From 3779c39bff8e2ae1adcc6f1324eb388d0bd49a15 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 14 Apr 2014 16:07:22 +0000
Subject: First pass at applying KNF to the OpenSSL code, which almost makes it
 readable. This pass is whitespace only and can readily be verified using tr
 and md5.

---
 src/lib/libssl/s3_lib.c | 5293 +++++++++++++++++++++++------------------------
 1 file changed, 2605 insertions(+), 2688 deletions(-)

(limited to 'src/lib/libssl/s3_lib.c')

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index fd1e7b80d8..926071fffa 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -164,496 +164,496 @@
 
 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
 
-#define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+#define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers) / sizeof(SSL_CIPHER))
 
 /* list of available SSLv3 ciphers (sorted by id) */
-OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
 
 /* The RSA ciphers */
 /* Cipher 01 */
 	{
-	1,
-	SSL3_TXT_RSA_NULL_MD5,
-	SSL3_CK_RSA_NULL_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eNULL,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		SSL3_TXT_RSA_NULL_MD5,
+		SSL3_CK_RSA_NULL_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eNULL,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_STRONG_NONE,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 /* Cipher 02 */
 	{
-	1,
-	SSL3_TXT_RSA_NULL_SHA,
-	SSL3_CK_RSA_NULL_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		SSL3_TXT_RSA_NULL_SHA,
+		SSL3_CK_RSA_NULL_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 /* Cipher 03 */
 	{
-	1,
-	SSL3_TXT_RSA_RC4_40_MD5,
-	SSL3_CK_RSA_RC4_40_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_RSA_RC4_40_MD5,
+		SSL3_CK_RSA_RC4_40_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 04 */
 	{
-	1,
-	SSL3_TXT_RSA_RC4_128_MD5,
-	SSL3_CK_RSA_RC4_128_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_RSA_RC4_128_MD5,
+		SSL3_CK_RSA_RC4_128_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 05 */
 	{
-	1,
-	SSL3_TXT_RSA_RC4_128_SHA,
-	SSL3_CK_RSA_RC4_128_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_RSA_RC4_128_SHA,
+		SSL3_CK_RSA_RC4_128_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 06 */
 	{
-	1,
-	SSL3_TXT_RSA_RC2_40_MD5,
-	SSL3_CK_RSA_RC2_40_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC2,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_RSA_RC2_40_MD5,
+		SSL3_CK_RSA_RC2_40_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC2,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
 	{
-	1,
-	SSL3_TXT_RSA_IDEA_128_SHA,
-	SSL3_CK_RSA_IDEA_128_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_IDEA,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_RSA_IDEA_128_SHA,
+		SSL3_CK_RSA_IDEA_128_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_IDEA,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 #endif
 
 /* Cipher 08 */
 	{
-	1,
-	SSL3_TXT_RSA_DES_40_CBC_SHA,
-	SSL3_CK_RSA_DES_40_CBC_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		1,
+		SSL3_TXT_RSA_DES_40_CBC_SHA,
+		SSL3_CK_RSA_DES_40_CBC_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 09 */
 	{
-	1,
-	SSL3_TXT_RSA_DES_64_CBC_SHA,
-	SSL3_CK_RSA_DES_64_CBC_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_RSA_DES_64_CBC_SHA,
+		SSL3_CK_RSA_DES_64_CBC_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 0A */
 	{
-	1,
-	SSL3_TXT_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_RSA_DES_192_CBC3_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_RSA_DES_192_CBC3_SHA,
+		SSL3_CK_RSA_DES_192_CBC3_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* The DH ciphers */
 /* Cipher 0B */
 	{
-	0,
-	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
-	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		0,
+		SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+		SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 0C */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
-	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		0, /* not implemented (non-ephemeral DH) */
+		SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+		SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 0D */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		0, /* not implemented (non-ephemeral DH) */
+		SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+		SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Cipher 0E */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
-	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		0, /* not implemented (non-ephemeral DH) */
+		SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+		SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 0F */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
-	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		0, /* not implemented (non-ephemeral DH) */
+		SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+		SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 10 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		0, /* not implemented (non-ephemeral DH) */
+		SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+		SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* The Ephemeral DH ciphers */
 /* Cipher 11 */
 	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
-	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		1,
+		SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+		SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 12 */
 	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+		SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 13 */
 	{
-	1,
-	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+		SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Cipher 14 */
 	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
-	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		1,
+		SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+		SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 15 */
 	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+		SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 16 */
 	{
-	1,
-	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+		SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Cipher 17 */
 	{
-	1,
-	SSL3_TXT_ADH_RC4_40_MD5,
-	SSL3_CK_ADH_RC4_40_MD5,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_ADH_RC4_40_MD5,
+		SSL3_CK_ADH_RC4_40_MD5,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 18 */
 	{
-	1,
-	SSL3_TXT_ADH_RC4_128_MD5,
-	SSL3_CK_ADH_RC4_128_MD5,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_ADH_RC4_128_MD5,
+		SSL3_CK_ADH_RC4_128_MD5,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 19 */
 	{
-	1,
-	SSL3_TXT_ADH_DES_40_CBC_SHA,
-	SSL3_CK_ADH_DES_40_CBC_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_ADH_DES_40_CBC_SHA,
+		SSL3_CK_ADH_DES_40_CBC_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 1A */
 	{
-	1,
-	SSL3_TXT_ADH_DES_64_CBC_SHA,
-	SSL3_CK_ADH_DES_64_CBC_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_ADH_DES_64_CBC_SHA,
+		SSL3_CK_ADH_DES_64_CBC_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 1B */
 	{
-	1,
-	SSL3_TXT_ADH_DES_192_CBC_SHA,
-	SSL3_CK_ADH_DES_192_CBC_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_ADH_DES_192_CBC_SHA,
+		SSL3_CK_ADH_DES_192_CBC_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Fortezza ciphersuite from SSL 3.0 spec */
 #if 0
 /* Cipher 1C */
 	{
-	0,
-	SSL3_TXT_FZA_DMS_NULL_SHA,
-	SSL3_CK_FZA_DMS_NULL_SHA,
-	SSL_kFZA,
-	SSL_aFZA,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		0,
+		SSL3_TXT_FZA_DMS_NULL_SHA,
+		SSL3_CK_FZA_DMS_NULL_SHA,
+		SSL_kFZA,
+		SSL_aFZA,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_STRONG_NONE,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 /* Cipher 1D */
 	{
-	0,
-	SSL3_TXT_FZA_DMS_FZA_SHA,
-	SSL3_CK_FZA_DMS_FZA_SHA,
-	SSL_kFZA,
-	SSL_aFZA,
-	SSL_eFZA,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		0,
+		SSL3_TXT_FZA_DMS_FZA_SHA,
+		SSL3_CK_FZA_DMS_FZA_SHA,
+		SSL_kFZA,
+		SSL_aFZA,
+		SSL_eFZA,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_STRONG_NONE,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 /* Cipher 1E */
 	{
-	0,
-	SSL3_TXT_FZA_DMS_RC4_SHA,
-	SSL3_CK_FZA_DMS_RC4_SHA,
-	SSL_kFZA,
-	SSL_aFZA,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0,
+		SSL3_TXT_FZA_DMS_RC4_SHA,
+		SSL3_CK_FZA_DMS_RC4_SHA,
+		SSL_kFZA,
+		SSL_aFZA,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 #endif
 
@@ -661,511 +661,511 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 /* The Kerberos ciphers*/
 /* Cipher 1E */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_64_CBC_SHA,
-	SSL3_CK_KRB5_DES_64_CBC_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_KRB5_DES_64_CBC_SHA,
+		SSL3_CK_KRB5_DES_64_CBC_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 1F */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
-	SSL3_CK_KRB5_DES_192_CBC3_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_KRB5_DES_192_CBC3_SHA,
+		SSL3_CK_KRB5_DES_192_CBC3_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Cipher 20 */
 	{
-	1,
-	SSL3_TXT_KRB5_RC4_128_SHA,
-	SSL3_CK_KRB5_RC4_128_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC4_128_SHA,
+		SSL3_CK_KRB5_RC4_128_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 21 */
 	{
-	1,
-	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
-	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_IDEA,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
+		SSL3_CK_KRB5_IDEA_128_CBC_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_IDEA,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 22 */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_64_CBC_MD5,
-	SSL3_CK_KRB5_DES_64_CBC_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_DES,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		SSL3_TXT_KRB5_DES_64_CBC_MD5,
+		SSL3_CK_KRB5_DES_64_CBC_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_DES,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_LOW,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 /* Cipher 23 */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
-	SSL3_CK_KRB5_DES_192_CBC3_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_3DES,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		SSL3_TXT_KRB5_DES_192_CBC3_MD5,
+		SSL3_CK_KRB5_DES_192_CBC3_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_3DES,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 /* Cipher 24 */
 	{
-	1,
-	SSL3_TXT_KRB5_RC4_128_MD5,
-	SSL3_CK_KRB5_RC4_128_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC4_128_MD5,
+		SSL3_CK_KRB5_RC4_128_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 25 */
 	{
-	1,
-	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
-	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_IDEA,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
+		SSL3_CK_KRB5_IDEA_128_CBC_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_IDEA,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 26 */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_40_CBC_SHA,
-	SSL3_CK_KRB5_DES_40_CBC_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		1,
+		SSL3_TXT_KRB5_DES_40_CBC_SHA,
+		SSL3_CK_KRB5_DES_40_CBC_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 27 */
 	{
-	1,
-	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
-	SSL3_CK_KRB5_RC2_40_CBC_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC2,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC2_40_CBC_SHA,
+		SSL3_CK_KRB5_RC2_40_CBC_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC2,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 28 */
 	{
-	1,
-	SSL3_TXT_KRB5_RC4_40_SHA,
-	SSL3_CK_KRB5_RC4_40_SHA,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC4_40_SHA,
+		SSL3_CK_KRB5_RC4_40_SHA,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 29 */
 	{
-	1,
-	SSL3_TXT_KRB5_DES_40_CBC_MD5,
-	SSL3_CK_KRB5_DES_40_CBC_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_DES,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	56,
+		1,
+		SSL3_TXT_KRB5_DES_40_CBC_MD5,
+		SSL3_CK_KRB5_DES_40_CBC_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_DES,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		56,
 	},
 
