, 0xe2, 0x02, 0x4f, 0x05, 0x47,
+    0x8c, 0x15, 0x8e, 0xb3, 0x56, 0x3f, 0xb8, 0xfb, 0xad, 0xd4,
+    0xf4, 0xfc, 0x10, 0xc5, 0x02, 0x20, 0x18, 0xa1, 0x29, 0x99,
+    0x5b, 0xd9, 0xc8, 0xd4, 0xfc, 0x49, 0x7a, 0x2a, 0x21, 0x2c,
+    0x49, 0xe4, 0x4f, 0xeb, 0xef, 0x51, 0xf1, 0xab, 0x6d, 0xfb,
+    0x4b, 0x14, 0xe9, 0x4b, 0x52, 0xb5, 0x82, 0x2c,
+};

-static unsigned char test1024[]={
-	0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
-	0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
-	0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
-	0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
-	0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
-	0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
-	0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
-	0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
-	0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
-	0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
-	0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
-	0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
-	0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
-	0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
-	0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
-	0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
-	0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
-	0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
-	0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
-	0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
-	0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
-	0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
-	0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
-	0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
-	0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
-	0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
-	0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
-	0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
-	0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
-	0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
-	0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
-	0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
-	0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
-	0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
-	0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
-	0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
-	0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
-	0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
-	0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
-	0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
-	0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
-	0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
-	0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
-	0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
-	0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
-	0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
-	0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
-	0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
-	0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
-	0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
-	0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
-	0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
-	0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
-	0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
-	0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
-	0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
-	0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
-	0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
-	0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
-	0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
-	0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
-	};
+static unsigned char test1024[] = {
+    0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
+    0x00, 0xdc, 0x98, 0x43, 0xe8, 0x3d, 0x43, 0x5b, 0xe4, 0x05,
+    0xcd, 0xd0, 0xa9, 0x3e, 0xcb, 0x83, 0x75, 0xf6, 0xb5, 0xa5,
+    0x9f, 0x6b, 0xe9, 0x34, 0x41, 0x29, 0x18, 0xfa, 0x6a, 0x55,
+    0x4d, 0x70, 0xfc, 0xec, 0xae, 0x87, 0x38, 0x0a, 0x20, 0xa9,
+    0xc0, 0x45, 0x77, 0x6e, 0x57, 0x60, 0x57, 0xf4, 0xed, 0x96,
+    0x22, 0xcb, 0x8f, 0xe1, 0x33, 0x3a, 0x17, 0x1f, 0xed, 0x37,
+    0xa5, 0x6f, 0xeb, 0xa6, 0xbc, 0x12, 0x80, 0x1d, 0x53, 0xbd,
+    0x70, 0xeb, 0x21, 0x76, 0x3e, 0xc9, 0x2f, 0x1a, 0x45, 0x24,
+    0x82, 0xff, 0xcd, 0x59, 0x32, 0x06, 0x2e, 0x12, 0x3b, 0x23,
+    0x78, 0xed, 0x12, 0x3d, 0xe0, 0x8d, 0xf9, 0x67, 0x4f, 0x37,
+    0x4e, 0x47, 0x02, 0x4c, 0x2d, 0xc0, 0x4f, 0x1f, 0xb3, 0x94,
+    0xe1, 0x41, 0x2e, 0x2d, 0x90, 0x10, 0xfc, 0x82, 0x91, 0x8b,
+    0x0f, 0x22, 0xd4, 0xf2, 0xfc, 0x2c, 0xab, 0x53, 0x55, 0x02,
+    0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x2b, 0xcc, 0x3f,
+    0x8f, 0x58, 0xba, 0x8b, 0x00, 0x16, 0xf6, 0xea, 0x3a, 0xf0,
+    0x30, 0xd0, 0x05, 0x17, 0xda, 0xb0, 0xeb, 0x9a, 0x2d, 0x4f,
+    0x26, 0xb0, 0xd6, 0x38, 0xc1, 0xeb, 0xf5, 0xd8, 0x3d, 0x1f,
+    0x70, 0xf7, 0x7f, 0xf4, 0xe2, 0xcf, 0x51, 0x51, 0x79, 0x88,
+    0xfa, 0xe8, 0x32, 0x0e, 0x7b, 0x2d, 0x97, 0xf2, 0xfa, 0xba,
+    0x27, 0xc5, 0x9c, 0xd9, 0xc5, 0xeb, 0x8a, 0x79, 0x52, 0x3c,
+    0x64, 0x34, 0x7d, 0xc2, 0xcf, 0x28, 0xc7, 0x4e, 0xd5, 0x43,
+    0x0b, 0xd1, 0xa6, 0xca, 0x6d, 0x03, 0x2d, 0x72, 0x23, 0xbc,
+    0x6d, 0x05, 0xfa, 0x16, 0x09, 0x2f, 0x2e, 0x5c, 0xb6, 0xee,
+    0x74, 0xdd, 0xd2, 0x48, 0x8e, 0x36, 0x0c, 0x06, 0x3d, 0x4d,
+    0xe5, 0x10, 0x82, 0xeb, 0x6a, 0xf3, 0x4b, 0x9f, 0xd6, 0xed,
+    0x11, 0xb1, 0x6e, 0xec, 0xf4, 0xfe, 0x8e, 0x75, 0x94, 0x20,
+    0x2f, 0xcb, 0xac, 0x46, 0xf1, 0x02, 0x41, 0x00, 0xf9, 0x8c,
+    0xa3, 0x85, 0xb1, 0xdd, 0x29, 0xaf, 0x65, 0xc1, 0x33, 0xf3,
+    0x95, 0xc5, 0x52, 0x68, 0x0b, 0xd4, 0xf1, 0xe5, 0x0e, 0x02,
+    0x9f, 0x4f, 0xfa, 0x77, 0xdc, 0x46, 0x9e, 0xc7, 0xa6, 0xe4,
+    0x16, 0x29, 0xda, 0xb0, 0x07, 0xcf, 0x5b, 0xa9, 0x12, 0x8a,
+    0xdd, 0x63, 0x0a, 0xde, 0x2e, 0x8c, 0x66, 0x8b, 0x8c, 0xdc,
+    0x19, 0xa3, 0x7e, 0xf4, 0x3b, 0xd0, 0x1a, 0x8c, 0xa4, 0xc2,
+    0xe1, 0xd3, 0x02, 0x41, 0x00, 0xe2, 0x4c, 0x05, 0xf2, 0x04,
+    0x86, 0x4e, 0x61, 0x43, 0xdb, 0xb0, 0xb9, 0x96, 0x86, 0x52,
+    0x2c, 0xca, 0x8d, 0x7b, 0xab, 0x0b, 0x13, 0x0d, 0x7e, 0x38,
+    0x5b, 0xe2, 0x2e, 0x7b, 0x0e, 0xe7, 0x19, 0x99, 0x38, 0xe7,
+    0xf2, 0x21, 0xbd, 0x85, 0x85, 0xe3, 0xfd, 0x28, 0x77, 0x20,
+    0x31, 0x71, 0x2c, 0xd0, 0xff, 0xfb, 0x2e, 0xaf, 0x85, 0xb4,
+    0x86, 0xca, 0xf3, 0xbb, 0xca, 0xaa, 0x0f, 0x95, 0x37, 0x02,
+    0x40, 0x0e, 0x41, 0x9a, 0x95, 0xe8, 0xb3, 0x59, 0xce, 0x4b,
+    0x61, 0xde, 0x35, 0xec, 0x38, 0x79, 0x9c, 0xb8, 0x10, 0x52,
+    0x41, 0x63, 0xab, 0x82, 0xae, 0x6f, 0x00, 0xa9, 0xf4, 0xde,
+    0xdd, 0x49, 0x0b, 0x7e, 0xb8, 0xa5, 0x65, 0xa9, 0x0c, 0x8f,
+    0x8f, 0xf9, 0x1f, 0x35, 0xc6, 0x92, 0xb8, 0x5e, 0xb0, 0x66,
+    0xab, 0x52, 0x40, 0xc0, 0xb6, 0x36, 0x6a, 0x7d, 0x80, 0x46,
+    0x04, 0x02, 0xe5, 0x9f, 0x41, 0x02, 0x41, 0x00, 0xc0, 0xad,
+    0xcc, 0x4e, 0x21, 0xee, 0x1d, 0x24, 0x91, 0xfb, 0xa7, 0x80,
+    0x8d, 0x9a, 0xb6, 0xb3, 0x2e, 0x8f, 0xc2, 0xe1, 0x82, 0xdf,
+    0x69, 0x18, 0xb4, 0x71, 0xff, 0xa6, 0x65, 0xde, 0xed, 0x84,
+    0x8d, 0x42, 0xb7, 0xb3, 0x21, 0x69, 0x56, 0x1c, 0x07, 0x60,
+    0x51, 0x29, 0x04, 0xff, 0x34, 0x06, 0xdd, 0xb9, 0x67, 0x2c,
+    0x7c, 0x04, 0x93, 0x0e, 0x46, 0x15, 0xbb, 0x2a, 0xb7, 0x1b,
+    0xe7, 0x87, 0x02, 0x40, 0x78, 0xda, 0x5d, 0x07, 0x51, 0x0c,
+    0x16, 0x7a, 0x9f, 0x29, 0x20, 0x84, 0x0d, 0x42, 0xfa, 0xd7,
+    0x00, 0xd8, 0x77, 0x7e, 0xb0, 0xb0, 0x6b, 0xd6, 0x5b, 0x53,
+    0xb8, 0x9b, 0x7a, 0xcd, 0xc7, 0x2b, 0xb8, 0x6a, 0x63, 0xa9,
+    0xfb, 0x6f, 0xa4, 0x72, 0xbf, 0x4c, 0x5d, 0x00, 0x14, 0xba,
+    0xfa, 0x59, 0x88, 0xed, 0xe4, 0xe0, 0x8c, 0xa2, 0xec, 0x14,
+    0x7e, 0x2d, 0xe2, 0xf0, 0x46, 0x49, 0x95, 0x45,
+};

