polish whitespace for portable files

audit-bsm.c

@@ -129,7 +129,7 @@ static AuditInfoTermID ssh_bsm_tid;
  * getaudit_addr() is only present on IPv6 capable machines.
  */
 #if defined(HAVE_AUG_GET_MACHINE) || !defined(HAVE_GETAUDIT_ADDR)
-extern int 	aug_get_machine(char *, u_int32_t *, u_int32_t *);
+extern int aug_get_machine(char *, u_int32_t *, u_int32_t *);
 #else
 static int
 aug_get_machine(char *host, u_int32_t *addr, u_int32_t *type)
@@ -183,41 +183,41 @@ getacna(char *auditstring, int len)
 	scf_value_t *value = NULL;
 	int ret = 0;
 
+	/*
+	 * The man page for getacna on Solaris 10 states we should return -2
+	 * in case of error and set errno to indicate the error. We don't
+	 * bother with errno here, though, since the only use of this function
+	 * below doesn't check for errors anyway.
+	*/
 	handle = scf_handle_create(SCF_VERSION);
 	if (handle == NULL) 
-	        return -2; /* The man page for getacna on Solaris 10 states
+		return -2;
-			      we should return -2 in case of error and set
-			      errno to indicate the error. We don't bother
-			      with errno here, though, since the only use
-			      of this function below doesn't check for errors
-			      anyway. 
-			   */
 
 	ret = scf_handle_bind(handle);
 	if (ret == -1) 
-	        return -2;
+		return -2;
 
 	property = scf_property_create(handle);
 	if (property == NULL) 
-	        return -2;
+		return -2;
 
 	ret = scf_handle_decode_fmri(handle, 
-	     "svc:/system/auditd:default/:properties/preselection/naflags",
+	    "svc:/system/auditd:default/:properties/preselection/naflags",
-				     NULL, NULL, NULL, NULL, property, 0);
+	    NULL, NULL, NULL, NULL, property, 0);
 	if (ret == -1) 
-	        return -2;
+		return -2;
 
 	value = scf_value_create(handle);
 	if (value == NULL) 
-	        return -2;
+		return -2;
 
 	ret = scf_property_get_value(property, value);
 	if (ret == -1) 
-	        return -2;
+		return -2;
 
 	ret = scf_value_get_astring(value, auditstring, len);
 	if (ret == -1) 
-	        return -2;
+		return -2;
 
 	scf_value_destroy(value);
 	scf_property_destroy(property);
@@ -280,9 +280,10 @@ bsm_audit_record(int typ, char *string, au_event_t event_no)
 	(void) au_write(ad, AUToReturnFunc(typ, rc));
 
 #ifdef BROKEN_BSM_API
-	/* The last argument is the event modifier flags. For
+	/*
-	   some seemingly undocumented reason it was added in
+	 * The last argument is the event modifier flags. For some seemingly
-	   Solaris 11. */
+	 * undocumented reason it was added in Solaris 11.
+	 */
 	rc = au_close(ad, AU_TO_WRITE, event_no, 0);
 #else
 	rc = au_close(ad, AU_TO_WRITE, event_no);

auth-krb5.c

@@ -163,17 +163,18 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
 		goto out;
 	}
 
-	problem = ssh_krb5_cc_gen(authctxt->krb5_ctx, &authctxt->krb5_fwd_ccache);
+	problem = ssh_krb5_cc_gen(authctxt->krb5_ctx,
+	    &authctxt->krb5_fwd_ccache);
 	if (problem)
 		goto out;
 
-	problem = krb5_cc_initialize(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache,
+	problem = krb5_cc_initialize(authctxt->krb5_ctx,
-				     authctxt->krb5_user);
+	    authctxt->krb5_fwd_ccache, authctxt->krb5_user);
 	if (problem)
 		goto out;
 
-	problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache,
+	problem = krb5_cc_store_cred(authctxt->krb5_ctx,
-				 &creds);
+	    authctxt->krb5_fwd_ccache, &creds);
 	if (problem)
 		goto out;
 #endif
@@ -202,7 +203,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
 		if (authctxt->krb5_ctx != NULL && problem!=-1) {
 			errmsg = krb5_get_error_message(authctxt->krb5_ctx,
 			    problem);
- 			debug("Kerberos password authentication failed: %s",
+			debug("Kerberos password authentication failed: %s",
 			    errmsg);
 			krb5_free_error_message(authctxt->krb5_ctx, errmsg);
 		} else