 /* Cipher 2A */
 	{
-	1,
-	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
-	SSL3_CK_KRB5_RC2_40_CBC_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC2,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC2_40_CBC_MD5,
+		SSL3_CK_KRB5_RC2_40_CBC_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC2,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 
 /* Cipher 2B */
 	{
-	1,
-	SSL3_TXT_KRB5_RC4_40_MD5,
-	SSL3_CK_KRB5_RC4_40_MD5,
-	SSL_kKRB5,
-	SSL_aKRB5,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	40,
-	128,
+		1,
+		SSL3_TXT_KRB5_RC4_40_MD5,
+		SSL3_CK_KRB5_RC4_40_MD5,
+		SSL_kKRB5,
+		SSL_aKRB5,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_SSLV3,
+		SSL_EXPORT|SSL_EXP40,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		40,
+		128,
 	},
 #endif	/* OPENSSL_NO_KRB5 */
 
 /* New AES ciphersuites */
 /* Cipher 2F */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_128_SHA,
-	TLS1_CK_RSA_WITH_AES_128_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_RSA_WITH_AES_128_SHA,
+		TLS1_CK_RSA_WITH_AES_128_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 /* Cipher 30 */
 	{
-	0,
-	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0,
+		TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+		TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 /* Cipher 31 */
 	{
-	0,
-	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0,
+		TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+		TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 /* Cipher 32 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+		TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 /* Cipher 33 */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+		TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 /* Cipher 34 */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_128_SHA,
-	TLS1_CK_ADH_WITH_AES_128_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ADH_WITH_AES_128_SHA,
+		TLS1_CK_ADH_WITH_AES_128_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 /* Cipher 35 */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_256_SHA,
-	TLS1_CK_RSA_WITH_AES_256_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_RSA_WITH_AES_256_SHA,
+		TLS1_CK_RSA_WITH_AES_256_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 /* Cipher 36 */
 	{
-	0,
-	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0,
+		TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+		TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 /* Cipher 37 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+		TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 /* Cipher 38 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+		TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 /* Cipher 39 */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+		TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 3A */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_256_SHA,
-	TLS1_CK_ADH_WITH_AES_256_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ADH_WITH_AES_256_SHA,
+		TLS1_CK_ADH_WITH_AES_256_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 3B */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_NULL_SHA256,
-	TLS1_CK_RSA_WITH_NULL_SHA256,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eNULL,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_RSA_WITH_NULL_SHA256,
+		TLS1_CK_RSA_WITH_NULL_SHA256,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eNULL,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher 3C */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_128_SHA256,
-	TLS1_CK_RSA_WITH_AES_128_SHA256,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_RSA_WITH_AES_128_SHA256,
+		TLS1_CK_RSA_WITH_AES_128_SHA256,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 3D */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_256_SHA256,
-	TLS1_CK_RSA_WITH_AES_256_SHA256,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_RSA_WITH_AES_256_SHA256,
+		TLS1_CK_RSA_WITH_AES_256_SHA256,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 3E */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
-	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+		TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 3F */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
-	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+		TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 40 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
-	TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+		TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -1173,98 +1173,98 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 41 */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 42 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 43 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 44 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 45 */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 46 */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
-	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_CAMELLIA128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_CAMELLIA128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
@@ -1273,288 +1273,288 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 #if 0
 	/* Cipher 60 */
 	{
-	1,
-	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_MD5,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	128,
+		1,
+		TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+		TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_MD5,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		128,
 	},
 
 	/* Cipher 61 */
 	{
-	1,
-	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC2,
-	SSL_MD5,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	128,
+		1,
+		TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+		TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC2,
+		SSL_MD5,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		128,
 	},
 #endif
 
 	/* Cipher 62 */
 	{
-	1,
-	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+		TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 	/* Cipher 63 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	56,
+		1,
+		TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+		TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		56,
 	},
 
 	/* Cipher 64 */
 	{
-	1,
-	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	128,
+		1,
+		TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+		TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		128,
 	},
 
 	/* Cipher 65 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_EXPORT|SSL_EXP56,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	56,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+		TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_EXPORT|SSL_EXP56,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		56,
+		128,
 	},
 
 	/* Cipher 66 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
-	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+		TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 #endif
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 67 */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-	TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+		TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 68 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
-	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+		TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 69 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
-	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+		TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 6A */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
-	TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+		TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 6B */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-	TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+		TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 6C */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_128_SHA256,
-	TLS1_CK_ADH_WITH_AES_128_SHA256,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ADH_WITH_AES_128_SHA256,
+		TLS1_CK_ADH_WITH_AES_128_SHA256,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 6D */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_256_SHA256,
-	TLS1_CK_ADH_WITH_AES_256_SHA256,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES256,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ADH_WITH_AES_256_SHA256,
+		TLS1_CK_ADH_WITH_AES_256_SHA256,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES256,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* GOST Ciphersuites */
 
 	{
-	1,
-	"GOST94-GOST89-GOST89",
-	0x3000080,
-	SSL_kGOST,
-	SSL_aGOST94,
-	SSL_eGOST2814789CNT,
-	SSL_GOST89MAC,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-	256,
-	256
-	},
-	{
-	1,
-	"GOST2001-GOST89-GOST89",
-	0x3000081,
-	SSL_kGOST,
-	SSL_aGOST01,
-	SSL_eGOST2814789CNT,
-	SSL_GOST89MAC,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-	256,
-	256
-	},
-	{
-	1,
-	"GOST94-NULL-GOST94",
-	0x3000082,
-	SSL_kGOST,
-	SSL_aGOST94,
-	SSL_eNULL,
-	SSL_GOST94,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-	0,
-	0
-	},
-	{
-	1,
-	"GOST2001-NULL-GOST94",
-	0x3000083,
-	SSL_kGOST,
-	SSL_aGOST01,
-	SSL_eNULL,
-	SSL_GOST94,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
-	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-	0,
-	0
+		1,
+		"GOST94-GOST89-GOST89",
+		0x3000080,
+		SSL_kGOST,
+		SSL_aGOST94,
+		SSL_eGOST2814789CNT,
+		SSL_GOST89MAC,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
+		256,
+		256
+	},
+	{
+		1,
+		"GOST2001-GOST89-GOST89",
+		0x3000081,
+		SSL_kGOST,
+		SSL_aGOST01,
+		SSL_eGOST2814789CNT,
+		SSL_GOST89MAC,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
+		256,
+		256
+	},
+	{
+		1,
+		"GOST94-NULL-GOST94",
+		0x3000082,
+		SSL_kGOST,
+		SSL_aGOST94,
+		SSL_eNULL,
+		SSL_GOST94,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE,
+		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		0,
+		0
+	},
+	{
+		1,
+		"GOST2001-NULL-GOST94",
+		0x3000083,
+		SSL_kGOST,
+		SSL_aGOST01,
+		SSL_eNULL,
+		SSL_GOST94,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE,
+		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		0,
+		0
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -1562,163 +1562,163 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 84 */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 	/* Cipher 85 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 86 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 87 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 88 */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher 89 */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
-	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_CAMELLIA256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_CAMELLIA256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
 #ifndef OPENSSL_NO_PSK
 	/* Cipher 8A */
 	{
-	1,
-	TLS1_TXT_PSK_WITH_RC4_128_SHA,
-	TLS1_CK_PSK_WITH_RC4_128_SHA,
-	SSL_kPSK,
-	SSL_aPSK,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_PSK_WITH_RC4_128_SHA,
+		TLS1_CK_PSK_WITH_RC4_128_SHA,
+		SSL_kPSK,
+		SSL_aPSK,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 8B */
 	{
-	1,
-	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
-	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
-	SSL_kPSK,
-	SSL_aPSK,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+		TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+		SSL_kPSK,
+		SSL_aPSK,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher 8C */
 	{
-	1,
-	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
-	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
-	SSL_kPSK,
-	SSL_aPSK,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+		TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+		SSL_kPSK,
+		SSL_aPSK,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 8D */
 	{
-	1,
-	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
-	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
-	SSL_kPSK,
-	SSL_aPSK,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+		TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+		SSL_kPSK,
+		SSL_aPSK,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 #endif  /* OPENSSL_NO_PSK */
 