-static unsigned char test2048[]={
-	0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
-	0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
-	0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
-	0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
-	0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
-	0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
-	0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
-	0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
-	0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
-	0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
-	0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
-	0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
-	0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
-	0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
-	0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
-	0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
-	0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
-	0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
-	0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
-	0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
-	0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
-	0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
-	0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
-	0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
-	0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
-	0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
-	0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
-	0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
-	0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
-	0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
-	0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
-	0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
-	0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
-	0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
-	0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
-	0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
-	0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
-	0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
-	0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
-	0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
-	0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
-	0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
-	0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
-	0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
-	0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
-	0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
-	0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
-	0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
-	0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
-	0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
-	0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
-	0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
-	0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
-	0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
-	0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
-	0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
-	0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
-	0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
-	0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
-	0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
-	0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
-	0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
-	0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
-	0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
-	0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
-	0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
-	0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
-	0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
-	0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
-	0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
-	0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
-	0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
-	0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
-	0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
-	0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
-	0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
-	0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
-	0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
-	0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
-	0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
-	0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
-	0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
-	0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
-	0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
-	0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
-	0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
-	0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
-	0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
-	0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
-	0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
-	0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
-	0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
-	0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
-	0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
-	0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
-	0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
-	0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
-	0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
-	0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
-	0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
-	0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
-	0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
-	0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
-	0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
-	0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
-	0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
-	0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
-	0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
-	0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
-	0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
-	0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
-	0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
-	0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
-	0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
-	0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
-	0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
-	0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
-	0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
-	0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
+static unsigned char test2048[] = {
+    0x30, 0x82, 0x04, 0xa3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
+    0x01, 0x00, 0xc0, 0xc0, 0xce, 0x3e, 0x3c, 0x53, 0x67, 0x3f,
+    0x4f, 0xc5, 0x2f, 0xa4, 0xc2, 0x5a, 0x2f, 0x58, 0xfd, 0x27,
+    0x52, 0x6a, 0xe8, 0xcf, 0x4a, 0x73, 0x47, 0x8d, 0x25, 0x0f,
+    0x5f, 0x03, 0x26, 0x78, 0xef, 0xf0, 0x22, 0x12, 0xd3, 0xde,
+    0x47, 0xb2, 0x1c, 0x0b, 0x38, 0x63, 0x1a, 0x6c, 0x85, 0x7a,
+    0x80, 0xc6, 0x8f, 0xa0, 0x41, 0xaf, 0x62, 0xc4, 0x67, 0x32,
+    0x88, 0xf8, 0xa6, 0x9c, 0xf5, 0x23, 0x1d, 0xe4, 0xac, 0x3f,
+    0x29, 0xf9, 0xec, 0xe1, 0x8b, 0x26, 0x03, 0x2c, 0xb2, 0xab,
+    0xf3, 0x7d, 0xb5, 0xca, 0x49, 0xc0, 0x8f, 0x1c, 0xdf, 0x33,
+    0x3a, 0x60, 0xda, 0x3c, 0xb0, 0x16, 0xf8, 0xa9, 0x12, 0x8f,
+    0x64, 0xac, 0x23, 0x0c, 0x69, 0x64, 0x97, 0x5d, 0x99, 0xd4,
+    0x09, 0x83, 0x9b, 0x61, 0xd3, 0xac, 0xf0, 0xde, 0xdd, 0x5e,
+    0x9f, 0x44, 0x94, 0xdb, 0x3a, 0x4d, 0x97, 0xe8, 0x52, 0x29,
+    0xf7, 0xdb, 0x94, 0x07, 0x45, 0x90, 0x78, 0x1e, 0x31, 0x0b,
+    0x80, 0xf7, 0x57, 0xad, 0x1c, 0x79, 0xc5, 0xcb, 0x32, 0xb0,
+    0xce, 0xcd, 0x74, 0xb3, 0xe2, 0x94, 0xc5, 0x78, 0x2f, 0x34,
+    0x1a, 0x45, 0xf7, 0x8c, 0x52, 0xa5, 0xbc, 0x8d, 0xec, 0xd1,
+    0x2f, 0x31, 0x3b, 0xf0, 0x49, 0x59, 0x5e, 0x88, 0x9d, 0x15,
+    0x92, 0x35, 0x32, 0xc1, 0xe7, 0x61, 0xec, 0x50, 0x48, 0x7c,
+    0xba, 0x05, 0xf9, 0xf8, 0xf8, 0xa7, 0x8c, 0x83, 0xe8, 0x66,
+    0x5b, 0xeb, 0xfe, 0xd8, 0x4f, 0xdd, 0x6d, 0x36, 0xc0, 0xb2,
+    0x90, 0x0f, 0xb8, 0x52, 0xf9, 0x04, 0x9b, 0x40, 0x2c, 0x27,
+    0xd6, 0x36, 0x8e, 0xc2, 0x1b, 0x44, 0xf3, 0x92, 0xd5, 0x15,
+    0x9e, 0x9a, 0xbc, 0xf3, 0x7d, 0x03, 0xd7, 0x02, 0x14, 0x20,
+    0xe9, 0x10, 0x92, 0xfd, 0xf9, 0xfc, 0x8f, 0xe5, 0x18, 0xe1,
+    0x95, 0xcc, 0x9e, 0x60, 0xa6, 0xfa, 0x38, 0x4d, 0x02, 0x03,
+    0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x00, 0xc3, 0xc3,
+    0x0d, 0xb4, 0x27, 0x90, 0x8d, 0x4b, 0xbf, 0xb8, 0x84, 0xaa,
+    0xd0, 0xb8, 0xc7, 0x5d, 0x99, 0xbe, 0x55, 0xf6, 0x3e, 0x7c,
+    0x49, 0x20, 0xcb, 0x8a, 0x8e, 0x19, 0x0e, 0x66, 0x24, 0xac,
+    0xaf, 0x03, 0x33, 0x97, 0xeb, 0x95, 0xd5, 0x3b, 0x0f, 0x40,
+    0x56, 0x04, 0x50, 0xd1, 0xe6, 0xbe, 0x84, 0x0b, 0x25, 0xd3,
+    0x9c, 0xe2, 0x83, 0x6c, 0xf5, 0x62, 0x5d, 0xba, 0x2b, 0x7d,
+    0x3d, 0x7a, 0x6c, 0xe1, 0xd2, 0x0e, 0x54, 0x93, 0x80, 0x01,
+    0x91, 0x51, 0x09, 0xe8, 0x5b, 0x8e, 0x47, 0xbd, 0x64, 0xe4,
+    0x0e, 0x03, 0x83, 0x55, 0xcf, 0x5a, 0x37, 0xf0, 0x25, 0xb5,
+    0x7d, 0x21, 0xd7, 0x69, 0xdf, 0x6f, 0xc2, 0xcf, 0x10, 0xc9,
+    0x8a, 0x40, 0x9f, 0x7a, 0x70, 0xc0, 0xe8, 0xe8, 0xc0, 0xe6,
+    0x9a, 0x15, 0x0a, 0x8d, 0x4e, 0x46, 0xcb, 0x7a, 0xdb, 0xb3,
+    0xcb, 0x83, 0x02, 0xc4, 0xf0, 0xab, 0xeb, 0x02, 0x01, 0x0e,
+    0x23, 0xfc, 0x1d, 0xc4, 0xbd, 0xd4, 0xaa, 0x5d, 0x31, 0x46,
+    0x99, 0xce, 0x9e, 0xf8, 0x04, 0x75, 0x10, 0x67, 0xc4, 0x53,
+    0x47, 0x44, 0xfa, 0xc2, 0x25, 0x73, 0x7e, 0xd0, 0x8e, 0x59,
+    0xd1, 0xb2, 0x5a, 0xf4, 0xc7, 0x18, 0x92, 0x2f, 0x39, 0xab,
+    0xcd, 0xa3, 0xb5, 0xc2, 0xb9, 0xc7, 0xb9, 0x1b, 0x9f, 0x48,
+    0xfa, 0x13, 0xc6, 0x98, 0x4d, 0xca, 0x84, 0x9c, 0x06, 0xca,
+    0xe7, 0x89, 0x01, 0x04, 0xc4, 0x6c, 0xfd, 0x29, 0x59, 0x35,
+    0xe7, 0xf3, 0xdd, 0xce, 0x64, 0x59, 0xbf, 0x21, 0x13, 0xa9,
+    0x9f, 0x0e, 0xc5, 0xff, 0xbd, 0x33, 0x00, 0xec, 0xac, 0x6b,
+    0x11, 0xef, 0x51, 0x5e, 0xad, 0x07, 0x15, 0xde, 0xb8, 0x5f,
+    0xc6, 0xb9, 0xa3, 0x22, 0x65, 0x46, 0x83, 0x14, 0xdf, 0xd0,
+    0xf1, 0x44, 0x8a, 0xe1, 0x9c, 0x23, 0x33, 0xb4, 0x97, 0x33,
+    0xe6, 0x6b, 0x81, 0x02, 0x81, 0x81, 0x00, 0xec, 0x12, 0xa7,
+    0x59, 0x74, 0x6a, 0xde, 0x3e, 0xad, 0xd8, 0x36, 0x80, 0x50,
+    0xa2, 0xd5, 0x21, 0x81, 0x07, 0xf1, 0xd0, 0x91, 0xf2, 0x6c,
+    0x12, 0x2f, 0x9d, 0x1a, 0x26, 0xf8, 0x30, 0x65, 0xdf, 0xe8,
+    0xc0, 0x9b, 0x6a, 0x30, 0x98, 0x82, 0x87, 0xec, 0xa2, 0x56,
+    0x87, 0x62, 0x6f, 0xe7, 0x9f, 0xf6, 0x56, 0xe6, 0x71, 0x8f,
+    0x49, 0x86, 0x93, 0x5a, 0x4d, 0x34, 0x58, 0xfe, 0xd9, 0x04,
+    0x13, 0xaf, 0x79, 0xb7, 0xad, 0x11, 0xd1, 0x30, 0x9a, 0x14,
+    0x06, 0xa0, 0xfa, 0xb7, 0x55, 0xdc, 0x6c, 0x5a, 0x4c, 0x2c,
+    0x59, 0x56, 0xf6, 0xe8, 0x9d, 0xaf, 0x0a, 0x78, 0x99, 0x06,
+    0x06, 0x9e, 0xe7, 0x9c, 0x51, 0x55, 0x43, 0xfc, 0x3b, 0x6c,
+    0x0b, 0xbf, 0x2d, 0x41, 0xa7, 0xaf, 0xb7, 0xe0, 0xe8, 0x28,
+    0x18, 0xb4, 0x13, 0xd1, 0xe6, 0x97, 0xd0, 0x9f, 0x6a, 0x80,
+    0xca, 0xdd, 0x1a, 0x7e, 0x15, 0x02, 0x81, 0x81, 0x00, 0xd1,
+    0x06, 0x0c, 0x1f, 0xe3, 0xd0, 0xab, 0xd6, 0xca, 0x7c, 0xbc,
+    0x7d, 0x13, 0x35, 0xce, 0x27, 0xcd, 0xd8, 0x49, 0x51, 0x63,
+    0x64, 0x0f, 0xca, 0x06, 0x12, 0xfc, 0x07, 0x3e, 0xaf, 0x61,
+    0x6d, 0xe2, 0x53, 0x39, 0x27, 0xae, 0xc3, 0x11, 0x9e, 0x94,
+    0x01, 0x4f, 0xe3, 0xf3, 0x67, 0xf9, 0x77, 0xf9, 0xe7, 0x95,
+    0x3a, 0x6f, 0xe2, 0x20, 0x73, 0x3e, 0xa4, 0x7a, 0x28, 0xd4,
+    0x61, 0x97, 0xf6, 0x17, 0xa0, 0x23, 0x10, 0x2b, 0xce, 0x84,
+    0x57, 0x7e, 0x25, 0x1f, 0xf4, 0xa8, 0x54, 0xd2, 0x65, 0x94,
+    0xcc, 0x95, 0x0a, 0xab, 0x30, 0xc1, 0x59, 0x1f, 0x61, 0x8e,
+    0xb9, 0x6b, 0xd7, 0x4e, 0xb9, 0x83, 0x43, 0x79, 0x85, 0x11,
+    0xbc, 0x0f, 0xae, 0x25, 0x20, 0x05, 0xbc, 0xd2, 0x48, 0xa1,
+    0x68, 0x09, 0x84, 0xf6, 0x12, 0x9a, 0x66, 0xb9, 0x2b, 0xbb,
+    0x76, 0x03, 0x17, 0x46, 0x4e, 0x97, 0x59, 0x02, 0x81, 0x80,
+    0x09, 0x4c, 0xfa, 0xd6, 0xe5, 0x65, 0x48, 0x78, 0x43, 0xb5,
+    0x1f, 0x00, 0x93, 0x2c, 0xb7, 0x24, 0xe8, 0xc6, 0x7d, 0x5a,
+    0x70, 0x45, 0x92, 0xc8, 0x6c, 0xa3, 0xcd, 0xe1, 0xf7, 0x29,
+    0x40, 0xfa, 0x3f, 0x5b, 0x47, 0x44, 0x39, 0xc1, 0xe8, 0x72,
+    0x9e, 0x7a, 0x0e, 0xda, 0xaa, 0xa0, 0x2a, 0x09, 0xfd, 0x54,
+    0x93, 0x23, 0xaa, 0x37, 0x85, 0x5b, 0xcc, 0xd4, 0xf9, 0xd8,
+    0xff, 0xc1, 0x61, 0x0d, 0xbd, 0x7e, 0x18, 0x24, 0x73, 0x6d,
+    0x40, 0x72, 0xf1, 0x93, 0x09, 0x48, 0x97, 0x6c, 0x84, 0x90,
+    0xa8, 0x46, 0x14, 0x01, 0x39, 0x11, 0xe5, 0x3c, 0x41, 0x27,
+    0x32, 0x75, 0x24, 0xed, 0xa1, 0xd9, 0x12, 0x29, 0x8a, 0x28,
+    0x71, 0x89, 0x8d, 0xca, 0x30, 0xb0, 0x01, 0xc4, 0x2f, 0x82,
+    0x19, 0x14, 0x4c, 0x70, 0x1c, 0xb8, 0x23, 0x2e, 0xe8, 0x90,
+    0x49, 0x97, 0x92, 0x97, 0x6b, 0x7a, 0x9d, 0xb9, 0x02, 0x81,
+    0x80, 0x0f, 0x0e, 0xa1, 0x76, 0xf6, 0xa1, 0x44, 0x8f, 0xaf,
+    0x7c, 0x76, 0xd3, 0x87, 0xbb, 0xbb, 0x83, 0x10, 0x88, 0x01,
+    0x18, 0x14, 0xd1, 0xd3, 0x75, 0x59, 0x24, 0xaa, 0xf5, 0x16,
+    0xa5, 0xe9, 0x9d, 0xd1, 0xcc, 0xee, 0xf4, 0x15, 0xd9, 0xc5,
+    0x7e, 0x27, 0xe9, 0x44, 0x49, 0x06, 0x72, 0xb9, 0xfc, 0xd3,
+    0x8a, 0xc4, 0x2c, 0x36, 0x7d, 0x12, 0x9b, 0x5a, 0xaa, 0xdc,
+    0x85, 0xee, 0x6e, 0xad, 0x54, 0xb3, 0xf4, 0xfc, 0x31, 0xa1,
+    0x06, 0x3a, 0x70, 0x57, 0x0c, 0xf3, 0x95, 0x5b, 0x3e, 0xe8,
+    0xfd, 0x1a, 0x4f, 0xf6, 0x78, 0x93, 0x46, 0x6a, 0xd7, 0x31,
+    0xb4, 0x84, 0x64, 0x85, 0x09, 0x38, 0x89, 0x92, 0x94, 0x1c,
+    0xbf, 0xe2, 0x3c, 0x2a, 0xe0, 0xff, 0x99, 0xa3, 0xf0, 0x2b,
+    0x31, 0xc2, 0x36, 0xcd, 0x60, 0xbf, 0x9d, 0x2d, 0x74, 0x32,
+    0xe8, 0x9c, 0x93, 0x6e, 0xbb, 0x91, 0x7b, 0xfd, 0xd9, 0x02,
+    0x81, 0x81, 0x00, 0xa2, 0x71, 0x25, 0x38, 0xeb, 0x2a, 0xe9,
+    0x37, 0xcd, 0xfe, 0x44, 0xce, 0x90, 0x3f, 0x52, 0x87, 0x84,
+    0x52, 0x1b, 0xae, 0x8d, 0x22, 0x94, 0xce, 0x38, 0xe6, 0x04,
+    0x88, 0x76, 0x85, 0x9a, 0xd3, 0x14, 0x09, 0xe5, 0x69, 0x9a,
+    0xff, 0x58, 0x92, 0x02, 0x6a, 0x7d, 0x7c, 0x1e, 0x2c, 0xfd,
+    0xa8, 0xca, 0x32, 0x14, 0x4f, 0x0d, 0x84, 0x0d, 0x37, 0x43,
+    0xbf, 0xe4, 0x5d, 0x12, 0xc8, 0x24, 0x91, 0x27, 0x8d, 0x46,
+    0xd9, 0x54, 0x53, 0xe7, 0x62, 0x71, 0xa8, 0x2b, 0x71, 0x41,
+    0x8d, 0x75, 0xf8, 0x3a, 0xa0, 0x61, 0x29, 0x46, 0xa6, 0xe5,
+    0x82, 0xfa, 0x3a, 0xd9, 0x08, 0xfa, 0xfc, 0x63, 0xfd, 0x6b,
+    0x30, 0xbc, 0xf4, 0x4e, 0x9e, 0x8c, 0x25, 0x0c, 0xb6, 0x55,
+    0xe7, 0x3c, 0xd4, 0x4e, 0x0b, 0xfd, 0x8b, 0xc3, 0x0e, 0x1d,
+    0x9c, 0x44, 0x57, 0x8f, 0x1f, 0x86, 0xf7, 0xd5, 0x1b, 0xe4,
    0x95,
-	};
+};