auth-pam.c

@@ -727,9 +727,9 @@ sshpam_init(struct ssh *ssh, Authctxt *authctxt)
 		 */
 		sshpam_rhost = xstrdup(auth_get_canonical_hostname(ssh,
 		    options.use_dns));
-	        sshpam_laddr = get_local_ipaddr(
+		sshpam_laddr = get_local_ipaddr(
 		    ssh_packet_get_connection_in(ssh));
-	        xasprintf(&sshpam_conninfo, "SSH_CONNECTION=%.50s %d %.50s %d",
+		xasprintf(&sshpam_conninfo, "SSH_CONNECTION=%.50s %d %.50s %d",
 		    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh),
 		    sshpam_laddr, ssh_local_port(ssh));
 	}

channels.c

@@ -1921,7 +1921,7 @@ channel_handle_rfd(struct ssh *ssh, Channel *c,
 	    ((errno == EAGAIN || errno == EWOULDBLOCK) && !force)))
 		return 1;
 #ifndef PTY_ZEROREAD
- 	if (len <= 0) {
+	if (len <= 0) {
 #else
 	if ((!c->isatty && len <= 0) ||
 	    (c->isatty && (len < 0 || (len == 0 && errno != 0)))) {

cipher.c

@@ -494,7 +494,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, size_t len)
 #endif
 	if (cipher_authlen(c)) {
 		if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN,
-		   len, iv))
+		    len, iv))
 			return SSH_ERR_LIBCRYPTO_ERROR;
 	} else if (!EVP_CIPHER_CTX_get_iv(cc->evp, iv, len))
 		return SSH_ERR_LIBCRYPTO_ERROR;

clientloop.c

@@ -571,7 +571,7 @@ client_wait_until_can_do_something(struct ssh *ssh,
 			fatal_fr(r, "sshbuf_putf");
 		quit_pending = 1;
 	} else if (options.server_alive_interval > 0 && !FD_ISSET(connection_in,
-	     *readsetp) && monotime() >= server_alive_time)
+	    *readsetp) && monotime() >= server_alive_time)
 		/*
 		 * ServerAlive check is needed. We can't rely on the select
 		 * timing out since traffic on the client side such as port

contrib/gnome-ssh-askpass1.c

@@ -137,9 +137,10 @@ passphrase_dialog(char *message)
 	gnome_dialog_close(GNOME_DIALOG(dialog));
 	return (result == 0 ? 0 : -1);
 
-	/* At least one grab failed - ungrab what we got, and report
+	/*
-	   the failure to the user.  Note that XGrabServer() cannot
+	 * At least one grab failed - ungrab what we got, and report the
-	   fail.  */
+	 * failure to the user. Note that XGrabServer() cannot fail.
+	 */
  nograbkb:
 	gdk_pointer_ungrab(GDK_CURRENT_TIME);
  nograb:

contrib/gnome-ssh-askpass2.c

@@ -68,11 +68,9 @@ report_failed_grab (GtkWidget *parent_window, const char *what)
 	GtkWidget *err;
 
 	err = gtk_message_dialog_new(GTK_WINDOW(parent_window), 0,
-				     GTK_MESSAGE_ERROR,
+	    GTK_MESSAGE_ERROR, GTK_BUTTONS_CLOSE,
-				     GTK_BUTTONS_CLOSE,
+	    "Could not grab %s. A malicious client may be eavesdropping "
-				     "Could not grab %s. "
+	    "on your session.", what);
-				     "A malicious client may be eavesdropping "
-				     "on your session.", what);
 	gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
 
 	gtk_dialog_run(GTK_DIALOG(err));
@@ -225,7 +223,7 @@ passphrase_dialog(char *message, int prompt_type)
 			 */
 			gtk_widget_realize(entry);
 			g_signal_connect(G_OBJECT(entry), "key_press_event",
-			                 G_CALLBACK(check_none), dialog);
+			    G_CALLBACK(check_none), dialog);
 		}
 	}
 

loginrec.h

@@ -94,7 +94,7 @@ struct logininfo *login_alloc_entry(pid_t pid, const char *username,
 void login_free_entry(struct logininfo *li);
 /* fill out a pre-allocated structure with useful information */
 int login_init_entry(struct logininfo *li, pid_t pid, const char *username,
-		     const char *hostname, const char *line);
+    const char *hostname, const char *line);
 /* place the current time in a logininfo struct */
 void login_set_current_time(struct logininfo *li);
 