@@ -1727,98 +1727,98 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 96 */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_SEED_SHA,
-	TLS1_CK_RSA_WITH_SEED_SHA,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_RSA_WITH_SEED_SHA,
+		TLS1_CK_RSA_WITH_SEED_SHA,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 97 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
-	TLS1_CK_DH_DSS_WITH_SEED_SHA,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+		TLS1_CK_DH_DSS_WITH_SEED_SHA,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 98 */
 	{
-	0, /* not implemented (non-ephemeral DH) */
-	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
-	TLS1_CK_DH_RSA_WITH_SEED_SHA,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		0, /* not implemented (non-ephemeral DH) */
+		TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+		TLS1_CK_DH_RSA_WITH_SEED_SHA,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 99 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
-	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+		TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 9A */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
-	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+		TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher 9B */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_SEED_SHA,
-	TLS1_CK_ADH_WITH_SEED_SHA,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_SEED,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ADH_WITH_SEED_SHA,
+		TLS1_CK_ADH_WITH_SEED_SHA,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_SEED,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 #endif /* OPENSSL_NO_SEED */
@@ -1827,741 +1827,741 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher 9C */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher 9D */
 	{
-	1,
-	TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher 9E */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher 9F */
 	{
-	1,
-	TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-	SSL_kEDH,
-	SSL_aRSA,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		SSL_kEDH,
+		SSL_aRSA,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher A0 */
 	{
-	0,
-	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		0,
+		TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher A1 */
 	{
-	0,
-	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
-	SSL_kDHr,
-	SSL_aDH,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		0,
+		TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+		SSL_kDHr,
+		SSL_aDH,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher A2 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher A3 */
 	{
-	1,
-	TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
-	SSL_kEDH,
-	SSL_aDSS,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		SSL_kEDH,
+		SSL_aDSS,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher A4 */
 	{
-	0,
-	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		0,
+		TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher A5 */
 	{
-	0,
-	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
-	SSL_kDHd,
-	SSL_aDH,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		0,
+		TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+		SSL_kDHd,
+		SSL_aDH,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher A6 */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher A7 */
 	{
-	1,
-	TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
-	SSL_kEDH,
-	SSL_aNULL,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+		SSL_kEDH,
+		SSL_aNULL,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 #ifndef OPENSSL_NO_ECDH
 	/* Cipher C001 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+		TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher C002 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+		TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C003 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C004 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C005 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C006 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
-	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+		TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher C007 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
-	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C008 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C009 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C00A */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C00B */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+		TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher C00C */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+		TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C00D */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C00E */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C00F */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C010 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
-	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+		TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher C011 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
-	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+		TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C012 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C013 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C014 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C015 */
 	{
-	1,
-	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-	SSL_kEECDH,
-	SSL_aNULL,
-	SSL_eNULL,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	0,
-	0,
+		1,
+		TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+		TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+		SSL_kEECDH,
+		SSL_aNULL,
+		SSL_eNULL,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		0,
+		0,
 	},
 
 	/* Cipher C016 */
 	{
-	1,
-	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-	SSL_kEECDH,
-	SSL_aNULL,
-	SSL_RC4,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+		TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+		SSL_kEECDH,
+		SSL_aNULL,
+		SSL_RC4,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_MEDIUM,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C017 */
 	{
-	1,
-	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-	SSL_kEECDH,
-	SSL_aNULL,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		SSL_kEECDH,
+		SSL_aNULL,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C018 */
 	{
-	1,
-	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
-	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aNULL,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+		TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aNULL,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C019 */
 	{
-	1,
-	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
-	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
-	SSL_kEECDH,
-	SSL_aNULL,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+		TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+		SSL_kEECDH,
+		SSL_aNULL,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 #endif	/* OPENSSL_NO_ECDH */
 
 #ifndef OPENSSL_NO_SRP
 	/* Cipher C01A */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
-	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
-	SSL_kSRP,
-	SSL_aNULL,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+		TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+		SSL_kSRP,
+		SSL_aNULL,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C01B */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
-	TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
-	SSL_kSRP,
-	SSL_aRSA,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+		TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+		SSL_kSRP,
+		SSL_aRSA,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C01C */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
-	TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
-	SSL_kSRP,
-	SSL_aDSS,
-	SSL_3DES,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	168,
-	168,
+		1,
+		TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+		TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+		SSL_kSRP,
+		SSL_aDSS,
+		SSL_3DES,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		168,
+		168,
 	},
 
 	/* Cipher C01D */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
-	SSL_kSRP,
-	SSL_aNULL,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+		SSL_kSRP,
+		SSL_aNULL,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C01E */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
-	TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
-	SSL_kSRP,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+		TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+		SSL_kSRP,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C01F */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
-	TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
-	SSL_kSRP,
-	SSL_aDSS,
-	SSL_AES128,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	128,
-	128,
+		1,
+		TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+		TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+		SSL_kSRP,
+		SSL_aDSS,
+		SSL_AES128,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		128,
+		128,
 	},
 
 	/* Cipher C020 */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
-	SSL_kSRP,
-	SSL_aNULL,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+		SSL_kSRP,
+		SSL_aNULL,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C021 */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
-	TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
-	SSL_kSRP,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+		TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+		SSL_kSRP,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 
 	/* Cipher C022 */
 	{
-	1,
-	TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
-	TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
-	SSL_kSRP,
-	SSL_aDSS,
-	SSL_AES256,
-	SSL_SHA1,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
+		1,
+		TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+		TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+		SSL_kSRP,
+		SSL_aDSS,
+		SSL_AES256,
+		SSL_SHA1,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
 	},
 #endif  /* OPENSSL_NO_SRP */
 #ifndef OPENSSL_NO_ECDH
@@ -2570,260 +2570,260 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 	/* Cipher C023 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C024 */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES256,
-	SSL_SHA384,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES256,
+		SSL_SHA384,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C025 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C026 */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES256,
-	SSL_SHA384,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES256,
+		SSL_SHA384,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C027 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-	TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+		TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C028 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
-	TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES256,
-	SSL_SHA384,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+		TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES256,
+		SSL_SHA384,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C029 */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
-	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES128,
-	SSL_SHA256,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+		TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES128,
+		SSL_SHA256,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C02A */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
-	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES256,
-	SSL_SHA384,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+		TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES256,
+		SSL_SHA384,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
 
 	/* Cipher C02B */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C02C */
 	{
-	1,
-	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-	SSL_kEECDH,
-	SSL_aECDSA,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		SSL_kEECDH,
+		SSL_aECDSA,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C02D */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C02E */
 	{
-	1,
-	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-	SSL_kECDHe,
-	SSL_aECDH,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		SSL_kECDHe,
+		SSL_aECDH,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C02F */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C030 */
 	{
-	1,
-	TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-	SSL_kEECDH,
-	SSL_aRSA,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		SSL_kEECDH,
+		SSL_aRSA,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 	/* Cipher C031 */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES128GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-	128,
-	128,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES128GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		128,
+		128,
 	},
 
 	/* Cipher C032 */
 	{
-	1,
-	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-	SSL_kECDHr,
-	SSL_aECDH,
-	SSL_AES256GCM,
-	SSL_AEAD,
-	SSL_TLSV1_2,
-	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-	256,
-	256,
+		1,
+		TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		SSL_kECDHr,
+		SSL_aECDH,
+		SSL_AES256GCM,
+		SSL_AEAD,
+		SSL_TLSV1_2,
+		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		256,
+		256,
 	},
 
 #endif /* OPENSSL_NO_ECDH */
@@ -2832,135 +2832,141 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 #ifdef TEMP_GOST_TLS
 /* Cipher FF00 */
 	{
-	1,
-	"GOST-MD5",
-	0x0300ff00,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eGOST2814789CNT,
-	SSL_MD5,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256,
-	},
-	{
-	1,
-	"GOST-GOST94",
-	0x0300ff01,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eGOST2814789CNT,
-	SSL_GOST94,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256
-	},
-	{
-	1,
-	"GOST-GOST89MAC",
-	0x0300ff02,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eGOST2814789CNT,
-	SSL_GOST89MAC,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-	256,
-	256
-	},
-	{
-	1,
-	"GOST-GOST89STREAM",
-	0x0300ff03,
-	SSL_kRSA,
-	SSL_aRSA,
-	SSL_eGOST2814789CNT,
-	SSL_GOST89MAC,
-	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
-	256,
-	256
+		1,
+		"GOST-MD5",
+		0x0300ff00,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eGOST2814789CNT,
+		SSL_MD5,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256,
+	},
+	{
+		1,
+		"GOST-GOST94",
+		0x0300ff01,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eGOST2814789CNT,
+		SSL_GOST94,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256
+	},
+	{
+		1,
+		"GOST-GOST89MAC",
+		0x0300ff02,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eGOST2814789CNT,
+		SSL_GOST89MAC,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		256,
+		256
+	},
+	{
+		1,
+		"GOST-GOST89STREAM",
+		0x0300ff03,
+		SSL_kRSA,
+		SSL_aRSA,
+		SSL_eGOST2814789CNT,
+		SSL_GOST89MAC,
+		SSL_TLSV1,
+		SSL_NOT_EXP|SSL_HIGH,
+		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
+		256,
+		256
 	},
 #endif
 