-static unsigned char test4096[]={
-	0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
-	0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
-	0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
-	0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
-	0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
-	0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
-	0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
-	0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
-	0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
-	0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
-	0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
-	0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
-	0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
-	0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
-	0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
-	0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
-	0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
-	0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
-	0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
-	0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
-	0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
-	0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
-	0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
-	0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
-	0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
-	0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
-	0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
-	0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
-	0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
-	0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
-	0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
-	0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
-	0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
-	0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
-	0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
-	0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
-	0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
-	0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
-	0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
-	0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
-	0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
-	0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
-	0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
-	0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
-	0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
-	0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
-	0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
-	0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
-	0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
-	0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
-	0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
-	0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
-	0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
-	0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
-	0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
-	0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
-	0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
-	0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
-	0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
-	0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
-	0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
-	0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
-	0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
-	0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
-	0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
-	0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
-	0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
-	0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
-	0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
-	0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
-	0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
-	0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
-	0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
-	0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
-	0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
-	0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
-	0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
-	0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
-	0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
-	0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
-	0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
-	0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
-	0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
-	0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
-	0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
-	0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
-	0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
-	0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
-	0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
-	0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
-	0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
-	0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
-	0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
-	0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
-	0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
-	0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
-	0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
-	0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
-	0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
-	0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
-	0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
-	0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
-	0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
-	0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
-	0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
-	0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
-	0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
-	0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
-	0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
-	0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
-	0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
-	0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
-	0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
-	0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
-	0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
-	0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
-	0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
-	0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
-	0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
-	0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
-	0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
-	0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
-	0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
-	0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
-	0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
-	0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
-	0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
-	0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
-	0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
-	0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
-	0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
-	0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
-	0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
-	0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
-	0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
-	0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
-	0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
-	0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
-	0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
-	0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
-	0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
-	0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
-	0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
-	0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
-	0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
-	0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
-	0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
-	0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
-	0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
-	0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
-	0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
-	0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
-	0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
-	0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
-	0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
-	0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
-	0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
-	0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
-	0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
-	0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
-	0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
-	0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
-	0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
-	0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
-	0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
-	0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
-	0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
-	0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
-	0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
-	0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
-	0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
-	0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
-	0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
-	0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
-	0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
-	0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
-	0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
-	0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
-	0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
-	0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
-	0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
-	0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
-	0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
-	0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
-	0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
-	0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
-	0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
-	0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
-	0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
-	0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
-	0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
-	0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
-	0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
-	0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
-	0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
-	0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
-	0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
-	0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
-	0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
-	0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
-	0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
-	0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
-	0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
-	0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
-	0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
-	0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
-	0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
-	0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
-	0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
-	0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
-	0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
-	0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
-	0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
-	0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
-	0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
-	0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
-	0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
-	0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
-	0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
-	0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
-	0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
-	0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
-	0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
-	0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
-	0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
-	0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
-	0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
-	0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
-	0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
-	0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
-	0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
-	0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
-	0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
-	0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
-	0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
-	};
+static unsigned char test4096[] = {
+    0x30, 0x82, 0x09, 0x29, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02,
+    0x01, 0x00, 0xc0, 0x71, 0xac, 0x1a, 0x13, 0x88, 0x82, 0x43,
+    0x3b, 0x51, 0x57, 0x71, 0x8d, 0xb6, 0x2b, 0x82, 0x65, 0x21,
+    0x53, 0x5f, 0x28, 0x29, 0x4f, 0x8d, 0x7c, 0x8a, 0xb9, 0x44,
+    0xb3, 0x28, 0x41, 0x4f, 0xd3, 0xfa, 0x6a, 0xf8, 0xb9, 0x28,
+    0x50, 0x39, 0x67, 0x53, 0x2c, 0x3c, 0xd7, 0xcb, 0x96, 0x41,
+    0x40, 0x32, 0xbb, 0xeb, 0x70, 0xae, 0x1f, 0xb0, 0x65, 0xf7,
+    0x3a, 0xd9, 0x22, 0xfd, 0x10, 0xae, 0xbd, 0x02, 0xe2, 0xdd,
+    0xf3, 0xc2, 0x79, 0x3c, 0xc6, 0xfc, 0x75, 0xbb, 0xaf, 0x4e,
+    0x3a, 0x36, 0xc2, 0x4f, 0xea, 0x25, 0xdf, 0x13, 0x16, 0x4b,
+    0x20, 0xfe, 0x4b, 0x69, 0x16, 0xc4, 0x7f, 0x1a, 0x43, 0xa6,
+    0x17, 0x1b, 0xb9, 0x0a, 0xf3, 0x09, 0x86, 0x28, 0x89, 0xcf,
+    0x2c, 0xd0, 0xd4, 0x81, 0xaf, 0xc6, 0x6d, 0xe6, 0x21, 0x8d,
+    0xee, 0xef, 0xea, 0xdc, 0xb7, 0xc6, 0x3b, 0x63, 0x9f, 0x0e,
