Merge pull request #83 from wllm-rbnt/lint

Global code linting + various fixes
2024-11-22 01:17:04 +00:00 · 2023-08-14 22:08:48 +02:00 · 2023-08-14 22:08:48 +02:00 · e1796a8851
commit e1796a8851
parent e8502ef1f6 b983eb316a
96 changed files with 8504 additions and 15176 deletions
--- a/.clang-format
+++ b/.clang-format
@ -0,0 +1,183 @@
 ---
 Language:        Cpp
 # BasedOnStyle:  Chromium
 # with a few modifications
 AccessModifierOffset: -1
 AlignAfterOpenBracket: Align
 AlignConsecutiveMacros: false
 AlignConsecutiveAssignments: false
 AlignConsecutiveBitFields: false
 AlignConsecutiveDeclarations: false
 AlignEscapedNewlines: Left
 AlignOperands:   Align
 AlignTrailingComments: true
 AllowAllArgumentsOnNextLine: true
 AllowAllConstructorInitializersOnNextLine: true
 AllowAllParametersOfDeclarationOnNextLine: false
 AllowShortEnumsOnASingleLine: true
 AllowShortBlocksOnASingleLine: Never
 AllowShortCaseLabelsOnASingleLine: false
 AllowShortFunctionsOnASingleLine: Inline
 AllowShortLambdasOnASingleLine: All
 AllowShortIfStatementsOnASingleLine: Never
 AllowShortLoopsOnASingleLine: false
 AlwaysBreakAfterDefinitionReturnType: None
 AlwaysBreakAfterReturnType: None
 AlwaysBreakBeforeMultilineStrings: true
 AlwaysBreakTemplateDeclarations: Yes
 BinPackArguments: true
 BinPackParameters: false
 BraceWrapping:
  AfterCaseLabel:  false
  AfterClass:      false
  AfterControlStatement: Never
  AfterEnum:       false
  AfterFunction:   false
  AfterNamespace:  false
  AfterObjCDeclaration: false
  AfterStruct:     false
  AfterUnion:      false
  AfterExternBlock: false
  BeforeCatch:     false
  BeforeElse:      false
  BeforeLambdaBody: false
  BeforeWhile:     false
  IndentBraces:    false
  SplitEmptyFunction: true
  SplitEmptyRecord: true
  SplitEmptyNamespace: true
 BreakBeforeBinaryOperators: None
 BreakBeforeBraces: Attach
 BreakBeforeInheritanceComma: false
 BreakInheritanceList: BeforeColon
 BreakBeforeTernaryOperators: true
 BreakConstructorInitializersBeforeComma: false
 BreakConstructorInitializers: BeforeColon
 BreakAfterJavaFieldAnnotations: false
 BreakStringLiterals: true
 ColumnLimit:     80
 CommentPragmas:  '^ IWYU pragma:'
 CompactNamespaces: false
 ConstructorInitializerAllOnOneLineOrOnePerLine: true
 ConstructorInitializerIndentWidth: 4
 ContinuationIndentWidth: 4
 Cpp11BracedListStyle: true
 DeriveLineEnding: true
 DerivePointerAlignment: false
 DisableFormat:   false
 ExperimentalAutoDetectBinPacking: false
 FixNamespaceComments: true
 ForEachMacros:
  - foreach
  - Q_FOREACH
  - BOOST_FOREACH
 IncludeBlocks:   Preserve
 IncludeCategories:
  - Regex:           '^<ext/.*\.h>'
    Priority:        2
    SortPriority:    0
  - Regex:           '^<.*\.h>'
    Priority:        1
    SortPriority:    0
  - Regex:           '^<.*'
    Priority:        2
    SortPriority:    0
  - Regex:           '.*'
    Priority:        3
    SortPriority:    0
 IncludeIsMainRegex: '([-_](test|unittest))?$'
 IncludeIsMainSourceRegex: ''
 IndentCaseLabels: true
 IndentCaseBlocks: false
 IndentGotoLabels: true
 IndentPPDirectives: None
 IndentExternBlock: AfterExternBlock
 IndentWidth:     2
 IndentWrappedFunctionNames: false
 InsertTrailingCommas: None
 JavaScriptQuotes: Leave
 JavaScriptWrapImports: true
 KeepEmptyLinesAtTheStartOfBlocks: false
 MacroBlockBegin: ''
 MacroBlockEnd:   ''
 MaxEmptyLinesToKeep: 1
 NamespaceIndentation: None
 ObjCBinPackProtocolList: Never
 ObjCBlockIndentWidth: 2
 ObjCBreakBeforeNestedBlockParam: true
 ObjCSpaceAfterProperty: false
 ObjCSpaceBeforeProtocolList: true
 PenaltyBreakAssignment: 2
 PenaltyBreakBeforeFirstCallParameter: 1
 PenaltyBreakComment: 300
 PenaltyBreakFirstLessLess: 120
 PenaltyBreakString: 1000
 PenaltyBreakTemplateDeclaration: 10
 PenaltyExcessCharacter: 1000000
 PenaltyReturnTypeOnItsOwnLine: 200
 PointerAlignment: Right
 RawStringFormats:
  - Language:        Cpp
    Delimiters:
      - cc
      - CC
      - cpp
      - Cpp
      - CPP
      - 'c++'
      - 'C++'
    CanonicalDelimiter: ''
    BasedOnStyle:    google
  - Language:        TextProto
    Delimiters:
      - pb
      - PB
      - proto
      - PROTO
    EnclosingFunctions:
      - EqualsProto
      - EquivToProto
      - PARSE_PARTIAL_TEXT_PROTO
      - PARSE_TEST_PROTO
      - PARSE_TEXT_PROTO
      - ParseTextOrDie
      - ParseTextProtoOrDie
      - ParseTestProto
      - ParsePartialTestProto
    CanonicalDelimiter: ''
    BasedOnStyle:    google
 ReflowComments:  true
 SortIncludes:    false
 SortUsingDeclarations: true
 SpaceAfterCStyleCast: false
 SpaceAfterLogicalNot: false
 SpaceAfterTemplateKeyword: true
 SpaceBeforeAssignmentOperators: true
 SpaceBeforeCpp11BracedList: false
 SpaceBeforeCtorInitializerColon: true
 SpaceBeforeInheritanceColon: true
 SpaceBeforeParens: Never
 SpaceBeforeRangeBasedForLoopColon: true
 SpaceInEmptyBlock: false
 SpaceInEmptyParentheses: false
 SpacesBeforeTrailingComments: 2
 SpacesInAngles:  false
 SpacesInConditionalStatement: false
 SpacesInContainerLiterals: true
 SpacesInCStyleCastParentheses: false
 SpacesInParentheses: false
 SpacesInSquareBrackets: false
 SpaceBeforeSquareBrackets: false
 Standard:        Auto
 StatementMacros:
  - Q_UNUSED
  - QT_REQUIRE_VERSION
 TabWidth:        8
 UseCRLF:         false
 UseTab:          Never
 WhitespaceSensitiveMacros:
  - STRINGIZE
  - PP_STRINGIZE
  - BOOST_PP_STRINGIZE
 ...
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.16.3)
+cmake_minimum_required(VERSION 3.13.4)
 include(CheckSymbolExists)
 project(
--- a/9
+++ b/9
@ -1,9 +0,0 @@
 record-fmt.txt
 record_analyze.c
 record_analyze.h
 targets.mk
 CVS:
 Entries
 Repository
 Root
--- a/README.md
+++ b/README.md
@ -29,7 +29,7 @@ For more details, check the man page.
 This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
-`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
+`./ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
 # Why do you maintain this repository?
--- a/base/network.c
+++ b/base/network.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Tue Dec 29 09:52:54 1998
 */
 #include <sys/types.h>
 #include <r_common.h>
 #include "network.h"
@ -68,10 +67,7 @@ struct network_handler_ {
  proto_ctx *ctx;
 };
-int network_handler_create(mod,handlerp)
+int network_handler_create(proto_mod *mod, n_handler **handlerp) {
  proto_mod *mod;
  n_handler **handlerp;
  {
  int r, _status;
  n_handler *handler = 0;
@ -91,10 +87,7 @@ int network_handler_create(mod,handlerp)
  return (_status);
 }
-int network_handler_destroy(mod,handlerp)
+int network_handler_destroy(proto_mod *mod, n_handler **handlerp) {
  proto_mod *mod;
  n_handler **handlerp;
  {
  n_handler *handler = 0;
  if(!handlerp || !*handlerp)
    return (0);
@ -107,13 +100,11 @@ int network_handler_destroy(mod,handlerp)
  return (0);
 }
-int network_process_packet(handler,timestamp,data,length,af)
+int network_process_packet(n_handler *handler,
-  n_handler *handler;
+                           struct timeval *timestamp,
-  struct timeval *timestamp;
+                           UCHAR *data,
-  UCHAR *data;
+                           int length,
-  int length;
+                           int af) {
  int af;
  {
  int r;
  int hlen;
  packet p;
@ -130,7 +121,9 @@ int network_process_packet(handler,timestamp,data,length,af)
  if(p.len < 20) {
    if(!(NET_print_flags & NET_PRINT_JSON))
-        printf("Malformed packet, packet too small to contain IP header, skipping ...\n");
+      printf(
          "Malformed packet, packet too small to contain IP header, skipping "
          "...\n");
    return (0);
  }
@ -139,9 +132,11 @@ int network_process_packet(handler,timestamp,data,length,af)
  if(af == AF_INET) {
    p.l3_hdr.ip = (struct ip *)data;
-        memcpy(&p.i_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_src, sizeof(struct in_addr));
+    memcpy(&p.i_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_src,
           sizeof(struct in_addr));
    p.i_addr.so_in.sin_family = AF_INET;
-        memcpy(&p.r_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_dst, sizeof(struct in_addr));
+    memcpy(&p.r_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_dst,
           sizeof(struct in_addr));
    p.r_addr.so_in.sin_family = AF_INET;
    /*Handle, or rather mishandle, fragmentation*/
@ -159,12 +154,16 @@ int network_process_packet(handler,timestamp,data,length,af)
    if(p.len > length) {
      if(!(NET_print_flags & NET_PRINT_JSON))
-	    printf("Malformed packet, size from IP header is larger than size reported by libpcap, skipping ...\n");
+        printf(
            "Malformed packet, size from IP header is larger than size "
            "reported by libpcap, skipping ...\n");
      return (0);
    }
    if(p.len == 0) {
-	    DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n"));
+      DBG((0,
           "ip length reported as 0, presumed to be because of 'TCP "
           "segmentation offload' (TSO)\n"));
      p.len = p._len;
    }
    p.len -= hlen;
@ -172,9 +171,11 @@ int network_process_packet(handler,timestamp,data,length,af)
    proto = p.l3_hdr.ip->ip_p;
  } else {
    p.l3_hdr.ip6 = (struct ip6_hdr *)data;
-        memcpy(&p.i_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_src, sizeof(struct in6_addr));
+    memcpy(&p.i_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_src,
           sizeof(struct in6_addr));
    p.i_addr.so_in6.sin6_family = AF_INET6;
-        memcpy(&p.r_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_dst, sizeof(struct in6_addr));
+    memcpy(&p.r_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_dst,
           sizeof(struct in6_addr));
    p.r_addr.so_in6.sin6_family = AF_INET6;
    // Skip packets with header extensions
    if(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_nxt != IPPROTO_TCP) {
@ -186,12 +187,16 @@ int network_process_packet(handler,timestamp,data,length,af)
    p.len = ntohs(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_plen);
    if(p.len > length) {
      if(!(NET_print_flags & NET_PRINT_JSON))
-	    printf("Malformed packet, size from IP header is larger than size reported by libpcap, skipping ...\n");
+        printf(
            "Malformed packet, size from IP header is larger than size "
            "reported by libpcap, skipping ...\n");
      return (0);
    }
    if(p.len == 0) {
-	    DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n"));
+      DBG((0,
           "ip length reported as 0, presumed to be because of 'TCP "
           "segmentation offload' (TSO)\n"));
      p.len = p._len;
    }
@ -208,10 +213,7 @@ int network_process_packet(handler,timestamp,data,length,af)
  return (0);
 }
-int packet_copy(in,out)
+int packet_copy(packet *in, packet **out) {
  packet *in;
  packet **out;
  {
  int _status;
  packet *p = 0;
@ -240,9 +242,7 @@ int packet_copy(in,out)
  return (_status);
 }
-int packet_destroy(p)
+int packet_destroy(packet *p) {
  packet *p;
  {
  if(!p)
    return (0);
@ -251,11 +251,9 @@ int packet_destroy(p)
  return (0);
 }
-int timestamp_diff(t1,t0,diff)
+int timestamp_diff(struct timeval *t1,
-  struct timeval *t1;
+                   struct timeval *t0,
-  struct timeval *t0;
+                   struct timeval *diff) {
  struct timeval *diff;
  {
  long d;
  if(t0->tv_sec > t1->tv_sec)
@ -278,18 +276,14 @@ int timestamp_diff(t1,t0,diff)
  return (0);
 }
-      
+int lookuphostname(struct sockaddr_storage *so_st, char **namep) {
 int lookuphostname(so_st,namep)
  struct sockaddr_storage *so_st;
  char **namep;
  {
  int r = 1;
  *namep = calloc(1, NI_MAXHOST);
  void *addr = NULL;
  if(!(NET_print_flags & NET_PRINT_NO_RESOLVE)) {
-        r = getnameinfo((struct sockaddr *) so_st, sizeof(struct sockaddr_storage), *namep, NI_MAXHOST, NULL, 0, 0);
+    r = getnameinfo((struct sockaddr *)so_st, sizeof(struct sockaddr_storage),
                    *namep, NI_MAXHOST, NULL, 0, 0);
  }
  if(r) {
@ -304,10 +298,7 @@ int lookuphostname(so_st,namep)
  return (0);
 }
-int addrtotext(so_st,namep)
+int addrtotext(struct sockaddr_storage *so_st, char **namep) {
  struct sockaddr_storage *so_st;
  char **namep;
  {
  *namep = calloc(1, NI_MAXHOST);
  void *addr = NULL;
--- a/base/network.h
+++ b/base/network.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: network.h,v 1.3 2001/09/14 22:29:14 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 29 09:53:50 1998
 */
 #ifndef _network_h
 #define _network_h
@ -74,14 +74,17 @@ typedef struct proto_mod_ proto_mod;
 typedef struct proto_handler_ proto_handler;
 typedef struct packet_ packet;
-int network_handler_create PROTO_LIST((proto_mod *mod,
+int network_handler_create PROTO_LIST((proto_mod * mod, n_handler **handlerp));
  n_handler **handlerp));
 int network_handler_destroy PROTO_LIST((proto_mod * mod, n_handler **handlerp));
 int network_process_packet PROTO_LIST((n_handler * handler,
-  struct timeval *timestamp,UCHAR *data,int length,int af));
+                                       struct timeval *timestamp,
                                       UCHAR *data,
                                       int length,
                                       int af));
 int packet_copy PROTO_LIST((packet * in, packet **out));
 int packet_destroy PROTO_LIST((packet * p));
-int timestamp_diff PROTO_LIST(( struct timeval *t1,struct timeval *t0,
+int timestamp_diff PROTO_LIST((struct timeval * t1,
                               struct timeval *t0,
                               struct timeval *diff));
 int lookuphostname PROTO_LIST((struct sockaddr_storage * addr, char **name));
 int addrtotext PROTO_LIST((struct sockaddr_storage * addr, char **name));
@ -126,4 +129,3 @@ extern UINT4 NET_print_flags;
 #define NET_PRINT_JSON 16
 #define NET_PRINT_TS 32
 #endif
--- a/base/pcap-snoop.c.in
+++ b/base/pcap-snoop.c.in
@ -46,9 +46,6 @@
   ekr@rtfm.com  Tue Dec 29 10:17:41 1998
 */
 #include <pcap.h>
 #include <unistd.h>
 #ifndef __OpenBSD__
@ -89,7 +86,9 @@ int err_exit PROTO_LIST((char *str,int num));
 int usage PROTO_LIST((void));
 int print_version PROTO_LIST((void));
 void sig_handler PROTO_LIST((int sig));
-void pcap_cb PROTO_LIST((u_char *ptr,const struct pcap_pkthdr *hdr,const u_char *data));
+void pcap_cb PROTO_LIST((u_char * ptr,
                         const struct pcap_pkthdr *hdr,
                         const u_char *data));
 int main PROTO_LIST((int argc, char **argv));
 int packet_cnt = 0;   // Packet counter used for connection pool cleaning
@ -101,27 +100,27 @@ struct timeval last_packet_seen_time = // Timestamp of the last packet of the
 logger_mod *logger = NULL;
-int err_exit(str,num)
+int err_exit(char *str, int num) {
  char *str;
  int num;
  {
  fprintf(stderr, "ERROR: %s\n", str);
  sig_handler(SIGQUIT);
  exit(num);
 }
-int usage()
+int usage(void) {
-  {
+  fprintf(stderr,
-    fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w outpcapfile]\n");
+          "Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w "
-    fprintf(stderr,"               [-k keyfile] [-p password] [-vtaTznsAxVNde]\n");
+          "outpcapfile]\n");
  fprintf(stderr,
          "               [-k keyfile] [-p password] [-vtaTznsAxVNde]\n");
  fprintf(stderr, "               [filter]\n");
  exit(0);
 }
-int print_version()
+int print_version(void) {
  {
  printf("Version: @ssldump_VERSION@ (@ssldump_DESCRIPTION@)\n");
-    printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n");
+  printf(
      "Maintained by a bunch of volunteers, see "
      "https://github.com/adulau/ssldump/blob/master/CREDITS\n");
  printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
  printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
  printf("All rights reserved.\n");
@ -137,8 +136,7 @@ n_handler *n;
 char *interface_name = 0;
 char *file = 0;
 char *filter = 0;
-void sig_handler(int sig)
+void sig_handler(int sig) {
  {
  int freed_conn = 0;
  fflush(stdout);
  if(logger)
@ -146,7 +144,8 @@ void sig_handler(int sig)
  freed_conn = destroy_all_conn();
  if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
-        printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn);
+    printf("Cleaned %d remaining connection(s) from connection pool\n",
           freed_conn);
  network_handler_destroy(mod, &n);
@ -162,18 +161,15 @@ void sig_handler(int sig)
  exit(sig);
 }
-void pcap_cb(ptr,hdr,data)
+void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data) {
  u_char *ptr;
  const struct pcap_pkthdr *hdr;
  const u_char *data;
  {
  n_handler *n;
  int len;
  struct ether_header *e_hdr = (struct ether_header *)data;
  int type, cleaned_conn;
  n = (n_handler *)ptr;
-    if(hdr->caplen!=hdr->len) err_exit("Length mismatch",-1);
+  if(hdr->caplen != hdr->len)
    err_exit("Length mismatch", -1);
  len = hdr->len;
@ -189,7 +185,9 @@ void pcap_cb(ptr,hdr,data)
    case DLT_EN10MB:
      if(len < sizeof(struct ether_header)) {
        if(!(NET_print_flags & NET_PRINT_JSON))
-            printf("Frame size too small to contain Ethernet header, skipping ...\n");
+          printf(
              "Frame size too small to contain Ethernet header, skipping "
              "...\n");
        return;
      }
@ -228,7 +226,8 @@ void pcap_cb(ptr,hdr,data)
 #ifdef DLT_SLIP_BSDOS
    case DLT_SLIP_BSDOS:
 #endif
-#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__)
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \
    defined(__bsdi__) || defined(__APPLE__)
      data += 16;
      len -= 16;
 #else
@ -246,7 +245,8 @@ void pcap_cb(ptr,hdr,data)
 #ifdef DLT_PPP_ETHER
    case DLT_PPP_ETHER:
 #endif
-#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__)
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \
    defined(__bsdi__) || defined(__APPLE__)
      data += 4;
      len -= 4;
 #else
@ -280,15 +280,18 @@ void pcap_cb(ptr,hdr,data)
  }
  if(type == ETHERTYPE_IPV6)
-       network_process_packet(n,(struct timeval *) &hdr->ts,(u_char *)data,len, AF_INET6);
+    network_process_packet(n, (struct timeval *)&hdr->ts, (u_char *)data, len,
                           AF_INET6);
  else
-       network_process_packet(n,(struct timeval *) &hdr->ts,(u_char *)data,len, AF_INET);
+    network_process_packet(n, (struct timeval *)&hdr->ts, (u_char *)data, len,
                           AF_INET);
  if(packet_cnt == conn_freq) {
    packet_cnt = 0;
    memcpy(&last_packet_seen_time, &hdr->ts, sizeof(struct timeval));
    if((cleaned_conn = clean_old_conn()) && !(NET_print_flags & NET_PRINT_JSON))
-            printf("%d inactive connection(s) cleaned from connection pool\n", cleaned_conn);
+      printf("%d inactive connection(s) cleaned from connection pool\n",
             cleaned_conn);
  } else {
    packet_cnt++;
  }
@ -299,22 +302,16 @@ typedef struct module_def_ {
  proto_mod *mod;
 } module_def;
-static module_def modules[]={
+static module_def modules[] = {{"SSL", &ssl_mod},
     {"SSL",&ssl_mod},
                               {"NULL", &null_mod},
 #ifdef ENABLE_RECORD
                               {"RECORD", &record_mod},
 #endif
-     {0,0}
+                               {0, 0}};
 };
 int parse_ssl_flag PROTO_LIST((int c));
-int main(argc,argv)
+int main(int argc, char **argv) {
  int argc;
  char **argv;
  {
  int r;
 #ifdef _WIN32
  __declspec(dllimport) char *optarg;
@ -334,7 +331,8 @@ int main(argc,argv)
  signal(SIGINT, sig_handler);
-    while((c=getopt(argc,argv,"vr:F:f:S:jyTt:ai:k:l:w:p:znsAxXhHVNdqem:P"))!=EOF){
+  while((c = getopt(argc, argv, "vr:F:f:S:jyTt:ai:k:l:w:p:znsAxXhHVNdqem:P")) !=
        EOF) {
    switch(c) {
      case 'v':
        print_version();
@ -380,8 +378,7 @@ int main(argc,argv)
      case 'w':
        logger = &pcap_mod;
        if(logger->vtbl->init(optarg) != 0) {
-	          fprintf(stderr,"Can not open/create out pcap %s\n",
+          fprintf(stderr, "Can not open/create out pcap %s\n", optarg);
 	          optarg);
          exit(1);
        }
        break;
@ -408,8 +405,7 @@ int main(argc,argv)
          }
        }
        if(!m->name) {
-	    fprintf(stderr,"Request analysis module %s not found\n",
+          fprintf(stderr, "Request analysis module %s not found\n", optarg);
 	      optarg);
          exit(1);
        }
        break;
@ -445,15 +441,15 @@ int main(argc,argv)
        err_exit("Aborting", -1);
      }
    }
-      if(!(p=pcap_open_live(interface_name,65535,!no_promiscuous,1000,errbuf))){
+    if(!(p = pcap_open_live(interface_name, 65535, !no_promiscuous, 1000,
                            errbuf))) {
      fprintf(stderr, "PCAP: %s\n", errbuf);
      err_exit("Aborting", -1);
    }
    if(pcap_lookupnet(interface_name, &localnet, &netmask, errbuf) < 0)
      fprintf(stderr, "PCAP: %s\n", errbuf);
-    }
+  } else {
    else{
    if(!(p = pcap_open_offline(file, errbuf))) {
      fprintf(stderr, "PCAP: %s\n", errbuf);
      err_exit("Aborting", -1);
@ -477,8 +473,7 @@ int main(argc,argv)
     * untagged, then it is assumed that the user knows what she is
     * doing, and the filter is not reformatted.
     */
-      if ((pcap_datalink(p) == DLT_EN10MB) &&
+    if((pcap_datalink(p) == DLT_EN10MB) && (filter != NULL) &&
          (filter != NULL) &&
       (strstr(filter, "vlan") == NULL)) {
      char *tmp_filter;
      char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )";
@ -518,7 +513,8 @@ int main(argc,argv)
  freed_conn = destroy_all_conn();
  if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
-        printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn);
+    printf("Cleaned %d remaining connection(s) from connection pool\n",
           freed_conn);
  network_handler_destroy(mod, &n);
  pcap_close(p);
@ -537,19 +533,14 @@ int main(argc,argv)
    free(SSL_keylogfile);
  if(SSL_password)
    free(SSL_password);
-    if (logger)
+  if(logger) {
    {
    logger->vtbl->deinit();
  }
  exit(0);
 }
-
+char *collapse_args(int argc, char **argv) {
 char *collapse_args(argc,argv)
  int argc;
  char **argv;
  {
  int i, len = 0;
  char *ret;
--- a/base/print_utils.c
+++ b/base/print_utils.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $
@ -43,9 +44,7 @@
   ekr@rtfm.com  Mon Feb 15 17:23:36 1999
 */
-
+int explain(char *format, ...) {
 int explain(char *format,...)
  {
  va_list ap;
  va_start(ap, format);
@ -57,8 +56,7 @@ int explain(char *format,...)
  return (0);
 }
-int exdump(name,data)
+int exdump(name, data) char *name;
  char *name;
 Data *data;
 {
  int i, j;
@ -72,16 +70,17 @@ int exdump(name,data)
    INDENT_INCR;
  }
  for(i = 0; i < data->len; i++) {
-      if(!i && (data->len>8)) INDENT;
+    if(!i && (data->len > 8))
      INDENT;
    if((data->len > 8) && i && !(i % 12)) {
-        LF;INDENT;
+      LF;
      INDENT;
    }
    printf("%.2x ", data->data[i] & 255);
  }
-    if(name) INDENT_POP;
+  if(name)
    INDENT_POP;
  if(data->len > 8 && i % 12)
    LF;
  return (0);
 }
--- a/base/print_utils.h
+++ b/base/print_utils.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: print_utils.h,v 1.2 2000/10/17 16:09:58 ekr Exp $
@ -43,14 +44,10 @@
   ekr@rtfm.com  Mon Feb 15 17:23:56 1999
 */
 #ifndef _print_utils_h
 #define _print_utils_h
 int explain PROTO_LIST((char *format, ...));
-int exdump PROTO_LIST((char *name,
+int exdump PROTO_LIST((char *name, Data *data));
  Data *data));
 #endif
--- a/base/proto_mod.c
+++ b/base/proto_mod.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $
@ -43,17 +44,13 @@
   ekr@rtfm.com  Thu Jan  7 22:35:23 1999
 */
 #include "network.h"
-int create_proto_handler(mod,ctx,handlerp,conn,first_packet)
+int create_proto_handler(proto_mod *mod,
-  proto_mod *mod;
+                         proto_ctx *ctx,
-  proto_ctx *ctx;
+                         proto_handler **handlerp,
-  proto_handler **handlerp;
+                         tcp_conn *conn,
-  tcp_conn *conn;
+                         struct timeval *first_packet) {
  struct timeval *first_packet;
  {
  int r, _status;
  proto_handler *handler = 0;
@ -61,7 +58,8 @@ int create_proto_handler(mod,ctx,handlerp,conn,first_packet)
    ABORT(R_NO_MEMORY);
  handler->vtbl = mod->vtbl;
  if((r = mod->vtbl->create(mod->handle, ctx, conn, &handler->obj,
-      &conn->i_addr,conn->i_port,&conn->r_addr,conn->r_port,first_packet)))
+                            &conn->i_addr, conn->i_port, &conn->r_addr,
                            conn->r_port, first_packet)))
    ABORT(r);
  *handlerp = handler;
@ -74,9 +72,7 @@ int create_proto_handler(mod,ctx,handlerp,conn,first_packet)
  return (_status);
 }
-int destroy_proto_handler(handlerp)
+int destroy_proto_handler(proto_handler **handlerp) {
  proto_handler **handlerp;
  {
  if(!handlerp || !*handlerp)
    return (0);
--- a/base/proto_mod.h
+++ b/base/proto_mod.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: proto_mod.h,v 1.4 2001/11/26 22:28:16 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Thu Dec 24 21:10:05 1998
 */
 #ifndef _proto_mod_h
 #define _proto_mod_h
@ -57,11 +57,15 @@ struct proto_mod_vtbl_ {
  int(*parse_flags) PROTO_LIST((char *str));
  int(*parse_flag) PROTO_LIST((int flag));
  int(*create_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp));
-     int (*create) PROTO_LIST((void *handle,proto_ctx *ctx,
+  int(*create) PROTO_LIST((void *handle,
                           proto_ctx *ctx,
                           tcp_conn *conn,
                           proto_obj **objp,
-       struct sockaddr_storage *i_addr,u_short i_port,
+                           struct sockaddr_storage *i_addr,
-       struct sockaddr_storage *r_addr,u_short r_port,struct timeval *time_base));
+                           u_short i_port,
                           struct sockaddr_storage *r_addr,
                           u_short r_port,
                           struct timeval *time_base));
  int(*destroy_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp));
  int(*destroy) PROTO_LIST((proto_obj * *objp));
  int(*data) PROTO_LIST((proto_obj * obj, segment *data, int direction));
@ -78,22 +82,29 @@ struct proto_handler_ {
  struct proto_mod_vtbl_ *vtbl;
 };
-int create_proto_handler PROTO_LIST((proto_mod *mod,proto_ctx *ctx,
+int create_proto_handler PROTO_LIST((proto_mod * mod,
                                     proto_ctx *ctx,
                                     proto_handler **handlerp,
-  tcp_conn *conn,struct timeval *first_packet));
+                                     tcp_conn *conn,
                                     struct timeval *first_packet));
 int destroy_proto_handler PROTO_LIST((proto_handler * *handlerp));
 // add logger
 struct logger_mod_vtbl_ {
  int(*init) PROTO_LIST((void *data));
  // deinit must be async signal safe(!!!)