 /* end of list */
-	};
+};
 
-SSL3_ENC_METHOD SSLv3_enc_data={
+SSL3_ENC_METHOD SSLv3_enc_data = {
 	ssl3_enc,
 	n_ssl3_mac,
 	ssl3_setup_key_block,
 	ssl3_generate_master_secret,
 	ssl3_change_cipher_state,
 	ssl3_final_finish_mac,
-	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+	MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
 	ssl3_cert_verify_mac,
-	SSL3_MD_CLIENT_FINISHED_CONST,4,
-	SSL3_MD_SERVER_FINISHED_CONST,4,
+	SSL3_MD_CLIENT_FINISHED_CONST, 4,
+	SSL3_MD_SERVER_FINISHED_CONST, 4,
 	ssl3_alert_code,
 	(int (*)(SSL *, unsigned char *, size_t, const char *,
-		 size_t, const unsigned char *, size_t,
-		 int use_context))ssl_undefined_function,
-	};
+	size_t, const unsigned char *, size_t,
+	int use_context))ssl_undefined_function,
+};
 
-long ssl3_default_timeout(void)
-	{
+long
+ssl3_default_timeout(void)
+{
 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
 	 * is way too long for http, the cache would over fill */
-	return(60*60*2);
-	}
-
-int ssl3_num_ciphers(void)
-	{
-	return(SSL3_NUM_CIPHERS);
-	}
-
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
-	{
+	return (60*60*2);
+}
+
+int
+ssl3_num_ciphers(void)
+{
+	return (SSL3_NUM_CIPHERS);
+}
+
+const SSL_CIPHER
+*ssl3_get_cipher(unsigned int u)
+{
 	if (u < SSL3_NUM_CIPHERS)
-		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
+		return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
 	else
-		return(NULL);
-	}
+		return (NULL);
+}
 
-int ssl3_pending(const SSL *s)
-	{
+int
+ssl3_pending(const SSL *s)
+{
 	if (s->rstate == SSL_ST_READ_BODY)
 		return 0;
-	
+
 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
-	}
+}
 
-int ssl3_new(SSL *s)
-	{
+int
+ssl3_new(SSL *s)
+{
 	SSL3_STATE *s3;
 
-	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
-	memset(s3,0,sizeof *s3);
-	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
-	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
+	if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
+		memset(s3, 0, sizeof *s3);
+	memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
+	memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
 
-	s->s3=s3;
+	s->s3 = s3;
 
 #ifndef OPENSSL_NO_SRP
 	SSL_SRP_CTX_init(s);
 #endif
 	s->method->ssl_clear(s);
-	return(1);
+	return (1);
 err:
-	return(0);
-	}
+	return (0);
+}
 
-void ssl3_free(SSL *s)
-	{
-	if(s == NULL)
-	    return;
+void
+ssl3_free(SSL *s)
+{
+	if (s == NULL)
+		return;
 
 #ifdef TLSEXT_TYPE_opaque_prf_input
 	if (s->s3->client_opaque_prf_input != NULL)
@@ -2986,22 +2992,24 @@ void ssl3_free(SSL *s)
 #endif
 
 	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+		sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
 	if (s->s3->handshake_buffer) {
 		BIO_free(s->s3->handshake_buffer);
 	}
-	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
+	if (s->s3->handshake_dgst)
+		ssl3_free_digest_list(s);
 #ifndef OPENSSL_NO_SRP
 	SSL_SRP_CTX_free(s);
 #endif
-	OPENSSL_cleanse(s->s3,sizeof *s->s3);
+	OPENSSL_cleanse(s->s3, sizeof *s->s3);
 	OPENSSL_free(s->s3);
-	s->s3=NULL;
-	}
+	s->s3 = NULL;
+}
 
-void ssl3_clear(SSL *s)
-	{
-	unsigned char *rp,*wp;
+void
+ssl3_clear(SSL *s)
+{
+	unsigned char *rp, *wp;
 	size_t rlen, wlen;
 	int init_extra;
 
@@ -3016,26 +3024,23 @@ void ssl3_clear(SSL *s)
 
 	ssl3_cleanup_key_block(s);
 	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+		sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
 
-	if (s->s3->rrec.comp != NULL)
-		{
+	if (s->s3->rrec.comp != NULL) {
 		OPENSSL_free(s->s3->rrec.comp);
-		s->s3->rrec.comp=NULL;
-		}
+		s->s3->rrec.comp = NULL;
+	}
 #ifndef OPENSSL_NO_DH
-	if (s->s3->tmp.dh != NULL)
-		{
+	if (s->s3->tmp.dh != NULL) {
 		DH_free(s->s3->tmp.dh);
 		s->s3->tmp.dh = NULL;
-		}
+	}
 #endif
 #ifndef OPENSSL_NO_ECDH
-	if (s->s3->tmp.ecdh != NULL)
-		{
+	if (s->s3->tmp.ecdh != NULL) {
 		EC_KEY_free(s->s3->tmp.ecdh);
 		s->s3->tmp.ecdh = NULL;
-		}
+	}
 #endif
 #ifndef OPENSSL_NO_TLSEXT
 #ifndef OPENSSL_NO_EC
@@ -3046,7 +3051,7 @@ void ssl3_clear(SSL *s)
 	rp = s->s3->rbuf.buf;
 	wp = s->s3->wbuf.buf;
 	rlen = s->s3->rbuf.len;
- 	wlen = s->s3->wbuf.len;
+	wlen = s->s3->wbuf.len;
 	init_extra = s->s3->init_extra;
 	if (s->s3->handshake_buffer) {
 		BIO_free(s->s3->handshake_buffer);
@@ -3054,104 +3059,100 @@ void ssl3_clear(SSL *s)
 	}
 	if (s->s3->handshake_dgst) {
 		ssl3_free_digest_list(s);
-	}	
-	memset(s->s3,0,sizeof *s->s3);
+	}
+	memset(s->s3, 0, sizeof *s->s3);
 	s->s3->rbuf.buf = rp;
 	s->s3->wbuf.buf = wp;
 	s->s3->rbuf.len = rlen;
- 	s->s3->wbuf.len = wlen;
+	s->s3->wbuf.len = wlen;
 	s->s3->init_extra = init_extra;
 
 	ssl_free_wbio_buffer(s);
 
-	s->packet_length=0;
-	s->s3->renegotiate=0;
-	s->s3->total_renegotiations=0;
-	s->s3->num_renegotiations=0;
-	s->s3->in_read_app_data=0;
-	s->version=SSL3_VERSION;
+	s->packet_length = 0;
+	s->s3->renegotiate = 0;
+	s->s3->total_renegotiations = 0;
+	s->s3->num_renegotiations = 0;
+	s->s3->in_read_app_data = 0;
+	s->version = SSL3_VERSION;
 
 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-	if (s->next_proto_negotiated)
-		{
+	if (s->next_proto_negotiated) {
 		OPENSSL_free(s->next_proto_negotiated);
 		s->next_proto_negotiated = NULL;
 		s->next_proto_negotiated_len = 0;
-		}
-#endif
 	}
+#endif
+}
 
 #ifndef OPENSSL_NO_SRP
-static char * srp_password_from_info_cb(SSL *s, void *arg)
-	{
-	return BUF_strdup(s->srp_ctx.info) ;
-	}
+static char *
+srp_password_from_info_cb(SSL *s, void *arg)
+{
+	return BUF_strdup(s->srp_ctx.info);
+}
 #endif
 
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
-	{
-	int ret=0;
+long
+ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+	int ret = 0;
 
 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
 	if (
 #ifndef OPENSSL_NO_RSA
-	    cmd == SSL_CTRL_SET_TMP_RSA ||
-	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+	cmd == SSL_CTRL_SET_TMP_RSA ||
+	cmd == SSL_CTRL_SET_TMP_RSA_CB ||
 #endif
 #ifndef OPENSSL_NO_DSA
-	    cmd == SSL_CTRL_SET_TMP_DH ||
-	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
+	cmd == SSL_CTRL_SET_TMP_DH ||
+	cmd == SSL_CTRL_SET_TMP_DH_CB ||
 #endif
-		0)
-		{
-		if (!ssl_cert_inst(&s->cert))
-		    	{
+	0) {
+		if (!ssl_cert_inst(&s->cert)) {
 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
+			return (0);
 		}
+	}
 #endif
 