logintest.c

@@ -62,21 +62,21 @@ dump_logininfo(struct logininfo *li, char *descname)
 {
 	/* yes I know how nasty this is */
 	printf("struct logininfo %s = {\n\t"
-	       "progname\t'%s'\n\ttype\t\t%d\n\t"
+	    "progname\t'%s'\n\ttype\t\t%d\n\t"
-	       "pid\t\t%d\n\tuid\t\t%d\n\t"
+	    "pid\t\t%d\n\tuid\t\t%d\n\t"
-	       "line\t\t'%s'\n\tusername\t'%s'\n\t"
+	    "line\t\t'%s'\n\tusername\t'%s'\n\t"
-	       "hostname\t'%s'\n\texit\t\t%d\n\ttermination\t%d\n\t"
+	    "hostname\t'%s'\n\texit\t\t%d\n\ttermination\t%d\n\t"
-	       "tv_sec\t%d\n\ttv_usec\t%d\n\t"
+	    "tv_sec\t%d\n\ttv_usec\t%d\n\t"
-	       "struct login_netinfo hostaddr {\n\t\t"
+	    "struct login_netinfo hostaddr {\n\t\t"
-	       "struct sockaddr sa {\n"
+	    "struct sockaddr sa {\n"
-	       "\t\t\tfamily\t%d\n\t\t}\n"
+	    "\t\t\tfamily\t%d\n\t\t}\n"
-	       "\t}\n"
+	    "\t}\n"
-	       "}\n",
+	    "}\n",
-	       descname, li->progname, li->type,
+	    descname, li->progname, li->type,
-	       li->pid, li->uid, li->line,
+	    li->pid, li->uid, li->line,
-	       li->username, li->hostname, li->exit,
+	    li->username, li->hostname, li->exit,
-	       li->termination, li->tv_sec, li->tv_usec,
+	    li->termination, li->tv_sec, li->tv_usec,
-	       li->hostaddr.sa.sa_family);
+	    li->hostaddr.sa.sa_family);
 }
 
 
@@ -118,7 +118,7 @@ testAPI()
 		/* NOTE: this is messy, but typically a program wouldn't have to set
 		 *  any of this, a sockaddr_in* would be already prepared */
 		memcpy((void *)&(sa_in4.sin_addr), (void *)&(he->h_addr_list[0][0]),
-		       sizeof(struct in_addr));
+		    sizeof(struct in_addr));
 		login_set_addr(li1, (struct sockaddr *) &sa_in4, sizeof(sa_in4));
 		strlcpy(li1->hostname, "localhost", sizeof(li1->hostname));
 	}
@@ -145,8 +145,8 @@ testAPI()
 	t1 = login_get_lastlog_time(getuid());
 	strlcpy(s_t1, ctime(&t1), sizeof(s_t1));
 	printf("Before logging in:\n\tcurrent time is %d - %s\t"
-	       "lastlog time is %d - %s\n",
+	    "lastlog time is %d - %s\n",
-	       (int)t0, s_t0, (int)t1, s_t1);
+	    (int)t0, s_t0, (int)t1, s_t1);
 #endif
 
 	printf("Performing a login on line %s ", stripline);
@@ -172,10 +172,10 @@ testAPI()
 	printf("at %d - %s", (int)logouttime, s_logouttime);
 #endif
 	printf("\nThe root login shown above should be gone.\n"
-	       "If the root login hasn't gone, but another user on the same\n"
+	    "If the root login hasn't gone, but another user on the same\n"
-	       "pty has, this is OK - we're hacking it here, and there\n"
+	    "pty has, this is OK - we're hacking it here, and there\n"
-	       "shouldn't be two users on one pty in reality...\n"
+	    "shouldn't be two users on one pty in reality...\n"
-	       "-- ('who' output follows)\n");
+	    "-- ('who' output follows)\n");
 	login_logout(li1);
 
 	system(cmdstring);
@@ -187,24 +187,24 @@ testAPI()
 	printf("After logging in, lastlog time is %d - %s\n", (int)t2, s_t2);
 	if (t1 == t2)
 		printf("The lastlog times before and after logging in are the "
-		       "same.\nThis indicates that lastlog is ** NOT WORKING "
+		    "same.\nThis indicates that lastlog is ** NOT WORKING "
-		       "CORRECTLY **\n");
+		    "CORRECTLY **\n");
 	else if (t0 != t2)
 		/* We can be off by a second or so, even when recording works fine.
 		 * I'm not 100% sure why, but it's true. */
 		printf("** The login time and the lastlog time differ.\n"
-		       "** This indicates that lastlog is either recording the "
+		    "** This indicates that lastlog is either recording the "
-		       "wrong time,\n** or retrieving the wrong entry.\n"
+		    "wrong time,\n** or retrieving the wrong entry.\n"
-		       "If it's off by less than %d second(s) "
+		    "If it's off by less than %d second(s) "
-		       "run the test again.\n", PAUSE_BEFORE_LOGOUT);
+		    "run the test again.\n", PAUSE_BEFORE_LOGOUT);
 	else
 		printf("lastlog agrees with the login time. This is a good thing.\n");
 