  int(*deinit) PROTO_LIST(());
-     int (*create) PROTO_LIST((proto_obj **objp, struct sockaddr_storage *i_addr,u_short i_port,
+  int(*create) PROTO_LIST((proto_obj * *objp,
-                                       struct sockaddr_storage *r_addr,u_short r_port,struct timeval *time_base));
+                           struct sockaddr_storage *i_addr,
                           u_short i_port,
                           struct sockaddr_storage *r_addr,
                           u_short r_port,
                           struct timeval *time_base));
  int(*destroy) PROTO_LIST((proto_obj * *objp));
-     int (*data) PROTO_LIST((proto_obj *obj,unsigned char *data,unsigned int len,int direction));
+  int(*data) PROTO_LIST(
-     int (*close) PROTO_LIST((proto_obj *obj,unsigned char *data,unsigned int len,int direction));
+      (proto_obj * obj, unsigned char *data, unsigned int len, int direction));
  int(*close) PROTO_LIST(
      (proto_obj * obj, unsigned char *data, unsigned int len, int direction));
 };
 struct logger_mod_ {
@ -106,4 +117,3 @@ typedef struct logger_mod_ logger_mod;
 extern logger_mod *logger;
 #endif
--- a/base/tcpconn.c
+++ b/base/tcpconn.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $
@ -43,11 +44,9 @@
   ekr@rtfm.com  Tue Dec 29 15:13:03 1998
 */
 #include "network.h"
 #include "tcpconn.h"
 typedef struct conn_struct_ {
  tcp_conn conn;
  struct conn_struct_ *next;
@ -63,24 +62,23 @@ extern int conn_ttl;
 static int zero_conn PROTO_LIST((tcp_conn * conn));
-static int zero_conn(conn)
+static int zero_conn(tcp_conn *conn) {
  tcp_conn *conn;
  {
  memset(conn, 0, sizeof(tcp_conn));
  return (0);
 }
-int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *saddr,
+int tcp_find_conn(tcp_conn **connp,
-	u_short sport, struct sockaddr_storage *daddr, u_short dport)
+                  int *directionp,
-  {
+                  struct sockaddr_storage *saddr,
                  u_short sport,
                  struct sockaddr_storage *daddr,
                  u_short dport) {
  conn_struct *conn;
  for(conn = first_conn; conn; conn = conn->next) {
    if(sport == conn->conn.i_port && dport == conn->conn.r_port) {
-	if(!memcmp(saddr,&conn->conn.i_addr,sizeof(struct sockaddr_storage))
+      if(!memcmp(saddr, &conn->conn.i_addr, sizeof(struct sockaddr_storage)) &&
-	  && !memcmp(daddr,&conn->conn.r_addr,sizeof(struct sockaddr_storage)))
+         !memcmp(daddr, &conn->conn.r_addr, sizeof(struct sockaddr_storage))) {
 	{
        *directionp = DIR_I2R;
        *connp = &(conn->conn);
        return (0);
@ -88,9 +86,8 @@ int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *sad
    }
    if(dport == conn->conn.i_port && sport == conn->conn.r_port) {
-	if(!memcmp(saddr,&conn->conn.r_addr,sizeof(struct sockaddr_storage))
+      if(!memcmp(saddr, &conn->conn.r_addr, sizeof(struct sockaddr_storage)) &&
-	  && !memcmp(daddr,&conn->conn.i_addr,sizeof(struct sockaddr_storage)))
+         !memcmp(daddr, &conn->conn.i_addr, sizeof(struct sockaddr_storage))) {
 	{
        *directionp = DIR_R2I;
        *connp = &(conn->conn);
        return (0);
@ -101,9 +98,11 @@ int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *sad
  return (R_NOT_FOUND);
 }
-int tcp_create_conn(tcp_conn **connp,struct sockaddr_storage *i_addr,
+int tcp_create_conn(tcp_conn **connp,
-	u_short i_port, struct sockaddr_storage *r_addr, u_short r_port)
+                    struct sockaddr_storage *i_addr,
-  {
+                    u_short i_port,
                    struct sockaddr_storage *r_addr,
                    u_short r_port) {
  conn_struct *conn = 0;
  if(!(conn = (conn_struct *)malloc(sizeof(conn_struct))))
@ -127,13 +126,10 @@ int tcp_create_conn(tcp_conn **connp,struct sockaddr_storage *i_addr,
    first_conn->prev = conn;
  first_conn = conn;
  return (0);
 }
-int tcp_destroy_conn(conn)
+int tcp_destroy_conn(tcp_conn *conn) {
  tcp_conn *conn;
  {
  conn_struct *c = conn->backptr;
  /* Detach from the list */
@ -142,8 +138,7 @@ int tcp_destroy_conn(conn)
  }
  if(c->prev) {
    c->prev->next = c->next;
-    }
+  } else {
    else {
    first_conn = c->next;
  }
@ -161,7 +156,7 @@ int tcp_destroy_conn(conn)
  return (0);
 }
-int clean_old_conn() {
+int clean_old_conn(void) {
  conn_struct *conn;
  tcp_conn *tcpconn;
  struct timeval dt;
@ -184,7 +179,7 @@ int clean_old_conn() {
  return i;
 }
-int destroy_all_conn() {
+int destroy_all_conn(void) {
  int i = 0;
  while(first_conn) {
    i++;
@ -193,9 +188,7 @@ int destroy_all_conn() {
  return i;
 }
-int free_tcp_segment_queue(seg)
+int free_tcp_segment_queue(segment *seg) {
  segment *seg;
  {
  segment *tmp;
  while(seg) {
@ -208,17 +201,15 @@ int free_tcp_segment_queue(seg)
  return (0);
 }
-int copy_tcp_segment_queue(out,in)
+int copy_tcp_segment_queue(segment **out, segment *in) {
  segment **out;
  segment *in;
  {
  int r, _status;
  segment *base = 0;
  for(; in; in = in->next) {
    if(!(*out = (segment *)calloc(1, sizeof(segment))))
      ABORT(R_NO_MEMORY);
-      if(!base) base=*out;
+    if(!base)
      base = *out;
    if((r = packet_copy(in->p, &(*out)->p)))
      ABORT(r);
--- a/base/tcpconn.h
+++ b/base/tcpconn.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: tcpconn.h,v 1.4 2001/07/20 23:33:15 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 29 13:00:52 1998
 */
 #ifndef _tcpconn_h
 #define _tcpconn_h
@ -94,12 +94,16 @@ typedef struct tcp_conn_ {
 int tcp_find_conn PROTO_LIST((tcp_conn * *connp,
                              int *directionp,
-  struct sockaddr_storage *src_addr, u_short src_port,
+                              struct sockaddr_storage *src_addr,
-  struct sockaddr_storage *dst_addr, u_short dst_port));
+                              u_short src_port,
                              struct sockaddr_storage *dst_addr,
                              u_short dst_port));
 int tcp_create_conn PROTO_LIST((tcp_conn * *connp,
-  struct sockaddr_storage *initiator_addr, u_short initiator_port,
+                                struct sockaddr_storage *initiator_addr,
-  struct sockaddr_storage *responder_addr, u_short responder_port));
+                                u_short initiator_port,
                                struct sockaddr_storage *responder_addr,
                                u_short responder_port));
 int tcp_destroy_conn PROTO_LIST((tcp_conn * conn));
 int free_tcp_segment_queue PROTO_LIST((segment * seg));
@ -109,4 +113,3 @@ int clean_old_conn(void);
 int destroy_all_conn(void);
 #endif
--- a/base/tcppack.c
+++ b/base/tcppack.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Tue Dec 29 12:43:39 1998
 */
 #include "network.h"
 #ifndef _WIN32
 #include <sys/socket.h>
@ -63,19 +62,17 @@
 #include "tcpconn.h"
 #include "tcppack.h"
 static int process_data_segment PROTO_LIST((tcp_conn * conn,
-  proto_mod *handler,packet *p,stream_data *stream,int direction));
+                                            proto_mod *handler,
-static int new_connection PROTO_LIST((proto_mod *handler,proto_ctx *ctx,
+                                            packet *p,
-  packet *p,tcp_conn **connp));
+                                            stream_data *stream,
                                            int direction));
 static int new_connection PROTO_LIST(
    (proto_mod * handler, proto_ctx *ctx, packet *p, tcp_conn **connp));
 static int print_tcp_packet PROTO_LIST((packet * p));
 int STRIM PROTO_LIST((UINT4 _seq, segment *s));
-int process_tcp_packet(handler,ctx,p)
+int process_tcp_packet(proto_mod *handler, proto_ctx *ctx, packet *p) {
  proto_mod *handler;
  proto_ctx *ctx;
  packet *p;
  {
  int r, _status;
  int direction;
  stream_data *stream;
@ -89,12 +86,14 @@ int process_tcp_packet(handler,ctx,p)
  print_tcp_packet(p);
  if((r = tcp_find_conn(&conn, &direction, &p->i_addr.so_st,
-      ntohs(p->tcp->th_sport),&p->r_addr.so_st,ntohs(p->tcp->th_dport)))){
+                        ntohs(p->tcp->th_sport), &p->r_addr.so_st,
                        ntohs(p->tcp->th_dport)))) {
    if(r != R_NOT_FOUND)
      ABORT(r);
    if((p->tcp->th_flags & TH_SYN) != TH_SYN) {
-	DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq)));
+      DBG((0, "TCP: rejecting packet from unknown connection, seq: %u\n",
           ntohl(p->tcp->th_seq)));
      return (0);
    }
@ -124,8 +123,7 @@ int process_tcp_packet(handler,ctx,p)
        conn->state = TCP_STATE_ACK;
      }
      break;
-      case TCP_STATE_ACK:
+    case TCP_STATE_ACK: {
        {
      if(direction != DIR_I2R)
        break;
      DBG((0, "ACK seq: %u", ntohl(p->tcp->th_seq)));
@ -133,24 +131,20 @@ int process_tcp_packet(handler,ctx,p)
      if(!(NET_print_flags & NET_PRINT_JSON)) {
        if(NET_print_flags & NET_PRINT_TYPESET)
          printf("\\fC");
-          printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n",
+        printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n", conn->conn_number,
-            conn->conn_number,
+               conn->i_name, conn->i_port, conn->r_name, conn->r_port);
            conn->i_name,conn->i_port,
            conn->r_name,conn->r_port);
        if(NET_print_flags & NET_PRINT_TYPESET)
          printf("\\fR");
      }
      conn->state = TCP_STATE_ESTABLISHED;
    }
    case TCP_STATE_ESTABLISHED:
-      case TCP_STATE_FIN1:
+    case TCP_STATE_FIN1: {
 	{
      if(p->tcp->th_flags & TH_SYN)
        break;
      if((r = process_data_segment(conn, handler, p, stream, direction)))
        ABORT(r);
-	}
+    } break;
 	break;
    default:
      break;
  }
@ -158,19 +152,16 @@ int process_tcp_packet(handler,ctx,p)
  if(conn->state == TCP_STATE_CLOSED)
    tcp_destroy_conn(conn);
  _status = 0;
 abort:
  return (_status);
 }
-static int new_connection(handler,ctx,p,connp)
+static int new_connection(proto_mod *handler,
-  proto_mod *handler;
+                          proto_ctx *ctx,
-  proto_ctx *ctx;
+                          packet *p,
-  packet *p;
+                          tcp_conn **connp) {
  tcp_conn **connp;
  {
  int r, _status;
  tcp_conn *conn = 0;
@ -227,13 +218,11 @@ static int new_connection(handler,ctx,p,connp)
  }
 */
-static int process_data_segment(conn,handler,p,stream,direction)
+static int process_data_segment(tcp_conn *conn,
-  tcp_conn *conn;
+                                proto_mod *handler,
-  proto_mod *handler;
+                                packet *p,
-  packet *p;
+                                stream_data *stream,
-  stream_data *stream;
+                                int direction) {
  int direction;
  {
  int r, _status;
  tcp_seq seq, right_edge;
  segment _seg;
@ -243,7 +232,9 @@ static int process_data_segment(conn,handler,p,stream,direction)
  l = p->len - p->tcp->th_off * 4;
  if(l < 0) {
-	fprintf(stderr,"Malformed packet, computed TCP segment size is negative, skipping ...\n");
+    fprintf(stderr,
            "Malformed packet, computed TCP segment size is negative, skipping "
            "...\n");
    return (0);
  }
@ -263,7 +254,6 @@ static int process_data_segment(conn,handler,p,stream,direction)
  if(p->tcp->th_flags & TH_ACK) {
    long acknum, acked;
    acknum = ntohl(p->tcp->th_ack);
    acked = acknum - stream->ack;
@ -283,7 +273,6 @@ static int process_data_segment(conn,handler,p,stream,direction)
    stream->ack = acknum;
  }
  DBG((0, "Stream Seq %u ", stream->seq));
  /* Check to see if this packet has been processed already */
@ -310,16 +299,14 @@ static int process_data_segment(conn,handler,p,stream,direction)
    if(seg) {
      nseg->next = seg->next;
      seg->next = nseg;
-      }
+    } else {
      else{
      nseg->next = stream->oo_queue;
      stream->oo_queue = nseg;
    }
    left_edge = seg ? seg->s_seq : stream->seq;
    STRIM(left_edge, nseg);
-    }
+  } else {
    else{
    /*First segment -- just thread the unallocated data on the
     list so we can pass to the analyzer*/
    _seg.next = 0;
@ -335,15 +322,13 @@ static int process_data_segment(conn,handler,p,stream,direction)
      seg = &_seg;
      conn->state = TCP_STATE_CLOSED;
-      }
+    } else {
      else{
      STRIM(stream->seq, &_seg);
      if(_seg.p->tcp->th_flags & (TH_FIN)) {
        stream->close = _seg.p->tcp->th_flags & (TH_FIN);
        seg = &_seg;
-        }
+      } else {
        else {
        for(seg = &_seg; seg->next; seg = seg->next) {
          if(seg->p->tcp->th_flags & (TH_FIN)) {
            stream->close = _seg.p->tcp->th_flags & (TH_FIN);
@ -370,17 +355,22 @@ static int process_data_segment(conn,handler,p,stream,direction)
      seg->next = 0;
      stream->seq = seg->s_seq + seg->len;
-        DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
+      DBG((0, "Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq + seg->len,
-        if((r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))) {
+           seg->len));
-          DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
+      if((r = conn->analyzer->vtbl->data(conn->analyzer->obj, &_seg,
                                         direction))) {
        DBG((0, "ABORT due to segment: %u:%u(%u)", seg->s_seq,
             seg->s_seq + seg->len, seg->len));
        ABORT(r);
      }
    }
    if(stream->close) {
-        DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
+      DBG((0, "Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq,
           seg->len));
      if((r = conn->analyzer->vtbl->close(conn->analyzer->obj, p, direction))) {
-          DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
+        DBG((0, "ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq,
             seg->len));
        ABORT(r);
      }
    }
@ -393,9 +383,7 @@ static int process_data_segment(conn,handler,p,stream,direction)
  return (_status);
 }
-static int print_tcp_packet(p)
+static int print_tcp_packet(packet *p) {
  packet *p;
  {
  char *src = 0, *dst = 0;
  struct timeval *ts = &p->ts;
@ -408,17 +396,13 @@ static int print_tcp_packet(p)
  if(!(NET_print_flags & NET_PRINT_JSON)) {
    if(NET_print_flags & NET_PRINT_TS) {
-            printf("%lld%c%4.4lld ", (long long)ts->tv_sec,'.',(long long)ts->tv_usec/100);
+      printf("%lld%c%4.4lld ", (long long)ts->tv_sec, '.',
             (long long)ts->tv_usec / 100);
    }
-      printf("TCP: %s(%d) -> %s(%d) ",
+    printf("TCP: %s(%d) -> %s(%d) ", src, ntohs(p->tcp->th_sport), dst,
        src,
        ntohs(p->tcp->th_sport),
        dst,
           ntohs(p->tcp->th_dport));
-      printf("Seq %u.(%d) ",
+    printf("Seq %u.(%d) ", ntohl(p->tcp->th_seq), p->len - p->tcp->th_off * 4);
        ntohl(p->tcp->th_seq),
        p->len - p->tcp->th_off *4);
    if(p->tcp->th_flags & TH_ACK)
      printf("ACK %u ", ntohl(p->tcp->th_ack));
@ -441,10 +425,7 @@ static int print_tcp_packet(p)
  return (0);
 }
-int STRIM(_seq,s)
+int STRIM(UINT4 _seq, segment *s) {
  UINT4 _seq;
  segment *s;
  {
  int l;
  int off;
@ -457,7 +438,8 @@ int STRIM(_seq,s)
  l = _seq - (s)->s_seq; /* number of bytes to trim
                            from the left of s */
  off = (s)->p->tcp->th_off * 4;
-    if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA);
+  if(l > ((s)->p->len - off))
    ERETURN(R_BAD_DATA);
  /* Now remove the leading l bytes */
  (s)->data = (s)->p->data + off + (l);
@ -477,4 +459,3 @@ int STRIM(_seq,s)
  return (0);
 }
--- a/base/tcppack.h
+++ b/base/tcppack.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: tcppack.h,v 1.3 2001/07/20 23:33:15 ekr Exp $
@ -43,12 +44,9 @@
   ekr@rtfm.com  Wed Jan  6 15:08:30 1999
 */
 #ifndef _tcppack_h
 #define _tcppack_h
-int process_tcp_packet PROTO_LIST((proto_mod *mod,proto_ctx *ctx,
+int process_tcp_packet PROTO_LIST((proto_mod * mod, proto_ctx *ctx, packet *p));
  packet *p));
 #endif
--- a/common/include/r_assoc.h
+++ b/common/include/r_assoc.h
@ -39,7 +39,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_assoc.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -47,21 +48,24 @@
   ekr@rtfm.com  Sun Jan 17 17:57:18 1999
 */
 #ifndef _r_assoc_h
 #define _r_assoc_h
 typedef struct r_assoc_ r_assoc;
 int r_assoc_create PROTO_LIST((r_assoc * *assocp));
-int r_assoc_insert PROTO_LIST((r_assoc *assoc,char *key,int len,
+int r_assoc_insert PROTO_LIST((r_assoc * assoc,
-  void *value,int (*copy)(void **new,void *old),
+                               char *key,
-  int (*destroy)(void *ptr),int how));
+                               int len,
                               void *value,
                               int (*copy)(void **new, void *old),
                               int (*destroy)(void *ptr),
                               int how));
 #define R_ASSOC_REPLACE 0x1
 #define R_ASSOC_NEW 0x2
-int r_assoc_fetch PROTO_LIST((r_assoc *assoc,char *key, int len,
+int r_assoc_fetch
-  void **value));
+    PROTO_LIST((r_assoc * assoc, char *key, int len, void **value));
 int r_assoc_copy PROTO_LIST((r_assoc * *new, r_assoc *old));
 int r_assoc_destroy PROTO_LIST((r_assoc * *assocp));
@ -75,9 +79,8 @@ typedef struct r_assoc_iterator_ {
 } r_assoc_iterator;
 int r_assoc_init_iter PROTO_LIST((r_assoc * assoc, r_assoc_iterator *));
-int r_assoc_iter PROTO_LIST((r_assoc_iterator *iter,void **key,int *keyl,
+int r_assoc_iter
-  void **val));
+    PROTO_LIST((r_assoc_iterator * iter, void **key, int *keyl, void **val));
 int r_assoc_iter_delete PROTO_LIST((r_assoc_iterator *));
 #endif
--- a/common/include/r_bitfield.h
+++ b/common/include/r_bitfield.h
@ -7,7 +7,6 @@
   ekr@rtfm.com  Wed Oct  3 10:43:50 2001
 */
 #ifndef _r_bitfield_h
 #define _r_bitfield_h
@ -23,4 +22,3 @@ int r_bitfield_create PROTO_LIST((r_bitfield **setp,UINT4 size));
 int r_bitfield_destroy PROTO_LIST((r_bitfield * *setp));
 #endif
--- a/common/include/r_common.h
+++ b/common/include/r_common.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_common.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 10:40:07 1998
 */
 #ifndef _r_common_h
 #define _r_common_h
@ -67,4 +67,3 @@ char *strdup PROTO_LIST((char *in));
 #endif
 #endif
--- a/common/include/r_data.h
+++ b/common/include/r_data.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_data.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Wed Feb 10 14:18:19 1999
 */
 #ifndef _r_data_h
 #define _r_data_h
@ -60,9 +60,14 @@ int r_data_copy PROTO_LIST((Data *dst,Data *src));
 int r_data_zfree PROTO_LIST((Data * d));
 int r_data_compare PROTO_LIST((Data * d1, Data *d2));
-#define INIT_DATA(a,b,c) (a).data=b; (a).len=c
+#define INIT_DATA(a, b, c) \
-#define ATTACH_DATA(a,b) (a).data=b; (a).len=sizeof(b)
+  (a).data = b;            \
-#define ZERO_DATA(a) (a).data=0; (a).len=0
+  (a).len = c
 #define ATTACH_DATA(a, b) \
  (a).data = b;           \
  (a).len = sizeof(b)
 #define ZERO_DATA(a) \
  (a).data = 0;      \
  (a).len = 0
 #endif
--- a/common/include/r_defaults.h
+++ b/common/include/r_defaults.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_defaults.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 10:39:14 1998
 */
 #ifndef _r_defaults_h
 #define _r_defaults_h
@ -51,9 +51,7 @@
 #define R_USE_PROTOTYPES 1
 #endif
 /*The needs defines don't belong here*/
 #define R_NEEDS_STDLIB_H
 #endif
--- a/common/include/r_errors.h
+++ b/common/include/r_errors.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_errors.h,v 1.3 2002/01/21 17:36:51 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 10:59:49 1998
 */
 #ifndef _r_errors_h
 #define _r_errors_h
@ -59,4 +59,3 @@
 int verr_exit PROTO_LIST((char *fmt, ...));
 #endif
--- a/common/include/r_includes.h
+++ b/common/include/r_includes.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_includes.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 11:38:50 1998
 */
 #ifndef _r_includes_h
 #define _r_includes_h
@ -59,4 +59,3 @@
 #include <string.h>
 #endif
--- a/common/include/r_list.h
+++ b/common/include/r_list.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_list.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Jan 19 08:36:48 1999
 */
 #ifndef _r_list_h
 #define _r_list_h
@ -57,10 +57,12 @@ typedef struct r_list_iterator_ {
 int r_list_create PROTO_LIST((r_list * *listp));
 int r_list_destroy PROTO_LIST((r_list * *listp));
 int r_list_copy PROTO_LIST((r_list * *out, r_list *in));
-int r_list_insert PROTO_LIST((r_list *list,void *value,
+int r_list_insert PROTO_LIST((r_list * list,
                              void *value,
                              int (*copy)(void **new, void *old),
                              int (*destroy)(void **ptr)));
-int r_list_append PROTO_LIST((r_list *list,void *value,
+int r_list_append PROTO_LIST((r_list * list,
                              void *value,
                              int (*copy)(void **new, void *old),
                              int (*destroy)(void **ptr)));
 int r_list_init_iter PROTO_LIST((r_list * list, r_list_iterator *iter));
--- a/common/include/r_macros.h
+++ b/common/include/r_macros.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_macros.h,v 1.4 2001/11/20 17:45:18 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 10:37:32 1998
 */
 #ifndef _r_macros_h
 #define _r_macros_h
@ -58,22 +58,40 @@
 #endif
 #ifdef R_TRACE_ERRORS
-#define REPORT_ERROR_(caller,a) fprintf(stderr,"%s: error %d at %s:%d (function %s)\n", \
+#define REPORT_ERROR_(caller, a)                                      \
-	caller,a,__FILE__,__LINE__,__FUNCTION__)
+  fprintf(stderr, "%s: error %d at %s:%d (function %s)\n", caller, a, \
          __FILE__, __LINE__, __FUNCTION__)
 #else
 #define REPORT_ERROR_(caller, a)
 #endif
 #ifndef ERETURN
-#define ERETURN(a) do {int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ERETURN",_r); return(_r);} while(0)
+#define ERETURN(a)                \
  do {                            \
    int _r = a;                   \
    if(!_r)                       \
      _r = -1;                    \
    REPORT_ERROR_("ERETURN", _r); \
    return (_r);                  \
  } while(0)
 #endif
 #ifndef ABORT
-#define ABORT(a) do { int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ABORT",_r); _status=_r; goto abort;} while(0)
+#define ABORT(a)                \
  do {                          \
    int _r = a;                 \
    if(!_r)                     \
      _r = -1;                  \
    REPORT_ERROR_("ABORT", _r); \
    _status = _r;               \
    goto abort;                 \
  } while(0)
 #endif
 #ifndef FREE
-#define FREE(a) if(a) free(a)
+#define FREE(a) \
  if(a)         \
  free(a)
 #endif
 #ifndef MIN
 #define MIN(a, b) (((a) > (b)) ? (b) : (a))
@ -99,14 +117,20 @@ int debug(int class,char *format,...);
 #endif
 #ifndef RFREE
-#define RFREE(a) if(a) free(a)
+#define RFREE(a) \
  if(a)          \
  free(a)
 #endif
 #ifndef RREALLOC
 #define RREALLOC(a, b) realloc(a, b)
 #endif
-#define UNIMPLEMENTED do { fprintf(stderr,"Function %s unimplemented\n",__FUNCTION__); abort(); } while(0)
+#define UNIMPLEMENTED                                             \
  do {                                                            \
    fprintf(stderr, "Function %s unimplemented\n", __FUNCTION__); \
    abort();                                                      \
  } while(0)
 #ifdef STDC_HEADERS
 #include <string.h>
--- a/common/include/r_thread.h
+++ b/common/include/r_thread.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_thread.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,15 +44,13 @@
   ekr@rtfm.com  Tue Feb 23 14:58:36 1999
 */
 #ifndef _r_thread_h
 #define _r_thread_h
 typedef void *r_thread;
 typedef void *r_rwlock;
-int r_thread_fork PROTO_LIST((void (*func)(void *),void *arg,
+int r_thread_fork PROTO_LIST((void (*func)(void *), void *arg, r_thread *tid));
  r_thread *tid));
 int r_thread_destroy PROTO_LIST((r_thread tid));
 int r_thread_yield PROTO_LIST((void));
 int r_thread_exit PROTO_LIST((void));
@ -66,4 +65,3 @@ int r_rwlock_lock PROTO_LIST((r_rwlock *lock,int action));
 #define R_RWLOCK_WLOCK 2
 #endif
--- a/common/include/r_time.h
+++ b/common/include/r_time.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_time.h,v 1.4 2001/12/24 06:06:26 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Thu Mar  4 08:45:41 1999
 */
 #ifndef _r_time_h
 #define _r_time_h
@ -67,13 +67,14 @@
 #endif
 #endif
-int r_timeval_diff PROTO_LIST((struct timeval *t1,struct timeval *t0,
+int r_timeval_diff PROTO_LIST((struct timeval * t1,
                               struct timeval *t0,
                               struct timeval *diff));
-int r_timeval_add PROTO_LIST((struct timeval *t1,struct timeval *t2,
+int r_timeval_add PROTO_LIST((struct timeval * t1,
                              struct timeval *t2,
                              struct timeval *sum));
 UINT8 r_timeval2int PROTO_LIST((struct timeval * tv));
 UINT8 r_gettimeint PROTO_LIST((void));
 #endif
--- a/common/include/r_types.h
+++ b/common/include/r_types.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_types.h,v 1.3 2002/09/09 21:02:58 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Dec 22 10:36:02 1998
 */
 #ifndef _r_types_h
 #define _r_types_h
@ -92,4 +92,3 @@ typedef unsigned char UCHAR;
 #endif
 #endif
--- a/common/lib/assoc.h
+++ b/common/lib/assoc.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: assoc.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,11 +44,9 @@
   ekr@rtfm.com  Sun Jan 17 17:56:35 1999
 */
 #ifndef _assoc_h
 #define _assoc_h
 typedef struct assoc_ assoc;
 #endif
--- a/common/lib/debug.c
+++ b/common/lib/debug.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -43,16 +44,12 @@
   ekr@rtfm.com  Wed Jan  6 17:08:58 1999
 */
 #include <stdarg.h>
 #include <stdio.h>
 #include "r_common.h"
 #include "debug.h"
-int debug(int class,char *format,...)