-	switch (cmd)
-		{
+	switch (cmd) {
 	case SSL_CTRL_GET_SESSION_REUSED:
-		ret=s->hit;
+		ret = s->hit;
 		break;
 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
 		break;
 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
-		ret=s->s3->num_renegotiations;
+		ret = s->s3->num_renegotiations;
 		break;
 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
-		ret=s->s3->num_renegotiations;
-		s->s3->num_renegotiations=0;
+		ret = s->s3->num_renegotiations;
+		s->s3->num_renegotiations = 0;
 		break;
 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
-		ret=s->s3->total_renegotiations;
+		ret = s->s3->total_renegotiations;
 		break;
 	case SSL_CTRL_GET_FLAGS:
-		ret=(int)(s->s3->flags);
+		ret = (int)(s->s3->flags);
 		break;
 #ifndef OPENSSL_NO_RSA
 	case SSL_CTRL_NEED_TMP_RSA:
 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
-		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
+		   ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+		   (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8))))
 			ret = 1;
 		break;
 	case SSL_CTRL_SET_TMP_RSA:
 		{
 			RSA *rsa = (RSA *)parg;
-			if (rsa == NULL)
-				{
+			if (rsa == NULL) {
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-				return(ret);
-				}
-			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
-				{
+				return (ret);
+			}
+			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
-				return(ret);
-				}
+				return (ret);
+			}
 			if (s->cert->rsa_tmp != NULL)
 				RSA_free(s->cert->rsa_tmp);
 			s->cert->rsa_tmp = rsa;
@@ -3160,8 +3161,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 	case SSL_CTRL_SET_TMP_RSA_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(ret);
+			SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (ret);
 		}
 		break;
 #endif
@@ -3169,25 +3170,21 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_TMP_DH:
 		{
 			DH *dh = (DH *)parg;
-			if (dh == NULL)
-				{
+			if (dh == NULL) {
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-				return(ret);
-				}
-			if ((dh = DHparams_dup(dh)) == NULL)
-				{
+				return (ret);
+			}
+			if ((dh = DHparams_dup(dh)) == NULL) {
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-				return(ret);
-				}
-			if (!(s->options & SSL_OP_SINGLE_DH_USE))
-				{
-				if (!DH_generate_key(dh))
-					{
+				return (ret);
+			}
+			if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
+				if (!DH_generate_key(dh)) {
 					DH_free(dh);
 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-					return(ret);
-					}
+					return (ret);
 				}
+			}
 			if (s->cert->dh_tmp != NULL)
 				DH_free(s->cert->dh_tmp);
 			s->cert->dh_tmp = dh;
@@ -3196,79 +3193,70 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 	case SSL_CTRL_SET_TMP_DH_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(ret);
+			SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (ret);
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH:
 		{
-		EC_KEY *ecdh = NULL;
- 			
-		if (parg == NULL)
-			{
-			SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-			return(ret);
+			EC_KEY *ecdh = NULL;
+
+			if (parg == NULL) {
+				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+				return (ret);
 			}
-		if (!EC_KEY_up_ref((EC_KEY *)parg))
-			{
-			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
-			return(ret);
+			if (!EC_KEY_up_ref((EC_KEY *)parg)) {
+				SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+				return (ret);
 			}
-		ecdh = (EC_KEY *)parg;
-		if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
-			{
-			if (!EC_KEY_generate_key(ecdh))
-				{
-				EC_KEY_free(ecdh);
-				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
-				return(ret);
+			ecdh = (EC_KEY *)parg;
+			if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
+				if (!EC_KEY_generate_key(ecdh)) {
+					EC_KEY_free(ecdh);
+					SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+					return (ret);
 				}
 			}
-		if (s->cert->ecdh_tmp != NULL)
-			EC_KEY_free(s->cert->ecdh_tmp);
-		s->cert->ecdh_tmp = ecdh;
-		ret = 1;
+			if (s->cert->ecdh_tmp != NULL)
+				EC_KEY_free(s->cert->ecdh_tmp);
+			s->cert->ecdh_tmp = ecdh;
+			ret = 1;
 		}
 		break;
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(ret);
+			SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (ret);
 		}
 		break;
 #endif /* !OPENSSL_NO_ECDH */
 #ifndef OPENSSL_NO_TLSEXT
 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
- 		if (larg == TLSEXT_NAMETYPE_host_name)
-			{
-			if (s->tlsext_hostname != NULL) 
+		if (larg == TLSEXT_NAMETYPE_host_name) {
+			if (s->tlsext_hostname != NULL)
 				OPENSSL_free(s->tlsext_hostname);
 			s->tlsext_hostname = NULL;
 
 			ret = 1;
-			if (parg == NULL) 
+			if (parg == NULL)
 				break;
-			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
-				{
+			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
 				return 0;
-				}
-			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
-				{
+			}
+			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
 				return 0;
-				}
 			}
-		else
-			{
+		} else {
 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
 			return 0;
-			}
- 		break;
+		}
+		break;
 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
-		s->tlsext_debug_arg=parg;
+		s->tlsext_debug_arg = parg;
 		ret = 1;
 		break;
 
@@ -3276,28 +3264,26 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
 		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
 		                   * (including the cert chain and everything) */
-			{
+		{
 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
 			break;
-			}
+		}
 		if (s->tlsext_opaque_prf_input != NULL)
 			OPENSSL_free(s->tlsext_opaque_prf_input);
 		if ((size_t)larg == 0)
 			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
 		else
 			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
-		if (s->tlsext_opaque_prf_input != NULL)
-			{
+		if (s->tlsext_opaque_prf_input != NULL) {
 			s->tlsext_opaque_prf_input_len = (size_t)larg;
 			ret = 1;
-			}
-		else
+		} else
 			s->tlsext_opaque_prf_input_len = 0;
 		break;
 #endif
 
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
-		s->tlsext_status_type=larg;
+		s->tlsext_status_type = larg;
 		ret = 1;
 		break;
 
@@ -3324,7 +3310,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
 		*(unsigned char **)parg = s->tlsext_ocsp_resp;
 		return s->tlsext_ocsp_resplen;
-		
+
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
 		if (s->tlsext_ocsp_resp)
 			OPENSSL_free(s->tlsext_ocsp_resp);
@@ -3357,222 +3343,204 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #endif /* !OPENSSL_NO_TLSEXT */
 	default:
 		break;
-		}
-	return(ret);
 	}
+	return (ret);
+}
 
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
-	{
-	int ret=0;
+long
+ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
+{
+	int ret = 0;
 
 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
 	if (
 #ifndef OPENSSL_NO_RSA
-	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+	cmd == SSL_CTRL_SET_TMP_RSA_CB ||
 #endif
 #ifndef OPENSSL_NO_DSA
-	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
+	cmd == SSL_CTRL_SET_TMP_DH_CB ||
 #endif
-		0)
-		{
-		if (!ssl_cert_inst(&s->cert))
-			{
+	0) {
+		if (!ssl_cert_inst(&s->cert)) {
 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
-			return(0);
-			}
+			return (0);
 		}
+	}
 #endif
 
-	switch (cmd)
-		{
+	switch (cmd) {
 #ifndef OPENSSL_NO_RSA
 	case SSL_CTRL_SET_TMP_RSA_CB:
 		{
-		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+			s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_DH
 	case SSL_CTRL_SET_TMP_DH_CB:
 		{
-		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+			s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+			s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_TLSEXT
 	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
-		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
-					unsigned char *, int, void *))fp;
+		s->tlsext_debug_cb = (void (*)(SSL *, int , int,
+		unsigned char *, int, void *))fp;
 		break;
 #endif
 	default:
 		break;
-		}
-	return(ret);
 	}
+	return (ret);
+}
 
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-	{
+long
+ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
 	CERT *cert;
 
-	cert=ctx->cert;
+	cert = ctx->cert;
 
-	switch (cmd)
-		{
+	switch (cmd) {
 #ifndef OPENSSL_NO_RSA
 	case SSL_CTRL_NEED_TMP_RSA:
-		if (	(cert->rsa_tmp == NULL) &&
-			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
-			)
-			return(1);
+		if ((cert->rsa_tmp == NULL) &&
+		    ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+		    (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512 / 8)))
+		)
+		return (1);
 		else
-			return(0);
+			return (0);
 		/* break; */
 	case SSL_CTRL_SET_TMP_RSA:
 		{
-		RSA *rsa;
-		int i;
+			RSA *rsa;
+			int i;
 
-		rsa=(RSA *)parg;
-		i=1;
-		if (rsa == NULL)
-			i=0;
-		else
-			{
-			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
-				i=0;
+			rsa = (RSA *)parg;
+			i = 1;
+			if (rsa == NULL)
+				i = 0;
+			else {
+				if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
+					i = 0;
 			}
-		if (!i)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
-			return(0);
-			}
-		else
-			{
-			if (cert->rsa_tmp != NULL)
-				RSA_free(cert->rsa_tmp);
-			cert->rsa_tmp=rsa;
-			return(1);
+			if (!i) {
+				SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
+				return (0);
+			} else {
+				if (cert->rsa_tmp != NULL)
+					RSA_free(cert->rsa_tmp);
+				cert->rsa_tmp = rsa;
+				return (1);
 			}
 		}
 		/* break; */
 	case SSL_CTRL_SET_TMP_RSA_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(0);
+			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (0);
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_DH
 	case SSL_CTRL_SET_TMP_DH:
 		{
-		DH *new=NULL,*dh;
+			DH *new = NULL, *dh;
 