+    0xad, 0x89, 0x78, 0x23, 0x18, 0xbf, 0x70, 0x7e, 0x84, 0xe0,
+    0x37, 0xec, 0xdb, 0x8e, 0x9c, 0x3e, 0x6a, 0x19, 0xcc, 0x99,
+    0x72, 0xe6, 0xb5, 0x7d, 0x6d, 0xfa, 0xe5, 0xd3, 0xe4, 0x90,
+    0xb5, 0xb2, 0xb2, 0x12, 0x70, 0x4e, 0xca, 0xf8, 0x10, 0xf8,
+    0xa3, 0x14, 0xc2, 0x48, 0x19, 0xeb, 0x60, 0x99, 0xbb, 0x2a,
+    0x1f, 0xb1, 0x7a, 0xb1, 0x3d, 0x24, 0xfb, 0xa0, 0x29, 0xda,
+    0xbd, 0x1b, 0xd7, 0xa4, 0xbf, 0xef, 0x60, 0x2d, 0x22, 0xca,
+    0x65, 0x98, 0xf1, 0xc4, 0xe1, 0xc9, 0x02, 0x6b, 0x16, 0x28,
+    0x2f, 0xa1, 0xaa, 0x79, 0x00, 0xda, 0xdc, 0x7c, 0x43, 0xf7,
+    0x42, 0x3c, 0xa0, 0xef, 0x68, 0xf7, 0xdf, 0xb9, 0x69, 0xfb,
+    0x8e, 0x01, 0xed, 0x01, 0x42, 0xb5, 0x4e, 0x57, 0xa6, 0x26,
+    0xb8, 0xd0, 0x7b, 0x56, 0x6d, 0x03, 0xc6, 0x40, 0x8c, 0x8c,
+    0x2a, 0x55, 0xd7, 0x9c, 0x35, 0x00, 0x94, 0x93, 0xec, 0x03,
+    0xeb, 0x22, 0xef, 0x77, 0xbb, 0x79, 0x13, 0x3f, 0x15, 0xa1,
+    0x8f, 0xca, 0xdf, 0xfd, 0xd3, 0xb8, 0xe1, 0xd4, 0xcc, 0x09,
+    0x3f, 0x3c, 0x2c, 0xdb, 0xd1, 0x49, 0x7f, 0x38, 0x07, 0x83,
+    0x6d, 0xeb, 0x08, 0x66, 0xe9, 0x06, 0x44, 0x12, 0xac, 0x95,
+    0x22, 0x90, 0x23, 0x67, 0xd4, 0x08, 0xcc, 0xf4, 0xb7, 0xdc,
+    0xcc, 0x87, 0xd4, 0xac, 0x69, 0x35, 0x4c, 0xb5, 0x39, 0x36,
+    0xcd, 0xa4, 0xd2, 0x95, 0xca, 0x0d, 0xc5, 0xda, 0xc2, 0xc5,
+    0x22, 0x32, 0x28, 0x08, 0xe3, 0xd2, 0x8b, 0x38, 0x30, 0xdc,
+    0x8c, 0x75, 0x4f, 0x6a, 0xec, 0x7a, 0xac, 0x16, 0x3e, 0xa8,
+    0xd4, 0x6a, 0x45, 0xe1, 0xa8, 0x4f, 0x2e, 0x80, 0x34, 0xaa,
+    0x54, 0x1b, 0x02, 0x95, 0x7d, 0x8a, 0x6d, 0xcc, 0x79, 0xca,
+    0xf2, 0xa4, 0x2e, 0x8d, 0xfb, 0xfe, 0x15, 0x51, 0x10, 0x0e,
+    0x4d, 0x88, 0xb1, 0xc7, 0xf4, 0x79, 0xdb, 0xf0, 0xb4, 0x56,
+    0x44, 0x37, 0xca, 0x5a, 0xc1, 0x8c, 0x48, 0xac, 0xae, 0x48,
+    0x80, 0x83, 0x01, 0x3f, 0xde, 0xd9, 0xd3, 0x2c, 0x51, 0x46,
+    0xb1, 0x41, 0xb6, 0xc6, 0x91, 0x72, 0xf9, 0x83, 0x55, 0x1b,
+    0x8c, 0xba, 0xf3, 0x73, 0xe5, 0x2c, 0x74, 0x50, 0x3a, 0xbe,
+    0xc5, 0x2f, 0xa7, 0xb2, 0x6d, 0x8c, 0x9e, 0x13, 0x77, 0xa3,
+    0x13, 0xcd, 0x6d, 0x8c, 0x45, 0xe1, 0xfc, 0x0b, 0xb7, 0x69,
+    0xe9, 0x27, 0xbc, 0x65, 0xc3, 0xfa, 0x9b, 0xd0, 0xef, 0xfe,
+    0xe8, 0x1f, 0xb3, 0x5e, 0x34, 0xf4, 0x8c, 0xea, 0xfc, 0xd3,
+    0x81, 0xbf, 0x3d, 0x30, 0xb2, 0xb4, 0x01, 0xe8, 0x43, 0x0f,
+    0xba, 0x02, 0x23, 0x42, 0x76, 0x82, 0x31, 0x73, 0x91, 0xed,
+    0x07, 0x46, 0x61, 0x0d, 0x39, 0x83, 0x40, 0xce, 0x7a, 0xd4,
+    0xdb, 0x80, 0x2c, 0x1f, 0x0d, 0xd1, 0x34, 0xd4, 0x92, 0xe3,
+    0xd4, 0xf1, 0xc2, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
+    0x82, 0x02, 0x01, 0x00, 0x97, 0x6c, 0xda, 0x6e, 0xea, 0x4f,
+    0xcf, 0xaf, 0xf7, 0x4c, 0xd9, 0xf1, 0x90, 0x00, 0x77, 0xdb,
+    0xf2, 0x97, 0x76, 0x72, 0xb9, 0xb7, 0x47, 0xd1, 0x9c, 0xdd,
+    0xcb, 0x4a, 0x33, 0x6e, 0xc9, 0x75, 0x76, 0xe6, 0xe4, 0xa5,
+    0x31, 0x8c, 0x77, 0x13, 0xb4, 0x29, 0xcd, 0xf5, 0x52, 0x17,
+    0xef, 0xf3, 0x08, 0x00, 0xe3, 0xbd, 0x2e, 0xbc, 0xd4, 0x52,
+    0x88, 0xe9, 0x30, 0x75, 0x0b, 0x02, 0xf5, 0xcd, 0x89, 0x0c,
+    0x6c, 0x57, 0x19, 0x27, 0x3d, 0x1e, 0x85, 0xb4, 0xc1, 0x2f,
+    0x1d, 0x92, 0x00, 0x5c, 0x76, 0x29, 0x4b, 0xa4, 0xe1, 0x12,
+    0xb3, 0xc8, 0x09, 0xfe, 0x0e, 0x78, 0x72, 0x61, 0xcb, 0x61,
+    0x6f, 0x39, 0x91, 0x95, 0x4e, 0xd5, 0x3e, 0xc7, 0x8f, 0xb8,
+    0xf6, 0x36, 0xfe, 0x9c, 0x93, 0x9a, 0x38, 0x25, 0x7a, 0xf4,
+    0x4a, 0x12, 0xd4, 0xa0, 0x13, 0xbd, 0xf9, 0x1d, 0x12, 0x3e,
+    0x21, 0x39, 0xfb, 0x72, 0xe0, 0x05, 0x3d, 0xc3, 0xe5, 0x50,
+    0xa8, 0x5d, 0x85, 0xa3, 0xea, 0x5f, 0x1c, 0xb2, 0x3f, 0xea,
+    0x6d, 0x03, 0x91, 0x55, 0xd8, 0x19, 0x0a, 0x21, 0x12, 0x16,
+    0xd9, 0x12, 0xc4, 0xe6, 0x07, 0x18, 0x5b, 0x26, 0xa4, 0xae,
+    0xed, 0x2b, 0xb7, 0xa6, 0xed, 0xf8, 0xad, 0xec, 0x77, 0xe6,
+    0x7f, 0x4f, 0x76, 0x00, 0xc0, 0xfa, 0x15, 0x92, 0xb4, 0x2c,
+    0x22, 0xc2, 0xeb, 0x6a, 0xad, 0x14, 0x05, 0xb2, 0xe5, 0x8a,
+    0x9e, 0x85, 0x83, 0xcc, 0x04, 0xf1, 0x56, 0x78, 0x44, 0x5e,
+    0xde, 0xe0, 0x60, 0x1a, 0x65, 0x79, 0x31, 0x23, 0x05, 0xbb,
+    0x01, 0xff, 0xdd, 0x2e, 0xb7, 0xb3, 0xaa, 0x74, 0xe0, 0xa5,
+    0x94, 0xaf, 0x4b, 0xde, 0x58, 0x0f, 0x55, 0xde, 0x33, 0xf6,
+    0xe3, 0xd6, 0x34, 0x36, 0x57, 0xd6, 0x79, 0x91, 0x2e, 0xbe,
+    0x3b, 0xd9, 0x4e, 0xb6, 0x9d, 0x21, 0x5c, 0xd3, 0x48, 0x14,
+    0x7f, 0x4a, 0xc4, 0x60, 0xa9, 0x29, 0xf8, 0x53, 0x7f, 0x88,
+    0x11, 0x2d, 0xb5, 0xc5, 0x2d, 0x6f, 0xee, 0x85, 0x0b, 0xf7,
+    0x8d, 0x9a, 0xbe, 0xb0, 0x42, 0xf2, 0x2e, 0x71, 0xaf, 0x19,
+    0x31, 0x6d, 0xec, 0xcd, 0x6f, 0x2b, 0x23, 0xdf, 0xb4, 0x40,
+    0xaf, 0x2c, 0x0a, 0xc3, 0x1b, 0x7d, 0x7d, 0x03, 0x1d, 0x4b,
+    0xf3, 0xb5, 0xe0, 0x85, 0xd8, 0xdf, 0x91, 0x6b, 0x0a, 0x69,
+    0xf7, 0xf2, 0x69, 0x66, 0x5b, 0xf1, 0xcf, 0x46, 0x7d, 0xe9,
+    0x70, 0xfa, 0x6d, 0x7e, 0x75, 0x4e, 0xa9, 0x77, 0xe6, 0x8c,
+    0x02, 0xf7, 0x14, 0x4d, 0xa5, 0x41, 0x8f, 0x3f, 0xc1, 0x62,
+    0x1e, 0x71, 0x5e, 0x38, 0xb4, 0xd6, 0xe6, 0xe1, 0x4b, 0xc2,
+    0x2c, 0x30, 0x83, 0x81, 0x6f, 0x49, 0x2e, 0x96, 0xe6, 0xc9,
+    0x9a, 0xf7, 0x5d, 0x09, 0xa0, 0x55, 0x02, 0xa5, 0x3a, 0x25,
+    0x23, 0xd0, 0x92, 0xc3, 0xa3, 0xe3, 0x0e, 0x12, 0x2f, 0x4d,
+    0xef, 0xf3, 0x55, 0x5a, 0xbe, 0xe6, 0x19, 0x86, 0x31, 0xab,
+    0x75, 0x9a, 0xd3, 0xf0, 0x2c, 0xc5, 0x41, 0x92, 0xd9, 0x1f,
+    0x5f, 0x11, 0x8c, 0x75, 0x1c, 0x63, 0xd0, 0x02, 0x80, 0x2c,
+    0x68, 0xcb, 0x93, 0xfb, 0x51, 0x73, 0x49, 0xb4, 0x60, 0xda,
+    0xe2, 0x26, 0xaf, 0xa9, 0x46, 0x12, 0xb8, 0xec, 0x50, 0xdd,
+    0x12, 0x06, 0x5f, 0xce, 0x59, 0xe6, 0xf6, 0x1c, 0xe0, 0x54,
+    0x10, 0xad, 0xf6, 0xcd, 0x98, 0xcc, 0x0f, 0xfb, 0xcb, 0x41,
+    0x14, 0x9d, 0xed, 0xe4, 0xb4, 0x74, 0x5f, 0x09, 0x60, 0xc7,
+    0x12, 0xf6, 0x7b, 0x3c, 0x8f, 0xa7, 0x20, 0xbc, 0xe4, 0xb1,
+    0xef, 0xeb, 0xa4, 0x93, 0xc5, 0x06, 0xca, 0x9a, 0x27, 0x9d,
+    0x87, 0xf3, 0xde, 0xca, 0xe5, 0xe7, 0xf6, 0x1c, 0x01, 0x65,
+    0x5b, 0xfb, 0x19, 0x79, 0x6e, 0x08, 0x26, 0xc5, 0xc8, 0x28,
+    0x0e, 0xb6, 0x3b, 0x07, 0x08, 0xc1, 0x02, 0x82, 0x01, 0x01,
+    0x00, 0xe8, 0x1c, 0x73, 0xa6, 0xb8, 0xe0, 0x0e, 0x6d, 0x8d,
+    0x1b, 0xb9, 0x53, 0xed, 0x58, 0x94, 0xe6, 0x1d, 0x60, 0x14,
+    0x5c, 0x76, 0x43, 0xc4, 0x58, 0x19, 0xc4, 0x24, 0xe8, 0xbc,
+    0x1b, 0x3b, 0x0b, 0x13, 0x24, 0x45, 0x54, 0x0e, 0xcc, 0x37,
+    0xf0, 0xe0, 0x63, 0x7d, 0xc3, 0xf7, 0xfb, 0x81, 0x74, 0x81,
+    0xc4, 0x0f, 0x1a, 0x21, 0x48, 0xaf, 0xce, 0xc1, 0xc4, 0x94,
+    0x18, 0x06, 0x44, 0x8d, 0xd3, 0xd2, 0x22, 0x2d, 0x2d, 0x3e,
+    0x5a, 0x31, 0xdc, 0x95, 0x8e, 0xf4, 0x41, 0xfc, 0x58, 0xc9,
+    0x40, 0x92, 0x17, 0x5f, 0xe3, 0xda, 0xac, 0x9e, 0x3f, 0x1c,
+    0x2a, 0x6b, 0x58, 0x5f, 0x48, 0x78, 0x20, 0xb1, 0xaf, 0x24,
+    0x9b, 0x3c, 0x20, 0x8b, 0x93, 0x25, 0x9e, 0xe6, 0x6b, 0xbc,
+    0x13, 0x42, 0x14, 0x6c, 0x36, 0x31, 0xff, 0x7a, 0xd1, 0xc1,
+    0x1a, 0x26, 0x14, 0x7f, 0xa9, 0x76, 0xa7, 0x0c, 0xf8, 0xcc,
+    0xed, 0x07, 0x6a, 0xd2, 0xdf, 0x62, 0xee, 0x0a, 0x7c, 0x84,
+    0xcb, 0x49, 0x90, 0xb2, 0x03, 0x0d, 0xa2, 0x82, 0x06, 0x77,
+    0xf1, 0xcd, 0x67, 0xf2, 0x47, 0x21, 0x02, 0x3f, 0x43, 0x21,
+    0xf0, 0x46, 0x30, 0x62, 0x51, 0x72, 0xb1, 0xe7, 0x48, 0xc6,
+    0x67, 0x12, 0xcd, 0x9e, 0xd6, 0x15, 0xe5, 0x21, 0xed, 0xfa,
+    0x8f, 0x30, 0xa6, 0x41, 0xfe, 0xb6, 0xfa, 0x8f, 0x34, 0x14,
+    0x19, 0xe8, 0x11, 0xf7, 0xa5, 0x77, 0x3e, 0xb7, 0xf9, 0x39,
+    0x07, 0x8c, 0x67, 0x2a, 0xab, 0x7b, 0x08, 0xf8, 0xb0, 0x06,
+    0xa8, 0xea, 0x2f, 0x8f, 0xfa, 0xcc, 0xcc, 0x40, 0xce, 0xf3,
+    0x70, 0x4f, 0x3f, 0x7f, 0xe2, 0x0c, 0xea, 0x76, 0x4a, 0x35,
+    0x4e, 0x47, 0xad, 0x2b, 0xa7, 0x97, 0x5d, 0x74, 0x43, 0x97,
+    0x90, 0xd2, 0xfb, 0xd9, 0xf9, 0x96, 0x01, 0x33, 0x05, 0xed,
+    0x7b, 0x03, 0x05, 0xad, 0xf8, 0x49, 0x03, 0x02, 0x82, 0x01,
+    0x01, 0x00, 0xd4, 0x40, 0x17, 0x66, 0x10, 0x92, 0x95, 0xc8,
+    0xec, 0x62, 0xa9, 0x7a, 0xcb, 0x93, 0x8e, 0xe6, 0x53, 0xd4,
+    0x80, 0x48, 0x27, 0x4b, 0x41, 0xce, 0x61, 0xdf, 0xbf, 0x94,
+    0xa4, 0x3d, 0x71, 0x03, 0x0b, 0xed, 0x25, 0x71, 0x98, 0xa4,
+    0xd6, 0xd5, 0x4a, 0x57, 0xf5, 0x6c, 0x1b, 0xda, 0x21, 0x7d,
+    0x35, 0x45, 0xb3, 0xf3, 0x6a, 0xd9, 0xd3, 0x43, 0xe8, 0x5c,
+    0x54, 0x1c, 0x83, 0x1b, 0xb4, 0x5f, 0xf2, 0x97, 0x24, 0x2e,
+    0xdc, 0x40, 0xde, 0x92, 0x23, 0x59, 0x8e, 0xbc, 0xd2, 0xa1,
+    0xf2, 0xe0, 0x4c, 0xdd, 0x0b, 0xd1, 0xe7, 0xae, 0x65, 0xbc,
+    0xb5, 0xf5, 0x5b, 0x98, 0xe9, 0xd7, 0xc2, 0xb7, 0x0e, 0x55,
+    0x71, 0x0e, 0x3c, 0x0a, 0x24, 0x6b, 0xa6, 0xe6, 0x14, 0x61,
+    0x11, 0xfd, 0x33, 0x42, 0x99, 0x2b, 0x84, 0x77, 0x74, 0x92,
+    0x91, 0xf5, 0x79, 0x79, 0xcf, 0xad, 0x8e, 0x04, 0xef, 0x80,
+    0x1e, 0x57, 0xf4, 0x14, 0xf5, 0x35, 0x09, 0x74, 0xb2, 0x13,
+    0x71, 0x58, 0x6b, 0xea, 0x32, 0x5d, 0xf3, 0xd3, 0x76, 0x48,
+    0x39, 0x10, 0x23, 0x84, 0x9d, 0xbe, 0x92, 0x77, 0x4a, 0xed,
+    0x70, 0x3e, 0x1a, 0xa2, 0x6c, 0xb3, 0x81, 0x00, 0xc3, 0xc9,
+    0xe4, 0x52, 0xc8, 0x24, 0x88, 0x0c, 0x41, 0xad, 0x87, 0x5a,
+    0xea, 0xa3, 0x7a, 0x85, 0x1c, 0x5e, 0x31, 0x7f, 0xc3, 0x35,
+    0xc6, 0xfa, 0x10, 0xc8, 0x75, 0x10, 0xc4, 0x96, 0x99, 0xe7,
+    0xfe, 0x01, 0xb4, 0x74, 0xdb, 0xb4, 0x11, 0xc3, 0xc8, 0x8c,
+    0xf6, 0xf7, 0x3b, 0x66, 0x50, 0xfc, 0xdb, 0xeb, 0xca, 0x47,
+    0x85, 0x89, 0xe1, 0x65, 0xd9, 0x62, 0x34, 0x3c, 0x70, 0xd8,
+    0x2e, 0xb4, 0x2f, 0x65, 0x3c, 0x4a, 0xa6, 0x2a, 0xe7, 0xc7,
+    0xd8, 0x41, 0x8f, 0x8a, 0x43, 0xbf, 0x42, 0xf2, 0x4d, 0xbc,
+    0xfc, 0x9e, 0x27, 0x95, 0xfb, 0x75, 0xff, 0xab, 0x02, 0x82,
+    0x01, 0x00, 0x41, 0x2f, 0x44, 0x57, 0x6d, 0x12, 0x17, 0x5b,
+    0x32, 0xc6, 0xb7, 0x6c, 0x57, 0x7a, 0x8a, 0x0e, 0x79, 0xef,
+    0x72, 0xa8, 0x68, 0xda, 0x2d, 0x38, 0xe4, 0xbb, 0x8d, 0xf6,
+    0x02, 0x65, 0xcf, 0x56, 0x13, 0xe1, 0x1a, 0xcb, 0x39, 0x80,
+    0xa6, 0xb1, 0x32, 0x03, 0x1e, 0xdd, 0xbb, 0x35, 0xd9, 0xac,
+    0x43, 0x89, 0x31, 0x08, 0x90, 0x92, 0x5e, 0x35, 0x3d, 0x7b,
+    0x9c, 0x6f, 0x86, 0xcb, 0x17, 0xdd, 0x85, 0xe4, 0xed, 0x35,
+    0x08, 0x8e, 0xc1, 0xf4, 0x05, 0xd8, 0x68, 0xc6, 0x63, 0x3c,
+    0xf7, 0xff, 0xf7, 0x47, 0x33, 0x39, 0xc5, 0x3e, 0xb7, 0x0e,
+    0x58, 0x35, 0x9d, 0x81, 0xea, 0xf8, 0x6a, 0x2c, 0x1c, 0x5a,
+    0x68, 0x78, 0x64, 0x11, 0x6b, 0xc1, 0x3e, 0x4e, 0x7a, 0xbd,
+    0x84, 0xcb, 0x0f, 0xc2, 0xb6, 0x85, 0x1d, 0xd3, 0x76, 0xc5,
+    0x93, 0x6a, 0x69, 0x89, 0x56, 0x34, 0xdc, 0x4a, 0x9b, 0xbc,
+    0xff, 0xa8, 0x0d, 0x6e, 0x35, 0x9c, 0x60, 0xa7, 0x23, 0x30,
+    0xc7, 0x06, 0x64, 0x39, 0x8b, 0x94, 0x89, 0xee, 0xba, 0x7f,
+    0x60, 0x8d, 0xfa, 0xb6, 0x97, 0x76, 0xdc, 0x51, 0x4a, 0x3c,
+    0xeb, 0x3a, 0x14, 0x2c, 0x20, 0x60, 0x69, 0x4a, 0x86, 0xfe,
+    0x8c, 0x21, 0x84, 0x49, 0x54, 0xb3, 0x20, 0xe1, 0x01, 0x7f,
+    0x58, 0xdf, 0x7f, 0xb5, 0x21, 0x51, 0x8c, 0x47, 0x9f, 0x91,
+    0xeb, 0x97, 0x3e, 0xf2, 0x54, 0xcf, 0x16, 0x46, 0xf9, 0xd9,
+    0xb6, 0xe7, 0x64, 0xc9, 0xd0, 0x54, 0xea, 0x2f, 0xa1, 0xcf,
+    0xa5, 0x7f, 0x28, 0x8d, 0x84, 0xec, 0xd5, 0x39, 0x03, 0x76,
+    0x5b, 0x2d, 0x8e, 0x43, 0xf2, 0x01, 0x24, 0xc9, 0x6f, 0xc0,
+    0xf5, 0x69, 0x6f, 0x7d, 0xb5, 0x85, 0xd2, 0x5f, 0x7f, 0x78,
+    0x40, 0x07, 0x7f, 0x09, 0x15, 0xb5, 0x1f, 0x28, 0x65, 0x10,
+    0xe4, 0x19, 0xa8, 0xc6, 0x9e, 0x8d, 0xdc, 0xcb, 0x02, 0x82,
+    0x01, 0x00, 0x13, 0x01, 0xee, 0x56, 0x80, 0x93, 0x70, 0x00,
+    0x7f, 0x52, 0xd2, 0x94, 0xa1, 0x98, 0x84, 0x4a, 0x92, 0x25,
+    0x4c, 0x9b, 0xa9, 0x91, 0x2e, 0xc2, 0x79, 0xb7, 0x5c, 0xe3,
+    0xc5, 0xd5, 0x8e, 0xc2, 0x54, 0x16, 0x17, 0xad, 0x55, 0x9b,
+    0x25, 0x76, 0x12, 0x63, 0x50, 0x22, 0x2f, 0x58, 0x58, 0x79,
+    0x6b, 0x04, 0xe3, 0xf9, 0x9f, 0x8f, 0x04, 0x41, 0x67, 0x94,
+    0xa5, 0x1f, 0xac, 0x8a, 0x15, 0x9c, 0x26, 0x10, 0x6c, 0xf8,
+    0x19, 0x57, 0x61, 0xd7, 0x3a, 0x7d, 0x31, 0xb0, 0x2d, 0x38,
+    0xbd, 0x94, 0x62, 0xad, 0xc4, 0xfa, 0x36, 0x42, 0x42, 0xf0,
+    0x24, 0x67, 0x65, 0x9d, 0x8b, 0x0b, 0x7c, 0x6f, 0x82, 0x44,
+    0x1a, 0x8c, 0xc8, 0xc9, 0xab, 0xbb, 0x4c, 0x45, 0xfc, 0x7b,
+    0x38, 0xee, 0x30, 0xe1, 0xfc, 0xef, 0x8d, 0xbc, 0x58, 0xdf,
+    0x2b, 0x5d, 0x0d, 0x54, 0xe0, 0x49, 0x4d, 0x97, 0x99, 0x8f,
+    0x22, 0xa8, 0x83, 0xbe, 0x40, 0xbb, 0x50, 0x2e, 0x78, 0x28,
+    0x0f, 0x95, 0x78, 0x8c, 0x8f, 0x98, 0x24, 0x56, 0xc2, 0x97,
+    0xf3, 0x2c, 0x43, 0xd2, 0x03, 0x82, 0x66, 0x81, 0x72, 0x5f,
+    0x53, 0x16, 0xec, 0xb1, 0xb1, 0x04, 0x5e, 0x40, 0x20, 0x48,
+    0x7b, 0x3f, 0x02, 0x97, 0x6a, 0xeb, 0x96, 0x12, 0x21, 0x35,
+    0xfe, 0x1f, 0x47, 0xc0, 0x95, 0xea, 0xc5, 0x8a, 0x08, 0x84,
+    0x4f, 0x5e, 0x63, 0x94, 0x60, 0x0f, 0x71, 0x5b, 0x7f, 0x4a,
+    0xec, 0x4f, 0x60, 0xc6, 0xba, 0x4a, 0x24, 0xf1, 0x20, 0x8b,
+    0xa7, 0x2e, 0x3a, 0xce, 0x8d, 0xe0, 0x27, 0x1d, 0xb5, 0x8e,
+    0xb4, 0x21, 0xc5, 0xe2, 0xa6, 0x16, 0x0a, 0x51, 0x83, 0x55,
+    0x88, 0xd1, 0x30, 0x11, 0x63, 0xd5, 0xd7, 0x8d, 0xae, 0x16,
+    0x12, 0x82, 0xc4, 0x85, 0x00, 0x4e, 0x27, 0x83, 0xa5, 0x7c,
+    0x90, 0x2e, 0xe5, 0xa2, 0xa3, 0xd3, 0x4c, 0x63, 0x02, 0x82,
+    0x01, 0x01, 0x00, 0x86, 0x08, 0x98, 0x98, 0xa5, 0x00, 0x05,
+    0x39, 0x77, 0xd9, 0x66, 0xb3, 0xcf, 0xca, 0xa0, 0x71, 0xb3,
+    0x50, 0xce, 0x3d, 0xb1, 0x93, 0x95, 0x35, 0xc4, 0xd4, 0x2e,
+    0x90, 0xdf, 0x0f, 0xfc, 0x60, 0xc1, 0x94, 0x68, 0x61, 0x43,
+    0xca, 0x9a, 0x23, 0x4a, 0x1e, 0x45, 0x72, 0x99, 0xb5, 0x1e,
+    0x61, 0x8d, 0x77, 0x0f, 0xa0, 0xbb, 0xd7, 0x77, 0xb4, 0x2a,
+    0x15, 0x11, 0x88, 0x2d, 0xb3, 0x56, 0x61, 0x5e, 0x6a, 0xed,
+    0xa4, 0x46, 0x4a, 0x3f, 0x50, 0x11, 0xd6, 0xba, 0xb6, 0xd7,
+    0x95, 0x65, 0x53, 0xc3, 0xa1, 0x8f, 0xe0, 0xa3, 0xf5, 0x1c,
+    0xfd, 0xaf, 0x6e, 0x43, 0xd7, 0x17, 0xa7, 0xd3, 0x81, 0x1b,
+    0xa4, 0xdf, 0xe0, 0x97, 0x8a, 0x46, 0x03, 0xd3, 0x46, 0x0e,
+    0x83, 0x48, 0x4e, 0xd2, 0x02, 0xcb, 0xc0, 0xad, 0x79, 0x95,
+    0x8c, 0x96, 0xba, 0x40, 0x34, 0x11, 0x71, 0x5e, 0xe9, 0x11,
+    0xf9, 0xc5, 0x4a, 0x5e, 0x91, 0x9d, 0xf5, 0x92, 0x4f, 0xeb,
+    0xc6, 0x70, 0x02, 0x2d, 0x3d, 0x04, 0xaa, 0xe9, 0x3a, 0x8e,
+    0xd5, 0xa8, 0xad, 0xf7, 0xce, 0x0d, 0x16, 0xb2, 0xec, 0x0a,
+    0x9c, 0xf5, 0x94, 0x39, 0xb9, 0x8a, 0xfc, 0x1e, 0xf9, 0xcc,
+    0xf2, 0x5f, 0x21, 0x31, 0x74, 0x72, 0x6b, 0x64, 0xae, 0x35,
+    0x61, 0x8d, 0x0d, 0xcb, 0xe7, 0xda, 0x39, 0xca, 0xf3, 0x21,
+    0x66, 0x0b, 0x95, 0xd7, 0x0a, 0x7c, 0xca, 0xa1, 0xa9, 0x5a,
+    0xe8, 0xac, 0xe0, 0x71, 0x54, 0xaf, 0x28, 0xcf, 0xd5, 0x70,
+    0x89, 0xe0, 0xf3, 0x9e, 0x43, 0x6c, 0x8d, 0x7b, 0x99, 0x01,
+    0x68, 0x4d, 0xa1, 0x45, 0x46, 0x0c, 0x43, 0xbc, 0xcc, 0x2c,
+    0xdd, 0xc5, 0x46, 0xc8, 0x4e, 0x0e, 0xbe, 0xed, 0xb9, 0x26,
+    0xab, 0x2e, 0xdb, 0xeb, 0x8f, 0xff, 0xdb, 0xb0, 0xc6, 0x55,
+    0xaf, 0xf8, 0x2a, 0x91, 0x9d, 0x50, 0x44, 0x21, 0x17,
+};
--- a/apps/timeouts.h
+++ b/apps/timeouts.h
@ -58,10 +58,10 @@
 */