+int debug(int class, char *format, ...) {
  {
  va_list ap;
  va_start(ap, format);
@ -62,18 +59,13 @@ int debug(int class,char *format,...)
  return (0);
 }
-int xdump(name,data,len)
+int xdump(char *name, UCHAR *data, int len) {
  char *name;
  UCHAR *data;
  int len;
  {
  int i;
  if(name) {
    printf("%s[%d]=\n", name, len);
  }
  for(i = 0; i < len; i++) {
    if((len > 8) && i && !(i % 12)) {
      printf("\n");
    }
@ -83,9 +75,3 @@ int xdump(name,data,len)
    printf("\n");
  return (0);
 }
--- a/common/lib/debug.h
+++ b/common/lib/debug.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: debug.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Wed Jan  6 17:13:00 1999
 */
 #ifndef _debug_h
 #define _debug_h
@ -54,8 +54,6 @@
 #endif
 int debug(int class, char *format, ...);
-int xdump PROTO_LIST((char *name,UCHAR *data,
+int xdump PROTO_LIST((char *name, UCHAR *data, int len));
  int len));
 #endif
--- a/common/lib/r_assoc.c
+++ b/common/lib/r_assoc.c
@ -46,7 +46,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $
@ -54,7 +55,6 @@
   ekr@rtfm.com  Sun Jan 17 17:57:15 1999
 */
 #include <r_common.h>
 #include "r_assoc.h"
@ -77,15 +77,12 @@ struct r_assoc_ {
 #define DEFAULT_TABLE_BITS 5
 static int destroy_assoc_chain PROTO_LIST((r_assoc_el * chain));
-static int r_assoc_fetch_bucket PROTO_LIST((r_assoc *assoc,
+static int r_assoc_fetch_bucket
-  char *key,int len,r_assoc_el **bucketp));
+    PROTO_LIST((r_assoc * assoc, char *key, int len, r_assoc_el **bucketp));
 UINT4 hash_compute PROTO_LIST((char *key, int len, int size));
-static int copy_assoc_chain PROTO_LIST((r_assoc_el **newp,
+static int copy_assoc_chain PROTO_LIST((r_assoc_el * *newp, r_assoc_el *old));
  r_assoc_el *old));
-int r_assoc_create(assocp)
+int r_assoc_create(r_assoc **assocp) {
  r_assoc **assocp;
  {
  r_assoc *assoc = 0;
  int _status;
@ -94,8 +91,8 @@ int r_assoc_create(assocp)
  assoc->size = (1 << DEFAULT_TABLE_BITS);
  assoc->bits = DEFAULT_TABLE_BITS;
-    if(!(assoc->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el *),
+  if(!(assoc->chains =
-      assoc->size)))
+           (r_assoc_el **)calloc(sizeof(r_assoc_el *), assoc->size)))
    ABORT(R_NO_MEMORY);
  *assocp = assoc;
@ -108,9 +105,7 @@ int r_assoc_create(assocp)
  return (_status);
 }
-int r_assoc_destroy(assocp)
+int r_assoc_destroy(r_assoc **assocp) {
  r_assoc **assocp;
  {
  r_assoc *assoc;
  int i;
@ -127,9 +122,7 @@ int r_assoc_destroy(assocp)
  return (0);
 }
-static int destroy_assoc_chain(chain)
+static int destroy_assoc_chain(r_assoc_el *chain) {
  r_assoc_el *chain;
  {
  r_assoc_el *nxt;
  while(chain) {
@ -147,10 +140,7 @@ static int destroy_assoc_chain(chain)
  return (0);
 }
-static int copy_assoc_chain(newp,old)
+static int copy_assoc_chain(r_assoc_el **newp, r_assoc_el *old) {
  r_assoc_el **newp;
  r_assoc_el *old;
  {
  r_assoc_el *new = 0, *ptr, *tmp;
  int r, _status;
@ -165,8 +155,7 @@ static int copy_assoc_chain(newp,old)
    if(!new) {
      new = tmp;
      ptr = new;
-      }
+    } else {
      else{
      ptr->next = tmp;
      tmp->prev = ptr;
      ptr = tmp;
@ -178,8 +167,7 @@ static int copy_assoc_chain(newp,old)
    if(old->copy) {
      if((r = old->copy(&ptr->data, old->data)))
        ABORT(r);
-      }
+    } else
      else
      ptr->data = old->data;
    if(!(ptr->key = (char *)malloc(old->key_len)))
@ -197,12 +185,10 @@ static int copy_assoc_chain(newp,old)
  return (_status);
 }
-static int r_assoc_fetch_bucket(assoc,key,len,bucketp)
+static int r_assoc_fetch_bucket(r_assoc *assoc,
-  r_assoc *assoc;
+                                char *key,
-  char *key;
+                                int len,
-  int len;
+                                r_assoc_el **bucketp) {
  r_assoc_el **bucketp;
  {
  UINT4 hash_value;
  r_assoc_el *bucket;
@ -218,12 +204,7 @@ static int r_assoc_fetch_bucket(assoc,key,len,bucketp)
  return (R_NOT_FOUND);
 }
-int r_assoc_fetch(assoc,key,len,datap)
+int r_assoc_fetch(r_assoc *assoc, char *key, int len, void **datap) {
  r_assoc *assoc;
  char *key;
  int len;
  void **datap;
  {
  r_assoc_el *bucket;
  int r;
@ -237,15 +218,13 @@ int r_assoc_fetch(assoc,key,len,datap)
  return (0);
 }
-int r_assoc_insert(assoc,key,len,data,copy,destroy,how)
+int r_assoc_insert(r_assoc *assoc,
-  r_assoc *assoc;
+                   char *key,
-  char *key;
+                   int len,
-  int len;
+                   void *data,
-  void *data;
+                   int(*copy) PROTO_LIST((void **new, void *old)),
-  int (*copy) PROTO_LIST((void **new,void *old));
+                   int(*destroy) PROTO_LIST((void *ptr)),
-  int (*destroy) PROTO_LIST((void *ptr));
+                   int how) {
  int how;
  {
  r_assoc_el *bucket, *new_bucket = 0;
  int r, _status;
@ -270,8 +249,7 @@ int r_assoc_insert(assoc,key,len,data,copy,destroy,how)
    new_bucket->next = assoc->chains[hash_value];
    assoc->chains[hash_value] = new_bucket;
    bucket = new_bucket;
-    }
+  } else {
    else{
    if(!(how & R_ASSOC_REPLACE))
      ABORT(R_ALREADY);
@ -292,10 +270,7 @@ int r_assoc_insert(assoc,key,len,data,copy,destroy,how)
  return (_status);
 }
-int r_assoc_copy(newp,old)
+int r_assoc_copy(r_assoc **newp, r_assoc *old) {
  r_assoc **newp;
  r_assoc *old;
  {
  int r, _status, i;
  r_assoc *new;
@ -320,10 +295,7 @@ int r_assoc_copy(newp,old)
  return (_status);
 }
-int r_assoc_init_iter(assoc,iter)
+int r_assoc_init_iter(r_assoc *assoc, r_assoc_iterator *iter) {
  r_assoc *assoc;
  r_assoc_iterator *iter;
  {
  int i;
  iter->assoc = assoc;
@ -344,12 +316,7 @@ int r_assoc_init_iter(assoc,iter)
  return (0);
 }
-int r_assoc_iter(iter,key,keyl,val)
+int r_assoc_iter(r_assoc_iterator *iter, void **key, int *keyl, void **val) {
  r_assoc_iterator *iter;
  void **key;
  int *keyl;
  void **val;
  {
  int i;
  r_assoc_el *ret;
@ -368,8 +335,7 @@ int r_assoc_iter(iter,key,keyl,val)
  /* More on this chain */
  if(iter->next->next) {
    iter->next = iter->next->next;
-    }
+  } else {
    else{
    iter->next = 0;
    /* FInd the next occupied chain*/
@ -386,15 +352,12 @@ int r_assoc_iter(iter,key,keyl,val)
 }
 /* Delete the last returned value*/
-int r_assoc_iter_delete(iter)
+int r_assoc_iter_delete(r_assoc_iterator *iter) {
  r_assoc_iterator *iter;
  {
  /* First unhook it from the list*/
  if(!iter->prev->prev) {
    /* First element*/
    iter->assoc->chains[iter->prev_chain] = iter->prev->next;
-    }
+  } else {
    else{
    iter->prev->prev->next = iter->prev->next;
  }
@ -408,14 +371,10 @@ int r_assoc_iter_delete(iter)
  return (0);
 }
 /*This is a hack from AMS. Supposedly, it's pretty good for strings, even
 though it doesn't take into account all the data*/
-UINT4 hash_compute(key,len,bits)
+UINT4
-  char *key;
+hash_compute(char *key, int len, int bits) {
  int len;
  int bits;
  {
  UINT4 h = 0;
  h = key[0] + (key[len - 1] * len);
@ -424,4 +383,3 @@ UINT4 hash_compute(key,len,bits)
  return (h);
 }
--- a/common/lib/r_assoc_test.c
+++ b/common/lib/r_assoc_test.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,13 +44,10 @@
   ekr@rtfm.com  Sun Jan 17 21:09:22 1999
 */
 #include <r_common.h>
 #include <r_assoc.h>
-int main()
+int main(void) {
  {
  char test_vector[1024], *v;
  int rnd, ct, r;
  r_assoc *assoc, *new_assoc;
@ -68,7 +66,6 @@ int main()
    v[2] = (ct >> 16) & 255;
    v[3] = (ct >> 24) & 255;
    if(r = r_assoc_insert(assoc, v, 4, v, 0, 0, R_ASSOC_REPLACE)) {
      fprintf(stderr, "Couldn't insert %d\n", ct);
      exit(1);
@ -94,9 +91,7 @@ int main()
  exit(0);
 }
-int fetch_test(assoc)
+int fetch_test(r_assoc *assoc) {
  r_assoc *assoc;
  {
  int ct;
  char vec[4], *v;
  int r, _status, rnd;
@ -112,15 +107,12 @@ int fetch_test(assoc)
    vec[3] = (rnd >> 24) & 255;
    if(r = r_assoc_fetch(assoc, vec, 4, (void **)&v)) {
      if(rnd < 256) {
        fprintf(stderr, "Couldn't fetch\n");
        exit(1);
-	}
+      } else
 	else
        continue;
-      }
+    } else {
      else{
      if(rnd > 255) {
        fprintf(stderr, "Spurious fetch\n");
        exit(1);
--- a/common/lib/r_bitfield.c
+++ b/common/lib/r_bitfield.c
@ -7,15 +7,10 @@
   ekr@rtfm.com  Wed Oct  3 11:15:23 2001
 */
 #include <r_common.h>
 #include "r_bitfield.h"
-int r_bitfield_create(setp,size)
+int r_bitfield_create(r_bitfield **setp, UINT4 size) {
  r_bitfield **setp;
  UINT4 size;
  {
  r_bitfield *set = 0;
  int _status;
  int num_words = size / 32 + !!(size % 32);
@ -40,9 +35,7 @@ int r_bitfield_create(setp,size)
  return (_status);
 }
-int r_bitfield_destroy(setp)
+int r_bitfield_destroy(r_bitfield **setp) {
  r_bitfield **setp;
  {
  r_bitfield *set;
  if(!setp || !*setp)
@ -57,10 +50,7 @@ int r_bitfield_destroy(setp)
  return (0);
 }
-int r_bitfield_set(set,bit)
+int r_bitfield_set(r_bitfield *set, int bit) {
  r_bitfield *set;
  int bit;
  {
  int word = (bit - set->base) / 32;
  int bbit = (bit - set->base) % 32;
  int _status;
@ -90,10 +80,7 @@ int r_bitfield_set(set,bit)
  return (_status);
 }
-int r_bitfield_isset(set,bit)
+int r_bitfield_isset(r_bitfield *set, int bit) {
  r_bitfield *set;
  int bit;
  {
  int word = (bit - set->base) / 32;
  int bbit = (bit - set->base) % 32;
  int _status;
--- a/common/lib/r_data.c
+++ b/common/lib/r_data.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $
@ -43,16 +44,10 @@
   ekr@rtfm.com  Tue Aug 17 15:39:50 1999
 */
 #include <r_common.h>
 #include <r_data.h>
-int r_data_create(dp,d,l)
+int r_data_create(Data **dp, UCHAR *d, int l) {
  Data **dp;
  UCHAR *d;
  int l;
  {
  Data *d_ = 0;
  int _status;
@ -74,10 +69,7 @@ int r_data_create(dp,d,l)
  return (_status);
 }
-int r_data_alloc(dp,l)
+int r_data_alloc(Data **dp, int l) {
  Data **dp;
  int l;
  {
  Data *d_ = 0;
  int _status;
@ -97,11 +89,7 @@ int r_data_alloc(dp,l)
  return (_status);
 }
-int r_data_make(dp,d,l)
+int r_data_make(Data *dp, UCHAR *d, int l) {
  Data *dp;
  UCHAR *d;
  int l;
  {
  if(!(dp->data = (UCHAR *)malloc(l)))
    ERETURN(R_NO_MEMORY);
@ -111,9 +99,7 @@ int r_data_make(dp,d,l)
  return (0);
 }
-int r_data_destroy(dp)
+int r_data_destroy(Data **dp) {
  Data **dp;
  {
  if(!dp || !*dp)
    return (0);
@ -126,19 +112,14 @@ int r_data_destroy(dp)
  return (0);
 }
-int r_data_copy(dst,src)
+int r_data_copy(Data *dst, Data *src) {
  Data *dst;
  Data *src;
  {
  if(!(dst->data = (UCHAR *)malloc(src->len)))
    ERETURN(R_NO_MEMORY);
  memcpy(dst->data, src->data, dst->len = src->len);
  return (0);
 }
-int r_data_zfree(d)
+int r_data_zfree(Data *d) {
  Data *d;
  {
  if(!d)
    return (0);
  if(!d->data)
@ -148,14 +129,10 @@ int r_data_zfree(d)
  return (0);
 }
-int r_data_compare(d1,d2)
+int r_data_compare(Data *d1, Data *d2) {
  Data *d1;
  Data *d2;
  {
  if(d1->len < d2->len)
    return (-1);
  if(d2->len < d1->len)
    return (-1);
  return (memcmp(d1->data, d2->data, d1->len));
 }
--- a/common/lib/r_data.h
+++ b/common/lib/r_data.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_data.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,10 +44,7 @@
   ekr@rtfm.com  Fri Feb  4 08:58:48 2000
 */
 #ifndef _r_data_h
 #define _r_data_h
 #endif
--- a/common/lib/r_errors.c
+++ b/common/lib/r_errors.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $
@ -43,15 +44,12 @@
   ekr@rtfm.com  Tue Feb 16 16:37:05 1999
 */
 #include <stdio.h>
 #include <stdarg.h>
 #include "r_common.h"
 #include "r_errors.h"
-int verr_exit(char *fmt,...)
+int verr_exit(char *fmt, ...) {
  {
  va_list ap;
  va_start(ap, fmt);
--- a/common/lib/r_list.c
+++ b/common/lib/r_list.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Tue Jan 19 08:36:39 1999
 */
 #include <r_common.h>
 #include "r_list.h"
@ -61,9 +60,7 @@ struct r_list_ {
  struct r_list_el_ *last;
 };
-int r_list_create(listp)
+int r_list_create(r_list **listp) {
  r_list **listp;
  {
  r_list *list = 0;
  int _status;
@ -79,9 +76,7 @@ int r_list_create(listp)
  return (_status);
 }
-int r_list_destroy(listp)
+int r_list_destroy(r_list **listp) {
  r_list **listp;
  {
  r_list *list;
  r_list_el *el;
@ -107,10 +102,7 @@ int r_list_destroy(listp)
  return (0);
 }
-int r_list_copy(outp,in)
+int r_list_copy(r_list **outp, r_list *in) {
  r_list**outp;
  r_list *in;
  {
  r_list *out = 0;
  r_list_el *el, *el2, *last = 0;
  int r, _status;
@ -149,8 +141,7 @@ int r_list_copy(outp,in)
  return (_status);
 }
-int r_list_insert(list,value,copy,destroy)
+int r_list_insert(list, value, copy, destroy) r_list *list;
  r_list *list;
 void *value;
 int(*copy) PROTO_LIST((void **out, void *in));
 int(*destroy) PROTO_LIST((void **val));
@ -176,8 +167,7 @@ int r_list_insert(list,value,copy,destroy)
  return (_status);
 }
-int r_list_append(list,value,copy,destroy)
+int r_list_append(list, value, copy, destroy) r_list *list;
  r_list *list;
 void *value;
 int(*copy) PROTO_LIST((void **out, void *in));
 int(*destroy) PROTO_LIST((void **val));
@ -194,8 +184,10 @@ int r_list_append(list,value,copy,destroy)
  el->prev = list->last;
  el->next = 0;
-    if(list->last) list->last->next=el;
+  if(list->last)
-    else list->first=el;
+    list->last->next = el;
  else
    list->first = el;
  list->last = el;
@ -204,20 +196,14 @@ int r_list_append(list,value,copy,destroy)
  return (_status);
 }
-int r_list_init_iter(list,iter)
+int r_list_init_iter(r_list *list, r_list_iterator *iter) {
  r_list *list;
  r_list_iterator *iter;
  {
  iter->list = list;
  iter->ptr = list->first;
  return (0);
 }
-int r_list_iter(iter,val)
+int r_list_iter(r_list_iterator *iter, void **val) {
  r_list_iterator *iter;
  void **val;
  {
  if(!iter->ptr)
    return (R_EOD);
@ -226,8 +212,3 @@ int r_list_iter(iter,val)
  return (0);
 }
--- a/common/lib/r_replace.c
+++ b/common/lib/r_replace.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,15 +44,11 @@
   ekr@rtfm.com  Sun Oct  1 11:18:49 2000
 */
 #include "r_common.h"
 #ifndef HAVE_STRDUP
-char *strdup(str)
+char *strdup(char *str) {
  char *str;
  {
  int len = strlen(str);
  char *n;
@ -63,4 +60,3 @@ char *strdup(str)
  return (n);
 }
 #endif
--- a/common/lib/r_time.c
+++ b/common/lib/r_time.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Thu Mar  4 08:43:46 1999
 */
 #include <r_common.h>
 #include <r_time.h>
@ -52,8 +51,7 @@
 #include <windows.h>
-int gettimeofday(struct timeval *tv, struct timezone *tzp)
+int gettimeofday(struct timeval *tv, struct timezone *tzp) {
 {
  /* JAN1_1970_OFFSET is the number of 100-nanoseconds ticks
     between midnight jan 1, 1970 and jan 1, 1601.
  */
@ -84,11 +82,9 @@ int gettimeofday(struct timeval *tv, struct timezone *tzp)
 }
 #endif
 /*Note that t1 must be > t0 */
-int r_timeval_diff(t1,t0,diff)
+int r_timeval_diff(struct timeval *t1,
-  struct timeval *t1;
+                   struct timeval *t0,
-  struct timeval *t0;
+                   struct timeval *diff) {
  struct timeval *diff;
  {
  long d;
  if(t0->tv_sec > t1->tv_sec)
@ -111,11 +107,7 @@ int r_timeval_diff(t1,t0,diff)
  return (0);
 }
-int r_timeval_add(t1,t2,sum)
+int r_timeval_add(struct timeval *t1, struct timeval *t2, struct timeval *sum) {
  struct timeval *t1;
  struct timeval *t2;
  struct timeval *sum;
  {
  long tv_sec, tv_usec, d;
  tv_sec = t1->tv_sec + t2->tv_sec;
@ -124,8 +116,7 @@ int r_timeval_add(t1,t2,sum)
  if(d > 1000000) {
    tv_sec++;
    tv_usec = d - 1000000;
-    }
+  } else {
    else{
    tv_usec = d;
  }
@ -135,9 +126,8 @@ int r_timeval_add(t1,t2,sum)
  return (0);
 }
-UINT8 r_timeval2int(tv)
+UINT8
-  struct timeval *tv;
+r_timeval2int(struct timeval *tv) {
  {
  UINT8 r = 0;
  r = (tv->tv_sec);
@ -147,8 +137,8 @@ UINT8 r_timeval2int(tv)
  return r;
 }
-UINT8 r_gettimeint()
+UINT8
-  {
+r_gettimeint(void) {
  struct timeval tv;
  gettimeofday(&tv, 0);
--- a/common/lib/threads/pthreads/pthread.c
+++ b/common/lib/threads/pthreads/pthread.c
@ -7,8 +7,6 @@
   ekr@rtfm.com  Tue Feb 23 15:08:03 1999
 */
 #include <r_common.h>
 #include <r_thread.h>
 #include <pthread.h>
@ -20,12 +18,9 @@ typedef struct {
  void *arg;
 } helper;
 static void *r_thread_real_create PROTO_LIST((void *arg));
-static void *r_thread_real_create(arg)
+static void *r_thread_real_create(void *arg) {
  void *arg;
  {
  helper *h;
  h = (helper *)arg;
@ -39,8 +34,7 @@ static void *r_thread_real_create(arg)
  return (0);
 }
-int r_thread_fork(func,arg,id)
+int r_thread_fork(func, arg, id) void(*func) PROTO_LIST((void *));
  void (*func) PROTO_LIST((void *));
 void *arg;
 r_thread *id;
 {
@ -61,20 +55,17 @@ int r_thread_fork(func,arg,id)
  return (_status);
 }
-int r_thread_yield()
+int r_thread_yield(void) {
  {
  pthread_yield();
 }
-int r_thread_exit()
+int r_thread_exit(void) {
  {
  thread_count--;
  pthread_exit(0);
  return (0);
 }
-int r_thread_wait_last()
+int r_thread_wait_last(void) {
  {
  do {
    pthread_yield();
    usleep(10000);
@ -84,9 +75,7 @@ int r_thread_wait_last()
  return (0);
 }
-int r_rwlock_create(lockp)
+int r_rwlock_create(r_rwlock **lockp) {
  r_rwlock **lockp;
  {
  pthread_rwlock_t *lock;
  int r;
@ -100,9 +89,7 @@ int r_rwlock_create(lockp)
  return (0);
 }
-int r_rwlock_destroy(lock)
+int r_rwlock_destroy(r_rwlock **lock) {
  r_rwlock **lock;
  {
  pthread_rwlock_t *plock;
  if(!lock || !*lock)
@ -115,10 +102,7 @@ int r_rwlock_destroy(lock)
  return (0);
 }
-int r_rwlock_lock(lock,action)
+int r_rwlock_lock(r_rwlock *lock, int action) {
  r_rwlock *lock;
  int action;
  {
  pthread_rwlock_t *plock;
  int r, _status;
@ -145,6 +129,3 @@ int r_rwlock_lock(lock,action)
 abort:
  return (_status);
 }
--- a/docker/README.md
+++ b/docker/README.md
@ -0,0 +1,30 @@
 # Docker instructions
 *Note: Dockerfiles are only provided for Debian-like distributions so far.*
 ## Configure image building:
 Uncomment the distribution reference you want to use, in top section in
 `debian-distros/Dockerfile`.
 ## Build the image:
 `cd debian-distros`
 `./docker_build.sh`
 ## Run the container, and start ssldump inside the container:
 `./docker_run.sh`
 `(in container) sudo ssldump -n -i eth0 -j -AH`
 ## Mirror traffic to container
 Outside of the container, adjust local interface name and container IP address
 in `mirror_traffic_to_container.sh`.
 Then mirror local traffic to ssldump container:
 `./mirror_traffic_to_container.sh`
--- a/docker/debian-bullseye/Dockerfile
+++ b/docker/debian-bullseye/Dockerfile
@ -1,28 +0,0 @@
 FROM debian:bullseye-slim
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CC=/usr/bin/clang CFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Werror=format-security -g" && \
 	make && \
 	sudo make install
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/debian-bullseye/docker_build.sh
+++ b/docker/debian-bullseye/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-bullseye
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/debian-bullseye/docker_run.sh
+++ b/docker/debian-bullseye/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-bullseye
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/debian-buster/docker_build.sh
+++ b/docker/debian-buster/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-buster
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/debian-buster/docker_run.sh
+++ b/docker/debian-buster/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-buster
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/debian-distros/Dockerfile
+++ b/docker/debian-distros/Dockerfile
@ -1,11 +1,16 @@
-FROM debian:buster-slim
+#FROM debian:bookworm-slim
 #FROM debian:bullseye-slim
 #FROM debian:buster-slim
 FROM ubuntu:jammy
 #FROM ubuntu:focal
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
-    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
+    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential cmake ninja-build clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
@ -15,13 +20,12 @@ RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
-	git clone https://github.com/adulau/ssldump.git build
+    git clone https://github.com/adulau/ssldump.git ssldump-build
-RUN cd /home/ssldump/build && \
+RUN cd /home/ssldump/ssldump-build && \
-	./autogen.sh && \
+    cmake -G Ninja -B build && \
-	./configure CC=/usr/bin/clang && \
+    ninja -C build && \
-	make && \
+    sudo ninja -C build install
 	sudo make install
 WORKDIR "/home/ssldump"
--- a/docker/debian-distros/docker_build.sh
+++ b/docker/debian-distros/docker_build.sh
@ -0,0 +1,6 @@
 #!/bin/bash
 ssldump_version=$(awk '/\s+VERSION/ {print $2}' ../../CMakeLists.txt)
 distribution=$(awk '/^FROM/ {gsub(":","-"); print $2}' Dockerfile)
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/debian-distros/docker_run.sh
+++ b/docker/debian-distros/docker_run.sh
@ -0,0 +1,7 @@
 #!/bin/bash
 ssldump_version=$(awk '/\s+VERSION/ {print $2}' ../../CMakeLists.txt)
 distribution=$(awk '/^FROM/ {gsub(":","-"); print $2}' Dockerfile)
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/debian-stretch/Dockerfile
+++ b/docker/debian-stretch/Dockerfile
@ -1,28 +0,0 @@
 FROM debian:stretch-slim
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CC=/usr/bin/clang && \
 	make && \
 	sudo make install
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/debian-stretch/docker_build.sh
+++ b/docker/debian-stretch/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-stretch
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/debian-stretch/docker_run.sh
+++ b/docker/debian-stretch/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=debian-stretch
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/mirror_traffic_to_container.sh
+++ b/docker/mirror_traffic_to_container.sh
@ -1,6 +1,6 @@
 #!/bin/bash
-local_if=ens3f0
+local_if=eth0
 container_ip=172.17.0.2
 sudo iptables -t mangle -I PREROUTING 1 -i ${local_if} -j TEE --gateway ${container_ip}
--- a/docker/ubuntu-bionic/Dockerfile
+++ b/docker/ubuntu-bionic/Dockerfile
@ -1,28 +0,0 @@
 FROM ubuntu:bionic
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CC=/usr/bin/clang && \
 	make && \
 	sudo make install
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/ubuntu-bionic/docker_build.sh
+++ b/docker/ubuntu-bionic/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-bionic
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/ubuntu-bionic/docker_run.sh
+++ b/docker/ubuntu-bionic/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-bionic
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/ubuntu-focal/Dockerfile
+++ b/docker/ubuntu-focal/Dockerfile
@ -1,28 +0,0 @@
 FROM ubuntu:focal
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CC=/usr/bin/clang && \
 	make && \
 	sudo make install
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/ubuntu-focal/docker_build.sh
+++ b/docker/ubuntu-focal/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-focal
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/ubuntu-focal/docker_run.sh
+++ b/docker/ubuntu-focal/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-focal
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/ubuntu-groovy/Dockerfile
+++ b/docker/ubuntu-groovy/Dockerfile
@ -1,28 +0,0 @@
 FROM ubuntu:groovy
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CC=/usr/bin/clang && \
 	make && \
 	sudo make install
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/ubuntu-groovy/docker_build.sh
+++ b/docker/ubuntu-groovy/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-groovy
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/ubuntu-groovy/docker_run.sh
+++ b/docker/ubuntu-groovy/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-groovy
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/docker/ubuntu-xenial/Dockerfile
+++ b/docker/ubuntu-xenial/Dockerfile
@ -1,41 +0,0 @@
 FROM ubuntu:xenial
 ENV LANG C
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
    apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang wget libpcap-dev libnet1-dev libjson-c-dev iproute2 && \
    apt-get clean
 RUN useradd -ms /bin/bash ssldump
 RUN passwd -d ssldump
 RUN printf 'Defaults:ssldump env_keep=LD_LIBRARY_PATH\n' | tee -a /etc/sudoers
 RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers
 USER ssldump
 RUN mkdir /home/ssldump/openssl && \
 	cd /home/ssldump/openssl && \
 	wget https://www.openssl.org/source/openssl-1.1.1j.tar.gz && \
 	tar xvfz openssl-1.1.1j.tar.gz && \
 	cd openssl-1.1.1j && \
 	./config && \
 	make -j 2
 RUN cd /home/ssldump && \
 	git clone https://github.com/adulau/ssldump.git build
 RUN cd /home/ssldump/build && \
 	./autogen.sh && \
 	./configure CFLAGS="-I../openssl/openssl-1.1.1j/include" LDFLAGS="-L../openssl/openssl-1.1.1j -lcrypto -lssl" && \
 	make && \
 	sudo make install
 ENV LD_LIBRARY_PATH /home/ssldump/openssl/openssl-1.1.1j
 RUN printf '#!/bin/bash\nexport LD_LIBRARY_PATH=/home/ssldump/openssl/openssl-1.1.1j\nssldump $@\n' > /home/ssldump/run_ssldump.sh
 RUN chmod +x /home/ssldump/run_ssldump.sh
 WORKDIR "/home/ssldump"
 CMD ["/bin/bash"]
--- a/docker/ubuntu-xenial/docker_build.sh
+++ b/docker/ubuntu-xenial/docker_build.sh
@ -1,6 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-xenial
 docker build -t "ssldump-${distribution}:${ssldump_version}" .