 #endif
 
 	printf("--\nThe output of 'last' shown next should have "
-	       "an entry for root \n  on %s for the time shown above:\n--\n",
+	    "an entry for root \n  on %s for the time shown above:\n--\n",
-	       stripline);
+	    stripline);
 	snprintf(cmdstring, sizeof(cmdstring), "last | grep '%s ' | head -3",
 		 stripline);
 	system(cmdstring);

openbsd-compat/base64.c

@@ -211,7 +211,7 @@ b64_pton(char const *src, u_char *target, size_t targsize)
 			break;
 
 		pos = strchr(Base64, ch);
-		if (pos == 0) 		/* A non-base64 character. */
+		if (pos == 0)		/* A non-base64 character. */
 			return (-1);
 
 		switch (state) {

openbsd-compat/bsd-poll.h

@@ -32,7 +32,7 @@
 #define	_COMPAT_POLL_H_
 
 typedef struct pollfd {
-	int 	fd;
+	int	fd;
 	short	events;
 	short	revents;
 } pollfd_t;

openbsd-compat/bsd-snprintf.c

@@ -135,13 +135,13 @@
 #define DP_S_DONE    7
 
 /* format flags - Bits */
-#define DP_F_MINUS 	(1 << 0)
+#define DP_F_MINUS	(1 << 0)
-#define DP_F_PLUS  	(1 << 1)
+#define DP_F_PLUS	(1 << 1)
-#define DP_F_SPACE 	(1 << 2)
+#define DP_F_SPACE	(1 << 2)
-#define DP_F_NUM   	(1 << 3)
+#define DP_F_NUM	(1 << 3)
-#define DP_F_ZERO  	(1 << 4)
+#define DP_F_ZERO	(1 << 4)
-#define DP_F_UP    	(1 << 5)
+#define DP_F_UP		(1 << 5)
-#define DP_F_UNSIGNED 	(1 << 6)
+#define DP_F_UNSIGNED	(1 << 6)
 
 /* Conversion Flags */
 #define DP_C_SHORT   1
@@ -592,7 +592,7 @@ fmtint(char *buffer, size_t *currlen, size_t maxlen,
 
 #ifdef DEBUG_SNPRINTF
 	printf("zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
-	       zpadlen, spadlen, min, max, place);
+	    zpadlen, spadlen, min, max, place);
 #endif
 
 	/* Spaces */

openbsd-compat/bsd-waitpid.h

@@ -40,7 +40,7 @@
 #define WEXITSTATUS(w)	(int)(WIFEXITED(w) ? ((_W_INT(w) >> 8) & 0377) : -1)
 #define WTERMSIG(w)	(int)(WIFSIGNALED(w) ? (_W_INT(w) & 0177) : -1)
 #define WCOREFLAG	0x80
-#define WCOREDUMP(w) 	((_W_INT(w)) & WCOREFLAG)
+#define WCOREDUMP(w)	((_W_INT(w)) & WCOREFLAG)
 
 /* Prototype */
 pid_t waitpid(int, int *, int);

openbsd-compat/getopt_long.c

@@ -87,7 +87,7 @@ char    *optarg;		/* argument associated with option */
 /* return values */
 #define	BADCH		(int)'?'
 #define	BADARG		((*options == ':') ? (int)':' : (int)'?')
-#define	INORDER 	(int)1
+#define	INORDER		(int)1
 
 #define	EMSG		""
 

openbsd-compat/libressl-api-compat.c

@@ -284,7 +284,7 @@ RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
 	if ((r->dmp1 == NULL && dmp1 == NULL) ||
 	    (r->dmq1 == NULL && dmq1 == NULL) ||
 	    (r->iqmp == NULL && iqmp == NULL))
-	       	return 0;
+		return 0;
 
 	if (dmp1 != NULL) {
 		BN_free(r->dmp1);

openbsd-compat/port-net.c

@@ -68,7 +68,7 @@ sys_set_rdomain(int fd, const char *name)
 	if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE,
 	    name, strlen(name)) == -1) {
 		error("%s: setsockopt(%d, SO_BINDTODEVICE, %s): %s",
-		      __func__, fd, name, strerror(errno));
+		    __func__, fd, name, strerror(errno));
 		return -1;
 	}
 	return 0;