 #ifndef INCLUDED_TIMEOUTS_H
-#define INCLUDED_TIMEOUTS_H
+# define INCLUDED_TIMEOUTS_H

 /* numbers in us */
-#define DGRAM_RCV_TIMEOUT         250000
-#define DGRAM_SND_TIMEOUT         250000
+# define DGRAM_RCV_TIMEOUT         250000
+# define DGRAM_SND_TIMEOUT         250000

 #endif                          /* ! INCLUDED_TIMEOUTS_H */
--- a/apps/ts.c
+++ b/apps/ts.c
--- a/apps/verify.c
+++ b/apps/verify.c
@ -73,97 +73,88 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
 static int check(X509_STORE *ctx, char *file,
                 STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
                 STACK_OF(X509_CRL) *crls, ENGINE *e);
-static int v_verbose=0, vflags = 0;
+static int v_verbose = 0, vflags = 0;

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
+{
    ENGINE *e = NULL;
-	int i,ret=1, badarg = 0;
-	char *CApath=NULL,*CAfile=NULL;
+    int i, ret = 1, badarg = 0;
+    char *CApath = NULL, *CAfile = NULL;
    char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
    STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
    STACK_OF(X509_CRL) *crls = NULL;
-	X509_STORE *cert_ctx=NULL;
-	X509_LOOKUP *lookup=NULL;
+    X509_STORE *cert_ctx = NULL;
+    X509_LOOKUP *lookup = NULL;
    X509_VERIFY_PARAM *vpm = NULL;
 #ifndef OPENSSL_NO_ENGINE
-	char *engine=NULL;
+    char *engine = NULL;
 #endif

-	cert_ctx=X509_STORE_new();
-	if (cert_ctx == NULL) goto end;
-	X509_STORE_set_verify_cb(cert_ctx,cb);
+    cert_ctx = X509_STORE_new();
+    if (cert_ctx == NULL)
+        goto end;
+    X509_STORE_set_verify_cb(cert_ctx, cb);

    ERR_load_crypto_strings();

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

    argc--;
    argv++;
-	for (;;)
-		{
-		if (argc >= 1)
-			{
-			if (strcmp(*argv,"-CApath") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CApath= *(++argv);
-				}
-			else if (strcmp(*argv,"-CAfile") == 0)
-				{
-				if (argc-- < 1) goto end;
-				CAfile= *(++argv);
-				}
-			else if (args_verify(&argv, &argc, &badarg, bio_err,
-									&vpm))
-				{
+    for (;;) {
+        if (argc >= 1) {
+            if (strcmp(*argv, "-CApath") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                CApath = *(++argv);
+            } else if (strcmp(*argv, "-CAfile") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                CAfile = *(++argv);
+            } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
                if (badarg)
                    goto end;
                continue;
-				}
-			else if (strcmp(*argv,"-untrusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				untfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-trusted") == 0)
-				{
-				if (argc-- < 1) goto end;
-				trustfile= *(++argv);
-				}
-			else if (strcmp(*argv,"-CRLfile") == 0)
-				{
-				if (argc-- < 1) goto end;
-				crlfile= *(++argv);
+            } else if (strcmp(*argv, "-untrusted") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                untfile = *(++argv);
+            } else if (strcmp(*argv, "-trusted") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                trustfile = *(++argv);
+            } else if (strcmp(*argv, "-CRLfile") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                crlfile = *(++argv);
            }
 #ifndef OPENSSL_NO_ENGINE
-			else if (strcmp(*argv,"-engine") == 0)
-				{
-				if (--argc < 1) goto end;
-				engine= *(++argv);
+            else if (strcmp(*argv, "-engine") == 0) {
+                if (--argc < 1)
+                    goto end;
+                engine = *(++argv);
            }
 #endif
-			else if (strcmp(*argv,"-help") == 0)
+            else if (strcmp(*argv, "-help") == 0)
                goto end;
-			else if (strcmp(*argv,"-verbose") == 0)
-				v_verbose=1;
+            else if (strcmp(*argv, "-verbose") == 0)
+                v_verbose = 1;
            else if (argv[0][0] == '-')
                goto end;
            else
                break;
            argc--;
            argv++;
-			}
-		else
+        } else
            break;
    }

@ -174,79 +165,76 @@ int MAIN(int argc, char **argv)
    if (vpm)
        X509_STORE_set1_param(cert_ctx, vpm);

-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
-	if (lookup == NULL) abort();
+    lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
+    if (lookup == NULL)
+        abort();
    if (CAfile) {
-		i=X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM);
-		if(!i) {
+        i = X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM);
+        if (!i) {
            BIO_printf(bio_err, "Error loading file %s\n", CAfile);
            ERR_print_errors(bio_err);
            goto end;
        }
-	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+    } else
+        X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);

-	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
-	if (lookup == NULL) abort();
+    lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
+    if (lookup == NULL)
+        abort();
    if (CApath) {
-		i=X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM);
-		if(!i) {
+        i = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
+        if (!i) {
            BIO_printf(bio_err, "Error loading directory %s\n", CApath);
            ERR_print_errors(bio_err);
            goto end;
        }
-	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+    } else
+        X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);

    ERR_clear_error();

-	if(untfile)
-		{
+    if (untfile) {
        untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
                               NULL, e, "untrusted certificates");
-		if(!untrusted)
+        if (!untrusted)
            goto end;
    }

-	if(trustfile)
-		{
+    if (trustfile) {
        trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
                             NULL, e, "trusted certificates");
-		if(!trusted)
+        if (!trusted)
            goto end;
    }

-	if(crlfile)
-		{
-		crls = load_crls(bio_err, crlfile, FORMAT_PEM,
-					NULL, e, "other CRLs");
-		if(!crls)
+    if (crlfile) {
+        crls = load_crls(bio_err, crlfile, FORMAT_PEM, NULL, e, "other CRLs");
+        if (!crls)
            goto end;
    }

    ret = 0;
-	if (argc < 1)
-		{ 
+    if (argc < 1) {
        if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
            ret = -1;
-		}
-	else
-		{
-		for (i=0; i<argc; i++)
-			if (1 != check(cert_ctx,argv[i], untrusted, trusted, crls, e))
+    } else {
+        for (i = 0; i < argc; i++)
+            if (1 != check(cert_ctx, argv[i], untrusted, trusted, crls, e))
                ret = -1;
    }

-end:
+ end:
    if (ret == 1) {
-		BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
-		BIO_printf(bio_err," [-attime timestamp]");
+        BIO_printf(bio_err,
+                   "usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
+        BIO_printf(bio_err, " [-no_alt_chains] [-attime timestamp]");
 #ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err," [-engine e]");
+        BIO_printf(bio_err, " [-engine e]");
 #endif
-		BIO_printf(bio_err," cert1 cert2 ...\n");
+        BIO_printf(bio_err, " cert1 cert2 ...\n");

-		BIO_printf(bio_err,"recognized usages:\n");
-		for(i = 0; i < X509_PURPOSE_get_count(); i++)
-			{
+        BIO_printf(bio_err, "recognized usages:\n");
+        for (i = 0; i < X509_PURPOSE_get_count(); i++) {
            X509_PURPOSE *ptmp;
            ptmp = X509_PURPOSE_get0(i);
            BIO_printf(bio_err, "\t%-10s\t%s\n",
@ -254,69 +242,67 @@ end:
                       X509_PURPOSE_get0_name(ptmp));
        }
    }
-	if (vpm) X509_VERIFY_PARAM_free(vpm);
-	if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    if (cert_ctx != NULL)
+        X509_STORE_free(cert_ctx);
    sk_X509_pop_free(untrusted, X509_free);
    sk_X509_pop_free(trusted, X509_free);
    sk_X509_CRL_pop_free(crls, X509_CRL_free);
    apps_shutdown();
    OPENSSL_EXIT(ret < 0 ? 2 : ret);
-	}
+}

 static int check(X509_STORE *ctx, char *file,
                 STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
                 STACK_OF(X509_CRL) *crls, ENGINE *e)
-	{
-	X509 *x=NULL;
-	int i=0,ret=0;
+{
+    X509 *x = NULL;
+    int i = 0, ret = 0;
    X509_STORE_CTX *csc;

    x = load_cert(bio_err, file, FORMAT_PEM, NULL, e, "certificate file");
    if (x == NULL)
        goto end;
-	fprintf(stdout,"%s: ",(file == NULL)?"stdin":file);
+    fprintf(stdout, "%s: ", (file == NULL) ? "stdin" : file);

    csc = X509_STORE_CTX_new();
-	if (csc == NULL)
-		{
+    if (csc == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }
    X509_STORE_set_flags(ctx, vflags);
-	if(!X509_STORE_CTX_init(csc,ctx,x,uchain))
-		{
+    if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
        ERR_print_errors(bio_err);
        goto end;
    }
-	if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
+    if (tchain)
+        X509_STORE_CTX_trusted_stack(csc, tchain);
    if (crls)
        X509_STORE_CTX_set0_crls(csc, crls);
-	i=X509_verify_cert(csc);
+    i = X509_verify_cert(csc);
    X509_STORE_CTX_free(csc);

-	ret=0;
-end:
-	if (i > 0)
-		{
-		fprintf(stdout,"OK\n");
-		ret=1;
-		}
-	else
+    ret = 0;
+ end:
+    if (i > 0) {
+        fprintf(stdout, "OK\n");
+        ret = 1;
+    } else
        ERR_print_errors(bio_err);
-	if (x != NULL) X509_free(x);
+    if (x != NULL)
+        X509_free(x);

-	return(ret);
-	}
+    return (ret);
+}

 static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
-	{
+{
    int cert_error = X509_STORE_CTX_get_error(ctx);
    X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);

-	if (!ok)
-		{
-		if (current_cert)
-			{
+    if (!ok) {
+        if (current_cert) {
            X509_NAME_print_ex_fp(stdout,
                                  X509_get_subject_name(current_cert),
                                  0, XN_FLAG_ONELINE);
@ -327,15 +313,14 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
               cert_error,
               X509_STORE_CTX_get_error_depth(ctx),
               X509_verify_cert_error_string(cert_error));
-		switch(cert_error)
-			{
+        switch (cert_error) {
        case X509_V_ERR_NO_EXPLICIT_POLICY:
            policies_print(NULL, ctx);
        case X509_V_ERR_CERT_HAS_EXPIRED:

-			/* since we are just checking the certificates, it is
-			 * ok if they are self signed. But we should still warn
-			 * the user.
+            /*
+             * since we are just checking the certificates, it is ok if they
+             * are self signed. But we should still warn the user.
             */

        case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
@ -358,5 +343,5 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
        policies_print(NULL, ctx);
    if (!v_verbose)
        ERR_clear_error();
-	return(ok);
-	}
+    return (ok);
+}
--- a/apps/version.c
+++ b/apps/version.c
@ -138,80 +138,77 @@
 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
-	{
-	int i,ret=0;
-	int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
+{
+    int i, ret = 0;
+    int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;

    apps_startup();

    if (bio_err == NULL)
-		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);