--- a/docker/ubuntu-xenial/docker_run.sh
+++ b/docker/ubuntu-xenial/docker_run.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 ssldump_version=1.4b
 distribution=ubuntu-xenial
 docker run -it ssldump-${distribution}:${ssldump_version}
--- a/null/null_analyze.c
+++ b/null/null_analyze.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Thu Jan  7 22:58:27 1999
 */
 #include <ctype.h>
 #include "network.h"
 #include "proto_mod.h"
@ -55,14 +54,24 @@ typedef struct null_analyzer_ {
 } null_analyzer;
 static int create_null_analyzer PROTO_LIST((void *handle,
-  proto_ctx *ctx,tcp_conn *conn,proto_obj **objp,
+                                            proto_ctx *ctx,
-  struct sockaddr_storage *i_addr,u_short i_port,
+                                            tcp_conn *conn,
-  struct sockaddr_storage *r_addr,u_short r_port, struct timeval *base_time));
+                                            proto_obj **objp,
                                            struct sockaddr_storage *i_addr,
                                            u_short i_port,
                                            struct sockaddr_storage *r_addr,
                                            u_short r_port,
                                            struct timeval *base_time));
-static int create_null_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
+static int create_null_analyzer(void *handle,
-  proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr,
+                                proto_ctx *ctx,
-  u_short r_port, struct timeval *base_time)
+                                tcp_conn *conn,
-  {
+                                proto_obj **objp,
                                struct sockaddr_storage *i_addr,
                                u_short i_port,
                                struct sockaddr_storage *r_addr,
                                u_short r_port,
                                struct timeval *base_time) {
  null_analyzer *obj = 0;
  static int ctr;
@ -77,9 +86,7 @@ static int create_null_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
  return (0);
 }
-int destroy_null_analyzer(objp)
+int destroy_null_analyzer(proto_obj **objp) {
  proto_obj **objp;
  {
  null_analyzer *obj;
  if(!objp || !*objp)
@ -94,16 +101,11 @@ int destroy_null_analyzer(objp)
  return (0);
 }
-int data_null_analyzer(_obj,seg,direction)
+int data_null_analyzer(proto_obj *_obj, segment *seg, int direction) {
  proto_obj *_obj;
  segment *seg;
  int direction;
  {
 #ifdef DEBUG
  null_analyzer *obj = (null_analyzer *)_obj;
 #endif
-    DBG((0,"Processing data for connection %d dir %d\n",obj->num,
+  DBG((0, "Processing data for connection %d dir %d\n", obj->num, direction));
      direction));
  for(; seg; seg = seg->next) {
    int i;
@ -124,11 +126,7 @@ int data_null_analyzer(_obj,seg,direction)
  return (0);
 }
-int fin_null_analyzer(_obj,p,direction)
+int fin_null_analyzer(proto_obj *_obj, packet *p, int direction) {
  proto_obj *_obj;
  packet *p;
  int direction;
  {
 #ifdef DEBUG
  null_analyzer *obj = (null_analyzer *)_obj;
 #endif
@ -136,20 +134,15 @@ int fin_null_analyzer(_obj,p,direction)
  return (0);
 }
 static struct proto_mod_vtbl_ null_vtbl = {
    0,
    0,
    0,
    create_null_analyzer,
    0,
    destroy_null_analyzer,
    data_null_analyzer,
    fin_null_analyzer,
 };
-struct proto_mod_ null_mod = {
+struct proto_mod_ null_mod = {0, &null_vtbl};
     0,
     &null_vtbl
 };
--- a/null/null_analyze.h
+++ b/null/null_analyze.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: null_analyze.h,v 1.2 2000/10/17 16:10:01 ekr Exp $
@ -43,11 +44,9 @@
   ekr@rtfm.com  Fri Jan  8 11:23:10 1999
 */
 #ifndef _null_analyze_h
 #define _null_analyze_h
 extern proto_mod null_mod;
 #endif
--- a/pcap/logpkt.c
+++ b/pcap/logpkt.c
@ -149,9 +149,7 @@ typedef struct __attribute__((packed)) {
 * IP/TCP checksumming operating on uint32_t intermediate state variable C.
 */
 #define CHKSUM_INIT(C) \
-	{ \
+  { (C) = 0; }
 		(C) = 0; \
 	}
 #define CHKSUM_ADD_RANGE(C, B, S)      \
  {                                    \
    uint16_t *p = (uint16_t *)(B);     \
@ -164,13 +162,9 @@ typedef struct __attribute__((packed)) {
    }                                  \
  }
 #define CHKSUM_ADD_UINT32(C, U) \
-	{ \
+  { (C) += ((U) >> 16) + ((U)&0xFFFF); }
 		(C) += ((U) >> 16) + ((U) & 0xFFFF); \
 	}
 #define CHKSUM_ADD_UINT16(C, U) \
-	{ \
+  { (C) += (U); }
 		(C) += (U); \
 	}
 #define CHKSUM_FINALIZE(C)            \
  {                                   \
    (C) = ((C) >> 16) + ((C)&0xffff); \
@ -189,9 +183,7 @@ typedef struct __attribute__((packed)) {
 *
 * Returns 0 on success and -1 on failure.
 */
-static int
+static int logpkt_write_global_pcap_hdr(int fd) {
 logpkt_write_global_pcap_hdr(int fd)
 {
  pcap_file_hdr_t hdr;
  memset(&hdr, 0x0, sizeof(hdr));
@ -214,8 +206,7 @@ logpkt_write_global_pcap_hdr(int fd)
 * file descriptor.  On error, -1 is returned and the file descriptor is in an
 * undefined but still open state.
 */
-int
+int logpkt_pcap_open_fd(int fd) {
 logpkt_pcap_open_fd(int fd) {
  pcap_file_hdr_t hdr;
  off_t sz;
  ssize_t n;
@ -255,12 +246,15 @@ logpkt_pcap_open_fd(int fd) {
 * match the actual link layer addresses to be used when sending traffic, not
 * some emulated addresses.
 */
-void
+void logpkt_ctx_init(logpkt_ctx_t *ctx,
-logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu,
+                     libnet_t *libnet,
-                const uint8_t *src_ether, const uint8_t *dst_ether,
+                     size_t mtu,
-                const struct sockaddr *src_addr, socklen_t src_addr_len,
+                     const uint8_t *src_ether,
-                const struct sockaddr *dst_addr, socklen_t dst_addr_len)
+                     const uint8_t *dst_ether,
-{
+                     const struct sockaddr *src_addr,
                     socklen_t src_addr_len,
                     const struct sockaddr *dst_addr,
                     socklen_t dst_addr_len) {
  ctx->libnet = libnet;
  memcpy(ctx->src_ether, src_ether, ETHER_ADDR_LEN);
  memcpy(ctx->dst_ether, dst_ether, ETHER_ADDR_LEN);
@ -269,9 +263,8 @@ logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu,
  ctx->src_seq = 0;
  ctx->dst_seq = 0;
  if(mtu) {
-		ctx->mss = mtu - sizeof(tcp_hdr_t)
+    ctx->mss = mtu - sizeof(tcp_hdr_t) -
-		               - (dst_addr->sa_family == AF_INET
+               (dst_addr->sa_family == AF_INET ? sizeof(ip4_hdr_t)
 		                  ? sizeof(ip4_hdr_t)
                                               : sizeof(ip6_hdr_t));
  } else {
    ctx->mss = dst_addr->sa_family == AF_INET ? MSS_IP4 : MSS_IP6;
@ -282,9 +275,7 @@ logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu,
 * Write the layer 2 frame contained in *pkt* to file descriptor *fd* already
 * open for writing.  First writes a PCAP record header, then the actual frame.
 */
-static int
+static int logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd) {
 logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
 {
  pcap_rec_hdr_t rec_hdr;
  struct timeval tv;
@ -294,13 +285,11 @@ logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
  rec_hdr.orig_len = rec_hdr.incl_len = pktsz;
  if(write(fd, &rec_hdr, sizeof(rec_hdr)) != sizeof(rec_hdr)) {
-		printf("Error writing pcap record hdr: %s\n",
+    printf("Error writing pcap record hdr: %s\n", strerror(errno));
 		               strerror(errno));
    return -1;
  }
  if(write(fd, pkt, pktsz) != (ssize_t)pktsz) {
-		printf("Error writing pcap record: %s\n",
+    printf("Error writing pcap record: %s\n", strerror(errno));
 		               strerror(errno));
    return -1;
  }
  return 0;
@ -317,14 +306,16 @@ logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
 * This function is stateless.  For header fields that cannot be directly
 * derived from the arguments, default values will be used.
 */
-static size_t
+static size_t logpkt_pcap_build(uint8_t *pkt,
-logpkt_pcap_build(uint8_t *pkt,
+                                uint8_t *src_ether,
-                  uint8_t *src_ether, uint8_t *dst_ether,
+                                uint8_t *dst_ether,
                                const struct sockaddr *src_addr,
                                const struct sockaddr *dst_addr,
-                  char flags, uint32_t seq, uint32_t ack,
+                                char flags,
-                  const uint8_t *payload, size_t payloadlen)
+                                uint32_t seq,
-{
+                                uint32_t ack,
                                const uint8_t *payload,
                                size_t payloadlen) {
  ether_hdr_t *ether_hdr;
  ip4_hdr_t *ip4_hdr;
  ip6_hdr_t *ip6_hdr;
@ -339,14 +330,11 @@ logpkt_pcap_build(uint8_t *pkt,
  if(dst_addr->sa_family == AF_INET) {
    ether_hdr->ethertype = htons(ETHERTYPE_IP);
-		ip4_hdr = (ip4_hdr_t *)(((uint8_t *)ether_hdr) +
+    ip4_hdr = (ip4_hdr_t *)(((uint8_t *)ether_hdr) + sizeof(ether_hdr_t));
 		                        sizeof(ether_hdr_t));
    ip4_hdr->version_ihl = 0x45; /* version 4, ihl 5 words */
    ip4_hdr->dscp_ecn = 0;
-		ip4_hdr->len = htons(sizeof(ip4_hdr_t) +
+    ip4_hdr->len = htons(sizeof(ip4_hdr_t) + sizeof(tcp_hdr_t) + payloadlen);
-		                     sizeof(tcp_hdr_t) + payloadlen);
+    ip4_hdr->id = sys_rand16(), ip4_hdr->frag = 0;
 		ip4_hdr->id = sys_rand16(),
 		ip4_hdr->frag = 0;
    ip4_hdr->ttl = 64;
    ip4_hdr->proto = IPPROTO_TCP;
    ip4_hdr->src_addr = CSIN(src_addr)->sin_addr.s_addr;
@ -357,8 +345,7 @@ logpkt_pcap_build(uint8_t *pkt,
    CHKSUM_FINALIZE(sum);
    ip4_hdr->chksum = sum;
    sz += sizeof(ip4_hdr_t);
-		tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip4_hdr) +
+    tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip4_hdr) + sizeof(ip4_hdr_t));
 		                        sizeof(ip4_hdr_t));
    tcp_hdr->src_port = CSIN(src_addr)->sin_port;
    tcp_hdr->dst_port = CSIN(dst_addr)->sin_port;
    /* pseudo header */
@ -369,8 +356,7 @@ logpkt_pcap_build(uint8_t *pkt,
    CHKSUM_ADD_UINT16(sum, htons(sizeof(tcp_hdr_t) + payloadlen));
  } else {
    ether_hdr->ethertype = htons(ETHERTYPE_IPV6);
-		ip6_hdr = (ip6_hdr_t *)(((uint8_t *)ether_hdr) +
+    ip6_hdr = (ip6_hdr_t *)(((uint8_t *)ether_hdr) + sizeof(ether_hdr_t));
 		                        sizeof(ether_hdr_t));
    ip6_hdr->flags = htonl(0x60000000UL); /* version 6 */
    ip6_hdr->len = htons(sizeof(tcp_hdr_t) + payloadlen);
    ip6_hdr->next_hdr = IPPROTO_TCP;
@ -380,16 +366,13 @@ logpkt_pcap_build(uint8_t *pkt,
    memcpy(ip6_hdr->dst_addr, CSIN6(dst_addr)->sin6_addr.s6_addr,
           sizeof(ip6_hdr->dst_addr));
    sz += sizeof(ip6_hdr_t);
-		tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip6_hdr) +
+    tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip6_hdr) + sizeof(ip6_hdr_t));
 		                        sizeof(ip6_hdr_t));
    tcp_hdr->src_port = CSIN6(src_addr)->sin6_port;
    tcp_hdr->dst_port = CSIN6(dst_addr)->sin6_port;
    /* pseudo header */
    CHKSUM_INIT(sum);
-		CHKSUM_ADD_RANGE(sum, ip6_hdr->src_addr,
+    CHKSUM_ADD_RANGE(sum, ip6_hdr->src_addr, sizeof(ip6_hdr->src_addr));
-		                 sizeof(ip6_hdr->src_addr));
+    CHKSUM_ADD_RANGE(sum, ip6_hdr->dst_addr, sizeof(ip6_hdr->dst_addr));
 		CHKSUM_ADD_RANGE(sum, ip6_hdr->dst_addr,
 		                 sizeof(ip6_hdr->dst_addr));
    CHKSUM_ADD_UINT32(sum, ip6_hdr->len);
    CHKSUM_ADD_UINT16(sum, htons(IPPROTO_TCP));
  }
@ -412,80 +395,63 @@ logpkt_pcap_build(uint8_t *pkt,
 * Build a packet using libnet intended for mirroring mode.  The packet will
 * be dynamically allocated on the heap by the libnet instance *libnet*.
 */
-static int
+static int logpkt_mirror_build(libnet_t *libnet,
-logpkt_mirror_build(libnet_t *libnet,
+                               uint8_t *src_ether,
-                    uint8_t *src_ether, uint8_t *dst_ether,
+                               uint8_t *dst_ether,
                               const struct sockaddr *src_addr,
                               const struct sockaddr *dst_addr,
-                    char flags, uint32_t seq, uint32_t ack,
+                               char flags,
-                    const uint8_t *payload, size_t payloadlen)
+                               uint32_t seq,
-{
+                               uint32_t ack,
                               const uint8_t *payload,
                               size_t payloadlen) {
  libnet_ptag_t ptag;
-	ptag = libnet_build_tcp(htons(src_addr->sa_family == AF_INET
+  ptag = libnet_build_tcp(
-	                        ? CSIN(src_addr)->sin_port
+      htons(src_addr->sa_family == AF_INET ? CSIN(src_addr)->sin_port
                                           : CSIN6(src_addr)->sin6_port),
-	                        htons(dst_addr->sa_family == AF_INET
+      htons(dst_addr->sa_family == AF_INET ? CSIN(dst_addr)->sin_port
 	                        ? CSIN(dst_addr)->sin_port
                                           : CSIN6(dst_addr)->sin6_port),
-	                        seq,
+      seq, ack, flags, 32767, /* window size */
 	                        ack,
 	                        flags,
 	                        32767,          /* window size */
      0,                      /* checksum */
      0,                      /* urgent pointer */
-	                        LIBNET_TCP_H + payloadlen,
+      LIBNET_TCP_H + payloadlen, (uint8_t *)payload, payloadlen, libnet, 0);
 	                        (uint8_t *)payload, payloadlen,
 	                        libnet, 0);
  if(ptag == -1) {
-		printf("Error building tcp header: %s",
+    printf("Error building tcp header: %s", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    return -1;
  }
  if(dst_addr->sa_family == AF_INET) {
-		ptag = libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H +
+    ptag = libnet_build_ipv4(
-		                         payloadlen,
+        LIBNET_IPV4_H + LIBNET_TCP_H + payloadlen, 0, /* TOS */
-		                         0,             /* TOS */
+        (uint16_t)sys_rand16(),                       /* id */
 		                         (uint16_t)
 		                         sys_rand16(),  /* id */
        0x4000,                                       /* frag */
        64,                                           /* TTL */
        IPPROTO_TCP,                                  /* protocol */
        0,                                            /* checksum */
-		                         CSIN(src_addr)->sin_addr.s_addr,
+        CSIN(src_addr)->sin_addr.s_addr, CSIN(dst_addr)->sin_addr.s_addr, NULL,
-		                         CSIN(dst_addr)->sin_addr.s_addr,
+        0, libnet, 0);
 		                         NULL, 0,
 		                         libnet, 0);
  } else {
-		ptag = libnet_build_ipv6(0,             /* traffic class */
+    ptag = libnet_build_ipv6(
        0, /* traffic class */
        0, /* flow label */
-		                         LIBNET_IPV6_H + LIBNET_TCP_H +
+        LIBNET_IPV6_H + LIBNET_TCP_H + payloadlen, IPPROTO_TCP,
 		                         payloadlen,
 		                         IPPROTO_TCP,
        255, /* hop limit */
-		                         *(struct libnet_in6_addr *)
+        *(struct libnet_in6_addr *)&CSIN6(src_addr)->sin6_addr,
-		                         &CSIN6(src_addr)->sin6_addr,
+        *(struct libnet_in6_addr *)&CSIN6(dst_addr)->sin6_addr, NULL, 0, libnet,
-		                         *(struct libnet_in6_addr *)
+        0);
 		                         &CSIN6(dst_addr)->sin6_addr,
 		                         NULL, 0,
 		                         libnet, 0);
  }
  if(ptag == -1) {
-		printf("Error building ip header: %s",
+    printf("Error building ip header: %s", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    return -1;
  }
-	ptag = libnet_build_ethernet(dst_ether,
+  ptag = libnet_build_ethernet(
-	                             src_ether,
+      dst_ether, src_ether,
-	                             dst_addr->sa_family == AF_INET
+      dst_addr->sa_family == AF_INET ? ETHERTYPE_IP : ETHERTYPE_IPV6, NULL, 0,
 	                                     ? ETHERTYPE_IP : ETHERTYPE_IPV6,
 	                             NULL, 0,
      libnet, 0);
  if(ptag == -1) {
-		printf("Error building ethernet header: %s",
+    printf("Error building ethernet header: %s", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    return -1;
  }
  return 0;
@ -502,31 +468,25 @@ logpkt_mirror_build(libnet_t *libnet,
 * Caller must ensure that *payload* fits into a frame depending on the MTU
 * selected (interface in mirroring mode, MTU value in PCAP writing mode).
 */
-static int
+static int logpkt_write_packet(logpkt_ctx_t *ctx,
-logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
+                               int fd,
-                    const uint8_t *payload, size_t payloadlen)
+                               int direction,
-{
+                               char flags,
                               const uint8_t *payload,
                               size_t payloadlen) {
  int rv;
  if(fd != -1) {
    uint8_t buf[MAX_PKTSZ];
    size_t sz;
    if(direction == LOGPKT_REQUEST) {
-			sz = logpkt_pcap_build(buf,
+      sz = logpkt_pcap_build(buf, ctx->src_ether, ctx->dst_ether,
-			                       ctx->src_ether, ctx->dst_ether,
+                             CSA(&ctx->src_addr), CSA(&ctx->dst_addr), flags,
-			                       CSA(&ctx->src_addr),
+                             ctx->src_seq, ctx->dst_seq, payload, payloadlen);
 			                       CSA(&ctx->dst_addr),
 			                       flags,
 			                       ctx->src_seq, ctx->dst_seq,
 			                       payload, payloadlen);
    } else {
-			sz = logpkt_pcap_build(buf,
+      sz = logpkt_pcap_build(buf, ctx->dst_ether, ctx->src_ether,
-			                       ctx->dst_ether, ctx->src_ether,
+                             CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags,
-			                       CSA(&ctx->dst_addr),
+                             ctx->dst_seq, ctx->src_seq, payload, payloadlen);
 			                       CSA(&ctx->src_addr),
 			                       flags,
 			                       ctx->dst_seq, ctx->src_seq,
 			                       payload, payloadlen);
    }
    rv = logpkt_pcap_write(buf, sz, fd);
    if(rv == -1) {
@ -539,21 +499,13 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
     * local MAC address and target MAC address for mirroring the
     * packets to; use them as-is for both directions. */
    if(direction == LOGPKT_REQUEST) {
-			rv = logpkt_mirror_build(ctx->libnet,
+      rv = logpkt_mirror_build(ctx->libnet, ctx->src_ether, ctx->dst_ether,
-			                         ctx->src_ether, ctx->dst_ether,
+                               CSA(&ctx->src_addr), CSA(&ctx->dst_addr), flags,
-			                         CSA(&ctx->src_addr),
+                               ctx->src_seq, ctx->dst_seq, payload, payloadlen);
 			                         CSA(&ctx->dst_addr),
 			                         flags,
 			                         ctx->src_seq, ctx->dst_seq,
 			                         payload, payloadlen);
    } else {
-			rv = logpkt_mirror_build(ctx->libnet,
+      rv = logpkt_mirror_build(ctx->libnet, ctx->src_ether, ctx->dst_ether,
-			                         ctx->src_ether, ctx->dst_ether,
+                               CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags,
-			                         CSA(&ctx->dst_addr),
+                               ctx->dst_seq, ctx->src_seq, payload, payloadlen);
 			                         CSA(&ctx->src_addr),
 			                         flags,
 			                         ctx->dst_seq, ctx->src_seq,
 			                         payload, payloadlen);
    }
    if(rv == -1) {
      printf("Error building packet\n");
@ -561,8 +513,7 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
    }
    rv = libnet_write(ctx->libnet);
    if(rv == -1) {
-			printf("Error writing packet: %s\n",
+      printf("Error writing packet: %s\n", libnet_geterror(ctx->libnet));
 			               libnet_geterror(ctx->libnet));
    }
    libnet_clear_packet(ctx->libnet);
 #else  /* WITHOUT_MIRROR */
@ -575,21 +526,17 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
 /*
 * Emulate the initial SYN handshake.
 */
-static int
+static int logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd) {
 logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd)
 {
  ctx->src_seq = sys_rand32();
-	if (logpkt_write_packet(ctx, fd, LOGPKT_REQUEST,
+  if(logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, TH_SYN, NULL, 0) == -1)
 	                        TH_SYN, NULL, 0) == -1)
    return -1;
  ctx->src_seq += 1;
  ctx->dst_seq = sys_rand32();
-	if (logpkt_write_packet(ctx, fd, LOGPKT_RESPONSE,
+  if(logpkt_write_packet(ctx, fd, LOGPKT_RESPONSE, TH_SYN | TH_ACK, NULL, 0) ==
-	                        TH_SYN|TH_ACK, NULL, 0) == -1)
+     -1)
    return -1;
  ctx->dst_seq += 1;
-	if (logpkt_write_packet(ctx, fd, LOGPKT_REQUEST,
+  if(logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, TH_ACK, NULL, 0) == -1)
 	                        TH_ACK, NULL, 0) == -1)
    return -1;
  return 0;
 }
@ -599,12 +546,13 @@ logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd)
 * necessary, a SYN handshake will automatically be generated before emitting
 * the packet carrying the payload plus a matching ACK.
 */
-int
+int logpkt_write_payload(logpkt_ctx_t *ctx,
-logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
+                         int fd,
-                     const uint8_t *payload, size_t payloadlen)
+                         int direction,
-{
+                         const uint8_t *payload,
-	int other_direction = (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE
+                         size_t payloadlen) {
-	                                                    : LOGPKT_REQUEST;
+  int other_direction =
      (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE : LOGPKT_REQUEST;
  if(ctx->src_seq == 0) {
    if(logpkt_write_syn_handshake(ctx, fd) == -1)
@ -613,10 +561,12 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
  while(payloadlen > 0) {
    size_t n = payloadlen > ctx->mss ? ctx->mss : payloadlen;
-		if (logpkt_write_packet(ctx, fd, direction,
+    if(logpkt_write_packet(ctx, fd, direction, TH_PUSH | TH_ACK, payload, n) ==
-		                        TH_PUSH|TH_ACK, payload, n) == -1) {
+       -1) {
-			printf("Warning: Failed to write to pcap log"
+      printf(
-			               ": %s\n", strerror(errno));
+          "Warning: Failed to write to pcap log"
          ": %s\n",
          strerror(errno));
      return -1;
    }
    if(direction == LOGPKT_REQUEST) {
@ -628,10 +578,8 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
    payloadlen -= n;
  }
-	if (logpkt_write_packet(ctx, fd, other_direction,
+  if(logpkt_write_packet(ctx, fd, other_direction, TH_ACK, NULL, 0) == -1) {
-	                        TH_ACK, NULL, 0) == -1) {
+    printf("Warning: Failed to write to pcap log: %s\n", strerror(errno));
 		printf("Warning: Failed to write to pcap log: %s\n",
 		               strerror(errno));
    return -1;
  }
  return 0;
@ -641,18 +589,16 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
 * Emulate a connection close, emitting a FIN handshake in the correct
 * direction.  Does not close the file descriptor.
 */
-int
+int logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
-logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
+  int other_direction =
-	int other_direction = (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE
+      (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE : LOGPKT_REQUEST;
 	                                                    : LOGPKT_REQUEST;
  if(ctx->src_seq == 0) {
    if(logpkt_write_syn_handshake(ctx, fd) == -1)
      return -1;
  }
-	if (logpkt_write_packet(ctx, fd, direction,
+  if(logpkt_write_packet(ctx, fd, direction, TH_FIN | TH_ACK, NULL, 0) == -1) {
 	                        TH_FIN|TH_ACK, NULL, 0) == -1) {
    printf("Warning: Failed to write packet\n");
    return -1;
  }
@ -662,8 +608,8 @@ logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
    ctx->dst_seq += 1;
  }
-	if (logpkt_write_packet(ctx, fd, other_direction,
+  if(logpkt_write_packet(ctx, fd, other_direction, TH_FIN | TH_ACK, NULL, 0) ==
-	                        TH_FIN|TH_ACK, NULL, 0) == -1) {
+     -1) {
    printf("Warning: Failed to write packet\n");
    return -1;
  }
@ -673,8 +619,7 @@ logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
    ctx->dst_seq += 1;
  }
-	if (logpkt_write_packet(ctx, fd, direction,
+  if(logpkt_write_packet(ctx, fd, direction, TH_ACK, NULL, 0) == -1) {
 	                        TH_ACK, NULL, 0) == -1) {
    printf("Warning: Failed to write packet\n");
    return -1;
  }
@ -692,11 +637,9 @@ typedef struct {
 /*
 * Receive a single ARP reply and copy the resulting ether to ctx->ether.
 */
-static void
+static void logpkt_recv_arp_reply(uint8_t *user,
 logpkt_recv_arp_reply(uint8_t *user,
                                  UNUSED const struct pcap_pkthdr *h,
-                      const uint8_t *packet)
+                                  const uint8_t *packet) {
 {
  logpkt_recv_arp_reply_ctx_t *ctx = (logpkt_recv_arp_reply_ctx_t *)user;
  struct libnet_802_3_hdr *heth = (void *)packet;
  struct libnet_arp_hdr *harp = (void *)((char *)heth + LIBNET_ETH_H);
@ -718,8 +661,7 @@ logpkt_recv_arp_reply(uint8_t *user,
              heth->_802_3_shost, ETHER_ADDR_LEN))
    return;
-	memcpy(ctx->ether,
+  memcpy(ctx->ether, (u_char *)harp + sizeof(struct libnet_arp_hdr),
 	       (u_char*)harp + sizeof(struct libnet_arp_hdr),
         ETHER_ADDR_LEN);
  ctx->result = 0;
 }
@ -729,16 +671,15 @@ logpkt_recv_arp_reply(uint8_t *user,
 * mirroring packets to dst_ip_s on interface dst_if_s.
 * Only IPv4 mirror targets are supported.