-		dh=(DH *)parg;
-		if ((new=DHparams_dup(dh)) == NULL)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
-			return 0;
-			}
-		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
-			{
-			if (!DH_generate_key(new))
-				{
-				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
-				DH_free(new);
+			dh = (DH *)parg;
+			if ((new = DHparams_dup(dh)) == NULL) {
+				SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
 				return 0;
+			}
+			if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
+				if (!DH_generate_key(new)) {
+					SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+					DH_free(new);
+					return 0;
 				}
 			}
-		if (cert->dh_tmp != NULL)
-			DH_free(cert->dh_tmp);
-		cert->dh_tmp=new;
-		return 1;
+			if (cert->dh_tmp != NULL)
+				DH_free(cert->dh_tmp);
+			cert->dh_tmp = new;
+			return 1;
 		}
 		/*break; */
 	case SSL_CTRL_SET_TMP_DH_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(0);
+			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (0);
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH:
 		{
-		EC_KEY *ecdh = NULL;
- 			
-		if (parg == NULL)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
-			return 0;
-			}
-		ecdh = EC_KEY_dup((EC_KEY *)parg);
-		if (ecdh == NULL)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
-			return 0;
+			EC_KEY *ecdh = NULL;
+
+			if (parg == NULL) {
+				SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+				return 0;
 			}
-		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
-			{
-			if (!EC_KEY_generate_key(ecdh))
-				{
-				EC_KEY_free(ecdh);
-				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
+			ecdh = EC_KEY_dup((EC_KEY *)parg);
+			if (ecdh == NULL) {
+				SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
 				return 0;
+			}
+			if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
+				if (!EC_KEY_generate_key(ecdh)) {
+					EC_KEY_free(ecdh);
+					SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+					return 0;
 				}
 			}
 
-		if (cert->ecdh_tmp != NULL)
-			{
-			EC_KEY_free(cert->ecdh_tmp);
+			if (cert->ecdh_tmp != NULL) {
+				EC_KEY_free(cert->ecdh_tmp);
 			}
-		cert->ecdh_tmp = ecdh;
-		return 1;
+			cert->ecdh_tmp = ecdh;
+			return 1;
 		}
 		/* break; */
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return(0);
+			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+			return (0);
 		}
 		break;
 #endif /* !OPENSSL_NO_ECDH */
 #ifndef OPENSSL_NO_TLSEXT
 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
-		ctx->tlsext_servername_arg=parg;
+		ctx->tlsext_servername_arg = parg;
 		break;
 	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
 	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
 		{
-		unsigned char *keys = parg;
-		if (!keys)
-			return 48;
-		if (larg != 48)
-			{
-			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
-			return 0;
-			}
-		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
-			{
-			memcpy(ctx->tlsext_tick_key_name, keys, 16);
-			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
-			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+			unsigned char *keys = parg;
+			if (!keys)
+				return 48;
+			if (larg != 48) {
+				SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+				return 0;
 			}
-		else
-			{
-			memcpy(keys, ctx->tlsext_tick_key_name, 16);
-			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
-			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+			if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+				memcpy(ctx->tlsext_tick_key_name, keys, 16);
+				memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+				memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+			} else {
+				memcpy(keys, ctx->tlsext_tick_key_name, 16);
+				memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+				memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
 			}
-		return 1;
+			return 1;
 		}
 
 #ifdef TLSEXT_TYPE_opaque_prf_input
@@ -3582,7 +3550,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 #endif
 
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
-		ctx->tlsext_status_arg=parg;
+		ctx->tlsext_status_arg = parg;
 		return 1;
 		break;
 
@@ -3594,182 +3562,182 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		ctx->srp_ctx.login = NULL;
 		if (parg == NULL)
 			break;
-		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
-			{
+		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
 			return 0;
-			} 
-		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
-			{
+		}
+		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
 			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
 			return 0;
-			}
+		}
 		break;
 	case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
-		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
-		ctx->srp_ctx.info=parg;
+		ctx->srp_ctx.SRP_give_srp_client_pwd_callback = srp_password_from_info_cb;
+		ctx->srp_ctx.info = parg;
 		break;
 	case SSL_CTRL_SET_SRP_ARG:
 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
-		ctx->srp_ctx.SRP_cb_arg=parg;
+		ctx->srp_ctx.SRP_cb_arg = parg;
 		break;
 
 	case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
-		ctx->srp_ctx.strength=larg;
+		ctx->srp_ctx.strength = larg;
 		break;
 #endif
 #endif /* !OPENSSL_NO_TLSEXT */
 
-	/* A Thawte special :-) */
+		/* A Thawte special :-) */
 	case SSL_CTRL_EXTRA_CHAIN_CERT:
-		if (ctx->extra_certs == NULL)
-			{
-			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
-				return(0);
-			}
+		if (ctx->extra_certs == NULL) {
+			if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
+				return (0);
+		}
 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
 		break;
 
 	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
-		*(STACK_OF(X509) **)parg =  ctx->extra_certs;
+		*(STACK_OF(X509) **)parg = ctx->extra_certs;
 		break;
 
 	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
-		if (ctx->extra_certs)
-			{
+		if (ctx->extra_certs) {
 			sk_X509_pop_free(ctx->extra_certs, X509_free);
 			ctx->extra_certs = NULL;
-			}
+		}
 		break;
 
 	default:
-		return(0);
-		}
-	return(1);
+		return (0);
 	}
+	return (1);
+}
 
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
-	{
+long
+ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
+{
 	CERT *cert;
 
-	cert=ctx->cert;
+	cert = ctx->cert;
 
-	switch (cmd)
-		{
+	switch (cmd) {
 #ifndef OPENSSL_NO_RSA
 	case SSL_CTRL_SET_TMP_RSA_CB:
 		{
-		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+			cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_DH
 	case SSL_CTRL_SET_TMP_DH_CB:
 		{
-		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+			cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_ECDH
 	case SSL_CTRL_SET_TMP_ECDH_CB:
 		{
-		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+			cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
 		}
 		break;
 #endif
 #ifndef OPENSSL_NO_TLSEXT
 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
-		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
+		ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
 		break;
 
 #ifdef TLSEXT_TYPE_opaque_prf_input
 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
-		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
+		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *, void *, size_t, void *))fp;
 		break;
 #endif
 
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
-		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
+		ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
 		break;
 
 	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
-		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
-						unsigned char *,
-						EVP_CIPHER_CTX *,
-						HMAC_CTX *, int))fp;
+		ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char  *,
+		    unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp;
 		break;
 
 #ifndef OPENSSL_NO_SRP
 	case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
-		ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
+		ctx->srp_ctx.SRP_verify_param_callback =
+		    (int (*)(SSL *, void *))fp;
 		break;
 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
-		ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
+		ctx->srp_ctx.TLS_ext_srp_username_callback =
+		    (int (*)(SSL *, int *, void *))fp;
 		break;
 	case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
-		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
+		ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+		    (char *(*)(SSL *, void *))fp;
 		break;
 #endif
 #endif
 	default:
-		return(0);
-		}
-	return(1);
+		return (0);
 	}
+	return (1);
+}
 
 /* This function needs to check if the ciphers required are actually
  * available */
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
-	{
+const SSL_CIPHER
+*ssl3_get_cipher_by_char(const unsigned char *p)
+{
 	SSL_CIPHER c;
 	const SSL_CIPHER *cp;
 	unsigned long id;
 
-	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
-	c.id=id;
+	id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
+	c.id = id;
 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
-if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
+	if (cp == NULL)
+		fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
 #endif
 	if (cp == NULL || cp->valid == 0)
 		return NULL;
 	else
 		return cp;
-	}
+}
 
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-	{
+int
+ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
 	long l;
 
-	if (p != NULL)
-		{
-		l=c->id;
-		if ((l & 0xff000000) != 0x03000000) return(0);
-		p[0]=((unsigned char)(l>> 8L))&0xFF;
-		p[1]=((unsigned char)(l     ))&0xFF;
-		}
-	return(2);
+	if (p != NULL) {
+		l = c->id;
+		if ((l & 0xff000000) != 0x03000000)
+			return (0);
+		p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
+		p[1] = ((unsigned char)(l)) & 0xFF;
 	}
+	return (2);
+}
 
 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
-	     STACK_OF(SSL_CIPHER) *srvr)
-	{
-	SSL_CIPHER *c,*ret=NULL;
+    STACK_OF(SSL_CIPHER) *srvr)
+{
+	SSL_CIPHER *c, *ret = NULL;
 	STACK_OF(SSL_CIPHER) *prio, *allow;
-	int i,ii,ok;
+	int i, ii, ok;
 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
 	unsigned int j;
 	int ec_ok, ec_nid;
 	unsigned char ec_search1 = 0, ec_search2 = 0;
 #endif
 	CERT *cert;
-	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
+	unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
 
 	/* Let's see which ciphers we can support */
-	cert=s->cert;
+	cert = s->cert;
 
 #if 0
 	/* Do not set the compare functions, because this may lead to a
@@ -3783,62 +3751,55 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 
 #ifdef CIPHER_DEBUG
 	printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
-	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
-		{
-		c=sk_SSL_CIPHER_value(srvr,i);
-		printf("%p:%s\n",(void *)c,c->name);
-		}
+	for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
+		c = sk_SSL_CIPHER_value(srvr, i);
+		printf("%p:%s\n",(void *)c, c->name);
+	}
 	printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
-	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
-	    {
-	    c=sk_SSL_CIPHER_value(clnt,i);
-	    printf("%p:%s\n",(void *)c,c->name);
-	    }
+	for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
+		c = sk_SSL_CIPHER_value(clnt, i);
+		printf("%p:%s\n",(void *)c, c->name);
+	}
 #endif
 
-	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-		{
+	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
 		prio = srvr;
 		allow = clnt;
-		}
-	else
-		{
+	} else {
 		prio = clnt;
 		allow = srvr;
-		}
+	}
 