openbsd-compat/port-uw.c

@@ -143,7 +143,7 @@ get_iaf_password(struct passwd *pw)
 		if (pw_password == NULL)
 			fatal("ia_get_logpwd: Unable to get the shadow passwd");
 		ia_closeinfo(uinfo);
-	 	return pw_password;
+		return pw_password;
 	}
 	else
 		fatal("ia_openinfo: Unable to open the shadow passwd file");

openbsd-compat/sha2.c

@@ -159,7 +159,7 @@
  *   same "backwards" definition.
  */
 /* Shift-right (used in SHA-224, SHA-256, SHA-384, and SHA-512): */
-#define R(b,x) 		((x) >> (b))
+#define R(b,x)		((x) >> (b))
 /* 32-bit Rotate-right (used in SHA-224 and SHA-256): */
 #define S32(b,x)	(((x) >> (b)) | ((x) << (32 - (b))))
 /* 64-bit Rotate-right (used in SHA-384 and SHA-512): */

openbsd-compat/strtonum.c

@@ -26,9 +26,9 @@
 #include <limits.h>
 #include <errno.h>
 
-#define INVALID 	1
+#define INVALID		1
-#define TOOSMALL 	2
+#define TOOSMALL	2
-#define TOOLARGE 	3
+#define TOOLARGE	3
 
 long long
 strtonum(const char *numstr, long long minval, long long maxval,

sandbox-seccomp-filter.c

@@ -384,7 +384,7 @@ ssh_sandbox_child_debugging(void)
 		fatal("%s: sigaction(SIGSYS): %s", __func__, strerror(errno));
 	if (sigprocmask(SIG_UNBLOCK, &mask, NULL) == -1)
 		fatal("%s: sigprocmask(SIGSYS): %s",
-		      __func__, strerror(errno));
+		    __func__, strerror(errno));
 }
 #endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
 
@@ -413,13 +413,13 @@ ssh_sandbox_child(struct ssh_sandbox *box)
 	debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__);
 	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) {
 		debug("%s: prctl(PR_SET_NO_NEW_PRIVS): %s",
-		      __func__, strerror(errno));
+		    __func__, strerror(errno));
 		nnp_failed = 1;
 	}
 	debug3("%s: attaching seccomp filter program", __func__);
 	if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1)
 		debug("%s: prctl(PR_SET_SECCOMP): %s",
-		      __func__, strerror(errno));
+		    __func__, strerror(errno));
 	else if (nnp_failed)
 		fatal("%s: SECCOMP_MODE_FILTER activated but "
 		    "PR_SET_NO_NEW_PRIVS failed", __func__);

sftp.c

@@ -2213,7 +2213,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
 			if ((line = el_gets(el, &count)) == NULL ||
 			    count <= 0) {
 				printf("\n");
- 				break;
+				break;
 			}
 			history(hl, &hev, H_ENTER, line);
 			if (strlcpy(cmd, line, sizeof(cmd)) >= sizeof(cmd)) {

ssh.c

@@ -1553,7 +1553,7 @@ main(int ac, char **av)
 	if (ssh_connect(ssh, host, host_arg, addrs, &hostaddr, options.port,
 	    options.connection_attempts,
 	    &timeout_ms, options.tcp_keep_alive) != 0)
- 		exit(255);
+		exit(255);
 
 	if (addrs != NULL)
 		freeaddrinfo(addrs);

sshkey.c

@@ -4385,14 +4385,14 @@ sshkey_private_to_blob_pem_pkcs8(struct sshkey *key, struct sshbuf *buf,
 		return SSH_ERR_PASSPHRASE_TOO_SHORT;
 	if ((blob = sshbuf_new()) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
- 	if ((bio = BIO_new(BIO_s_mem())) == NULL) {
+	if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 		r = SSH_ERR_ALLOC_FAIL;
 		goto out;
 	}
 	if (format == SSHKEY_PRIVATE_PKCS8 && (pkey = EVP_PKEY_new()) == NULL) {
 		r = SSH_ERR_ALLOC_FAIL;
 		goto out;
- 	}
+	}
 	if ((r = sshkey_unshield_private(key)) != 0)
 		goto out;
 

uidswap.c

@@ -42,7 +42,7 @@
    is not part of the posix specification. */
 #define SAVED_IDS_WORK_WITH_SETEUID
 /* Saved effective uid. */
-static uid_t 	saved_euid = 0;
+static uid_t	saved_euid = 0;
 static gid_t	saved_egid = 0;
 #endif