 */
-int
+int logpkt_ether_lookup(libnet_t *libnet,
-logpkt_ether_lookup(libnet_t *libnet,
+                        uint8_t *src_ether,
-                    uint8_t *src_ether, uint8_t *dst_ether,
+                        uint8_t *dst_ether,
-                    const char *dst_ip_s, const char *dst_if_s)
+                        const char *dst_ip_s,
-{
+                        const char *dst_if_s) {
  char errbuf[PCAP_ERRBUF_SIZE];
-	uint8_t broadcast_ether[ETHER_ADDR_LEN] = {
+  uint8_t broadcast_ether[ETHER_ADDR_LEN] = {0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+                                             0xff, 0xff, 0xff};
-	uint8_t zero_ether[ETHER_ADDR_LEN] = {
+  uint8_t zero_ether[ETHER_ADDR_LEN] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
 		0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
  struct libnet_ether_addr *src_ether_addr;
  uint32_t src_ip;
  struct bpf_program bp;
@ -751,43 +692,31 @@ logpkt_ether_lookup(libnet_t *libnet,
  }
  ctx.result = -1;
-	ctx.ip = libnet_name2addr4(libnet, (char *)dst_ip_s,
+  ctx.ip = libnet_name2addr4(libnet, (char *)dst_ip_s, LIBNET_DONT_RESOLVE);
 	                           LIBNET_DONT_RESOLVE);
  if(ctx.ip == (uint32_t)-1) {
-		printf("Error converting dst IP address: %s\n",
+    printf("Error converting dst IP address: %s\n", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    goto out;
  }
  src_ip = libnet_get_ipaddr4(libnet);
  if(src_ip == (uint32_t)-1) {
-		printf("Error getting src IP address: %s\n",
+    printf("Error getting src IP address: %s\n", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    goto out;
  }
  src_ether_addr = libnet_get_hwaddr(libnet);
  if(src_ether_addr == NULL) {
-		printf("Error getting src ethernet address: %s\n",
+    printf("Error getting src ethernet address: %s\n", libnet_geterror(libnet));
 		               libnet_geterror(libnet));
    goto out;
  }
  memcpy(src_ether, src_ether_addr->ether_addr_octet, ETHER_ADDR_LEN);
-	if (libnet_autobuild_arp(ARPOP_REQUEST,
+  if(libnet_autobuild_arp(ARPOP_REQUEST, src_ether, (uint8_t *)&src_ip,
-	                         src_ether,
+                          zero_ether, (uint8_t *)&ctx.ip, libnet) == -1) {
-	                         (uint8_t*)&src_ip,
+    printf("Error building arp header: %s\n", libnet_geterror(libnet));
 	                         zero_ether,
 	                         (uint8_t*)&ctx.ip,
 	                         libnet) == -1) {
 		printf("Error building arp header: %s\n",
 		               libnet_geterror(libnet));
    goto out;
  }
-	if (libnet_autobuild_ethernet(broadcast_ether,
+  if(libnet_autobuild_ethernet(broadcast_ether, ETHERTYPE_ARP, libnet) == -1) {
-	                              ETHERTYPE_ARP,
+    printf("Error building ethernet header: %s", libnet_geterror(libnet));
 	                              libnet) == -1) {
 		printf("Error building ethernet header: %s",
 		               libnet_geterror(libnet));
    goto out;
  }
@ -798,13 +727,11 @@ logpkt_ether_lookup(libnet_t *libnet,
  }
  if(pcap_compile(pcap, &bp, "arp", 0, -1) == -1) {
-		printf("Error in pcap_compile(): %s\n",
+    printf("Error in pcap_compile(): %s\n", pcap_geterr(pcap));
 		               pcap_geterr(pcap));
    goto out2;
  }
  if(pcap_setfilter(pcap, &bp) == -1) {
-		printf("Error in pcap_setfilter(): %s\n",
+    printf("Error in pcap_setfilter(): %s\n", pcap_geterr(pcap));
 		               pcap_geterr(pcap));
    goto out3;
  }
@ -812,16 +739,13 @@ logpkt_ether_lookup(libnet_t *libnet,
    if(libnet_write(libnet) != -1) {
      /* Limit # of packets to process, so we can loop to
       * send arp requests on busy networks. */
-			if (pcap_dispatch(pcap, 1000,
+      if(pcap_dispatch(pcap, 1000, (pcap_handler)logpkt_recv_arp_reply,
 			                  (pcap_handler)logpkt_recv_arp_reply,
                       (u_char *)&ctx) < 0) {
-				printf("Error in pcap_dispatch(): %s\n",
+        printf("Error in pcap_dispatch(): %s\n", pcap_geterr(pcap));
 				               pcap_geterr(pcap));
        break;
      }
    } else {
-			printf("Error writing arp packet: %s",
+      printf("Error writing arp packet: %s", libnet_geterror(libnet));
 			               libnet_geterror(libnet));
      break;
    }
    sleep(1);
--- a/pcap/logpkt.h
+++ b/pcap/logpkt.h
@ -35,7 +35,6 @@
 #include <stdint.h>
 #include <time.h>
 #ifndef WITHOUT_MIRROR
 #include <libnet.h>
 #else /* WITHOUT_MIRROR */
@ -58,14 +57,25 @@ typedef struct {
 #define LOGPKT_RESPONSE 1
 int logpkt_pcap_open_fd(int fd) WUNRES;
-void logpkt_ctx_init(logpkt_ctx_t *, libnet_t *, size_t,
+void logpkt_ctx_init(logpkt_ctx_t *,
-                     const uint8_t *, const uint8_t *,
+                     libnet_t *,
-                     const struct sockaddr *, socklen_t,
+                     size_t,
-                     const struct sockaddr *, socklen_t);
+                     const uint8_t *,
-int logpkt_write_payload(logpkt_ctx_t *, int, int,
+                     const uint8_t *,
-                         const unsigned char *, size_t) WUNRES;
+                     const struct sockaddr *,
                     socklen_t,
                     const struct sockaddr *,
                     socklen_t);
 int logpkt_write_payload(logpkt_ctx_t *,
                         int,
                         int,
                         const unsigned char *,
                         size_t) WUNRES;
 int logpkt_write_close(logpkt_ctx_t *, int, int);
-int logpkt_ether_lookup(libnet_t *, uint8_t *, uint8_t *,
+int logpkt_ether_lookup(libnet_t *,
-                        const char *, const char *) WUNRES;
+                        uint8_t *,
                        uint8_t *,
                        const char *,
                        const char *) WUNRES;
 #endif /* !LOGPKT_H */
--- a/pcap/pcap_logger.c
+++ b/pcap/pcap_logger.c
@ -19,19 +19,25 @@
 static int init_pcap_logger PROTO_LIST((void *data));
 static int deinit_pcap_logger PROTO_LIST(());
-static int create_pcap_logger PROTO_LIST((proto_obj **objp, struct sockaddr_storage *i_addr,
+static int create_pcap_logger PROTO_LIST((proto_obj * *objp,
-                u_short i_port,struct sockaddr_storage *r_addr, u_short r_port, struct timeval *base_time));
+                                          struct sockaddr_storage *i_addr,
                                          u_short i_port,
                                          struct sockaddr_storage *r_addr,
                                          u_short r_port,
                                          struct timeval *base_time));
 static int destroy_pcap_logger PROTO_LIST((proto_obj * *objp));
-static int data_pcap_logger PROTO_LIST((proto_obj *_obj, unsigned char *data,unsigned int len, int dir));
+static int data_pcap_logger PROTO_LIST(
-static int close_pcap_logger PROTO_LIST((proto_obj *_obj, unsigned char *data,unsigned int len, int dir));
+    (proto_obj * _obj, unsigned char *data, unsigned int len, int dir));
 static int close_pcap_logger PROTO_LIST(
    (proto_obj * _obj, unsigned char *data, unsigned int len, int dir));
 int pcap_fd = -1;
-static uint8_t content_pcap_src_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00, 0x11, 0x11, 0x11};
+static uint8_t content_pcap_src_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00,
-static uint8_t content_pcap_dst_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00, 0x22, 0x22, 0x22};
+                                                         0x11, 0x11, 0x11};
 static uint8_t content_pcap_dst_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00,
                                                         0x22, 0x22, 0x22};
-static int init_pcap_logger(data)
+static int init_pcap_logger(void *data) {
  void *data;
  {
  char *pcap_outfile = (char *)data;
  pcap_fd = open(pcap_outfile, O_RDWR | O_CREAT, DFLT_FILEMODE);
  if(pcap_fd == -1) {
@ -47,15 +53,18 @@ static int init_pcap_logger(data)
  return 0;
 }
-static int deinit_pcap_logger()
+static int deinit_pcap_logger(void) {
  {
  fdatasync(pcap_fd);
  close(pcap_fd);
  return 0;
 }
-static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr, u_short r_port, struct timeval *base_time)
+static int create_pcap_logger(proto_obj **objp,
-  {
+                              struct sockaddr_storage *i_addr,
                              u_short i_port,
                              struct sockaddr_storage *r_addr,
                              u_short r_port,
                              struct timeval *base_time) {
  int r, _status;
  logpkt_ctx_t *pcap_obj = 0;
  struct sockaddr_in src_addr, dst_addr;
@ -73,9 +82,10 @@ static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr,
  memcpy(&dst_addr, r_addr, sizeof(struct sockaddr_in));
  dst_addr.sin_port = htons(r_port);
-    logpkt_ctx_init(pcap_obj,NULL,0,content_pcap_src_ether, content_pcap_dst_ether,
+  logpkt_ctx_init(pcap_obj, NULL, 0, content_pcap_src_ether,
-                                (const struct sockaddr*)&src_addr, sizeof(src_addr),
+                  content_pcap_dst_ether, (const struct sockaddr *)&src_addr,
-                                (const struct sockaddr*)&dst_addr, sizeof(dst_addr));
+                  sizeof(src_addr), (const struct sockaddr *)&dst_addr,
                  sizeof(dst_addr));
  *objp = (proto_obj *)pcap_obj;
  _status = 0;
 abort:
@ -85,9 +95,7 @@ static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr,
  return (_status);
 }
-static int destroy_pcap_logger(objp)
+static int destroy_pcap_logger(proto_obj **objp) {
  proto_obj **objp;
  {
  logpkt_ctx_t *pcap_obj;
  if(!objp || !*objp)
@ -101,36 +109,36 @@ static int destroy_pcap_logger(objp)
  return (0);
 }
-static int data_pcap_logger(_obj,data,len,dir)
+static int data_pcap_logger(proto_obj *_obj,
-  proto_obj *_obj;
+                            unsigned char *data,
-  unsigned char *data;
+                            unsigned int len,
-  unsigned int len;
+                            int dir) {
  int dir;
  {
  logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj;
  int direction;
  int status;
-    if (dir == DIR_I2R ) direction = LOGPKT_REQUEST;
+  if(dir == DIR_I2R)
-    else direction = LOGPKT_RESPONSE; 
+    direction = LOGPKT_REQUEST;
  else
    direction = LOGPKT_RESPONSE;
  status = logpkt_write_payload(pcap_obj, pcap_fd, direction, data, len);
  return status;
 }
-int close_pcap_logger(_obj,data,len,dir)
+int close_pcap_logger(proto_obj *_obj,
-  proto_obj *_obj;
+                      unsigned char *data,
-  unsigned char *data;
+                      unsigned int len,
-  unsigned int len;
+                      int dir) {
  int dir;
  {
  logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj;
  int direction;
  int status;
-    if (dir == DIR_I2R ) direction = LOGPKT_REQUEST;
+  if(dir == DIR_I2R)
-    else direction = LOGPKT_RESPONSE; 
+    direction = LOGPKT_REQUEST;
  else
    direction = LOGPKT_RESPONSE;
  status = logpkt_write_close(pcap_obj, pcap_fd, direction);
@ -138,16 +146,8 @@ int close_pcap_logger(_obj,data,len,dir)
 }
 static struct logger_mod_vtbl_ pcap_vtbl = {
-     init_pcap_logger,
+    init_pcap_logger,    deinit_pcap_logger, create_pcap_logger,
-     deinit_pcap_logger,
+    destroy_pcap_logger, data_pcap_logger,   close_pcap_logger,
     create_pcap_logger,
     destroy_pcap_logger,
     data_pcap_logger,
     close_pcap_logger,
 };
 struct logger_mod_ pcap_mod = {
     "PCAP",
     &pcap_vtbl
 };
 struct logger_mod_ pcap_mod = {"PCAP", &pcap_vtbl};
--- a/pcap/pcap_logger.h
+++ b/pcap/pcap_logger.h
@ -4,4 +4,3 @@
 extern logger_mod pcap_mod;
 #endif
--- a/pcap/sys.c
+++ b/pcap/sys.c
@ -53,12 +53,11 @@
 /*
 * Determine address family of addr
 */
-int
+int sys_get_af(const char *addr) {
 sys_get_af(const char *addr)
 {
  if(strstr(addr, ":"))
    return AF_INET6;
-	else if (!strpbrk(addr, "abcdefghijklmnopqrstu"
+  else if(!strpbrk(addr,
                   "abcdefghijklmnopqrstu"
                   "vwxyzABCDEFGHIJKLMNOP"
                   "QRSTUVWXYZ-"))
    return AF_INET;
@ -66,11 +65,9 @@ sys_get_af(const char *addr)
    return AF_UNSPEC;
 }
 static int sys_rand_seeded = 0;
-static void
+static void sys_rand_seed(void) {
 sys_rand_seed(void) {
  struct timeval seed;
  if(gettimeofday(&seed, NULL) == -1) {
@ -81,19 +78,16 @@ sys_rand_seed(void) {
  sys_rand_seeded = 1;
 }
-uint16_t
+uint16_t sys_rand16(void) {
 sys_rand16(void) {
  if(unlikely(!sys_rand_seeded))
    sys_rand_seed();
  return random();
 }
-uint32_t
+uint32_t sys_rand32(void) {
 sys_rand32(void) {
  if(unlikely(!sys_rand_seeded))
    sys_rand_seed();
  return random();
 }
 /* vim: set noet ft=c: */
--- a/ssl/Attic/ciphersuites.h
+++ b/ssl/Attic/ciphersuites.h
@ -1,52 +0,0 @@
 /**
   ciphersuites.h
   Copyright (C) 1999-2000 RTFM, Inc.
   All Rights Reserved
   This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
   <ekr@rtfm.com> and licensed by RTFM, Inc.
   Redistribution and use in source and binary forms, with or without
   modification, are permitted provided that the following conditions
   are met:
   1. Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
   2. Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the
      documentation and/or other materials provided with the distribution.
   3. All advertising materials mentioning features or use of this software
      must display the following acknowledgement:
      This product includes software developed by Eric Rescorla for
      RTFM, Inc.
   4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
      used to endorse or promote products derived from this
      software without specific prior written permission.
   THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
   $Id: ciphersuites.h,v 1.2 2000/10/17 16:10:01 ekr Exp $
   ekr@rtfm.com  Sat Sep 23 18:01:27 2000
 */
 #ifndef _ciphersuites_h
 #define _ciphersuites_h
 int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs));
 #endif
--- a/ssl/Attic/lex.yy.c
+++ b/ssl/Attic/lex.yy.c
--- a/ssl/Attic/main.c
+++ b/ssl/Attic/main.c
@ -1,98 +0,0 @@
 /**
   main.c
   Copyright (C) 1999-2000 RTFM, Inc.
   All Rights Reserved
   This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
   <ekr@rtfm.com> and licensed by RTFM, Inc.
   Redistribution and use in source and binary forms, with or without
   modification, are permitted provided that the following conditions
   are met:
   1. Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
   2. Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the
      documentation and/or other materials provided with the distribution.
   3. All advertising materials mentioning features or use of this software
      must display the following acknowledgement:
      This product includes software developed by Eric Rescorla for
      RTFM, Inc.
   4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
      used to endorse or promote products derived from this
      software without specific prior written permission.
   THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
   $Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $
   ekr@rtfm.com  Mon Jan 18 16:28:43 1999
 */
 #include <stdarg.h>
 #include <r_common.h>
 extern int yydebug;
 FILE *doth,*dotc;
 int verr_exit(char *fmt,...)
  {
    va_list ap;
    va_start(ap,fmt);
    vfprintf(stderr,fmt,ap);
    exit(1);
  }
 int main(argc,argv)
  int argc;
  char **argv;
  {
    char name[100];
    FILE *in;
    if(!(in=freopen(argv[1],"r",stdin)))
      verr_exit("Couldn't open input file %s\n",argv[1]);
    sprintf(name,"%s.c",argv[1]);
    dotc=fopen(name,"w");
    sprintf(name,"%s.h",argv[1]);
    doth=fopen(name,"w");
    fprintf(dotc,"#include \"network.h\"\n#include \"ssl_h.h\"\n#include \"sslprint.h\"\n#include \"sslxprint.h\"\n#ifdef OPENSSL\n#include <openssl/ssl.h>\n#endif\n");
    fprintf(dotc,"#include \"%s\"\n",name);
    yyparse();
  }
 extern int yylineno;
 int yywrap()
 {
 ;}
 int yyerror(s)
  char *s;
  {
    printf("Parse error %s at line %d\n",s,yylineno);
    exit(1);
  }
--- a/ssl/Attic/ssl.enums
+++ b/ssl/Attic/ssl.enums
@ -1,749 +0,0 @@
    select {
        ChangeCipherSpec(20)
 {@
    ssl_process_change_cipher_spec(ssl,ssl->decoder,dir);
    if(dir==DIR_I2R){
      ssl->i_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
    }
    else{
      ssl->r_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
    }
    printf("\n");
    return(0);
@}
 , Alert(21)
 {@ 
   int r;
   if(ssl->record_encryption==REC_CIPHERTEXT){
     printf("\n");
     return(0);
   }
   if(data->len!=2){
 	fprintf(stderr,"Wrong length for alert message: %d\n",
 	data->len);
 	ERETURN(R_EOD);
   }
   P_(P_HL){
      printf("\n");
      SSL_DECODE_ENUM(ssl,"level",1,AlertLevel_decoder,P_HL,data,0);
      printf("\n");
      SSL_DECODE_ENUM(ssl,"value",1,AlertDescription_decoder,P_HL,data,0);
      printf("\n");
   }
   else {
         SSL_DECODE_ENUM(ssl,0,1,AlertLevel_decoder,SSL_PRINT_ALL,data,0);
         SSL_DECODE_ENUM(ssl,0,1,AlertDescription_decoder,SSL_PRINT_ALL,data,0);
 	 printf("\n");
   }
   return(0);
@},
        Handshake(22)
 {@
    extern decoder HandshakeType_decoder[];
    int r;
    UINT4 t,l;
    int rs=0;
    Data d;	
    if(ssl->record_encryption==REC_CIPHERTEXT){
      printf("\n");
      return(0);
    }
    while(data->len>0){
      SSL_DECODE_UINT8(ssl,0,0,data,&t);
      SSL_DECODE_UINT24(ssl,0,0,data,&l);
      if(data->len<l){
        fprintf(stderr,"Error: short handshake length: expected %d got %d\n",
        l,data->len);
        ERETURN(R_EOD);
      }
      d.data=data->data;
      d.len=l;
      data->len-=l;
      data->data+=l;	
      P_(P_HL){
 	if(!rs){
 	  printf("\n");
 	  rs=1;
 	}
      }
      ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,&d);
     }
     return(0);
@},
        application_data(23)
 {@  
    int r;
    Data d;
    SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d);
    P_(P_AD){	
 	    print_data(ssl,&d);
    }
    else {
 	printf("\n");
    }      
    return(0);
@}
 , (255)
    } ContentType;
    select {
        HelloRequest(0)
 {@
  printf("\n");
@},
 ClientHello(1)
 {@
    UINT4 vj,vn,cs,cslen,complen,comp;
    Data session_id,random;
    int r;
    extern decoder cipher_suite_decoder[];
    extern decoder compression_method_decoder[];    
    printf("\n");			    
    SSL_DECODE_UINT8(ssl,0,0,data,&vj);
    SSL_DECODE_UINT8(ssl,0,0,data,&vn);    
    P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
        printf("\n");
   }
    SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random);
    ssl_set_client_random(ssl->decoder,random.data,random.len);
    SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id);
    ssl_set_client_session_id(ssl->decoder,session_id.data,session_id.len);
    P_(P_HL){
      if(session_id.len)
        exdump(ssl,"resume ",&session_id);
    }
    P_(P_HL){
 	SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
        explain(ssl,"cipher suites\n");
 	    for(;cslen;cslen-=2){
 	      ssl_decode_enum(ssl,0,2,cipher_suite_decoder,
 	        0,data,&cs);
 	      ssl_print_cipher_suite(ssl,(vj<<8)|vn,P_HL,cs);
 	      printf("\n");
 	    }
    }
    SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen);
    if(complen){
      explain(ssl,"compression methods\n");
      for(;complen;complen--){
        SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp);
        printf("\n");
      }
    }
    return(0);
@},
    ServerHello(2)
 {@
    int r;
    Data rnd,session_id;	
    UINT4 vj,vn;
    printf("\n");			        
    SSL_DECODE_UINT8(ssl,0,0,data,&vj);
    SSL_DECODE_UINT8(ssl,0,0,data,&vn);    
    ssl->version=vj*256+vn;	        
    P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
        printf("\n");
   }
    SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&rnd);
    ssl_set_server_random(ssl->decoder,rnd.data,rnd.len);
    SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,P_HL,data,&session_id);
    SSL_DECODE_ENUM(ssl,"cipherSuite",2,cipher_suite_decoder,
      0,data,&ssl->cipher_suite);
    P_(P_HL){
     explain(ssl,"cipherSuite ");
     ssl_print_cipher_suite(ssl,ssl->version,P_HL,ssl->cipher_suite);      
    }
    ssl_find_cipher(ssl->cipher_suite,&ssl->cs);
    ssl_process_server_session_id(ssl,ssl->decoder,session_id.data,
      session_id.len);
    P_(P_HL) printf("\n");
    SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0);
    P_(P_HL) printf("\n");					
    return(0);
@},
 Certificate(11)
 {@
    UINT4 len;
    Data cert;
    int r;
    printf("\n");
    SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len);
    while(len){
      SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate",-((1<<23)-1),
        0,data,&cert);
      sslx_print_certificate(ssl,&cert,P_ND);
      len-=(cert.len + 3);
    }
    return(0);
@},
 ServerKeyExchange (12)
 {@
   int r;
    printf("\n");			      
   if(ssl->cs){
     P_(P_ND){
 	explain(ssl,"params\n");
     }
     INDENT_INCR;
     switch(ssl->cs->kex){
 	case KEX_DH:
 	  SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_p",-((1<<15)-1),P_ND,data,0);
 	  SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_g",-((1<<15)-1),P_ND,data,0);	  
 	  SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_Ys",-((1<<15)-1),P_ND,data,0);	  
 	  break;
 	case KEX_RSA:
 	  SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_modulus",-((1<<15)-1),P_ND,data,0);
 	  SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_exponent",-((1<<15)-1),P_ND,data,0);
 	  break;
      }
      INDENT_POP;
      SSL_DECODE_OPAQUE_ARRAY(ssl,"signature",-((1<<15)-1),P_ND,data,0);
   }
   return(0);
@}
 ,
 CertificateRequest(13)
 {@
    UINT4 len;
    Data ca;
    int r;
    printf("\n");
    SSL_DECODE_UINT8(ssl,"certificate_types len",0,data,&len);
    for(;len;len--){
      SSL_DECODE_ENUM(ssl,"certificate_types",1,
        client_certificate_type_decoder, P_HL,data,0);
      P_(P_HL){
 	printf("\n");
      }
    };
    SSL_DECODE_UINT16(ssl,"certificate_authorities len",0,data,&len);
    while(len){
      SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate_authorities",
        -((1<<15)-1),0,data,&ca); 
      explain(ssl,"certificate_authority\n");
      INDENT_INCR;
      sslx_print_dn(ssl,&ca,P_HL);
      INDENT_POP;
      len-=(ca.len + 2);
    }
    return(0);
@}
 , ServerHelloDone(14) 
 {@
  printf("\n");
@},
 CertificateVerify(15) 
 {@
  int r;
  printf("\n");
  SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-(1<<15-1),P_HL,data,0);
  return(0);
@}
 ,
 ClientKeyExchange(16)
 {@
   int r;
   Data pms;
    printf("\n");
   if(ssl->cs){
     switch(ssl->cs->kex){
 	case KEX_RSA:
 	   if(ssl->version > 768) {
 	           SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",-(1<<15-1),
 	             P_ND,data,&pms);
 	        }
 	        else {
 	           SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",data->len,P_ND,data,&pms);   
 	        }
 	        ssl_process_client_key_exchange(ssl,
 	        ssl->decoder,pms.data,pms.len);
            break;
        case KEX_DH:
            SSL_DECODE_OPAQUE_ARRAY(ssl,"DiffieHellmanClientPublicValue",
 	        -(1<<15-1),P_HL,data,0);
      }
   }
   return(0);
@}   
 ,
        Finished(20)
 {@
   int r;
    printf("\n");   
   switch(ssl->version){
     case 0x300:
       SSL_DECODE_OPAQUE_ARRAY(ssl,"md5_hash",16,P_ND,data,0);
       SSL_DECODE_OPAQUE_ARRAY(ssl,"sha_hash",20,P_ND,data,0);
       break;
     case 0x301:
       SSL_DECODE_OPAQUE_ARRAY(ssl,"verify_data",12,P_ND,data,0);
 	P_(P_ND)
 	  printf("\n");
       break;
   }
   return (0);
@}
 , (255)
    } HandshakeType;
    constant {
    // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt
    CipherSuite TLS_NULL_WITH_NULL_NULL                       = { 0x00,0x00 };
    CipherSuite TLS_RSA_WITH_NULL_MD5                         = { 0x00,0x01 };
    CipherSuite TLS_RSA_WITH_NULL_SHA                         = { 0x00,0x02 };
    CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5                = { 0x00,0x03 };
    CipherSuite TLS_RSA_WITH_RC4_128_MD5                      = { 0x00,0x04 };
    CipherSuite TLS_RSA_WITH_RC4_128_SHA                      = { 0x00,0x05 };
    CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5            = { 0x00,0x06 };
    CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA                     = { 0x00,0x07 };
    CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA             = { 0x00,0x08 };
    CipherSuite TLS_RSA_WITH_DES_CBC_SHA                      = { 0x00,0x09 };
    CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA                 = { 0x00,0x0A };
    CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA          = { 0x00,0x0B };
    CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA                   = { 0x00,0x0C };
    CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA              = { 0x00,0x0D };
    CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA          = { 0x00,0x0E };
    CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA                   = { 0x00,0x0F };
    CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA              = { 0x00,0x10 };
    CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA         = { 0x00,0x11 };
    CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA                  = { 0x00,0x12 };
    CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA             = { 0x00,0x13 };
    CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA         = { 0x00,0x14 };
    CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA                  = { 0x00,0x15 };
    CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA             = { 0x00,0x16 };
    CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5            = { 0x00,0x17 };
    CipherSuite TLS_DH_anon_WITH_RC4_128_MD5                  = { 0x00,0x18 };
    CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA         = { 0x00,0x19 };
    CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA                  = { 0x00,0x1A };
    CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA             = { 0x00,0x1B };
    CipherSuite TLS_KRB5_WITH_DES_CBC_SHA                     = { 0x00,0x1E };
    CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA                = { 0x00,0x1F };
    CipherSuite TLS_KRB5_WITH_RC4_128_SHA                     = { 0x00,0x20 };
    CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA                    = { 0x00,0x21 };
    CipherSuite TLS_KRB5_WITH_DES_CBC_MD5                     = { 0x00,0x22 };
    CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5                = { 0x00,0x23 };
    CipherSuite TLS_KRB5_WITH_RC4_128_MD5                     = { 0x00,0x24 };
    CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5                    = { 0x00,0x25 };
    CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA           = { 0x00,0x26 };
    CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA           = { 0x00,0x27 };
    CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA               = { 0x00,0x28 };
    CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5           = { 0x00,0x29 };
    CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5           = { 0x00,0x2A };
    CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5               = { 0x00,0x2B };
    CipherSuite TLS_PSK_WITH_NULL_SHA                         = { 0x00,0x2C };
    CipherSuite TLS_DHE_PSK_WITH_NULL_SHA                     = { 0x00,0x2D };
    CipherSuite TLS_RSA_PSK_WITH_NULL_SHA                     = { 0x00,0x2E };
    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA                  = { 0x00,0x2F };
    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA               = { 0x00,0x30 };
    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA               = { 0x00,0x31 };
    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA              = { 0x00,0x32 };
    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA              = { 0x00,0x33 };
    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA              = { 0x00,0x34 };
    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA                  = { 0x00,0x35 };
    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA               = { 0x00,0x36 };
    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA               = { 0x00,0x37 };
    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA              = { 0x00,0x38 };
    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA              = { 0x00,0x39 };
    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA              = { 0x00,0x3A };
    CipherSuite TLS_RSA_WITH_NULL_SHA256                      = { 0x00,0x3B };
    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256               = { 0x00,0x3C };
    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256               = { 0x00,0x3D };
    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256            = { 0x00,0x3E };
    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256            = { 0x00,0x3F };
    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256           = { 0x00,0x40 };
    CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA             = { 0x00,0x41 };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA          = { 0x00,0x42 };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA          = { 0x00,0x43 };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA         = { 0x00,0x44 };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA         = { 0x00,0x45 };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA         = { 0x00,0x46 };
    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256           = { 0x00,0x67 };
    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256            = { 0x00,0x68 };
    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256            = { 0x00,0x69 };
    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256           = { 0x00,0x6A };
    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256           = { 0x00,0x6B };
    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256           = { 0x00,0x6C };
    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256           = { 0x00,0x6D };
    CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA             = { 0x00,0x84 };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA          = { 0x00,0x85 };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA          = { 0x00,0x86 };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA         = { 0x00,0x87 };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA         = { 0x00,0x88 };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA         = { 0x00,0x89 };
    CipherSuite TLS_PSK_WITH_RC4_128_SHA                      = { 0x00,0x8A };
    CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA                 = { 0x00,0x8B };
    CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA                  = { 0x00,0x8C };
    CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA                  = { 0x00,0x8D };
    CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA                  = { 0x00,0x8E };
    CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA             = { 0x00,0x8F };
    CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA              = { 0x00,0x90 };
    CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA              = { 0x00,0x91 };
    CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA                  = { 0x00,0x92 };
    CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA             = { 0x00,0x93 };
    CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA              = { 0x00,0x94 };
    CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA              = { 0x00,0x95 };
    CipherSuite TLS_RSA_WITH_SEED_CBC_SHA                     = { 0x00,0x96 };
    CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA                  = { 0x00,0x97 };
    CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA                  = { 0x00,0x98 };
    CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA                 = { 0x00,0x99 };
    CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA                 = { 0x00,0x9A };
    CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA                 = { 0x00,0x9B };
    CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256               = { 0x00,0x9C };
    CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384               = { 0x00,0x9D };
    CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256           = { 0x00,0x9E };
    CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384           = { 0x00,0x9F };
    CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256            = { 0x00,0xA0 };
    CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384            = { 0x00,0xA1 };
    CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256           = { 0x00,0xA2 };
    CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384           = { 0x00,0xA3 };
    CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256            = { 0x00,0xA4 };
    CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384            = { 0x00,0xA5 };
    CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256           = { 0x00,0xA6 };
    CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384           = { 0x00,0xA7 };
    CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256               = { 0x00,0xA8 };
    CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384               = { 0x00,0xA9 };
    CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256           = { 0x00,0xAA };
    CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384           = { 0x00,0xAB };
    CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256           = { 0x00,0xAC };
    CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384           = { 0x00,0xAD };
    CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256               = { 0x00,0xAE };
    CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384               = { 0x00,0xAF };
    CipherSuite TLS_PSK_WITH_NULL_SHA256                      = { 0x00,0xB0 };
    CipherSuite TLS_PSK_WITH_NULL_SHA384                      = { 0x00,0xB1 };
    CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256           = { 0x00,0xB2 };
    CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384           = { 0x00,0xB3 };
    CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256                  = { 0x00,0xB4 };
    CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384                  = { 0x00,0xB5 };
    CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256           = { 0x00,0xB6 };
    CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384           = { 0x00,0xB7 };
    CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256                  = { 0x00,0xB8 };
    CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384                  = { 0x00,0xB9 };
    CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256          = { 0x00,0xBA };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256       = { 0x00,0xBB };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256       = { 0x00,0xBC };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256      = { 0x00,0xBD };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256      = { 0x00,0xBE };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256      = { 0x00,0xBF };
    CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256          = { 0x00,0xC0 };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256       = { 0x00,0xC1 };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256       = { 0x00,0xC2 };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256      = { 0x00,0xC3 };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256      = { 0x00,0xC4 };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256      = { 0x00,0xC5 };
    CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV             = { 0x00,0xFF };
    CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA                  = { 0xC0,0x01 };
    CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA               = { 0xC0,0x02 };
    CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA          = { 0xC0,0x03 };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA           = { 0xC0,0x04 };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA           = { 0xC0,0x05 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA                 = { 0xC0,0x06 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA              = { 0xC0,0x07 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA         = { 0xC0,0x08 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA          = { 0xC0,0x09 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA          = { 0xC0,0x0A };
    CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA                    = { 0xC0,0x0B };
    CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA                 = { 0xC0,0x0C };
    CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA            = { 0xC0,0x0D };
    CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA             = { 0xC0,0x0E };
    CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA             = { 0xC0,0x0F };
    CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA                   = { 0xC0,0x10 };
    CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA                = { 0xC0,0x11 };
    CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA           = { 0xC0,0x12 };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA            = { 0xC0,0x13 };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA            = { 0xC0,0x14 };
    CipherSuite TLS_ECDH_anon_WITH_NULL_SHA                   = { 0xC0,0x15 };
    CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA                = { 0xC0,0x16 };
    CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA           = { 0xC0,0x17 };
    CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA            = { 0xC0,0x18 };
    CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA            = { 0xC0,0x19 };
    CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA             = { 0xC0,0x1A };
    CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA         = { 0xC0,0x1B };
    CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA         = { 0xC0,0x1C };
    CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA              = { 0xC0,0x1D };
    CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA          = { 0xC0,0x1E };
    CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA          = { 0xC0,0x1F };
    CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA              = { 0xC0,0x20 };
    CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA          = { 0xC0,0x21 };
    CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA          = { 0xC0,0x22 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256       = { 0xC0,0x23 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384       = { 0xC0,0x24 };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256        = { 0xC0,0x25 };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384        = { 0xC0,0x26 };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256         = { 0xC0,0x27 };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384         = { 0xC0,0x28 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256          = { 0xC0,0x29 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384          = { 0xC0,0x2A };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256       = { 0xC0,0x2B };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384       = { 0xC0,0x2C };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256        = { 0xC0,0x2D };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384        = { 0xC0,0x2E };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256         = { 0xC0,0x2F };
    CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384         = { 0xC0,0x30 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256          = { 0xC0,0x31 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384          = { 0xC0,0x32 };
    CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA                = { 0xC0,0x33 };
    CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA           = { 0xC0,0x34 };
    CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA            = { 0xC0,0x35 };
    CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA            = { 0xC0,0x36 };
    CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256         = { 0xC0,0x37 };
    CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384         = { 0xC0,0x38 };
    CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA                   = { 0xC0,0x39 };
    CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256                = { 0xC0,0x3A };
    CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384                = { 0xC0,0x3B };
    CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256              = { 0xC0,0x3C };
    CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384              = { 0xC0,0x3D };
    CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256           = { 0xC0,0x3E };
    CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384           = { 0xC0,0x3F };
    CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256           = { 0xC0,0x40 };
    CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384           = { 0xC0,0x41 };
    CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256          = { 0xC0,0x42 };
    CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384          = { 0xC0,0x43 };
    CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256          = { 0xC0,0x44 };
    CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384          = { 0xC0,0x45 };
    CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256          = { 0xC0,0x46 };
    CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384          = { 0xC0,0x47 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256      = { 0xC0,0x48 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384      = { 0xC0,0x49 };
    CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256       = { 0xC0,0x4A };
    CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384       = { 0xC0,0x4B };
    CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256        = { 0xC0,0x4C };
    CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384        = { 0xC0,0x4D };
    CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256         = { 0xC0,0x4E };
    CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384         = { 0xC0,0x4F };
    CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256              = { 0xC0,0x50 };
    CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384              = { 0xC0,0x51 };
    CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256          = { 0xC0,0x52 };
    CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384          = { 0xC0,0x53 };
    CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256           = { 0xC0,0x54 };
    CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384           = { 0xC0,0x55 };
    CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256          = { 0xC0,0x56 };
    CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384          = { 0xC0,0x57 };
    CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256           = { 0xC0,0x58 };
    CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384           = { 0xC0,0x59 };
    CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256          = { 0xC0,0x5A };
    CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384          = { 0xC0,0x5B };
    CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256      = { 0xC0,0x5C };
    CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384      = { 0xC0,0x5D };
    CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256       = { 0xC0,0x5E };
    CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384       = { 0xC0,0x5F };
    CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256        = { 0xC0,0x60 };
    CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384        = { 0xC0,0x61 };
    CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256         = { 0xC0,0x62 };
    CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384         = { 0xC0,0x63 };
    CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256              = { 0xC0,0x64 };
    CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384              = { 0xC0,0x65 };
    CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256          = { 0xC0,0x66 };
    CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384          = { 0xC0,0x67 };
    CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256          = { 0xC0,0x68 };
    CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384          = { 0xC0,0x69 };
    CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256              = { 0xC0,0x6A };
    CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384              = { 0xC0,0x6B };
    CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256          = { 0xC0,0x6C };
    CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384          = { 0xC0,0x6D };
    CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256          = { 0xC0,0x6E };
    CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384          = { 0xC0,0x6F };
    CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256        = { 0xC0,0x70 };
    CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384        = { 0xC0,0x71 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  = { 0xC0,0x72 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  = { 0xC0,0x73 };
    CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256   = { 0xC0,0x74 };
    CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384   = { 0xC0,0x75 };
    CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    = { 0xC0,0x76 };
    CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384    = { 0xC0,0x77 };
    CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256     = { 0xC0,0x78 };
    CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384     = { 0xC0,0x79 };
    CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256          = { 0xC0,0x7A };
    CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384          = { 0xC0,0x7B };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256      = { 0xC0,0x7C };
    CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384      = { 0xC0,0x7D };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256       = { 0xC0,0x7E };
    CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384       = { 0xC0,0x7F };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256      = { 0xC0,0x80 };
    CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384      = { 0xC0,0x81 };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256       = { 0xC0,0x82 };
    CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384       = { 0xC0,0x83 };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256      = { 0xC0,0x84 };
    CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384      = { 0xC0,0x85 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  = { 0xC0,0x86 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  = { 0xC0,0x87 };
    CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256   = { 0xC0,0x88 };
    CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384   = { 0xC0,0x89 };
    CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256    = { 0xC0,0x8A };
    CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384    = { 0xC0,0x8B };
    CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256     = { 0xC0,0x8C };
    CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384     = { 0xC0,0x8D };
    CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256          = { 0xC0,0x8E };
    CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384          = { 0xC0,0x8F };
    CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256      = { 0xC0,0x90 };
    CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384      = { 0xC0,0x91 };
    CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256      = { 0xC0,0x92 };
    CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384      = { 0xC0,0x93 };
    CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256          = { 0xC0,0x94 };
    CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384          = { 0xC0,0x95 };
    CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256      = { 0xC0,0x96 };
    CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384      = { 0xC0,0x97 };
    CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256      = { 0xC0,0x98 };
    CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384      = { 0xC0,0x99 };
    CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256    = { 0xC0,0x9A };
    CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384    = { 0xC0,0x9B };
    CipherSuite TLS_RSA_WITH_AES_128_CCM                      = { 0xC0,0x9C };
    CipherSuite TLS_RSA_WITH_AES_256_CCM                      = { 0xC0,0x9D };
    CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM                  = { 0xC0,0x9E };
    CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM                  = { 0xC0,0x9F };
    CipherSuite TLS_RSA_WITH_AES_128_CCM_8                    = { 0xC0,0xA0 };
    CipherSuite TLS_RSA_WITH_AES_256_CCM_8                    = { 0xC0,0xA1 };
    CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8                = { 0xC0,0xA2 };
    CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8                = { 0xC0,0xA3 };
    CipherSuite TLS_PSK_WITH_AES_128_CCM                      = { 0xC0,0xA4 };
    CipherSuite TLS_PSK_WITH_AES_256_CCM                      = { 0xC0,0xA5 };
    CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM                  = { 0xC0,0xA6 };
    CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM                  = { 0xC0,0xA7 };
    CipherSuite TLS_PSK_WITH_AES_128_CCM_8                    = { 0xC0,0xA8 };
    CipherSuite TLS_PSK_WITH_AES_256_CCM_8                    = { 0xC0,0xA9 };
    CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8                = { 0xC0,0xAA };
    CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8                = { 0xC0,0xAB };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM              = { 0xC0,0xAC };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM              = { 0xC0,0xAD };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8            = { 0xC0,0xAE };
    CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8            = { 0xC0,0xAF };
    CipherSuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   = { 0xCC,0xA8 };
    CipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xA9 };
    CipherSuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = { 0xCC,0xAA };
    CipherSuite TLS_PSK_WITH_CHACHA20_POLY1305_SHA256         = { 0xCC,0xAB };
    CipherSuite TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256   = { 0xCC,0xAC };
    CipherSuite TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256     = { 0xCC,0xAD };
    CipherSuite TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256     = { 0xCC,0xAE };
    CipherSuite TLS_FALLBACK_SCSV                             = { 0x56,0x00 };
    // New PSK ciphers introduced by TLS 1.3
    // https://tlswg.github.io/tls13-spec/#rfc.appendix.A.4
    CipherSuite TLS_AES_128_GCM_SHA256                        = { 0x13,0x01 };
    CipherSuite TLS_AES_256_GCM_SHA384                        = { 0x13,0x02 };
    CipherSuite TLS_CHACHA20_POLY1305_SHA256                  = { 0x13,0x03 };
    CipherSuite TLS_AES_128_CCM_SHA256                        = { 0x13,0x04 };
    CipherSuite TLS_AES_128_CCM_8_SHA256                      = { 0x13,0x05 };
    // DRAFT-IETF-TLS-ECC
    CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA                  = { 0x00,0x47 };
    CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA               = { 0x00,0x48 };
    CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA               = { 0x00,0x49 };
    CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA          = { 0x00,0x4A };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA           = { 0x00,0x4B };
    CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA           = { 0x00,0x4C };
    CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA         = { 0x00,0x4B };
    CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA         = { 0x00,0x4C };
    CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA                    = { 0x00,0x4D };
    CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA                 = { 0x00,0x4E };
    CipherSuite TLS_ECDH_RSA_WITH_DES_CBC_SHA                 = { 0x00,0x4F };
    CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA            = { 0x00,0x50 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA             = { 0x00,0x51 };
    CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA             = { 0x00,0x52 };
    CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA           = { 0x00,0x53 };
    CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA           = { 0x00,0x54 };
    CipherSuite TLS_ECDH_anon_NULL_WITH_SHA                   = { 0x00,0x55 };
    CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA                = { 0x00,0x56 };
    CipherSuite TLS_ECDH_anon_WITH_DES_CBC_SHA                = { 0x00,0x57 };
    CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA           = { 0x00,0x58 };
    CipherSuite TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA       = { 0x00,0x59 };
    CipherSuite TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA          = { 0x00,0x5A };
    // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES
    CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5            = { 0x00,0x60 };
    CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5        = { 0x00,0x61 };
    CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA           = { 0x00,0x62 };
    CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA       = { 0x00,0x63 };
    CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA            = { 0x00,0x64 };
    CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA        = { 0x00,0x65 };
    CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA                  = { 0x00,0x66 };
    // FIPS SSL (Netscape)
    CipherSuite SSL_RSA_FIPS_WITH_DES_CBC_SHA                 = { 0xFE,0xFE };
    CipherSuite SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA            = { 0xFE,0xFF };
    // SSL 2.0
    CipherSuite SSL2_RC4_128_WITH_MD5                         = { 0x01,0x00,0x80 };
    CipherSuite SSL2_RC4_128_EXPORT40_WITH_MD5                = { 0x02,0x00,0x80 };
    CipherSuite SSL2_RC2_CBC_128_CBC_WITH_MD5                 = { 0x03,0x00,0x80 };
    CipherSuite SSL2_RC2_128_CBC_EXPORT40_WITH_MD5            = { 0x04,0x00,0x80 };
    CipherSuite SSL2_IDEA_128_CBC_WITH_MD5                    = { 0x05,0x00,0x80 };
    CipherSuite SSL2_DES_64_CBC_WITH_MD5                      = { 0x06,0x00,0x40 };
    CipherSuite SSL2_DES_64_CBC_WITH_SHA                      = { 0x06,0x01,0x40 };
    CipherSuite SSL2_DES_192_EDE3_CBC_WITH_MD5                = { 0x07,0x00,0xc0 };
    CipherSuite SSL2_DES_192_EDE3_CBC_WITH_SHA                = { 0x07,0x01,0xc0 };
    CipherSuite SSL2_RC4_64_WITH_MD5                          = { 0x08,0x00,0x80 };
  } cipher_suite;  
  select { warning(1), fatal(2), (255) } AlertLevel;
  select  {
            close_notify(0),
            unexpected_message(10),
            bad_record_mac(20),
            decryption_failed(21),
            record_overflow(22),
            decompression_failure(30),
            handshake_failure(40),
            bad_certificate(42),
            unsupported_certificate(43),
            certificate_revoked(44),
            certificate_expired(45),
            certificate_unknown(46),
            illegal_parameter(47),
            unknown_ca(48),
            access_denied(49),
            decode_error(50),
            decrypt_error(51),
            export_restriction(60),
            protocol_version(70),
            insufficient_security(71),
            internal_error(80),
            user_canceled(90),
            no_renegotiation(100),
            (255)
  } AlertDescription;
  constant {
      CompressionMethod NULL={0};
  } compression_method;
   select {
        rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
        (255)
   } client_certificate_type;
--- a/ssl/Attic/ssl.l
+++ b/ssl/Attic/ssl.l
@ -1,67 +0,0 @@
 %option yylineno
 %{
 #include "y.tab.h"
 #if 0
 #define RETURN(x) printf("TOK:%s\n",#x);  return(x)
 #else
 #define RETURN return
 #endif
 long strtol();
 %}  
 IDCHAR		[a-zA-Z0-9_\-\.]
 NUMCHAR		[0-9]
 S		[ \t\n\r\f]+
 NAME		[a-zA-Z]{IDCHAR}+
 NUM		{NUMCHAR}+
 HEXNUM          "0x"[0-9A-Za-z]+
 COMMENT		"/*"("*"?[^/]+)*("*/")
 CODE            "{@"[^@]+"@}"
 %%
 ".."			{RETURN(DOT_DOT_);}
 "enum"			{RETURN(ENUM_);}
 "struct"		{RETURN(STRUCT_);}
 "opaque"		{mkname();RETURN(OPAQUE_);}
 "select"		{RETURN(SELECT_);}
 "constant"              {RETURN(CONSTANT_);}
 "digitally-signed"	{/* Do nothing*/}
 "public-key-encrypted"  {/* Do nothing*/}
 "case"			{RETURN(CASE_);}
 {COMMENT}		{ /*Do nothing*/}
 {CODE}          { strcpy(yylval.str,yytext); RETURN(CODE_);}
 {S}			{/*do nothing*/} 
 {NAME}			{mkname();RETURN(NAME_);}
 {NUM}			{yylval.val=atoi(yytext); RETURN(NUM_);}
 {HEXNUM}			{yylval.val=strtol(yytext,0,16); RETURN(NUM_);}
 "{"                      { RETURN('{'); }
 "}"                      { RETURN('}'); }
 "("                      { RETURN('('); }
 ")"                      { RETURN(')'); }
 "["                      { RETURN('['); }
 "]"                      { RETURN(']'); }
 "<"                      { RETURN('<'); }
 ">"			 { RETURN('>'); }
 ";"                      { RETURN(';'); }
 ":"			 { RETURN(':'); }
 ","			 { RETURN(','); }
 "."			 { RETURN('.'); }
 "^"			 { RETURN('^'); }
 "-"			 { RETURN('-'); }
 "="                      { RETURN('='); }
 .			 { fprintf(stderr,"Invalid input token: %s at %d!!!\n",yytext,yylineno);
 			   exit(1);
 			   }
 %%
 int mkname()
 {
 #if 0
 printf("%s\n",yytext);
 #endif
 strcpy(yylval.str,yytext);
 }
--- a/ssl/Attic/ssl.y
+++ b/ssl/Attic/ssl.y
@ -1,241 +0,0 @@
 /**
   ssl.y
   Copyright (C) 1998, RTFM, Inc.
   All Rights Reserved.
   ekr@rtfm.com  Fri Dec 25 20:33:47 1998
 */
 %{
 typedef struct select_st_ {
 	char *name;
        char *code;
 	int val;
 	struct select_st_ *next;
 } select_st;
 select_st *select_base;
 select_st *select_ptr;
 select_st *constant_base;
 select_st *constant_ptr;
 #include <stdio.h>
 extern FILE *dotc;
 extern FILE *doth;
 %}
 %union {
     int val;
     unsigned char str[8192];
 }
 /*These tokens have attributes*/
 %token <str> NAME_
 %token <val> NUM_
 /*Tokens*/
 %token <val> DOT_DOT_
 %token <val> STRUCT_
 %token <val> SELECT_
 %token <str> OPAQUE_
 %token <val> SELECT_
 %token <val> ENUM_
 %token <val> DIGITALLY_SIGNED_
 %token <val> COMMENT_START_
 %token <str> CODE_
 %token <val> COMMENT_END_
 %token <val> CASE_
 %token <val> CONSTANT_ 
 /*Types for nonterminals*/
 %type <val> module
 %type <val> typelist
 %type <val> definition
 %type <val> selecttype
 %type <val> constant_type
 %type <val> selecterateds
 %type <val> selectmax
 %type <val> constval
 /*%type <val> selecterated*/
 %%
 module: typelist
 typelist: {$$=1};
 	| definition typelist
  {
    $$=1;
  }
 ;
 definition: selecttype
          | constant_type
 ;
 selecttype: SELECT_ '{' selecterateds ',' selectmax '}' NAME_ ';'
  {
 	select_st *en;
 	char filename[100];
 	for(en=select_base;en;en=en->next){
 	  fprintf(dotc,"static int decode_%s_%s(ssl,dir,seg,data)\n",
 			 $7,en->name);
 	  fprintf(dotc,"  ssl_obj *ssl;\n");
 	  fprintf(dotc,"  int dir;\n");
 	  fprintf(dotc,"  segment *seg;\n");
 	  fprintf(dotc,"  Data *data;\n");
 	  fprintf(dotc,"  {\n");
          if(en->code){
            en->code+=2;
            en->code[strlen(en->code)-2]=0;
            fprintf(dotc,"\n%s\n",en->code);
          }
          else{
 /*            fprintf(dotc,"	fprintf(dotc,\"Decoding %s...%cn\");\n",en->name,'\\');*/
            fprintf(dotc,"	return(0);\n");
          }
 	  fprintf(dotc,"  }\n");
        }
 	fprintf(dotc,"decoder %s_decoder[]={\n",$7);
 	fprintf(doth,"extern decoder %s_decoder[];\n",$7);	
 	for(en=select_base;en;en=en->next){
 	  fprintf(dotc,"	{\n");
 	  fprintf(dotc,"		%d,\n",en->val);
 	  fprintf(dotc,"		\"%s\",\n",en->name);
 	  fprintf(dotc,"		decode_%s_%s\n",$7,en->name);
 	  fprintf(dotc,"	},\n");
 	}
 	fprintf(dotc,"{-1}\n");
 	fprintf(dotc,"};\n\n");
 	select_base=0;
  }
 ;
 selecterateds: selecterateds ',' selecterated
 	   | selecterated
 {;
 }
 ;
 selectmax: '(' NUM_ ')'
 {$$=1;};
 selecterated: selecterated_no_code
          | selecterated_code
 ;
 selecterated_code: NAME_ '(' NUM_ ')' CODE_
 {
 	select_st *en;
 	en=malloc(sizeof(select_st));
 	en->next=0;
 	en->val=$3;
 	en->name=strdup($1);
        en->code=strdup($5);
 	if(!select_base){
 	  select_base=en;
 	  select_ptr=en;
        }
 	else{
 	  select_ptr->next=en;
 	  select_ptr=en;
 	}
 };
 selecterated_no_code: NAME_ '(' NUM_ ')' 
 {
 	select_st *en;
 	en=malloc(sizeof(select_st));
 	en->next=0;
 	en->val=$3;
 	en->name=strdup($1);
        en->code=0;
 	if(!select_base){
 	  select_base=en;
 	  select_ptr=en;
        }
 	else{
 	  select_ptr->next=en;
 	  select_ptr=en;
 	}
 };
 constant_type: CONSTANT_ '{' constants '}' NAME_ ';'
  {
    select_st *en;
 	fprintf(dotc,"decoder %s_decoder[]={\n",$5);
 	fprintf(doth,"extern decoder %s_decoder[];\n",$5);
 	for(en=constant_base;en;en=en->next){
 	  fprintf(dotc,"	{\n");
 	  fprintf(dotc,"		%d,\n",en->val);
 	  fprintf(dotc,"		\"%s\",\n",en->name);
 	  fprintf(dotc,"		0");
 	  fprintf(dotc,"	},\n");
 	}
 	fprintf(dotc,"{-1}\n");
 	fprintf(dotc,"};\n\n");
        constant_ptr=0;
        constant_base=0;
  }
 constants: constants constant
         | constant
 {;
 }
 ;
 constant: NAME_ NAME_ '=' '{' constval '}' ';'
 {
 	select_st *en;
 	en=malloc(sizeof(select_st));
 	en->next=0;
 	en->val=$5;
 	en->name=strdup($2);
 	if(!constant_base){
 	  constant_base=en;
 	  constant_ptr=en;
        }
 	else{
 	  constant_ptr->next=en;
 	  constant_ptr=en;
 	}
 };
 constval: NUM_ ',' NUM_ ',' NUM_
  {
    $$=($1 << 16) | ($3 << 8) | $5;
  }
 |  NUM_ ',' NUM_
  {
    $$=($1 << 8) | $3;
  }
        | NUM_
  {
    $$=$1;
  }
 ;
--- a/ssl/Attic/ssl_enum.c
+++ b/ssl/Attic/ssl_enum.c
@ -1,385 +0,0 @@
 #include "network.h"
 #include "ssl.h"
 #include "sslprint.h"
 static int decode_ContentType_change_cipher_spec(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_ContentType_alert(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_ContentType_handshake(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
    extern decoder HandshakeType_decoder[];
    int r;
    UINT4 t,l;
    SSL_DECODE_UINT8(ssl,0,0,data,&t);
    SSL_DECODE_UINT24(ssl,0,0,data,&l);
    if(data->len!=l){
      fprintf(stderr,"Error: short handshake length: expected %d got %d\n",
        l,data->len);
      ERETURN(R_EOD);
    }
    ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,data);
  }
 static int decode_ContentType_application_data(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 decoder ContentType_decoder[]={
 	{
 		20,
 		"change_cipher_spec",
 		decode_ContentType_change_cipher_spec
 	},
 	{
 		21,
 		"alert",
 		decode_ContentType_alert
 	},
 	{
 		22,
 		"handshake",
 		decode_ContentType_handshake
 	},
 	{
 		23,
 		"application_data",
 		decode_ContentType_application_data
 	},
 {-1}
 };
 static int decode_HandshakeType_hello_request(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_client_hello(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
    UINT4 vj,vn,cs,cslen,complen,comp;
    Data session_id,random;
    int r;
    extern decoder cipher_suite_decoder[];
    extern decoder compression_method_decoder[];    
    SSL_DECODE_UINT8(ssl,0,0,data,&vj);
    SSL_DECODE_UINT8(ssl,0,0,data,&vn);    
    P_(P_ND) {explain(ssl,"Client version %d.%d ",vj,vn);}
    printf("\n");
    SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random);
    SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id);
    if(session_id.len)
      exdump(ssl,"resume ",&session_id);
    SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
    explain(ssl,"cipher suites\n");
    for(;cslen;cslen-=2){
      SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder,
        P_HL,data,&cs);
      printf("\n");
    }
    SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen);
    if(complen){
      explain(ssl,"compression methods\n");
      for(;complen;complen--){
        SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp);
        printf("\n");
      }
    }
    return(0);
  }
 static int decode_HandshakeType_server_hello(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
    int r;
    UINT4 vj,vn;
    SSL_DECODE_UINT8(ssl,0,0,data,&vj);
    SSL_DECODE_UINT8(ssl,0,0,data,&vn);    
    P_(P_ND) {explain(ssl,"SSL version %d.%d ",vj,vn);}
    SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,0);
    SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",32,P_ND,data,0);
    SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder,
      P_HL,data,0);
    SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,0);
    return(0);
  }
 static int decode_HandshakeType_certificate(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_server_key_exchange(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_certificate_request(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_server_hello_done(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_certificate_verify(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_client_key_exchange(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 static int decode_HandshakeType_finished(ssl,dir,seg,data)
  ssl_obj *ssl;
  int dir;
  segment *seg;
  Data *data;
  {
 	return(0);
  }
 decoder HandshakeType_decoder[]={
 	{
 		0,
 		"hello_request",
 		decode_HandshakeType_hello_request
 	},
 	{
 		1,
 		"client_hello",
 		decode_HandshakeType_client_hello
 	},
 	{
 		2,
 		"server_hello",
 		decode_HandshakeType_server_hello
 	},
 	{
 		11,
 		"certificate",
 		decode_HandshakeType_certificate
 	},
 	{
 		12,
 		"server_key_exchange",
 		decode_HandshakeType_server_key_exchange
 	},
 	{
 		13,
 		"certificate_request",
 		decode_HandshakeType_certificate_request
 	},
 	{
 		14,
 		"server_hello_done",
 		decode_HandshakeType_server_hello_done
 	},
 	{
 		15,
 		"certificate_verify",
 		decode_HandshakeType_certificate_verify
 	},
 	{
 		16,
 		"client_key_exchange",
 		decode_HandshakeType_client_key_exchange
 	},
 	{
 		20,
 		"finished",
 		decode_HandshakeType_finished
 	},
 {-1}
 };
 decoder cipher_suite_decoder[]={
 	{
 		1,
 		"TLS_RSA_WITH_NULL_MD5",
 		0	},
 	{
 		2,
 		"TLS_RSA_WITH_NULL_SHA",
 		0	},
 	{
 		3,
 		"TLS_RSA_EXPORT_WITH_RC4_40_MD5",
 		0	},
 	{
 		4,
 		"TLS_RSA_WITH_RC4_128_MD5",
 		0	},
 	{
 		5,
 		"TLS_RSA_WITH_RC4_128_SHA",
 		0	},
 	{
 		6,
 		"TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
 		0	},
 	{
 		7,
 		"TLS_RSA_WITH_IDEA_CBC_SHA",
 		0	},
 	{
 		8,
 		"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		9,
 		"TLS_RSA_WITH_DES_CBC_SHA",
 		0	},
 	{
 		10,
 		"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
 		11,
 		"TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		12,
 		"TLS_DH_DSS_WITH_DES_CBC_SHA",
 		0	},
 	{
 		13,
 		"TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
 		14,
 		"TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		15,
 		"TLS_DH_RSA_WITH_DES_CBC_SHA",
 		0	},
 	{
 		16,
 		"TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
 		17,
 		"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		18,
 		"TLS_DHE_DSS_WITH_DES_CBC_SHA",
 		0	},
 	{
 		19,
 		"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
 		20,
 		"TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		21,
 		"TLS_DHE_RSA_WITH_DES_CBC_SHA",
 		0	},
 	{
 		22,
 		"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
 		23,
 		"TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
 		0	},
 	{
 		24,
 		"TLS_DH_anon_WITH_RC4_128_MD5",
 		0	},
 	{
 		25,
 		"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
 		0	},
 	{
 		26,
 		"TLS_DH_anon_WITH_DES_CBC_SHA",
 		0	},
 	{
 		27,
 		"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
 		0	},
 {-1}
 };
 decoder compression_method_decoder[]={
 	{
 		7,
 		"NULL",
 		0	},
 {-1}
 };
--- a/ssl/Attic/y.tab.c
+++ b/ssl/Attic/y.tab.c
--- a/ssl/Attic/y.tab.h
+++ b/ssl/Attic/y.tab.h
@ -1,20 +0,0 @@
 typedef union {
     int val;
     unsigned char str[8192];
 } YYSTYPE;
 #define	NAME_	257
 #define	NUM_	258
 #define	DOT_DOT_	259
 #define	STRUCT_	260
 #define	SELECT_	261
 #define	OPAQUE_	262
 #define	ENUM_	263
 #define	DIGITALLY_SIGNED_	264
 #define	COMMENT_START_	265
 #define	CODE_	266
 #define	COMMENT_END_	267
 #define	CASE_	268
 #define	CONSTANT_	269
 extern YYSTYPE yylval;
--- a/ssl/ciphersuites.c
+++ b/ssl/ciphersuites.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Tue Mar 30 17:19:56 1999
 */
 #include <r_common.h>
 #include "sslciphers.h"
@ -156,7 +155,8 @@ static SSL_CipherSuite CipherSuites[]={
    {197, KEX_DH, SIG_NONE, ENC_CAMELLIA256, 16, 256, 256, DIG_SHA256, 32, 0},
    {4865, KEX_DH, SIG_NONE, ENC_AES128_GCM, 16, 128, 128, DIG_SHA256, 32, 0},
    {4866, KEX_DH, SIG_NONE, ENC_AES256_GCM, 16, 256, 256, DIG_SHA384, 48, 0},
-     {4867,KEX_DH,SIG_NONE,ENC_CHACHA20_POLY1305,64,256,256,DIG_SHA256,32,0},
+    {4867, KEX_DH, SIG_NONE, ENC_CHACHA20_POLY1305, 64, 256, 256, DIG_SHA256,
     32, 0},
    {4868, KEX_DH, SIG_NONE, ENC_AES128_CCM, 16, 128, 128, DIG_SHA256, 32, 0},
    {4869, KEX_DH, SIG_NONE, ENC_AES128_CCM_8, 16, 128, 128, DIG_SHA256, 32, 0},
    {49153, KEX_DH, SIG_DSS, ENC_NULL, 0, 0, 0, DIG_SHA, 20, 0},
@ -230,13 +230,9 @@ static SSL_CipherSuite CipherSuites[]={
    {49292, KEX_DH, SIG_RSA, ENC_CAMELLIA128, 4, 128, 128, DIG_SHA256, 32, 0},
    {49293, KEX_DH, SIG_RSA, ENC_CAMELLIA256, 4, 256, 256, DIG_SHA384, 48, 0},
    // Missing: 49294-49307
-     {-1}
+    {-1}};
 };
-int ssl_find_cipher(num,cs)
+int ssl_find_cipher(int num, SSL_CipherSuite **cs) {
  int num;
  SSL_CipherSuite **cs;
  {
  SSL_CipherSuite *c;
  for(c = CipherSuites; c->number != -1; c++) {
@ -248,5 +244,3 @@ int ssl_find_cipher(num,cs)
  ERETURN(R_NOT_FOUND);
 }
--- a/ssl/ssl.enums.c
+++ b/ssl/ssl.enums.c
--- a/ssl/ssl_analyze.c
+++ b/ssl/ssl_analyze.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Fri Jan  8 14:07:05 1999
 */
 #include <json.h>
 #include <arpa/inet.h>
 #include <netdb.h>
@ -59,24 +59,34 @@ UINT4 SSL_print_flags = 1 | P_HT | P_HL;
 static int parse_ssl_flags PROTO_LIST((char *str));
 static int create_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp));
 static int create_ssl_analyzer PROTO_LIST((void *handle,
-  proto_ctx *ctx,tcp_conn *conn,proto_obj **objp,
+                                           proto_ctx *ctx,
-  struct sockaddr_storage *i_addr,u_short i_port,
+                                           tcp_conn *conn,
-  struct sockaddr_storage *r_addr,u_short r_port, struct timeval *base_time));
+                                           proto_obj **objp,
                                           struct sockaddr_storage *i_addr,
                                           u_short i_port,
                                           struct sockaddr_storage *r_addr,
                                           u_short r_port,
                                           struct timeval *base_time));
 static int destroy_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp));
 static int destroy_ssl_analyzer PROTO_LIST((proto_obj * *objp));
-static int read_ssl_record PROTO_LIST((ssl_obj *obj,r_queue *q,segment *seg,
+static int read_ssl_record PROTO_LIST((ssl_obj * obj,
-  int offset,segment **lastp,int *offsetp));
+                                       r_queue *q,
-static int read_data PROTO_LIST((r_queue *q,segment *seg,int offset,
+                                       segment *seg,
-  segment **lastp,int *offsetp));
+                                       int offset,
-static int data_ssl_analyzer PROTO_LIST((proto_obj *_obj,segment *seg,
+                                       segment **lastp,
                                       int *offsetp));
 static int read_data PROTO_LIST(
    (r_queue * q, segment *seg, int offset, segment **lastp, int *offsetp));
 static int data_ssl_analyzer PROTO_LIST((proto_obj * _obj,
                                         segment *seg,
                                         int direction));
 int close_ssl_analyzer PROTO_LIST((proto_obj * _obj, packet *p, int direction));
 static int create_r_queue PROTO_LIST((r_queue * *qp));
 static int free_r_queue PROTO_LIST((r_queue * q));
-static int print_ssl_record PROTO_LIST((ssl_obj *obj,int direction,
+static int print_ssl_record PROTO_LIST(
-  segment *q,UCHAR *data,int len));
+    (ssl_obj * obj, int direction, segment *q, UCHAR *data, int len));
 char *SSL_keyfile = 0;
 char *SSL_password = 0;
 char *SSL_keylogfile = 0;
@ -95,84 +105,29 @@ flag_struct flags[]={
        "ts",
        SSL_PRINT_TIMESTAMP,
    },
-     {
+    {'e', "tsa", SSL_PRINT_TIMESTAMP | SSL_PRINT_TIMESTAMP_ABSOLUTE},
-          'e',
+    {'x', "x", SSL_PRINT_HEXDUMP},
-	  "tsa",
+    {'X', "X", SSL_PRINT_HEX_ONLY},
-	  SSL_PRINT_TIMESTAMP|SSL_PRINT_TIMESTAMP_ABSOLUTE
+    {'r', "rh", SSL_PRINT_RECORD_HEADER},
-     },
+    {0, "ht", SSL_PRINT_HANDSHAKE_TYPE},
-     {
+    {0, "H", SSL_PRINT_HIGHLIGHTS},
-          'x',
+    {'A', "all", SSL_PRINT_ALL_FIELDS},
-          "x",
+    {0, "d", SSL_PRINT_DECODE},
-          SSL_PRINT_HEXDUMP
+    {'y', "nroff", SSL_PRINT_NROFF},
-     },
+    {'N', "asn", SSL_PRINT_DECODE_ASN1},
-     {
+    {0, "crypto", SSL_PRINT_CRYPTO},
-          'X',
+    {'d', "appdata", SSL_PRINT_APP_DATA},
-          "X",
+    {'q', "quiet", P_HL | NEGATE},
-          SSL_PRINT_HEX_ONLY
+    {0}};
     },
     {
          'r',
          "rh",
          SSL_PRINT_RECORD_HEADER
     },
     {
          0,
          "ht",
          SSL_PRINT_HANDSHAKE_TYPE
     },
     {
          0,
          "H",
          SSL_PRINT_HIGHLIGHTS
     },
     {
          'A',
          "all",
          SSL_PRINT_ALL_FIELDS
     },
     {
          0,
          "d",
          SSL_PRINT_DECODE
     },
     {
          'y',
          "nroff",
          SSL_PRINT_NROFF
     },
     {
          'N',
 	  "asn",
 	  SSL_PRINT_DECODE_ASN1
     },
     {
          0,
 	  "crypto",
 	  SSL_PRINT_CRYPTO
     },
     {
          'd',
          "appdata",
          SSL_PRINT_APP_DATA
     },
     {    'q',
          "quiet",
          P_HL | NEGATE
     },
     {0}
 };
-int parse_ssl_flag(flag)
+int parse_ssl_flag(int flag) {
  int flag;
  {
  flag_struct *fl;
  for(fl = flags; fl->name; fl++) {
    if(fl->ch == flag) {
      if(fl->flag & NEGATE) {
        SSL_print_flags &= ~(fl->flag);
-        }
+      } else
        else
        SSL_print_flags |= fl->flag;
      break;
    }
@ -181,9 +136,7 @@ int parse_ssl_flag(flag)
  return (0);
 }
-static int parse_ssl_flags(str)
+static int parse_ssl_flags(char *str) {
  char *str;
  {
  char *x, *y;
  flag_struct *fl;
  int bang;
@ -196,13 +149,14 @@ static int parse_ssl_flags(str)
    if(*x == '!') {
      bang = 1;
      x++;
-      }
+    } else
      else
      bang = 0;
    for(fl = flags; fl->name; fl++) {
      if(!strcmp(x, fl->name)) {
-          if(!bang) SSL_print_flags |= fl->flag;
+        if(!bang)
-          else SSL_print_flags &= ~fl->flag;
+          SSL_print_flags |= fl->flag;
        else
          SSL_print_flags &= ~fl->flag;
        break;
      }
    }
@ -214,14 +168,12 @@ static int parse_ssl_flags(str)
  return (0);
 }
-static int create_ssl_ctx(handle,ctxp)
+static int create_ssl_ctx(void *handle, proto_ctx **ctxp) {
  void *handle;
  proto_ctx **ctxp;
  {
  ssl_decode_ctx *ctx = 0;
  int r, _status;
-    if((r=ssl_decode_ctx_create(&ctx,SSL_keyfile,SSL_password,SSL_keylogfile)))
+  if((r = ssl_decode_ctx_create(&ctx, SSL_keyfile, SSL_password,
                                SSL_keylogfile)))
    ABORT(r);
  *ctxp = (proto_ctx *)ctx;
@ -230,20 +182,22 @@ static int create_ssl_ctx(handle,ctxp)
  return (_status);
 }
-static int destroy_ssl_ctx(handle,ctxp)
+static int destroy_ssl_ctx(void *handle, proto_ctx **ctxp) {
  void *handle;
  proto_ctx **ctxp;
  {
  ssl_decode_ctx *ctx = 0;
  ctx = (ssl_decode_ctx *)*ctxp;
  ssl_decode_ctx_destroy(&ctx);
  return 0;
 }
-static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
+static int create_ssl_analyzer(void *handle,
-  proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr,
+                               proto_ctx *ctx,
-  u_short r_port, struct timeval *base_time)
+                               tcp_conn *conn,
-  {
+                               proto_obj **objp,
                               struct sockaddr_storage *i_addr,
                               u_short i_port,
                               struct sockaddr_storage *r_addr,
                               u_short r_port,
                               struct timeval *base_time) {
  int r, _status;
  ssl_obj *obj = 0;
@ -283,7 +237,9 @@ static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
  _status = 0;
  // check logger...