-	if (argc == 1) version=1;
-	for (i=1; i<argc; i++)
-		{
-		if (strcmp(argv[i],"-v") == 0)
-			version=1;	
-		else if (strcmp(argv[i],"-b") == 0)
-			date=1;
-		else if (strcmp(argv[i],"-f") == 0)
-			cflags=1;
-		else if (strcmp(argv[i],"-o") == 0)
-			options=1;
-		else if (strcmp(argv[i],"-p") == 0)
-			platform=1;
-		else if (strcmp(argv[i],"-d") == 0)
-			dir=1;
-		else if (strcmp(argv[i],"-a") == 0)
-			date=version=cflags=options=platform=dir=1;
-		else
-			{
-			BIO_printf(bio_err,"usage:version -[avbofpd]\n");
-			ret=1;
+    if (argc == 1)
+        version = 1;
+    for (i = 1; i < argc; i++) {
+        if (strcmp(argv[i], "-v") == 0)
+            version = 1;
+        else if (strcmp(argv[i], "-b") == 0)
+            date = 1;
+        else if (strcmp(argv[i], "-f") == 0)
+            cflags = 1;
+        else if (strcmp(argv[i], "-o") == 0)
+            options = 1;
+        else if (strcmp(argv[i], "-p") == 0)
+            platform = 1;
+        else if (strcmp(argv[i], "-d") == 0)
+            dir = 1;
+        else if (strcmp(argv[i], "-a") == 0)
+            date = version = cflags = options = platform = dir = 1;
+        else {
+            BIO_printf(bio_err, "usage:version -[avbofpd]\n");
+            ret = 1;
            goto end;
        }
    }

-	if (version)
-		{
-		if (SSLeay() == SSLEAY_VERSION_NUMBER)
-			{
-			printf("%s\n",SSLeay_version(SSLEAY_VERSION));
-			}
-		else
-			{
+    if (version) {
+        if (SSLeay() == SSLEAY_VERSION_NUMBER) {
+            printf("%s\n", SSLeay_version(SSLEAY_VERSION));
+        } else {
            printf("%s (Library: %s)\n",
-				OPENSSL_VERSION_TEXT,
-				SSLeay_version(SSLEAY_VERSION));
+                   OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
        }
    }
-	if (date)    printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
-	if (platform) printf("%s\n",SSLeay_version(SSLEAY_PLATFORM));
-	if (options) 
-		{
+    if (date)
+        printf("%s\n", SSLeay_version(SSLEAY_BUILT_ON));
+    if (platform)
+        printf("%s\n", SSLeay_version(SSLEAY_PLATFORM));
+    if (options) {
        printf("options:  ");
-		printf("%s ",BN_options());
+        printf("%s ", BN_options());
 #ifndef OPENSSL_NO_MD2
-		printf("%s ",MD2_options());
+        printf("%s ", MD2_options());
 #endif
 #ifndef OPENSSL_NO_RC4
-		printf("%s ",RC4_options());
+        printf("%s ", RC4_options());
 #endif
 #ifndef OPENSSL_NO_DES
-		printf("%s ",DES_options());
+        printf("%s ", DES_options());
 #endif
 #ifndef OPENSSL_NO_IDEA
-		printf("%s ",idea_options());
+        printf("%s ", idea_options());
 #endif
 #ifndef OPENSSL_NO_BF
-		printf("%s ",BF_options());
+        printf("%s ", BF_options());
 #endif
        printf("\n");
    }
-	if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
-	if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
-end:
+    if (cflags)
+        printf("%s\n", SSLeay_version(SSLEAY_CFLAGS));
+    if (dir)
+        printf("%s\n", SSLeay_version(SSLEAY_DIR));
+ end:
    apps_shutdown();
    OPENSSL_EXIT(ret);
-	}
+}
--- a/apps/vms_decc_init.c
+++ b/apps/vms_decc_init.c
@ -5,7 +5,7 @@

 #ifdef USE_DECC_INIT

-/*
+/*-
 * 2010-04-26 SMS.
 *
 *----------------------------------------------------------------------
@ -18,10 +18,9 @@
 *----------------------------------------------------------------------
 */

-#include <stdio.h>
-#include <stdlib.h>
-#include <unixlib.h>
-
+# include <stdio.h>
+# include <stdlib.h>
+# include <unixlib.h>

 /* Global storage. */

@ -29,41 +28,38 @@

 int decc_init_done = -1;

-
 /* Structure to hold a DECC$* feature name and its desired value. */

-typedef struct
-{
+typedef struct {
    char *name;
    int value;
 } decc_feat_t;

-
-/* Array of DECC$* feature names and their desired values.
- * Note: DECC$ARGV_PARSE_STYLE is the urgent one.
+/*
+ * Array of DECC$* feature names and their desired values. Note:
+ * DECC$ARGV_PARSE_STYLE is the urgent one.
 */

-decc_feat_t decc_feat_array[] =
-{
+decc_feat_t decc_feat_array[] = {
    /* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
- { "DECC$ARGV_PARSE_STYLE", 1 },
+    {"DECC$ARGV_PARSE_STYLE", 1},

    /* Preserve case for file names on ODS5 disks. */
- { "DECC$EFS_CASE_PRESERVE", 1 },
+    {"DECC$EFS_CASE_PRESERVE", 1},

- /* Enable multiple dots (and most characters) in ODS5 file names,
-  * while preserving VMS-ness of ";version".
+    /*
+     * Enable multiple dots (and most characters) in ODS5 file names, while
+     * preserving VMS-ness of ";version".
     */
- { "DECC$EFS_CHARSET", 1 },
+    {"DECC$EFS_CHARSET", 1},

    /* List terminator. */
- { (char *)NULL, 0 }
+    {(char *)NULL, 0}
 };

-
 /* LIB$INITIALIZE initialization function. */

-static void decc_init( void)
+static void decc_init(void)
 {
    char *openssl_debug_decc_init;
    int verbose = 0;
@ -75,12 +71,10 @@ static void decc_init( void)
    int sts;

    /* Get debug option. */
-    openssl_debug_decc_init = getenv( "OPENSSL_DEBUG_DECC_INIT");
-    if (openssl_debug_decc_init != NULL)
-    {
-        verbose = strtol( openssl_debug_decc_init, NULL, 10);
-        if (verbose <= 0)
-        {
+    openssl_debug_decc_init = getenv("OPENSSL_DEBUG_DECC_INIT");
+    if (openssl_debug_decc_init != NULL) {
+        verbose = strtol(openssl_debug_decc_init, NULL, 10);
+        if (verbose <= 0) {
            verbose = 1;
        }
    }
@ -90,99 +84,89 @@ static void decc_init( void)

    /* Loop through all items in the decc_feat_array[]. */

-    for (i = 0; decc_feat_array[ i].name != NULL; i++)
-    {
+    for (i = 0; decc_feat_array[i].name != NULL; i++) {
        /* Get the feature index. */
-        feat_index = decc$feature_get_index( decc_feat_array[ i].name);
-        if (feat_index >= 0)
-        {
+        feat_index = decc$feature_get_index(decc_feat_array[i].name);
+        if (feat_index >= 0) {
            /* Valid item.  Collect its properties. */
-            feat_value = decc$feature_get_value( feat_index, 1);
-            feat_value_min = decc$feature_get_value( feat_index, 2);
-            feat_value_max = decc$feature_get_value( feat_index, 3);
+            feat_value = decc$feature_get_value(feat_index, 1);
+            feat_value_min = decc$feature_get_value(feat_index, 2);
+            feat_value_max = decc$feature_get_value(feat_index, 3);

            /* Check the validity of our desired value. */
-            if ((decc_feat_array[ i].value >= feat_value_min) &&
-             (decc_feat_array[ i].value <= feat_value_max))
-            {
+            if ((decc_feat_array[i].value >= feat_value_min) &&
+                (decc_feat_array[i].value <= feat_value_max)) {
                /* Valid value.  Set it if necessary. */
-                if (feat_value != decc_feat_array[ i].value)
-                {
-                    sts = decc$feature_set_value( feat_index,
-                     1,
-                     decc_feat_array[ i].value);
+                if (feat_value != decc_feat_array[i].value) {
+                    sts = decc$feature_set_value(feat_index,
+                                                 1, decc_feat_array[i].value);

-                     if (verbose > 1)
-                     {
-                         fprintf( stderr, " %s = %d, sts = %d.\n",
-                          decc_feat_array[ i].name,
-                          decc_feat_array[ i].value,
-                          sts);
+                    if (verbose > 1) {
+                        fprintf(stderr, " %s = %d, sts = %d.\n",
+                                decc_feat_array[i].name,
+                                decc_feat_array[i].value, sts);
                    }
                }
-            }
-            else
-            {
+            } else {
                /* Invalid DECC feature value. */
-                fprintf( stderr,
+                fprintf(stderr,
                        " INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
                        feat_value,
-                 feat_value_min, decc_feat_array[ i].name, feat_value_max);
+                        feat_value_min, decc_feat_array[i].name,
+                        feat_value_max);
            }
-        }
-        else
-        {
+        } else {
            /* Invalid DECC feature name. */
-            fprintf( stderr,
-             " UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[ i].name);
+            fprintf(stderr,
+                    " UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[i].name);
        }
    }

-    if (verbose > 0)
-    {
-        fprintf( stderr, " DECC_INIT complete.\n");
+    if (verbose > 0) {
+        fprintf(stderr, " DECC_INIT complete.\n");
    }
 }

 /* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */

-#pragma nostandard
+# pragma nostandard

-/* Establish the LIB$INITIALIZE PSECTs, with proper alignment and
- * other attributes.  Note that "nopic" is significant only on VAX.
+/*
+ * Establish the LIB$INITIALIZE PSECTs, with proper alignment and other
+ * attributes.  Note that "nopic" is significant only on VAX.
 */
-#pragma extern_model save
+# pragma extern_model save

-#if __INITIAL_POINTER_SIZE == 64
+# if __INITIAL_POINTER_SIZE == 64
 #  define PSECT_ALIGN 3
-#else
+# else
 #  define PSECT_ALIGN 2
-#endif
+# endif

-#pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
-const int spare[ 8] = { 0 };
+# pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
+const int spare[8] = { 0 };

-#pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
-void (*const x_decc_init)() = decc_init;
+# pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
+void (*const x_decc_init) () = decc_init;

-#pragma extern_model restore
+# pragma extern_model restore

 /* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */

-#pragma extern_model save
+# pragma extern_model save

-int LIB$INITIALIZE( void);
+int LIB$INITIALIZE(void);

-#pragma extern_model strict_refdef
-int dmy_lib$initialize = (int) LIB$INITIALIZE;
+# pragma extern_model strict_refdef
+int dmy_lib$initialize = (int)LIB$INITIALIZE;

-#pragma extern_model restore
+# pragma extern_model restore

-#pragma standard
+# pragma standard

 #else                           /* def USE_DECC_INIT */

 /* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
-int decc_init_dummy( void);
+int decc_init_dummy(void);

 #endif                          /* def USE_DECC_INIT */
--- a/apps/winrand.c
+++ b/apps/winrand.c
@ -53,7 +53,8 @@
 *
 */

-/* Usage: winrand [filename]
+/*-
+ * Usage: winrand [filename]
 *
 * Collects entropy from mouse movements and other events and writes
 * random data to filename or .rnd
@ -68,7 +69,7 @@ const char *filename;

 int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
                   PSTR cmdline, int iCmdShow)
-	{
+{
    static char appname[] = "OpenSSL";
    HWND hwnd;
    MSG msg;
@ -98,30 +99,28 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,

    hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
                        WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
-		CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
+                        CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance,
+                        NULL);

    ShowWindow(hwnd, iCmdShow);
    UpdateWindow(hwnd);

-
-	while (GetMessage(&msg, NULL, 0, 0))
-		{
+    while (GetMessage(&msg, NULL, 0, 0)) {
        TranslateMessage(&msg);
        DispatchMessage(&msg);
    }

    return msg.wParam;
-	}
+}

 LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
-	{
+{
    HDC hdc;
    PAINTSTRUCT ps;
    RECT rect;
    static int seeded = 0;

-	switch (iMsg)
-		{
+    switch (iMsg) {
    case WM_PAINT:
        hdc = BeginPaint(hwnd, &ps);
        GetClientRect(hwnd, &rect);
@ -135,8 +134,7 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
        return 0;
    }

-        if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
-                {
+    if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0) {
        seeded = 1;
        if (RAND_write_file(filename) <= 0)
            MessageBox(hwnd, "Couldn't write random file!",
@ -145,4 +143,4 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
    }

    return DefWindowProc(hwnd, iMsg, wParam, lParam);
-	}
+}
--- a/apps/x509.c
+++ b/apps/x509.c
--- a/appveyor.yml
+++ b/appveyor.yml
@ -0,0 +1,60 @@
+platform:
+    - x86
+    - x64
+
+environment:
+    matrix:
+        - VSVER: 9
+        - VSVER: 10
+        - VSVER: 11
+        - VSVER: 12
+        - VSVER: 14
+
+configuration:
+    - plain
+    - shared
+
+matrix:
+    allow_failures:
+        - platform: x64
+          VSVER: 9
+        - platform: x64
+          VSVER: 10
+        - platform: x64
+          VSVER: 11
+
+before_build:
+    - ps: >-
+        If ($env:Platform -Match "x86") {
+            $env:VCVARS_PLATFORM="x86"
+            $env:TARGET="VC-WIN32"
+            $env:DO="do_ms"
+        } Else {
+            $env:VCVARS_PLATFORM="amd64"
+            $env:TARGET="VC-WIN64A"
+            $env:DO="do_win64a"
+        }
+    - ps: >-
+        If ($env:Configuration -Like "*shared*") {
+            $env:MAK="ntdll.mak"
+        } Else {
+            $env:MAK="nt.mak"
+        }
+    - ps: $env:VSCOMNTOOLS=(Get-Content ("env:VS" + "$env:VSVER" + "0COMNTOOLS"))
+    - call "%VSCOMNTOOLS%\..\..\VC\vcvarsall.bat" %VCVARS_PLATFORM%
+    - perl Configure %TARGET% no-asm
+    - call ms\%DO%
+
+build_script:
+    - nmake /f ms\%MAK%
+
+test_script:
+    - nmake /f ms\%MAK% test
+
+notifications:
+    - provider: Email
+      to:
+          - openssl-commits@openssl.org
+      on_build_success: false
+      on_build_failure: true
+      on_build_status_changed: true
--- a/bugs/alpha.c
+++ b/bugs/alpha.c
@ -56,11 +56,13 @@
 * [including the GNU Public Licence.]
 */

-/* while not exactly a bug (ASN1 C leaves this undefined) it is
- * something to watch out for.  This was fine on linux/NT/Solaris but not
- * Alpha */
+/*
+ * while not exactly a bug (ASN1 C leaves this undefined) it is something to
+ * watch out for.  This was fine on linux/NT/Solaris but not Alpha
+ */