-	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
-		{
-		c=sk_SSL_CIPHER_value(prio,i);
+	for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+		c = sk_SSL_CIPHER_value(prio, i);
 
 		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
-		if ((c->algorithm_ssl & SSL_TLSV1_2) && 
-			(TLS1_get_version(s) < TLS1_2_VERSION))
+		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+		    (TLS1_get_version(s) < TLS1_2_VERSION))
 			continue;
 
-		ssl_set_cert_masks(cert,c);
+		ssl_set_cert_masks(cert, c);
 		mask_k = cert->mask_k;
 		mask_a = cert->mask_a;
 		emask_k = cert->export_mask_k;
 		emask_a = cert->export_mask_a;
 #ifndef OPENSSL_NO_SRP
-		mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
-		emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
+		mask_k = cert->mask_k | s->srp_ctx.srp_Mask;
+		emask_k = cert->export_mask_k | s->srp_ctx.srp_Mask;
 #endif
-			
+
 #ifdef KSSL_DEBUG
 /*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
 #endif    /* KSSL_DEBUG */
 
-		alg_k=c->algorithm_mkey;
-		alg_a=c->algorithm_auth;
+		alg_k = c->algorithm_mkey;
+		alg_a = c->algorithm_auth;
 
 #ifndef OPENSSL_NO_KRB5
-		if (alg_k & SSL_kKRB5)
-			{
-			if ( !kssl_keytab_is_available(s->kssl_ctx) )
-			    continue;
-			}
+		if (alg_k & SSL_kKRB5) {
+			if (!kssl_keytab_is_available(s->kssl_ctx) )
+				continue;
+		}
 #endif /* OPENSSL_NO_KRB5 */
 #ifndef OPENSSL_NO_PSK
 		/* with PSK there must be server callback set */
@@ -3846,449 +3807,405 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 			continue;
 #endif /* OPENSSL_NO_PSK */
 
-		if (SSL_C_IS_EXPORT(c))
-			{
+		if (SSL_C_IS_EXPORT(c)) {
 			ok = (alg_k & emask_k) && (alg_a & emask_a);
 #ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
-			       (void *)c,c->name);
+			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", ok, alg_k, alg_a, emask_k, emask_a,
+			(void *)c, c->name);
 #endif
-			}
-		else
-			{
+		} else {
 			ok = (alg_k & mask_k) && (alg_a & mask_a);
 #ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
-			       c->name);
+			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, alg_a, mask_k, mask_a,(void *)c,
+			c->name);
 #endif
-			}
+		}
 
 #ifndef OPENSSL_NO_TLSEXT
 #ifndef OPENSSL_NO_EC
 		if (
-			/* if we are considering an ECC cipher suite that uses our certificate */
-			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
-			/* and we have an ECC certificate */
-			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
-			/* and the client specified a Supported Point Formats extension */
-			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
-			/* and our certificate's point is compressed */
-			&& (
-				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
-				&& (
-					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
-					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
-					)
-				)
+		/* if we are considering an ECC cipher suite that uses our certificate */
+		(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+		/* and we have an ECC certificate */
+		&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+		/* and the client specified a Supported Point Formats extension */
+		&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
+		/* and our certificate's point is compressed */
+		&& (
+		(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
+		&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
+		&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
+		&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
+		&& (
+		(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
+		|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
 		)
-			{
+		)
+		) {
 			ec_ok = 0;
 			/* if our certificate's curve is over a field type that the client does not support
 			 * then do not allow this cipher suite to be negotiated */
 			if (
-				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
-				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
-			)
-				{
-				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
-					{
-					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
-						{
+			(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+			&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
+			&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
+			&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
+			) {
+				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) {
+					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) {
 						ec_ok = 1;
 						break;
-						}
 					}
 				}
-			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
-				{
-				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
-					{
-					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
-						{
+			} else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) {
+				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) {
+					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) {
 						ec_ok = 1;
 						break;
-						}
 					}
 				}
-			ok = ok && ec_ok;
 			}
+			ok = ok && ec_ok;
+		}
 		if (
-			/* if we are considering an ECC cipher suite that uses our certificate */
-			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
-			/* and we have an ECC certificate */
-			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
-			/* and the client specified an EllipticCurves extension */
-			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
-		)
-			{
+		/* if we are considering an ECC cipher suite that uses our certificate */
+		(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+		/* and we have an ECC certificate */
+		&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+		/* and the client specified an EllipticCurves extension */
+		&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
+		) {
 			ec_ok = 0;
 			if (
-				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
-				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
-			)
-				{
+			(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+			&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
+			) {
 				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
 				if ((ec_nid == 0)
-					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
-				)
-					{
-					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
-						{
+				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
+				) {
+					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) {
 						ec_search1 = 0xFF;
 						ec_search2 = 0x01;
-						}
-					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
-						{
+					} else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) {
 						ec_search1 = 0xFF;
 						ec_search2 = 0x02;
-						}
 					}
-				else
-					{
+				} else {
 					ec_search1 = 0x00;
 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
-					}
-				if ((ec_search1 != 0) || (ec_search2 != 0))
-					{
-					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
-						{
-						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
-							{
+				}
+				if ((ec_search1 != 0) || (ec_search2 != 0)) {
+					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) {
+						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j + 1] == ec_search2)) {
 							ec_ok = 1;
 							break;
-							}
 						}
 					}
 				}
-			ok = ok && ec_ok;
 			}
+			ok = ok && ec_ok;
+		}
 		if (
-			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
-			(alg_k & SSL_kEECDH)
-			/* and we have an ephemeral EC key */
-			&& (s->cert->ecdh_tmp != NULL)
-			/* and the client specified an EllipticCurves extension */
-			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
-		)
-			{
+		/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
+		(alg_k & SSL_kEECDH)
+		/* and we have an ephemeral EC key */
+		&& (s->cert->ecdh_tmp != NULL)
+		/* and the client specified an EllipticCurves extension */
+		&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
+		) {
 			ec_ok = 0;
-			if (s->cert->ecdh_tmp->group != NULL)
-				{
+			if (s->cert->ecdh_tmp->group != NULL) {
 				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
 				if ((ec_nid == 0)
-					&& (s->cert->ecdh_tmp->group->meth != NULL)
-				)
-					{
-					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
-						{
+				&& (s->cert->ecdh_tmp->group->meth != NULL)
+				) {
+					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field) {
 						ec_search1 = 0xFF;
 						ec_search2 = 0x01;
-						}
-					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
-						{
+					} else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field) {
 						ec_search1 = 0xFF;
 						ec_search2 = 0x02;
-						}
 					}
-				else
-					{
+				} else {
 					ec_search1 = 0x00;
 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
-					}
-				if ((ec_search1 != 0) || (ec_search2 != 0))
-					{
-					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
-						{
-						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
-							{
+				}
+				if ((ec_search1 != 0) || (ec_search2 != 0)) {
+					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) {
+						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j + 1] == ec_search2)) {
 							ec_ok = 1;
 							break;
-							}
 						}
 					}
 				}
-			ok = ok && ec_ok;
 			}
+			ok = ok && ec_ok;
+		}
 #endif /* OPENSSL_NO_EC */
 #endif /* OPENSSL_NO_TLSEXT */
 
-		if (!ok) continue;
-		ii=sk_SSL_CIPHER_find(allow,c);
-		if (ii >= 0)
-			{
+		if (!ok)
+			continue;
+		ii = sk_SSL_CIPHER_find(allow, c);
+		if (ii >= 0) {
 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
-			if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
-				{
-				if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
+			if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) {
+				if (!ret)
+					ret = sk_SSL_CIPHER_value(allow, ii);
 				continue;
-				}
+			}
 #endif
-			ret=sk_SSL_CIPHER_value(allow,ii);
+			ret = sk_SSL_CIPHER_value(allow, ii);
 			break;
-			}
 		}
-	return(ret);
 	}
+	return (ret);
+}
 
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
-	{
-	int ret=0;
+int
+ssl3_get_req_cert_type(SSL *s, unsigned char *p)
+{
+	int ret = 0;
 	unsigned long alg_k;
 
 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
 
 #ifndef OPENSSL_NO_GOST
-	if (s->version >= TLS1_VERSION)
-		{
-		if (alg_k & SSL_kGOST)
-			{
-			p[ret++]=TLS_CT_GOST94_SIGN;
-			p[ret++]=TLS_CT_GOST01_SIGN;
-			return(ret);
-			}
+	if (s->version >= TLS1_VERSION) {
+		if (alg_k & SSL_kGOST) {
+			p[ret++] = TLS_CT_GOST94_SIGN;
+			p[ret++] = TLS_CT_GOST01_SIGN;
+			return (ret);
 		}
+	}
 #endif
 