-    if (logger) _status=logger->vtbl->create(&obj->logger_obj,i_addr,i_port,r_addr,r_port,base_time);
+  if(logger)
    _status = logger->vtbl->create(&obj->logger_obj, i_addr, i_port, r_addr,
                                   r_port, base_time);
 abort:
  if(_status) {
@ -292,9 +248,7 @@ static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
  return (_status);
 }
-static int destroy_ssl_analyzer(objp)
+static int destroy_ssl_analyzer(proto_obj **objp) {
  proto_obj **objp;
  {
  ssl_obj *obj;
  if(!objp || !*objp)
@ -304,7 +258,8 @@ static int destroy_ssl_analyzer(objp)
  DBG((0, "Destroying SSL analyzer"));
  // check logger...
-    if (logger) logger->vtbl->destroy(&obj->logger_obj);
+  if(logger)
    logger->vtbl->destroy(&obj->logger_obj);
  free_r_queue(obj->i2r_queue);
  free_r_queue(obj->r2i_queue);
@ -320,19 +275,15 @@ static int destroy_ssl_analyzer(objp)
  return (0);
 }
-
+static int free_r_queue(r_queue *q) {
 static int free_r_queue(q)
  r_queue *q;
  {
  FREE(q->data);
-    if(q->q) free_tcp_segment_queue(q->q);
+  if(q->q)
    free_tcp_segment_queue(q->q);
  free(q);
  return (0);
 }
-static int create_r_queue(qp)
+static int create_r_queue(r_queue **qp) {
  r_queue **qp;
  {
  r_queue *q = 0;
  int _status;
@ -355,13 +306,12 @@ static int create_r_queue(qp)
  return (_status);
 }
-static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
+static int read_ssl_record(ssl_obj *obj,
-  ssl_obj *obj;
+                           r_queue *q,
-  r_queue *q;
+                           segment *seg,
-  segment *seg;
+                           int offset,
-  int offset;
+                           segment **lastp,
-  segment **lastp;
+                           int *offsetp)
  int *offsetp;
 {
  segment *last = seg;
@ -421,14 +371,11 @@ static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
  return (_status);
 }
-  
+static int read_data(r_queue *q,
-static int read_data(q,seg,offset,lastp,offsetp)
+                     segment *seg,
-  r_queue *q;	
+                     int offset,
-  segment *seg;
+                     segment **lastp,
-  int offset;
+                     int *offsetp) {
  segment **lastp;
  int *offsetp;
  {
  int tocpy = 0, r, _status;
 #ifdef DEBUG
  int bread = 0;
@ -462,13 +409,14 @@ static int read_data(q,seg,offset,lastp,offsetp)
  if(seg && tocpy == (seg->len - offset)) {
    *lastp = 0;
    *offsetp = 0;
-    }
+  } else {
    else{
    *lastp = seg;
-      if(seg) *offsetp=tocpy+offset;
+    if(seg)
      *offsetp = tocpy + offset;
  }
-    if(q->read_left<0) abort();
+  if(q->read_left < 0)
    abort();
  DBG((0, "read_data %d bytes read", bread));
@ -477,11 +425,7 @@ static int read_data(q,seg,offset,lastp,offsetp)
  return (_status);
 }
-static int data_ssl_analyzer(_obj,seg,direction)
+static int data_ssl_analyzer(proto_obj *_obj, segment *seg, int direction) {
  proto_obj *_obj;
  segment *seg;
  int direction;
  {
  int _status, r;
  r_queue *q;
  segment *last, *q_next = NULL, *assembled;
@ -506,7 +450,6 @@ static int data_ssl_analyzer(_obj,seg,direction)
  }
  if(ssl->i_state == SSL_ST_SENT_NOTHING) {
    r = process_beginning_plaintext(ssl, seg, direction);
    if(r == SSL_NO_DATA)
      return (0);
@ -525,8 +468,7 @@ static int data_ssl_analyzer(_obj,seg,direction)
    if(q->q_last) {
      q->q_last->next = seg;
      assembled = q->q;
-      }
+    } else
      else
      assembled = seg;
    ssl->direction = direction;
@ -536,11 +478,16 @@ static int data_ssl_analyzer(_obj,seg,direction)
    /*Now reset things, so we can read another record*/
    if(q) {
-	if(q->q_last) q->q_last->next=0;
+      if(q->q_last)
        q->q_last->next = 0;
      if(last)
        last->next = q_next;
      free_tcp_segment_queue(q->q);
-	q->q=0;q->q_last=0;q->offset=0;q->len=0;q->ptr=q->data;
+      q->q = 0;
      q->q_last = 0;
      q->offset = 0;
      q->len = 0;
      q->ptr = q->data;
      q->state = SSL_READ_NONE;
    }
@ -555,20 +502,19 @@ static int data_ssl_analyzer(_obj,seg,direction)
  return (_status);
 }
-static int print_ssl_header(obj,direction,q,data,len)
+static int print_ssl_header(ssl_obj *obj,
-  ssl_obj *obj;
+                            int direction,
-  int direction;
+                            segment *q,
-  segment *q;
+                            UCHAR *data,
-  UCHAR *data;
+                            int len) {
  int len;
  {
  int ct = 0;
  segment *s;
  ssl_print_record_num(obj);
  if(SSL_print_flags & SSL_PRINT_TIMESTAMP) {
-      for(s=q;s;s=s->next) ct++;
+    for(s = q; s; s = s->next)
      ct++;
    for(s = q; s; s = s->next) {
      ssl_print_timestamp(obj, &s->p->ts);
@ -583,13 +529,11 @@ static int print_ssl_header(obj,direction,q,data,len)
  return (0);
 }
-static int print_ssl_record(obj,direction,q,data,len)
+static int print_ssl_record(ssl_obj *obj,
-  ssl_obj *obj;
+                            int direction,
-  int direction;
+                            segment *q,
-  segment *q;
+                            UCHAR *data,
-  UCHAR *data;
+                            int len) {
  int len;
  {
  int r;
  obj->cur_json_st = json_object_new_object();
@ -603,7 +547,8 @@ static int print_ssl_record(obj,direction,q,data,len)
    INIT_DATA(d, data, len);
    exdump(obj, "Packet data", &d);
-      LF;LF;
+    LF;
    LF;
  }
  if(SSL_print_flags & SSL_PRINT_JSON)
@ -614,11 +559,7 @@ static int print_ssl_record(obj,direction,q,data,len)
  return (0);
 }
-int close_ssl_analyzer(_obj,p,dir)
+int close_ssl_analyzer(proto_obj *_obj, packet *p, int dir) {
  proto_obj *_obj;
  packet *p;
  int dir;
  {
  ssl_obj *ssl = (ssl_obj *)_obj;
  char *what;
@ -628,7 +569,8 @@ int close_ssl_analyzer(_obj,p,dir)
    what = "FIN";
  // check logger...
-    if (logger) logger->vtbl->close(ssl->logger_obj,NULL,0,dir);
+  if(logger)
    logger->vtbl->close(ssl->logger_obj, NULL, 0, dir);
  explain(ssl, "%d    ", ssl->conn->conn_number);
  ssl_print_timestamp(ssl, &p->ts);
@ -638,23 +580,10 @@ int close_ssl_analyzer(_obj,p,dir)
  return (0);
 }
 static struct proto_mod_vtbl_ ssl_vtbl = {
-     parse_ssl_flags,
+    parse_ssl_flags,     parse_ssl_flag,     create_ssl_ctx,
-     parse_ssl_flag,
+    create_ssl_analyzer, destroy_ssl_ctx,    destroy_ssl_analyzer,
-     create_ssl_ctx,
+    data_ssl_analyzer,   close_ssl_analyzer,
     create_ssl_analyzer,
     destroy_ssl_ctx,
     destroy_ssl_analyzer,
     data_ssl_analyzer,
     close_ssl_analyzer,
 };
-struct proto_mod_ ssl_mod = {
+struct proto_mod_ ssl_mod = {0, &ssl_vtbl};
     0,
     &ssl_vtbl
 };
--- a/ssl/ssl_analyze.h
+++ b/ssl/ssl_analyze.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssl_analyze.h,v 1.3 2000/11/09 18:52:24 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Jan 12 08:45:44 1999
 */
 #ifndef _ssl_analyze_h
 #define _ssl_analyze_h
@ -87,4 +87,3 @@ extern char *SSL_password;
 extern char *SSL_keylogfile;
 #endif
--- a/ssl/ssl_h.h
+++ b/ssl/ssl_h.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssl_h.h,v 1.6 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Fri Jan  8 14:09:37 1999
 */
 #ifndef _ssl_h
 #define _ssl_h
@ -52,7 +52,6 @@
 typedef struct ssl_decode_ctx_ ssl_decode_ctx;
 typedef struct ssl_decoder_ ssl_decoder;
 typedef struct d_queue_ {
  short state; /*What state we're in*/
 #define SSL_READ_NONE 1
@ -146,6 +145,4 @@ typedef struct decoder_ {
 #include "ssldecode.h"
 #endif
--- a/ssl/ssl_rec.c
+++ b/ssl/ssl_rec.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,8 +44,6 @@
   ekr@rtfm.com  Wed Aug 18 15:46:57 1999
 */
 #include "network.h"
 #include "ssl_h.h"
 #include "sslprint.h"
@ -58,7 +57,6 @@
 #include "ssldecode.h"
 #include "ssl_rec.h"
 struct ssl_rec_decoder_ {
  SSL_CipherSuite *cs;
  Data *mac_key;
@ -70,47 +68,35 @@ struct ssl_rec_decoder_ {
  UINT8 seq;
 };
-char *digests[]={
+char *digests[] = {"MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", NULL};
     "MD5",
     "SHA1",
     "SHA224",
     "SHA256",
     "SHA384",
     "SHA512",
     NULL
 };
 char *ciphers[] = {
-     "DES",
+    "DES",         "3DES",
-     "3DES",
+    "RC4",         "RC2",
-     "RC4",
+    "IDEA",        "AES128",
-     "RC2",
+    "AES256",      "CAMELLIA128",
-     "IDEA",
+    "CAMELLIA256", "SEED",
-     "AES128",
+    NULL,          "aes-128-gcm",
-     "AES256",
+    "aes-256-gcm", "ChaCha20-Poly1305",
     "CAMELLIA128",
     "CAMELLIA256",
     "SEED",
     NULL,
     "aes-128-gcm",
     "aes-256-gcm",
     "ChaCha20-Poly1305",
    "aes-128-ccm",
    "aes-128-ccm",  // for ccm 8, uses the same cipher
 };
-
+static int tls_check_mac PROTO_LIST((ssl_rec_decoder * d,
-static int tls_check_mac PROTO_LIST((ssl_rec_decoder *d,int ct,
+                                     int ct,
-  int ver,UCHAR *data,UINT4 datalen,UCHAR *iv,UINT4 ivlen,UCHAR *mac));
+                                     int ver,
                                     UCHAR *data,
                                     UINT4 datalen,
                                     UCHAR *iv,
                                     UINT4 ivlen,
                                     UCHAR *mac));
 static int fmt_seq PROTO_LIST((UINT4 num, UCHAR *buf));
-int ssl_create_rec_decoder(dp,ssl,mk,sk,iv)
+int ssl_create_rec_decoder(ssl_rec_decoder **dp,
-  ssl_rec_decoder **dp;
+                           ssl_obj *ssl,
-  ssl_obj *ssl;
+                           UCHAR *mk,
-  UCHAR *mk;
+                           UCHAR *sk,
-  UCHAR *sk;
+                           UCHAR *iv) {
  UCHAR *iv;
  {
  int r, _status;
  ssl_rec_decoder *dec = 0;
 #ifdef OPENSSL
@ -122,8 +108,7 @@ int ssl_create_rec_decoder(dp,ssl,mk,sk,iv)
    ciph = (EVP_CIPHER *)EVP_get_cipherbyname(ciphers[ssl->cs->enc - 0x30]);
    if(!ciph)
      ABORT(R_INTERNAL);
-    }
+  } else {
    else {
    ciph = EVP_enc_null();
  }
@ -143,14 +128,13 @@ int ssl_create_rec_decoder(dp,ssl,mk,sk,iv)
    ABORT(r);
  /*
-       This is necessary for AEAD ciphers, because we must wait to fully initialize the cipher
+     This is necessary for AEAD ciphers, because we must wait to fully
-       in order to include the implicit IV
+     initialize the cipher in order to include the implicit IV
  */
  if(IS_AEAD_CIPHER(ssl->cs)) {
    sk = NULL;
    iv = NULL;
-    }
+  } else
    else
    memcpy(dec->mac_key->data, mk, ssl->cs->dig_len);
  if(!(dec->evp = EVP_CIPHER_CTX_new()))
@ -168,9 +152,7 @@ int ssl_create_rec_decoder(dp,ssl,mk,sk,iv)
  return (_status);
 }
-int ssl_destroy_rec_decoder(dp)
+int ssl_destroy_rec_decoder(ssl_rec_decoder **dp) {
  ssl_rec_decoder **dp;
  {
  ssl_rec_decoder *d;
  if(!dp || !*dp)
@ -191,30 +173,23 @@ int ssl_destroy_rec_decoder(dp)
  return (0);
 }
 #define MSB(a) ((a >> 8) & 0xff)
 #define LSB(a) (a & 0xff)
-int tls13_update_rec_key(d,newkey,newiv)
+int tls13_update_rec_key(ssl_rec_decoder *d, UCHAR *newkey, UCHAR *newiv) {
 	ssl_rec_decoder *d;
 	UCHAR *newkey;
 	UCHAR *newiv;
 {
  d->write_key->data = newkey;
  d->implicit_iv->data = newiv;
  d->seq = 0;
 }
-int tls13_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
+int tls13_decode_rec_data(ssl_obj *ssl,
-  ssl_obj *ssl;
+                          ssl_rec_decoder *d,
-  ssl_rec_decoder *d;
+                          int ct,
-  int ct;
+                          int version,
-  int version;
+                          UCHAR *in,
-  UCHAR *in;
+                          int inl,
-  int inl;
+                          UCHAR *out,
-  UCHAR *out;
+                          int *outl) {
  int *outl;
  {
  int pad, i;
  int r, encpadl, x, _status = 0;
  UCHAR aad[5], aead_nonce[12], *tag;
@ -248,7 +223,8 @@ int tls13_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
    ABORT(-1);
  }
-	if (IS_CCM_CIPHER(d->cs) && !EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_TAG, taglen, tag)) {
+  if(IS_CCM_CIPHER(d->cs) &&
     !EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_TAG, taglen, tag)) {
    fprintf(stderr, "Unable to set tag for ccm cipher\n");
    ABORT(-1);
  }
@ -258,7 +234,8 @@ int tls13_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
    ABORT(-1);
  }
-    if (IS_CCM_CIPHER(d->cs) && !EVP_DecryptUpdate(d->evp,NULL,outl,NULL,inl)){
+  if(IS_CCM_CIPHER(d->cs) &&
     !EVP_DecryptUpdate(d->evp, NULL, outl, NULL, inl)) {
    fprintf(stderr, "Unable to update data length\n");
    ABORT(-1);
  }
@ -274,7 +251,9 @@ int tls13_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
    ABORT(-1);
  }
-    if (!IS_CCM_CIPHER(d->cs) && (!EVP_CIPHER_CTX_ctrl(d->evp,EVP_CTRL_GCM_SET_TAG,taglen,tag) || !EVP_DecryptFinal(d->evp,NULL,&x))) {
+  if(!IS_CCM_CIPHER(d->cs) &&
     (!EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_GCM_SET_TAG, taglen, tag) ||
      !EVP_DecryptFinal(d->evp, NULL, &x))) {
    fprintf(stderr, "BAD MAC\n");
    ABORT(SSL_BAD_MAC);
  }
@ -284,16 +263,14 @@ abort:
  return _status;
 }
-int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
+int ssl_decode_rec_data(ssl_obj *ssl,
-  ssl_obj *ssl;
+                        ssl_rec_decoder *d,
-  ssl_rec_decoder *d;
+                        int ct,
-  int ct;
+                        int version,
-  int version;
+                        UCHAR *in,
-  UCHAR *in;
+                        int inl,
-  int inl;
+                        UCHAR *out,
-  UCHAR *out;
+                        int *outl) {
  int *outl;
  {
 #ifdef OPENSSL
  int pad;
  int r, encpadl, x;
@ -306,10 +283,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
    in += 12 - d->implicit_iv->len;
    inl -= 12 - d->implicit_iv->len;
-      EVP_DecryptInit(d->evp,
+    EVP_DecryptInit(d->evp, NULL, d->write_key->data, aead_nonce);
 		      NULL,
 		      d->write_key->data,
 		      aead_nonce);
    /*
       Then tag is always 16 bytes, as per:
@ -361,8 +335,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
      if(blk <= *outl) {
        *outl -= blk;
        memmove(out, out + blk, *outl);
-          }
+      } else {
          else {
        DBG((0, "Block size greater than Plaintext!"));
        ERETURN(SSL_BAD_MAC);
      }
@ -370,13 +343,10 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
      if((r = tls_check_mac(d, ct, version, in + blk, encpadl, in, blk, mac)))
        ERETURN(r);
-      }
+    } else if((r = tls_check_mac(d, ct, version, in, encpadl, NULL, 0, mac)))
      else
 	if((r=tls_check_mac(d,ct,version,in,encpadl,NULL,0,mac)))
      ERETURN(r);
-    }
+  } else {
    else {
    /* First decrypt*/
    EVP_Cipher(d->evp, out, in, inl);
@ -398,8 +368,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
    if(ssl->version == 0x300) {
      if((r = ssl3_check_mac(d, ct, version, out, *outl, mac)))
        ERETURN(r);
-      }
+    } else {
      else{
      /* TLS 1.1 and beyond: remove explicit IV, only used with
       * non-stream ciphers. */
      if(ssl->version >= 0x0302 && ssl->cs->block > 1) {
@ -407,8 +376,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
        if(blk <= *outl) {
          *outl -= blk;
          memmove(out, out + blk, *outl);
-          }
+        } else {
          else {
          DBG((0, "Block size greater than Plaintext!"));
          ERETURN(SSL_BAD_MAC);
        }
@ -421,15 +389,11 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
  return (0);
 }
 #ifdef OPENSSL
 /* This should go to 2^128, but we're never really going to see
   more than 2^64, so we cheat*/
-static int fmt_seq(num,buf)
+static int fmt_seq(UINT4 num, UCHAR *buf) {
  UINT4 num;
  UCHAR *buf;
  {
  UINT4 netnum;
  memset(buf, 0, 8);
@ -439,16 +403,14 @@ static int fmt_seq(num,buf)
  return (0);
 }
-static int tls_check_mac(d,ct,ver,data,datalen,iv,ivlen,mac)
+static int tls_check_mac(ssl_rec_decoder *d,
-  ssl_rec_decoder *d;
+                         int ct,
-  int ct;
+                         int ver,
-  int ver;
+                         UCHAR *data,
-  UCHAR *data;
+                         UINT4 datalen,
-  UINT4 datalen;
+                         UCHAR *iv,
-  UCHAR *iv;
+                         UINT4 ivlen,
-  UINT4 ivlen;
+                         UCHAR *mac) {
  UCHAR *mac;
  {
  HMAC_CTX *hm = HMAC_CTX_new();
  if(!hm)
    ERETURN(R_NO_MEMORY);
@ -477,8 +439,7 @@ static int tls_check_mac(d,ct,ver,data,datalen,iv,ivlen,mac)
  if(ivlen && iv) {
    HMAC_Update(hm, iv, ivlen);
    HMAC_Update(hm, data, datalen - ivlen);
-    }
+  } else
    else
    HMAC_Update(hm, data, datalen);
  HMAC_Final(hm, buf, &l);
@ -489,14 +450,12 @@ static int tls_check_mac(d,ct,ver,data,datalen,iv,ivlen,mac)
  return (0);
 }
-int ssl3_check_mac(d,ct,ver,data,datalen,mac)
+int ssl3_check_mac(ssl_rec_decoder *d,
-  ssl_rec_decoder *d;
+                   int ct,
-  int ct;
+                   int ver,
-  int ver;
+                   UCHAR *data,
-  UCHAR *data;
+                   UINT4 datalen,
-  UINT4 datalen;
+                   UCHAR *mac) {
  UCHAR *mac;
  {
  EVP_MD_CTX *mc = EVP_MD_CTX_new();
  const EVP_MD *md;
  UINT4 l;
--- a/ssl/ssl_rec.h
+++ b/ssl/ssl_rec.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssl_rec.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
@ -43,24 +44,43 @@
   ekr@rtfm.com  Wed Aug 18 16:16:23 1999
 */
 #ifndef _ssl_rec_h
 #define _ssl_rec_h
 typedef struct ssl_rec_decoder_ ssl_rec_decoder;
 int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder * *dp));
-int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp,
+int ssl_create_rec_decoder PROTO_LIST(
-  ssl_obj *ssl,UCHAR *mk,UCHAR *sk,UCHAR *iv));
+    (ssl_rec_decoder * *dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk, UCHAR *iv));
-int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,
+int ssl_decode_rec_data PROTO_LIST((ssl_obj * ssl,
-  int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
+                                    ssl_rec_decoder *d,
-int tls13_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
+                                    int ct,
-int tls13_update_rec_key PROTO_LIST((ssl_rec_decoder *d,UCHAR *newkey, UCHAR *newiv));
+                                    int version,
                                    UCHAR *in,
                                    int inl,
                                    UCHAR *out,
                                    int *outl));
 int tls13_decode_rec_data PROTO_LIST((ssl_obj * ssl,
                                      ssl_rec_decoder *d,
                                      int ct,
                                      int version,
                                      UCHAR *in,
                                      int inl,
                                      UCHAR *out,
                                      int *outl));
 int tls13_update_rec_key PROTO_LIST((ssl_rec_decoder * d,
                                     UCHAR *newkey,
                                     UCHAR *newiv));
-int ssl3_check_mac(ssl_rec_decoder *d, int ct, int ver, UCHAR *data,
+int ssl3_check_mac(ssl_rec_decoder *d,
-  UINT4 datalen, UCHAR *mac);
+                   int ct,
                   int ver,
                   UCHAR *data,
                   UINT4 datalen,
                   UCHAR *mac);
-#define IS_AEAD_CIPHER(cs) (cs->enc==0x3b||cs->enc==0x3c||cs->enc==0x3d||cs->enc==0x3e||cs->enc==0x3f)
+#define IS_AEAD_CIPHER(cs)                                                     \
  (cs->enc == 0x3b || cs->enc == 0x3c || cs->enc == 0x3d || cs->enc == 0x3e || \
   cs->enc == 0x3f)
 #define IS_CCM_CIPHER(cs) (cs->enc == 0x3e || cs->enc == 0x3f)
 #endif
--- a/ssl/sslciphers.h
+++ b/ssl/sslciphers.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: sslciphers.h,v 1.3 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Mar 30 18:11:55 1999
 */
 #ifndef _sslciphers_h
 #define _sslciphers_h
 typedef struct SSL_CipherSuite_ {
@ -92,6 +92,4 @@ typedef struct SSL_CipherSuite_ {
 int ssl_find_cipher PROTO_LIST((int num, SSL_CipherSuite **cs));
 #endif
--- a/ssl/ssldecode.c
+++ b/ssl/ssldecode.c
--- a/ssl/ssldecode.h
+++ b/ssl/ssldecode.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: ssldecode.h,v 1.3 2001/07/20 23:33:16 ekr Exp $
@ -43,40 +44,56 @@
   ekr@rtfm.com  Thu Apr  1 15:02:02 1999
 */
 #ifndef _ssldecode_h
 #define _ssldecode_h
-#define CRDUMP(a,b,c) P_(P_CR) {Data d; d.data=b; d.len=c; exdump(ssl,a,&d); LF;}
+#define CRDUMP(a, b, c) \
-#define CRDUMPD(a,b) P_(P_CR) {exdump(ssl,a,b);LF;}
+  P_(P_CR) {            \
    Data d;             \
    d.data = b;         \
    d.len = c;          \
    exdump(ssl, a, &d); \
    LF;                 \
  }
 #define CRDUMPD(a, b)  \
  P_(P_CR) {           \
    exdump(ssl, a, b); \
    LF;                \
  }
-int ssl_decode_ctx_create PROTO_LIST((ssl_decode_ctx **ctx,
+int ssl_decode_ctx_create PROTO_LIST(
-  char *keyfile,char *password,char *keylogfile));
+    (ssl_decode_ctx * *ctx, char *keyfile, char *password, char *keylogfile));
 int ssl_decode_ctx_destroy(ssl_decode_ctx **dp);
 int ssl_decoder_destroy PROTO_LIST((ssl_decoder * *dp));
 int ssl_decoder_create PROTO_LIST((ssl_decoder * *dp, ssl_decode_ctx *ctx));
-int ssl_set_client_random PROTO_LIST((ssl_decoder *dp,
+int ssl_set_client_random PROTO_LIST((ssl_decoder * dp, UCHAR *msg, int len));
-  UCHAR *msg,int len));
+int ssl_set_server_random PROTO_LIST((ssl_decoder * dp, UCHAR *msg, int len));
 int ssl_set_server_random PROTO_LIST((ssl_decoder *dp,
  UCHAR *msg,int len));
 int ssl_set_client_session_id PROTO_LIST((ssl_decoder * dp,
-  UCHAR *msg,int len));
+                                          UCHAR *msg,
-int ssl_process_server_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp,
+                                          int len));