-/* it is basically an example of
+/*-
+ * it is basically an example of
 * func(*(a++),*(a++))
 * which parameter is evaluated first?  It is not defined in ASN1 C.
 */
@ -69,23 +71,22 @@

 #define TYPE    unsigned int

-void func(a,b)
+void func(a, b)
 TYPE *a;
 TYPE b;
-        {
-        printf("%ld -1 == %ld\n",a[0],b);
-        }
+{
+    printf("%ld -1 == %ld\n", a[0], b);
+}

 main()
-        {
-        TYPE data[5]={1L,2L,3L,4L,5L};
+{
+    TYPE data[5] = { 1L, 2L, 3L, 4L, 5L };
    TYPE *p;
    int i;

-        p=data;
+    p = data;

-        for (i=0; i<4; i++)
-                {
-                func(p,*(p++));
-                }
+    for (i = 0; i < 4; i++) {
+        func(p, *(p++));
    }
+}
--- a/bugs/dggccbug.c
+++ b/bugs/dggccbug.c
@ -4,17 +4,18 @@

 #include <stdio.h>

-/* There is a bug in
- * gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994)
- * as shipped with DGUX 5.4R3.10 that can be bypassed by defining
- * DG_GCC_BUG in my code.
- * The bug manifests itself by the vaule of a pointer that is
- * used only by reference, not having it's value change when it is used
- * to check for exiting the loop.  Probably caused by there being 2
- * copies of the valiable, one in a register and one being an address
- * that is passed. */
+/*
+ * There is a bug in gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14
+ * 1994) as shipped with DGUX 5.4R3.10 that can be bypassed by defining
+ * DG_GCC_BUG in my code. The bug manifests itself by the vaule of a pointer
+ * that is used only by reference, not having it's value change when it is
+ * used to check for exiting the loop.  Probably caused by there being 2
+ * copies of the valiable, one in a register and one being an address that is
+ * passed.
+ */

-/* compare the out put from
+/*-
+ * compare the out put from
 * gcc dggccbug.c; ./a.out
 * and
 * gcc -O dggccbug.c; ./a.out
@ -23,23 +24,22 @@

 void inc(a)
 int *a;
-	{
+{
    (*a)++;
-	}
+}

 main()
-	{
-	int p=0;
+{
+    int p = 0;
 #ifdef FIXBUG
    int dummy;
 #endif

-	while (p<3)
-		{
-		fprintf(stderr,"%08X\n",p);
+    while (p < 3) {
+        fprintf(stderr, "%08X\n", p);
        inc(&p);
 #ifdef FIXBUG
-		dummy+=p;
+        dummy += p;
 #endif
    }
-	}
+}
--- a/bugs/sgiccbug.c
+++ b/bugs/sgiccbug.c
@ -4,54 +4,57 @@

 #include <stdio.h>

-/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
- * the only versions of IRIX I have access to.
- * defining FIXBUG removes the bug.
- * (bug is still present in IRIX 6.3 according to
- * Gage <agage@forgetmenot.Mines.EDU>
+/*
+ * This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are the
+ * only versions of IRIX I have access to. defining FIXBUG removes the bug.
+ * (bug is still present in IRIX 6.3 according to Gage
+ * <agage@forgetmenot.Mines.EDU>
 */

-/* Compare the output from
+/*-
+ * Compare the output from
 * cc sgiccbug.c; ./a.out
 * and
 * cc -O sgiccbug.c; ./a.out
 */

-static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210};
-static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567};
-static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9};
+static unsigned long a[4] =
+    { 0x01234567, 0x89ABCDEF, 0xFEDCBA98, 0x76543210 };
+static unsigned long b[4] =
+    { 0x89ABCDEF, 0xFEDCBA98, 0x76543210, 0x01234567 };
+static unsigned long c[4] =
+    { 0x77777778, 0x8ACF1357, 0x88888888, 0x7530ECA9 };

 main()
-	{
+{
    unsigned long r[4];
-	sub(r,a,b);
-	fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]);
-	fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]);
-	fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]);
-	fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]);
-	}
+    sub(r, a, b);
+    fprintf(stderr, "input a= %08X %08X %08X %08X\n", a[3], a[2], a[1], a[0]);
+    fprintf(stderr, "input b= %08X %08X %08X %08X\n", b[3], b[2], b[1], b[0]);
+    fprintf(stderr, "output = %08X %08X %08X %08X\n", r[3], r[2], r[1], r[0]);
+    fprintf(stderr, "correct= %08X %08X %08X %08X\n", c[3], c[2], c[1], c[0]);
+}

-int sub(r,a,b)
-unsigned long *r,*a,*b;
-	{
-	register unsigned long t1,t2,*ap,*bp,*rp;
-	int i,carry;
+int sub(r, a, b)
+unsigned long *r, *a, *b;
+{
+    register unsigned long t1, t2, *ap, *bp, *rp;
+    int i, carry;
 #ifdef FIXBUG
    unsigned long dummy;
 #endif

-	ap=a;
-	bp=b;
-	rp=r;
-	carry=0;
-	for (i=0; i<4; i++)
-		{
-		t1= *(ap++);
-		t2= *(bp++);
-		t1=(t1-t2);
+    ap = a;
+    bp = b;
+    rp = r;
+    carry = 0;
+    for (i = 0; i < 4; i++) {
+        t1 = *(ap++);
+        t2 = *(bp++);
+        t1 = (t1 - t2);
 #ifdef FIXBUG
-		dummy=t1;
+        dummy = t1;
 #endif
-		*(rp++)=t1&0xffffffff;
-		}
+        *(rp++) = t1 & 0xffffffff;
    }
+}
--- a/bugs/stream.c
+++ b/bugs/stream.c
@ -59,73 +59,74 @@
 #include <stdio.h>
 #include <openssl/rc4.h>
 #ifdef OPENSSL_NO_DES
-#include <des.h>
+# include <des.h>
 #else
-#include <openssl/des.h>
+# include <openssl/des.h>
 #endif

-/* show how stream ciphers are not very good.  The mac has no affect
- * on RC4 while it does for cfb DES
+/*
+ * show how stream ciphers are not very good.  The mac has no affect on RC4
+ * while it does for cfb DES
 */

 main()
-	{
-	fprintf(stderr,"rc4\n");
+{
+    fprintf(stderr, "rc4\n");
    rc4();
-	fprintf(stderr,"cfb des\n");
+    fprintf(stderr, "cfb des\n");
    des();
-	}
+}

 int des()
-	{
+{
    des_key_schedule ks;
-	des_cblock iv,key;
+    des_cblock iv, key;
    int num;
-	static char *keystr="01234567";
-	static char *in1="0123456789ABCEDFdata 12345";
-	static char *in2="9876543210abcdefdata 12345";
+    static char *keystr = "01234567";
+    static char *in1 = "0123456789ABCEDFdata 12345";
+    static char *in2 = "9876543210abcdefdata 12345";
    unsigned char out[100];
    int i;

-	des_set_key((des_cblock *)keystr,ks);
+    des_set_key((des_cblock *)keystr, ks);

-	num=0;
-	memset(iv,0,8);
-	des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1);
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
+    num = 0;
+    memset(iv, 0, 8);
+    des_cfb64_encrypt(in1, out, 26, ks, (des_cblock *)iv, &num, 1);
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");

-	num=0;
-	memset(iv,0,8);
-	des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1);
-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-	}
+    num = 0;
+    memset(iv, 0, 8);
+    des_cfb64_encrypt(in2, out, 26, ks, (des_cblock *)iv, &num, 1);
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+}

 int rc4()
-	{
-	static char *keystr="0123456789abcdef";
+{
+    static char *keystr = "0123456789abcdef";
    RC4_KEY key;
-	unsigned char in[100],out[100];
+    unsigned char in[100], out[100];
    int i;

-	RC4_set_key(&key,16,keystr);
-	in[0]='\0';
-	strcpy(in,"0123456789ABCEDFdata 12345");
-	RC4(key,26,in,out);
+    RC4_set_key(&key, 16, keystr);
+    in[0] = '\0';
+    strcpy(in, "0123456789ABCEDFdata 12345");
+    RC4(key, 26, in, out);

-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");

-	RC4_set_key(&key,16,keystr);
-	in[0]='\0';
-	strcpy(in,"9876543210abcdefdata 12345");
-	RC4(key,26,in,out);
+    RC4_set_key(&key, 16, keystr);
+    in[0] = '\0';
+    strcpy(in, "9876543210abcdefdata 12345");
+    RC4(key, 26, in, out);

-	for (i=0; i<26; i++)
-		fprintf(stderr,"%02X ",out[i]);
-	fprintf(stderr,"\n");
-	}
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+}
--- a/bugs/ultrixcc.c
+++ b/bugs/ultrixcc.c
@ -1,6 +1,7 @@
 #include <stdio.h>

-/* This is a cc optimiser bug for ultrix 4.3, mips CPU.
+/*-
+ * This is a cc optimiser bug for ultrix 4.3, mips CPU.
 * What happens is that the compiler, due to the (a)&7,
 * does
 * i=a&7;
@ -12,16 +13,15 @@
 */

 main()
-	{
+{
    f(5);
    f(0);
-	}
+}

 int f(a)
 int a;
-	{
-	switch(a&7)
-		{
+{
+    switch (a & 7) {
    case 7:
        printf("7\n");
    case 6:
@ -41,5 +41,4 @@ int a;
        ;
 #endif
    }
-	}	
-
+}
--- a/crypto/.cvsignore
+++ b/crypto/.cvsignore
@ -1,8 +0,0 @@
-lib
-buildinf.h
-opensslconf.h
-Makefile.save
-*.flc
-semantic.cache
-*cpuid.s
-uplink-cof.s
--- a/crypto/LPdir_nyi.c
+++ b/crypto/LPdir_nyi.c
@ -1,4 +1,6 @@
-/* $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $ */
+/*
+ * $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $
+ */
 /*
 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
 * All rights reserved.
@ -26,17 +28,20 @@
 */

 #ifndef LPDIR_H
-#include "LPdir.h"
+# include "LPdir.h"
 #endif

-struct LP_dir_context_st { void *dummy; };
+struct LP_dir_context_st {
+    void *dummy;
+};
 const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
-	{
+{
    errno = EINVAL;
    return 0;
-	}
+}
+
 int LP_find_file_end(LP_DIR_CTX **ctx)
-	{
+{
    errno = EINVAL;
    return 0;
-	}
+}
--- a/crypto/LPdir_unix.c
+++ b/crypto/LPdir_unix.c
@ -1,4 +1,7 @@
-/* $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp $ */
+/*
+ * $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
+ * $
+ */
 /*
 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
 * All rights reserved.
@ -33,59 +36,57 @@
 #include <dirent.h>
 #include <errno.h>
 #ifndef LPDIR_H
-#include "LPdir.h"
+# include "LPdir.h"
 #endif

-/* The POSIXly macro for the maximum number of characters in a file path
-   is NAME_MAX.  However, some operating systems use PATH_MAX instead.
-   Therefore, it seems natural to first check for PATH_MAX and use that,
-   and if it doesn't exist, use NAME_MAX. */
+/*
+ * The POSIXly macro for the maximum number of characters in a file path is
+ * NAME_MAX.  However, some operating systems use PATH_MAX instead.
+ * Therefore, it seems natural to first check for PATH_MAX and use that, and
+ * if it doesn't exist, use NAME_MAX.
+ */
 #if defined(PATH_MAX)
 # define LP_ENTRY_SIZE PATH_MAX
 #elif defined(NAME_MAX)
 # define LP_ENTRY_SIZE NAME_MAX
 #endif

-/* Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
-   exist.  It's also possible that NAME_MAX exists but is define to a
-   very small value (HP-UX offers 14), so we need to check if we got a
-   result, and if it meets a minimum standard, and create or change it
-   if not. */
+/*
+ * Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
+ * exist.  It's also possible that NAME_MAX exists but is define to a very
+ * small value (HP-UX offers 14), so we need to check if we got a result, and
+ * if it meets a minimum standard, and create or change it if not.
+ */
 #if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
 # undef LP_ENTRY_SIZE
 # define LP_ENTRY_SIZE 255
 #endif

-struct LP_dir_context_st
-{
+struct LP_dir_context_st {
    DIR *dir;
-  char entry_name[LP_ENTRY_SIZE+1];
+    char entry_name[LP_ENTRY_SIZE + 1];
 };

 const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
 {
    struct dirent *direntry = NULL;

-  if (ctx == NULL || directory == NULL)
-    {
+    if (ctx == NULL || directory == NULL) {
        errno = EINVAL;
        return 0;
    }

    errno = 0;
-  if (*ctx == NULL)
-    {
+    if (*ctx == NULL) {
        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-      if (*ctx == NULL)
-	{
+        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
        memset(*ctx, '\0', sizeof(LP_DIR_CTX));

        (*ctx)->dir = opendir(directory);
-      if ((*ctx)->dir == NULL)
-	{
+        if ((*ctx)->dir == NULL) {
            int save_errno = errno; /* Probably not needed, but I'm paranoid */
            free(*ctx);
            *ctx = NULL;
@ -95,25 +96,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
    }

    direntry = readdir((*ctx)->dir);
-  if (direntry == NULL)
-    {
+    if (direntry == NULL) {
        return 0;
    }

-  strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
+    strncpy((*ctx)->entry_name, direntry->d_name,
+            sizeof((*ctx)->entry_name) - 1);
    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
    return (*ctx)->entry_name;
 }

 int LP_find_file_end(LP_DIR_CTX **ctx)
 {
-  if (ctx != NULL && *ctx != NULL)
-    {
+    if (ctx != NULL && *ctx != NULL) {
        int ret = closedir((*ctx)->dir);

        free(*ctx);
-      switch (ret)
-	{
+        switch (ret) {
        case 0:
            return 1;
        case -1:
--- a/crypto/LPdir_vms.c
+++ b/crypto/LPdir_vms.c
@ -37,7 +37,7 @@
 #include <str$routines.h>
 #include <stsdef.h>
 #ifndef LPDIR_H
-#include "LPdir.h"
+# include "LPdir.h"
 #endif
 #include "vms_rms.h"

@ -46,11 +46,10 @@
 # define EVMSERR        65535   /* error for non-translatable VMS errors */
 #endif

-struct LP_dir_context_st
-{
+struct LP_dir_context_st {
    unsigned long VMS_context;
-  char filespec[ NAMX_MAXRSS+ 1];
-  char result[ NAMX_MAXRSS+ 1];
+    char filespec[NAMX_MAXRSS + 1];
+    char result[NAMX_MAXRSS + 1];
    struct dsc$descriptor_d filespec_dsc;
    struct dsc$descriptor_d result_dsc;
 };
@ -68,65 +67,59 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
 # pragma pointer_size 32
    char *ctx_filespec_32p;
 # pragma pointer_size restore
-        char ctx_filespec_32[ NAMX_MAXRSS+ 1];
+    char ctx_filespec_32[NAMX_MAXRSS + 1];
 #endif                          /* __INITIAL_POINTER_SIZE == 64 */