 #ifndef OPENSSL_NO_DH
-	if (alg_k & (SSL_kDHr|SSL_kEDH))
-		{
+	if (alg_k & (SSL_kDHr|SSL_kEDH)) {
 #  ifndef OPENSSL_NO_RSA
-		p[ret++]=SSL3_CT_RSA_FIXED_DH;
+		p[ret++] = SSL3_CT_RSA_FIXED_DH;
 #  endif
 #  ifndef OPENSSL_NO_DSA
-		p[ret++]=SSL3_CT_DSS_FIXED_DH;
+		p[ret++] = SSL3_CT_DSS_FIXED_DH;
 #  endif
-		}
+	}
 	if ((s->version == SSL3_VERSION) &&
-		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
-		{
+		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) {
 #  ifndef OPENSSL_NO_RSA
-		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
+		p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
 #  endif
 #  ifndef OPENSSL_NO_DSA
-		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
+		p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
 #  endif
-		}
+	}
 #endif /* !OPENSSL_NO_DH */
 #ifndef OPENSSL_NO_RSA
-	p[ret++]=SSL3_CT_RSA_SIGN;
+	p[ret++] = SSL3_CT_RSA_SIGN;
 #endif
 #ifndef OPENSSL_NO_DSA
-	p[ret++]=SSL3_CT_DSS_SIGN;
+	p[ret++] = SSL3_CT_DSS_SIGN;
 #endif
 #ifndef OPENSSL_NO_ECDH
-	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
-		{
-		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
-		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
-		}
+	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
+		p[ret++] = TLS_CT_RSA_FIXED_ECDH;
+		p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
+	}
 #endif
 
 #ifndef OPENSSL_NO_ECDSA
 	/* ECDSA certs can be used with RSA cipher suites as well 
 	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
 	 */
-	if (s->version >= TLS1_VERSION)
-		{
-		p[ret++]=TLS_CT_ECDSA_SIGN;
-		}
-#endif	
-	return(ret);
+	if (s->version >= TLS1_VERSION) {
+		p[ret++] = TLS_CT_ECDSA_SIGN;
 	}
+#endif	
+	return (ret);
+}
 
-int ssl3_shutdown(SSL *s)
-	{
+int
+ssl3_shutdown(SSL *s)
+{
 	int ret;
 
 	/* Don't do anything much if we have not done the handshake or
 	 * we don't want to send messages :-) */
-	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
-		{
-		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-		return(1);
-		}
+	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
+		s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+		return (1);
+	}
 
-	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
-		{
+	if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
 		s->shutdown|=SSL_SENT_SHUTDOWN;
 #if 1
-		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
+		ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
 #endif
 		/* our shutdown alert has been sent now, and if it still needs
 	 	 * to be written, s->s3->alert_dispatch will be true */
-	 	if (s->s3->alert_dispatch)
-	 		return(-1);	/* return WANT_WRITE */
-		}
-	else if (s->s3->alert_dispatch)
-		{
+		if (s->s3->alert_dispatch)
+			return(-1);	/* return WANT_WRITE */
+	} else if (s->s3->alert_dispatch) {
 		/* resend it if not sent */
 #if 1
-		ret=s->method->ssl_dispatch_alert(s);
-		if(ret == -1)
-			{
+		ret = s->method->ssl_dispatch_alert(s);
+		if (ret == -1) {
 			/* we only get to return -1 here the 2nd/Nth
 			 * invocation, we must  have already signalled
 			 * return 0 upon a previous invoation,
 			 * return WANT_WRITE */
-			return(ret);
-			}
-#endif
+			return (ret);
 		}
-	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
-		{
+#endif
+	} else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
 		/* If we are waiting for a close from our peer, we are closed */
-		s->method->ssl_read_bytes(s,0,NULL,0,0);
-		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
-			{
+		s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
+		if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
 			return(-1);	/* return WANT_READ */
-			}
 		}
+	}
 
 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
-		!s->s3->alert_dispatch)
-		return(1);
+	    !s->s3->alert_dispatch)
+		return (1);
 	else
-		return(0);
-	}
+		return (0);
+}
 
-int ssl3_write(SSL *s, const void *buf, int len)
-	{
-	int ret,n;
+int
+ssl3_write(SSL *s, const void *buf, int len)
+{
+	int ret, n;
 
 #if 0
-	if (s->shutdown & SSL_SEND_SHUTDOWN)
-		{
-		s->rwstate=SSL_NOTHING;
-		return(0);
-		}
+	if (s->shutdown & SSL_SEND_SHUTDOWN) {
+		s->rwstate = SSL_NOTHING;
+		return (0);
+	}
 #endif
 	errno = 0;
-	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+	if (s->s3->renegotiate)
+		ssl3_renegotiate_check(s);
 
 	/* This is an experimental flag that sends the
 	 * last handshake message in the same packet as the first
 	 * use data - used to see if it helps the TCP protocol during
 	 * session-id reuse */
 	/* The second test is because the buffer may have been removed */
-	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
-		{
+	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
 		/* First time through, we write into the buffer */
-		if (s->s3->delay_buf_pop_ret == 0)
-			{
-			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
-					     buf,len);
-			if (ret <= 0) return(ret);
+		if (s->s3->delay_buf_pop_ret == 0) {
+			ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+			buf, len);
+			if (ret <= 0)
+				return (ret);
 
-			s->s3->delay_buf_pop_ret=ret;
-			}
+			s->s3->delay_buf_pop_ret = ret;
+		}
 
-		s->rwstate=SSL_WRITING;
-		n=BIO_flush(s->wbio);
-		if (n <= 0) return(n);
-		s->rwstate=SSL_NOTHING;
+		s->rwstate = SSL_WRITING;
+		n = BIO_flush(s->wbio);
+		if (n <= 0)
+			return (n);
+		s->rwstate = SSL_NOTHING;
 
 		/* We have flushed the buffer, so remove it */
 		ssl_free_wbio_buffer(s);
 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
 
-		ret=s->s3->delay_buf_pop_ret;
-		s->s3->delay_buf_pop_ret=0;
-		}
-	else
-		{
-		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
-			buf,len);
-		if (ret <= 0) return(ret);
-		}
-
-	return(ret);
+		ret = s->s3->delay_buf_pop_ret;
+		s->s3->delay_buf_pop_ret = 0;
+	} else {
+		ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+		buf, len);
+		if (ret <= 0)
+			return (ret);
 	}
 
-static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
-	{
+	return (ret);
+}
+
+static int
+ssl3_read_internal(SSL *s, void *buf, int len, int peek)
+{
 	int ret;
-	
+
 	errno = 0;
-	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
-	s->s3->in_read_app_data=1;
-	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-	if ((ret == -1) && (s->s3->in_read_app_data == 2))
-		{
+	if (s->s3->renegotiate)
+		ssl3_renegotiate_check(s);
+	s->s3->in_read_app_data = 1;
+	ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+	if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
 		/* ssl3_read_bytes decided to call s->handshake_func, which
 		 * called ssl3_read_bytes to read handshake data.
 		 * However, ssl3_read_bytes actually found application data
 		 * and thinks that application data makes sense here; so disable
 		 * handshake processing and try to read application data again. */
 		s->in_handshake++;
-		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
+		ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek);
 		s->in_handshake--;
-		}
-	else
-		s->s3->in_read_app_data=0;
+	} else
+		s->s3->in_read_app_data = 0;
 
-	return(ret);
-	}
+	return (ret);
+}
 
-int ssl3_read(SSL *s, void *buf, int len)
-	{
+int
+ssl3_read(SSL *s, void *buf, int len)
+{
 	return ssl3_read_internal(s, buf, len, 0);
-	}
+}
 
-int ssl3_peek(SSL *s, void *buf, int len)
-	{
+int
+ssl3_peek(SSL *s, void *buf, int len)
+{
 	return ssl3_read_internal(s, buf, len, 1);
-	}
+}
 
-int ssl3_renegotiate(SSL *s)
-	{
+int
+ssl3_renegotiate(SSL *s)
+{
 	if (s->handshake_func == NULL)
-		return(1);
+		return (1);
 
 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-		return(0);
+		return (0);
 
-	s->s3->renegotiate=1;
-	return(1);
-	}
+	s->s3->renegotiate = 1;
+	return (1);
+}
 
-int ssl3_renegotiate_check(SSL *s)
-	{
-	int ret=0;
+int
+ssl3_renegotiate_check(SSL *s)
+{
+	int ret = 0;
 
-	if (s->s3->renegotiate)
-		{
-		if (	(s->s3->rbuf.left == 0) &&
-			(s->s3->wbuf.left == 0) &&
-			!SSL_in_init(s))
-			{
+	if (s->s3->renegotiate) {
+		if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&
+		    !SSL_in_init(s)) {
 /*
 if we are the server, and we have sent a 'RENEGOTIATE' message, we
 need to go to SSL_ST_ACCEPT.
 */
 			/* SSL_ST_ACCEPT */
-			s->state=SSL_ST_RENEGOTIATE;
-			s->s3->renegotiate=0;
+			s->state = SSL_ST_RENEGOTIATE;
+			s->s3->renegotiate = 0;
 			s->s3->num_renegotiations++;
 			s->s3->total_renegotiations++;
-			ret=1;
-			}
+			ret = 1;
 		}
-	return(ret);
 	}
+	return (ret);
+}
 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
  * to new SHA256 PRF and handshake macs
  */
-long ssl_get_algorithm2(SSL *s)
-	{
+long
+ssl_get_algorithm2(SSL *s)
+{
 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
 	if (s->method->version == TLS1_2_VERSION &&
-	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
-		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
+		alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
+	return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
-	}
-		
+}
-- 
cgit v1.2.3-55-g6feb