 #ifdef NAML$C_MAXRSS
    flags |= LIB$M_FIL_LONG_NAMES;
 #endif

-  if (ctx == NULL || directory == NULL)
-    {
+    if (ctx == NULL || directory == NULL) {
        errno = EINVAL;
        return 0;
    }

    errno = 0;
-  if (*ctx == NULL)
-    {
+    if (*ctx == NULL) {
        size_t filespeclen = strlen(directory);
        char *filespec = NULL;

-      if (filespeclen == 0)
-	{
+        if (filespeclen == 0) {
            errno = ENOENT;
            return 0;
        }

        /* MUST be a VMS directory specification!  Let's estimate if it is. */
-      if (directory[filespeclen-1] != ']'
-	  && directory[filespeclen-1] != '>'
-	  && directory[filespeclen-1] != ':')
-	{
+        if (directory[filespeclen - 1] != ']'
+            && directory[filespeclen - 1] != '>'
+            && directory[filespeclen - 1] != ':') {
            errno = EINVAL;
            return 0;
        }

        filespeclen += 4;       /* "*.*;" */

-      if (filespeclen > NAMX_MAXRSS)
-	{
+        if (filespeclen > NAMX_MAXRSS) {
            errno = ENAMETOOLONG;
            return 0;
        }

        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-      if (*ctx == NULL)
-	{
+        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
        memset(*ctx, '\0', sizeof(LP_DIR_CTX));

-      strcpy((*ctx)->filespec,directory);
-      strcat((*ctx)->filespec,"*.*;");
+        strcpy((*ctx)->filespec, directory);
+        strcat((*ctx)->filespec, "*.*;");

 /* Arrange 32-bit pointer to (copied) string storage, if needed. */
 #if __INITIAL_POINTER_SIZE == 64
 # define CTX_FILESPEC ctx_filespec_32p
        /* Copy the file name to storage with a 32-bit pointer. */
        ctx_filespec_32p = ctx_filespec_32;
-        strcpy( ctx_filespec_32p, (*ctx)->filespec);
+        strcpy(ctx_filespec_32p, (*ctx)->filespec);
 #else                           /* __INITIAL_POINTER_SIZE == 64 */
 # define CTX_FILESPEC (*ctx)->filespec
 #endif                          /* __INITIAL_POINTER_SIZE == 64 [else] */
@ -145,38 +138,32 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
    status = lib$find_file(&(*ctx)->filespec_dsc, &(*ctx)->result_dsc,
                           &(*ctx)->VMS_context, 0, 0, 0, &flags);

-  if (status == RMS$_NMF)
-    {
+    if (status == RMS$_NMF) {
        errno = 0;
        vaxc$errno = status;
        return NULL;
    }

-  if(!$VMS_STATUS_SUCCESS(status))
-    {
+    if (!$VMS_STATUS_SUCCESS(status)) {
        errno = EVMSERR;
        vaxc$errno = status;
        return NULL;
    }

-  /* Quick, cheap and dirty way to discard any device and directory,
-     since we only want file names */
+    /*
+     * Quick, cheap and dirty way to discard any device and directory, since
+     * we only want file names
+     */
    l = (*ctx)->result_dsc.dsc$w_length;
    p = (*ctx)->result_dsc.dsc$a_pointer;
    r = p;
-  for (; *p; p++)
-    {
-      if (*p == '^' && p[1] != '\0') /* Take care of ODS-5 escapes */
-	{
+    for (; *p; p++) {
+        if (*p == '^' && p[1] != '\0') { /* Take care of ODS-5 escapes */
            p++;
-	}
-      else if (*p == ':' || *p == '>' || *p == ']')
-	{
+        } else if (*p == ':' || *p == '>' || *p == ']') {
            l -= p + 1 - r;
            r = p + 1;
-	}
-      else if (*p == ';')
-	{
+        } else if (*p == ';') {
            l = p - r;
            break;
        }
@ -191,14 +178,12 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)

 int LP_find_file_end(LP_DIR_CTX **ctx)
 {
-  if (ctx != NULL && *ctx != NULL)
-    {
+    if (ctx != NULL && *ctx != NULL) {
        int status = lib$find_file_end(&(*ctx)->VMS_context);

        free(*ctx);

-      if(!$VMS_STATUS_SUCCESS(status))
-	{
+        if (!$VMS_STATUS_SUCCESS(status)) {
            errno = EVMSERR;
            vaxc$errno = status;
            return 0;
@ -208,4 +193,3 @@ int LP_find_file_end(LP_DIR_CTX **ctx)
    errno = EINVAL;
    return 0;
 }
-
--- a/crypto/LPdir_win.c
+++ b/crypto/LPdir_win.c
@ -26,13 +26,14 @@
 #include <windows.h>
 #include <tchar.h>
 #ifndef LPDIR_H
-#include "LPdir.h"
+# include "LPdir.h"
 #endif

-/* We're most likely overcautious here, but let's reserve for
-    broken WinCE headers and explicitly opt for UNICODE call.
-    Keep in mind that our WinCE builds are compiled with -DUNICODE
-    [as well as -D_UNICODE]. */
+/*
+ * We're most likely overcautious here, but let's reserve for broken WinCE
+ * headers and explicitly opt for UNICODE call. Keep in mind that our WinCE
+ * builds are compiled with -DUNICODE [as well as -D_UNICODE].
+ */
 #if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
 # define FindFirstFile FindFirstFileW
 #endif
@ -41,82 +42,72 @@
 #endif

 #ifndef NAME_MAX
-#define NAME_MAX 255
+# define NAME_MAX 255
 #endif

-struct LP_dir_context_st
-{
+struct LP_dir_context_st {
    WIN32_FIND_DATA ctx;
    HANDLE handle;
-  char entry_name[NAME_MAX+1];
+    char entry_name[NAME_MAX + 1];
 };

 const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
 {
-  if (ctx == NULL || directory == NULL)
-    {
+    if (ctx == NULL || directory == NULL) {
        errno = EINVAL;
        return 0;
    }

    errno = 0;
-  if (*ctx == NULL)
-    {
+    if (*ctx == NULL) {
        const char *extdir = directory;
        char *extdirbuf = NULL;
-      size_t dirlen = strlen (directory);
+        size_t dirlen = strlen(directory);

-      if (dirlen == 0)
-	{
+        if (dirlen == 0) {
            errno = ENOENT;
            return 0;
        }

        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-      if (*ctx == NULL)
-	{
+        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
        memset(*ctx, '\0', sizeof(LP_DIR_CTX));

-      if (directory[dirlen-1] != '*')
-	{
+        if (directory[dirlen - 1] != '*') {
            extdirbuf = (char *)malloc(dirlen + 3);
-	  if (extdirbuf == NULL)
-	    {
+            if (extdirbuf == NULL) {
                free(*ctx);
                *ctx = NULL;
                errno = ENOMEM;
                return 0;
            }
-	  if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\')
-	    extdir = strcat(strcpy (extdirbuf,directory),"/*");
+            if (directory[dirlen - 1] != '/' && directory[dirlen - 1] != '\\')
+                extdir = strcat(strcpy(extdirbuf, directory), "/*");
            else
-	    extdir = strcat(strcpy (extdirbuf,directory),"*");
+                extdir = strcat(strcpy(extdirbuf, directory), "*");
        }

-      if (sizeof(TCHAR) != sizeof(char))
-	{
+        if (sizeof(TCHAR) != sizeof(char)) {
            TCHAR *wdir = NULL;
            /* len_0 denotes string length *with* trailing 0 */
-	  size_t index = 0,len_0 = strlen(extdir) + 1;
+            size_t index = 0, len_0 = strlen(extdir) + 1;

            wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
-	  if (wdir == NULL)
-	    {
-	      if (extdirbuf != NULL)
-		{
-		  free (extdirbuf);
+            if (wdir == NULL) {
+                if (extdirbuf != NULL) {
+                    free(extdirbuf);
                }
                free(*ctx);
                *ctx = NULL;
                errno = ENOMEM;
                return 0;
            }
-
 #ifdef LP_MULTIBYTE_AVAILABLE
-	  if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
+            if (!MultiByteToWideChar
+                (CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
 #endif
                for (index = 0; index < len_0; index++)
                    wdir[index] = (TCHAR)extdir[index];
@ -124,59 +115,51 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
            (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);

            free(wdir);
-	}
-      else
-	{
+        } else {
            (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx);
        }
-      if (extdirbuf != NULL)
-	{
-	  free (extdirbuf);
+        if (extdirbuf != NULL) {
+            free(extdirbuf);
        }

-      if ((*ctx)->handle == INVALID_HANDLE_VALUE)
-	{
+        if ((*ctx)->handle == INVALID_HANDLE_VALUE) {
            free(*ctx);
            *ctx = NULL;
            errno = EINVAL;
            return 0;
        }
-    }
-  else
-    {
-      if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE)
-	{
+    } else {
+        if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE) {
            return 0;
        }
    }
-  if (sizeof(TCHAR) != sizeof(char))
-    {
+    if (sizeof(TCHAR) != sizeof(char)) {
        TCHAR *wdir = (*ctx)->ctx.cFileName;
        size_t index, len_0 = 0;

-      while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1)) len_0++;
+        while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1))
+            len_0++;
        len_0++;

 #ifdef LP_MULTIBYTE_AVAILABLE
-      if (!WideCharToMultiByte(CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
+        if (!WideCharToMultiByte
+            (CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
             sizeof((*ctx)->entry_name), NULL, 0))
 #endif
            for (index = 0; index < len_0; index++)
                (*ctx)->entry_name[index] = (char)wdir[index];
-    }
-  else
+    } else
        strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
-	    sizeof((*ctx)->entry_name)-1);
+                sizeof((*ctx)->entry_name) - 1);

-  (*ctx)->entry_name[sizeof((*ctx)->entry_name)-1] = '\0';
+    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';

    return (*ctx)->entry_name;
 }

 int LP_find_file_end(LP_DIR_CTX **ctx)
 {
-  if (ctx != NULL && *ctx != NULL)
-    {
+    if (ctx != NULL && *ctx != NULL) {
        FindClose((*ctx)->handle);
        free(*ctx);
        *ctx = NULL;
--- a/crypto/LPdir_win32.c
+++ b/crypto/LPdir_win32.c
@ -1,4 +1,7 @@
-/* $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/*
+ * $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
 /*
 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
 * All rights reserved.
--- a/crypto/LPdir_wince.c
+++ b/crypto/LPdir_wince.c
@ -1,4 +1,7 @@
-/* $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp $ */
+/*
+ * $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
 /*
 * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
 * All rights reserved.
@ -26,6 +29,8 @@
 */

 #define LP_SYS_WINCE
-/* We might want to define LP_MULTIBYTE_AVAILABLE here.  It's currently
-   under investigation what the exact conditions would be */
+/*
+ * We might want to define LP_MULTIBYTE_AVAILABLE here.  It's currently under
+ * investigation what the exact conditions would be
+ */
 #include "LPdir_win.c"
--- a/crypto/Makefile
+++ b/crypto/Makefile
@ -55,7 +55,7 @@ top:
 all: shared

 buildinf.h: ../Makefile
-	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CFLAGS)" "$(PLATFORM)" >buildinf.h
+	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h

 x86cpuid.s:	x86cpuid.pl perlasm/x86asm.pl
 	$(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
@ -125,12 +125,17 @@ install:
 lint:
 	@target=lint; $(RECURSIVE_MAKE)

-depend:
+update: local_depend
+	@[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) )
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+depend: local_depend
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
 	@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
 	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
 	@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
-	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
-	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi

 clean:
 	rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
--- a/crypto/aes/.cvsignore
+++ b/crypto/aes/.cvsignore
@ -1,5 +0,0 @@
-lib
-Makefile.save
-*.flc
-semantic.cache
-aes-*.s
--- a/crypto/aes/Makefile
+++ b/crypto/aes/Makefile
@ -106,6 +106,8 @@ tests:
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff

+update: depend
+
 depend:
 	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
 	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@ -1,4 +1,4 @@
-/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
+/* crypto/aes/aes.h */
 /* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
@ -50,23 +50,25 @@
 */

 #ifndef HEADER_AES_H
-#define HEADER_AES_H
+# define HEADER_AES_H

-#include <openssl/opensslconf.h>
+# include <openssl/opensslconf.h>

-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
+# ifdef OPENSSL_NO_AES
+#  error AES is disabled.
+# endif

-#include <stddef.h>
+# include <stddef.h>

-#define AES_ENCRYPT	1
-#define AES_DECRYPT	0
+# define AES_ENCRYPT     1
+# define AES_DECRYPT     0

-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-#define AES_MAXNR 14
-#define AES_BLOCK_SIZE 16
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+# define AES_MAXNR 14
+# define AES_BLOCK_SIZE 16

 #ifdef  __cplusplus
 extern "C" {
@ -74,11 +76,11 @@ extern "C" {

 /* This should be a hidden type, but EVP requires that the size be known */
 struct aes_key_st {
-#ifdef AES_LONG
-    unsigned long rd_key[4 *(AES_MAXNR + 1)];
-#else
-    unsigned int rd_key[4 *(AES_MAXNR + 1)];
-#endif
+# ifdef AES_LONG
+    unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+    unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
    int rounds;
 };
 typedef struct aes_key_st AES_KEY;
--- a/crypto/aes/aes_cbc.c
+++ b/crypto/aes/aes_cbc.c
@ -1,4 +1,4 @@
-/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* crypto/aes/aes_cbc.c */
 /* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
@ -54,10 +54,13 @@

 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                     size_t len, const AES_KEY *key,
-		     unsigned char *ivec, const int enc) {
+                     unsigned char *ivec, const int enc)
+{

    if (enc)
-		CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt);
+        CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+                              (block128_f) AES_encrypt);
    else
-		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt);
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+                              (block128_f) AES_decrypt);
 }
--- a/crypto/aes/aes_cfb.c
+++ b/crypto/aes/aes_cfb.c
@ -1,4 +1,4 @@
-/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* crypto/aes/aes_cfb.c */
 /* ====================================================================
 * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
 *
@ -52,30 +52,34 @@
 #include <openssl/aes.h>
 #include <openssl/modes.h>

-/* The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
 */

 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
                        size_t length, const AES_KEY *key,
-	unsigned char *ivec, int *num, const int enc) {
+                        unsigned char *ivec, int *num, const int enc)
+{

-	CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
+    CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+                          (block128_f) AES_encrypt);
 }

 /* N.B. This expects the input to be packed, MS bit first */
 void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
                      size_t length, const AES_KEY *key,
                      unsigned char *ivec, int *num, const int enc)
-    {
-    CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
-    }
+{
+    CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) AES_encrypt);
+}

 void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
                      size_t length, const AES_KEY *key,
                      unsigned char *ivec, int *num, const int enc)
-    {
-    CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
-    }
-
+{
+    CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) AES_encrypt);
+}
--- a/Show More
+++ b/Show More