-  UCHAR *msg,int len));
+int ssl_process_server_session_id
-int ssl_process_client_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp,
+    PROTO_LIST((ssl_obj * obj, ssl_decoder *dp, UCHAR *msg, int len));
-  UCHAR *msg,int len));
+int ssl_process_client_session_id
-int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *,
+    PROTO_LIST((ssl_obj * obj, ssl_decoder *dp, UCHAR *msg, int len));
-  ssl_decoder *d,UCHAR *msg,int len));
+int ssl_process_client_key_exchange
    PROTO_LIST((struct ssl_obj_ *, ssl_decoder *d, UCHAR *msg, int len));
 int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj * ssl,
-  ssl_decoder *d,int direction));
+                                               ssl_decoder *d,
-int ssl_update_handshake_messages PROTO_LIST((ssl_obj *ssl,
+                                               int direction));
 int ssl_update_handshake_messages PROTO_LIST((ssl_obj * ssl, Data *data));
 int ssl_decode_record PROTO_LIST((ssl_obj * ssl,
                                  ssl_decoder *dec,
                                  int direction,
                                  int ct,
                                  int version,
                                  Data *d));
 int ssl_tls13_generate_keying_material PROTO_LIST((ssl_obj * obj,
                                                   ssl_decoder *dec));
 int ssl_process_handshake_finished PROTO_LIST((ssl_obj * ssl,
                                               ssl_decoder *dec,
                                               Data *data));
-int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction,
+int ssl_tls13_update_keying_material PROTO_LIST((ssl_obj * ssl,
-  int ct,int version,Data *d));
+                                                 ssl_decoder *dec,
-int ssl_tls13_generate_keying_material PROTO_LIST((ssl_obj *obj,ssl_decoder *dec));
+                                                 int dir));
 int ssl_process_handshake_finished PROTO_LIST((ssl_obj* ssl,ssl_decoder *dec, Data *data));
 int ssl_tls13_update_keying_material PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int dir));
 #endif
--- a/ssl/sslprint.c
+++ b/ssl/sslprint.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Tue Jan 12 18:06:39 1999
 */
 #include <json.h>
 #include <ctype.h>
 #include <stdarg.h>
@ -56,14 +56,10 @@
 extern decoder ContentType_decoder[];
 extern decoder HandshakeType_decoder[];
 #define BYTES_NEEDED(x) \
  (x <= 255) ? 1 : ((x <= (1 << 16)) ? 2 : (x <= (1 << 24) ? 3 : 4))
-#define BYTES_NEEDED(x)  (x<=255)?1:((x<=(1<<16))?2:(x<=(1<<24)?3:4))
+int process_beginning_plaintext(ssl_obj *ssl, segment *seg, int direction) {
 int process_beginning_plaintext(ssl,seg,direction)
  ssl_obj *ssl;
  segment *seg;
  int direction;
  {
  Data d;
  if(seg->len == 0)
    return (SSL_NO_DATA);
@ -75,7 +71,8 @@ int process_beginning_plaintext(ssl,seg,direction)
  if(d.data[0] == 0x16)
    return (SSL_BAD_CONTENT_TYPE);
-    if (logger) logger->vtbl->data(ssl->logger_obj,d.data,d.len,direction);
+  if(logger)
    logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction);
  P_(P_AD) {
    ssl_print_timestamp(ssl, &seg->p->ts);
@ -89,10 +86,7 @@ int process_beginning_plaintext(ssl,seg,direction)
  return (0);
 }
-int process_v2_hello(ssl,seg)
+int process_v2_hello(ssl_obj *ssl, segment *seg) {
  ssl_obj *ssl;
  segment *seg;
  {
  int r;
  int rec_len;
  int _status;
@ -114,7 +108,8 @@ int process_v2_hello(ssl,seg)
  if(d.len < 4)
    ABORT(SSL_BAD_CONTENT_TYPE);
  rec_len = ((d.data[0] & 0x7f) << 8) | (d.data[1]);
-    d.data+=2; d.len-=2;
+  d.data += 2;
  d.len -= 2;
  if(d.len != rec_len) /* Whatever this is it isn't valid SSLv2*/
    ABORT(SSL_BAD_CONTENT_TYPE);
@ -136,14 +131,15 @@ int process_v2_hello(ssl,seg)
  ssl_print_timestamp(ssl, &seg->p->ts);
  ssl_print_direction_indicator(ssl, DIR_I2R);
  explain(ssl, " SSLv2 compatible client hello\n");
-    json_object_object_add(ssl->cur_json_st, "msg_type", json_object_new_string("Handshake"));
+  json_object_object_add(ssl->cur_json_st, "msg_type",
-    json_object_object_add(ssl->cur_json_st, "handshake_type", json_object_new_string("ClientHello_v2_compat"));
+                         json_object_new_string("Handshake"));
  json_object_object_add(ssl->cur_json_st, "handshake_type",
                         json_object_new_string("ClientHello_v2_compat"));
  INDENT_INCR;
  P_(P_HL) {
-      explain(ssl,"Version %d.%d ",(ver>>8)&0xff,
+    explain(ssl, "Version %d.%d ", (ver >> 8) & 0xff, ver & 0xff);
      ver&0xff);
    LF;
  }
  SSL_DECODE_UINT16_ABORT(ssl, "cipher_spec_length", P_DC, &d, &cs_len);
@ -154,18 +150,14 @@ int process_v2_hello(ssl,seg)
    fprintf(stderr, "Bad cipher spec length %d\n", cs_len);
    ABORT(SSL_BAD_DATA);
  }
-    P_(P_HL){
+  P_(P_HL) { explain(ssl, "cipher suites\n"); }
      explain(ssl,"cipher suites\n");
    }
  for(; cs_len; cs_len -= 3) {
    UINT4 val;
    SSL_DECODE_UINT24_ABORT(ssl, 0, 0, &d, &val);
    ssl_print_cipher_suite(ssl, ver, P_HL, val);
-      P_(P_HL){
+    P_(P_HL) { explain(ssl, "\n"); }
        explain(ssl,"\n");
      }
  }
  if(sid_len != 0) {
@ -178,11 +170,8 @@ int process_v2_hello(ssl,seg)
    ABORT(SSL_BAD_DATA);
  }
-    SSL_DECODE_OPAQUE_ARRAY_ABORT(ssl,0,chall_len,
+  SSL_DECODE_OPAQUE_ARRAY_ABORT(ssl, 0, chall_len, 0, &d, &chall);
-      0,&d,&chall);
+  P_(P_DC) { exdump(ssl, "Challenge", &chall); }
    P_(P_DC){
      exdump(ssl,"Challenge",&chall);
    }
  memset(random, 0, 32);
  memcpy(random + (32 - chall_len), chall.data, chall_len);
@ -195,7 +184,8 @@ int process_v2_hello(ssl,seg)
    INIT_DATA(d, seg->data, seg->len);
    exdump(ssl, "Packet data", &d);
-      LF;LF;
+    LF;
    LF;
  }
  INDENT_POP;
@ -213,14 +203,12 @@ int process_v2_hello(ssl,seg)
  return (_status);
 }
-int ssl_decode_switch(ssl,dtable,value,dir,seg,data)
+int ssl_decode_switch(ssl_obj *ssl,
-  ssl_obj *ssl;
+                      decoder *dtable,
-  decoder *dtable;
+                      int value,
-  int value;
+                      int dir,
-  int dir;
+                      segment *seg,
-  segment *seg;
+                      Data *data) {
  Data *data;
  {
  while(dtable && dtable->type != -1 && dtable->name != NULL) {
    if(dtable->type == value) {
      INDENT_INCR;
@ -239,13 +227,11 @@ int ssl_decode_switch(ssl,dtable,value,dir,seg,data)
  ERETURN(R_NOT_FOUND);
 }
-int ssl_expand_record(ssl,q,direction,data,len)
+int ssl_expand_record(ssl_obj *ssl,
-  ssl_obj *ssl;
+                      segment *q,
-  segment *q;
+                      int direction,
-  int direction;
+                      UCHAR *data,
-  UCHAR *data;
+                      int len) {
  int len;
  {
  int r;
  Data d;
  UINT4 ct, vermaj, vermin, length;
@ -265,7 +251,8 @@ int ssl_expand_record(ssl,q,direction,data,len)
  SSL_DECODE_UINT16(ssl, 0, 0, &d, &length);
  if(d.len != length) {
-      explain(ssl,"  Short record: %u bytes available (expecting: %u)\n",length,d.len);
+    explain(ssl, "  Short record: %u bytes available (expecting: %u)\n", length,
            d.len);
    return (0);
  }
  version = ssl->version ? ssl->version : (vermaj * 256 + vermin);
@ -297,19 +284,21 @@ int ssl_expand_record(ssl,q,direction,data,len)
    if(!(SSL_print_flags & SSL_PRINT_JSON))
      LF;
-    }
+  } else {
    else{
    // try to save unencrypted data to logger
-      //we must save record with type "application_data" (this is unencrypted data)
+    // we must save record with type "application_data" (this is unencrypted
    // data)
    if(ct == 23) {
      if(logger) {
        logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction);
      }
      if(ssl->version == TLSV13_VERSION) {
-          ct = d.data[--d.len]; // In TLS 1.3 ct is stored in the end for encrypted records
+        ct = d.data[--d.len];  // In TLS 1.3 ct is stored in the end for
                               // encrypted records
      }
    }
-      if((r=ssl_decode_switch(ssl,ContentType_decoder,ct,direction,q, &d))) {
+    if((r = ssl_decode_switch(ssl, ContentType_decoder, ct, direction, q,
                              &d))) {
      if(!(SSL_print_flags & SSL_PRINT_JSON))
        printf("  unknown record type: %d\n", ct);
      ERETURN(r);
@ -319,18 +308,17 @@ int ssl_expand_record(ssl,q,direction,data,len)
  return (0);
 }
-int ssl_decode_uintX(ssl,name,size,p,data,x)
+int ssl_decode_uintX(ssl_obj *ssl,
-  ssl_obj *ssl;
+                     char *name,
-  char *name;
+                     int size,
-  int size;
+                     UINT4 p,
-  UINT4 p;
+                     Data *data,
-  Data *data;
+                     UINT4 *x) {
  UINT4 *x;
  {
  UINT4 v = 0;
  UINT4 _x;
-    if(!x) x=&_x;
+  if(!x)
    x = &_x;
  if(size > data->len) {
    fprintf(stderr, "Short read: %d bytes available (expecting %d)\n",
@ -344,35 +332,31 @@ int ssl_decode_uintX(ssl,name,size,p,data,x)
    data->len--;
  }
-    P_(p){
+  P_(p) { explain(ssl, "%s = %d\n", name, *x); }
      explain(ssl,"%s = %d\n",name,*x);
    }
  *x = v;
  return (0);
 }
-int ssl_decode_opaque_array(ssl,name,size,p,data,x)
+int ssl_decode_opaque_array(ssl_obj *ssl,
-  ssl_obj *ssl;
+                            char *name,
-  char *name;
+                            int size,
-  int size;
+                            UINT4 p,
-  UINT4 p;
+                            Data *data,
-  Data *data;
+                            Data *x) {
  Data *x;
  {
  UINT4 len;
  char n[1000];
  int r;
  Data _x;
-    if(!x) x=&_x;
+  if(!x)
    x = &_x;
  sprintf(n, "%s (length)", name ? name : "<unknown>");
  if(size < 0) {
    size *= -1;
    if((r = ssl_decode_uintX(ssl, n, BYTES_NEEDED(size), P_DC, data, &len)))
      ERETURN(r);
-    }
+  } else {
    else{
    len = size;
  }
@ -387,19 +371,12 @@ int ssl_decode_opaque_array(ssl,name,size,p,data,x)
  data->data += len;
  data->len -= len;
-    P_(p){
+  P_(p) { exdump(ssl, name, x); }
      exdump(ssl,name,x);
    }
  return (0);
 }
-int ssl_lookup_enum(ssl,dtable,val,ptr)
+int ssl_lookup_enum(ssl_obj *ssl, decoder *dtable, UINT4 val, char **ptr) {
  ssl_obj *ssl;
  decoder *dtable;
  UINT4 val;
  char **ptr;
  {
  while(dtable && dtable->type != -1) {
    if(dtable->type == val) {
      *ptr = dtable->name;
@ -411,19 +388,18 @@ int ssl_lookup_enum(ssl,dtable,val,ptr)
  return (R_NOT_FOUND);
 }
-int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
+int ssl_decode_enum(ssl_obj *ssl,
-  ssl_obj *ssl;
+                    char *name,
-  char *name;
+                    int size,
-  int size;
+                    decoder *dtable,
-  decoder *dtable;  
+                    UINT4 p,
-  UINT4 p;
+                    Data *data,
-  Data *data;
+                    UINT4 *x) {
  UINT4 *x;
  {
  int r;
  UINT4 _x;
-    if(!x) x=&_x;
+  if(!x)
    x = &_x;
  if((r = ssl_decode_uintX(ssl, name, size, 0, data, x)))
    ERETURN(r);
@ -437,14 +413,9 @@ int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
  return (0);
 }
-int ssl_print_enum(ssl,name,dtable,value)
+int ssl_print_enum(ssl_obj *ssl, char *name, decoder *dtable, UINT4 value) {
-  ssl_obj *ssl;
+  if(name)
-  char *name;
+    explain(ssl, "%s ", name);
  decoder *dtable;
  UINT4 value;
  {
    if(name) explain(ssl,"%s ",name);    
  INDENT;
  while(dtable && dtable->type != -1) {
@ -460,12 +431,7 @@ int ssl_print_enum(ssl,name,dtable,value)
  return (R_NOT_FOUND);
 }
-int ssl_get_enum_str(ssl,outstr,dtable,value)
+int ssl_get_enum_str(ssl_obj *ssl, char *outstr, decoder *dtable, UINT4 value) {
  ssl_obj *ssl;
  char *outstr;
  decoder *dtable;
  UINT4 value;
  {
  while(dtable && dtable->type != -1) {
    if(dtable->type == value) {
      strncpy(outstr, dtable->name, 20);
@ -476,8 +442,7 @@ int ssl_get_enum_str(ssl,outstr,dtable,value)
  return (R_NOT_FOUND);
 }
-int explain(ssl_obj *ssl,char *format,...)
+int explain(ssl_obj *ssl, char *format, ...) {
  {
  va_list ap;
  if(!(SSL_print_flags & SSL_PRINT_JSON)) {
    va_start(ap, format);
@ -496,43 +461,33 @@ int explain(ssl_obj *ssl,char *format,...)
  return (0);
 }
-int exdump(ssl,name,data)
+int exdump(ssl_obj *ssl, char *name, Data *data) {
  ssl_obj *ssl;
  char *name;
  Data *data;
  {
  int i;
  if(!(SSL_print_flags & SSL_PRINT_JSON)) {
    if(name) {
      explain(ssl, "%s[%d]=\n", name, data->len);
      INDENT_INCR;
    }
-      P_(P_NR){
+    P_(P_NR) { printf("\\f(CB"); }
        printf("\\f(CB");
      }
    for(i = 0; i < data->len; i++) {
-
+      if(!i)
-        if(!i) INDENT;
+        INDENT;
      if((data->len > 8) && i && !(i % 16)) {
-          LF; INDENT;
+        LF;
        INDENT;
      }
      printf("%.2x ", data->data[i] & 255);
    }
-      P_(P_NR){
+    P_(P_NR) { printf("\\fR"); }
-          printf("\\fR");
+    if(name)
-      }
+      INDENT_POP;
      if(name) INDENT_POP;
    LF;
  }
  return (0);
 }
-int exstr(ssl,outstr,data)
+int exstr(ssl_obj *ssl, char *outstr, Data *data) {
  ssl_obj *ssl;
  char *outstr;
  Data *data;
  {
  int i;
  char *ptr = outstr;
@ -548,11 +503,7 @@ int exstr(ssl,outstr,data)
  return (0);
 }
-int combodump(ssl,name,data)
+int combodump(ssl_obj *ssl, char *name, Data *data) {
  ssl_obj *ssl;
  char *name;
  Data *data;
  {
  UCHAR *ptr = data->data;
  int len = data->len;
@ -598,22 +549,19 @@ int combodump(ssl,name,data)
    len -= bytes;
    ptr += bytes;
  }
-    P_(P_NR){
+  P_(P_NR) { printf("\\fR"); }
-        printf("\\fR");
+  if(name)
-    }
+    INDENT_POP;
    if(name) INDENT_POP;
  return (0);
 }
-int print_data(ssl,d)
+int print_data(ssl_obj *ssl, Data *d) {
  ssl_obj *ssl;
  Data *d;
  {
  int i, bit8 = 0;
  LF;
  for(i = 0; i < d->len; i++) {
-      if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){
+    if(d->data[i] == 0 ||
       (!isprint(d->data[i]) && !strchr("\r\n\t", d->data[i]))) {
      bit8 = 1;
      break;
    }
@ -622,17 +570,14 @@ int print_data(ssl,d)
  if(bit8) {
    INDENT;
    printf("---------------------------------------------------------------\n");
-      P_(P_HO){
+    P_(P_HO) { exdump(ssl, 0, d); }
        exdump(ssl,0,d);
      }
    else {
      combodump(ssl, 0, d);
    }
    INDENT;
    printf("---------------------------------------------------------------\n");
-    }
+  } else {
    else{
    int nl = 1;
    INDENT;
    printf("---------------------------------------------------------------\n");
@ -651,7 +596,10 @@ int print_data(ssl,d)
      nl = 0;
      putchar(d->data[i]);
-        if(d->data[i]=='\n') {nl=1;INDENT;}
+      if(d->data[i] == '\n') {
        nl = 1;
        INDENT;
      }
    }
    printf("---------------------------------------------------------------\n");
    if(SSL_print_flags & SSL_PRINT_NROFF) {
@ -661,10 +609,7 @@ int print_data(ssl,d)
  return (0);
 }
-int ssl_print_direction_indicator(ssl,dir)
+int ssl_print_direction_indicator(ssl_obj *ssl, int dir) {
  ssl_obj *ssl;
  int dir;
  {
  struct json_object *jobj;
 #if 0    
    if(dir==DIR_I2R){
@ -682,23 +627,34 @@ int ssl_print_direction_indicator(ssl,dir)
  if(dir == DIR_I2R) {
    explain(ssl, "C>S");
    if(jobj) {
-        json_object_object_add(jobj, "src_name", json_object_new_string(ssl->client_name));
+      json_object_object_add(jobj, "src_name",
-        json_object_object_add(jobj, "src_ip", json_object_new_string(ssl->client_ip));
+                             json_object_new_string(ssl->client_name));
-        json_object_object_add(jobj, "src_port", json_object_new_int(ssl->client_port));
+      json_object_object_add(jobj, "src_ip",
-        json_object_object_add(jobj, "dst_name", json_object_new_string(ssl->server_name));
+                             json_object_new_string(ssl->client_ip));
-        json_object_object_add(jobj, "dst_ip", json_object_new_string(ssl->server_ip));
+      json_object_object_add(jobj, "src_port",
-        json_object_object_add(jobj, "dst_port", json_object_new_int(ssl->server_port));
+                             json_object_new_int(ssl->client_port));
      json_object_object_add(jobj, "dst_name",
                             json_object_new_string(ssl->server_name));
      json_object_object_add(jobj, "dst_ip",
                             json_object_new_string(ssl->server_ip));
      json_object_object_add(jobj, "dst_port",
                             json_object_new_int(ssl->server_port));
    }
-    }
+  } else {
    else{
    explain(ssl, "S>C");
    if(jobj) {
-        json_object_object_add(jobj, "src_name", json_object_new_string(ssl->server_name));
+      json_object_object_add(jobj, "src_name",
-        json_object_object_add(jobj, "src_ip", json_object_new_string(ssl->server_ip));
+                             json_object_new_string(ssl->server_name));
-        json_object_object_add(jobj, "src_port", json_object_new_int(ssl->server_port));
+      json_object_object_add(jobj, "src_ip",
-        json_object_object_add(jobj, "dst_name", json_object_new_string(ssl->client_name));
+                             json_object_new_string(ssl->server_ip));
-        json_object_object_add(jobj, "dst_ip", json_object_new_string(ssl->client_ip));
+      json_object_object_add(jobj, "src_port",
-        json_object_object_add(jobj, "dst_port", json_object_new_int(ssl->client_port));
+                             json_object_new_int(ssl->server_port));
      json_object_object_add(jobj, "dst_name",
                             json_object_new_string(ssl->client_name));
      json_object_object_add(jobj, "dst_ip",
                             json_object_new_string(ssl->client_ip));
      json_object_object_add(jobj, "dst_port",
                             json_object_new_int(ssl->client_port));
    }
  }
 #endif
@ -706,10 +662,7 @@ int ssl_print_direction_indicator(ssl,dir)
  return (0);
 }
-int ssl_print_timestamp(ssl,ts)
+int ssl_print_timestamp(ssl_obj *ssl, struct timeval *ts) {
  ssl_obj *ssl;
  struct timeval *ts;
  {
  struct timeval dt;
  int r;
@ -718,63 +671,58 @@ int ssl_print_timestamp(ssl,ts)
  jobj = ssl->cur_json_st;
  if(jobj) {
-      snprintf(ts_str,40, "%lld%c%4.4lld",(long long)ts->tv_sec,'.',(long long)ts->tv_usec/100);
+    snprintf(ts_str, 40, "%lld%c%4.4lld", (long long)ts->tv_sec, '.',
             (long long)ts->tv_usec / 100);
    json_object *j_ts_str = json_object_new_string(ts_str);
    json_object_object_add(jobj, "timestamp", j_ts_str);
  }
  if(SSL_print_flags & SSL_PRINT_TIMESTAMP_ABSOLUTE) {
    if(!(SSL_print_flags & SSL_PRINT_JSON))
-        explain(ssl,"%lld%c%4.4lld ",(long long)ts->tv_sec,'.',(long long)ts->tv_usec/100);
+      explain(ssl, "%lld%c%4.4lld ", (long long)ts->tv_sec, '.',
-    }
+              (long long)ts->tv_usec / 100);
-    else{
+  } else {
    if((r = timestamp_diff(ts, &ssl->time_start, &dt)))
      ERETURN(r);
    if(!(SSL_print_flags & SSL_PRINT_JSON))
-        explain(ssl,"%lld%c%4.4lld ",(long long)dt.tv_sec,'.',(long long)dt.tv_usec/100);
+      explain(ssl, "%lld%c%4.4lld ", (long long)dt.tv_sec, '.',
              (long long)dt.tv_usec / 100);
  }
  if((r = timestamp_diff(ts, &ssl->time_last, &dt))) {
    ERETURN(r);
  }
  if(!(SSL_print_flags & SSL_PRINT_JSON))
-      explain(ssl,"(%lld%c%4.4lld)  ",(long long)dt.tv_sec,'.',(long long)dt.tv_usec/100);
+    explain(ssl, "(%lld%c%4.4lld)  ", (long long)dt.tv_sec, '.',
            (long long)dt.tv_usec / 100);
  memcpy(&ssl->time_last, ts, sizeof(struct timeval));
  return (0);
 }
-
+int ssl_print_record_num(ssl_obj *ssl) {
 int ssl_print_record_num(ssl)
  ssl_obj *ssl;
  {
  struct json_object *jobj;
  jobj = ssl->cur_json_st;
  ssl->record_count++;
  if(!(SSL_print_flags & SSL_PRINT_JSON)) {
    if(SSL_print_flags & SSL_PRINT_NROFF) {
-        printf("\\fI%d %d\\fR %s",
+      printf("\\fI%d %d\\fR %s", ssl->conn->conn_number, ssl->record_count,
-          ssl->conn->conn_number,
+             ssl->record_count < 10 ? " " : "");
-          ssl->record_count,ssl->record_count<10?" ":"");
+    } else {
-      }
+      printf("%d %d %s", ssl->conn->conn_number, ssl->record_count,
-      else{
+             ssl->record_count < 10 ? " " : "");
        printf("%d %d %s",ssl->conn->conn_number,
          ssl->record_count,ssl->record_count<10?" ":"");
    }
  }
-    json_object_object_add(jobj, "connection_number", json_object_new_int(ssl->conn->conn_number));
+  json_object_object_add(jobj, "connection_number",
-    json_object_object_add(jobj, "record_count", json_object_new_int(ssl->record_count));
+                         json_object_new_int(ssl->conn->conn_number));
  json_object_object_add(jobj, "record_count",
                         json_object_new_int(ssl->record_count));
  return (0);
 }
-int ssl_print_cipher_suite(ssl,version,p,val)
+int ssl_print_cipher_suite(ssl_obj *ssl, int version, int p, UINT4 val) {
  ssl_obj *ssl;
  int version;
  int p;
  UINT4 val;
  {
  char *str;
  char *prefix = version <= 0x300 ? "SSL_" : "TLS_";
  int r;
@ -789,16 +737,9 @@ int ssl_print_cipher_suite(ssl,version,p,val)
       and the version is SSLv3 then we replace it with SSL_*/
    if(!strncmp(str, "TLS_", 4)) {
      explain(ssl, "%s%s", prefix, str + 4);
-      }
+    } else {
      else{
      explain(ssl, "%s", str);
    }
  }
  return (0);
 }
--- a/ssl/sslprint.h
+++ b/ssl/sslprint.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: sslprint.h,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,66 +44,104 @@
   ekr@rtfm.com  Wed Feb 10 15:34:14 1999
 */
 #ifndef _sslprint_h
 #define _sslprint_h
 #include "ssl_analyze.h"
 #include "ssl_h.h"
-int ssl_expand_record PROTO_LIST((ssl_obj *ssl,
+int ssl_expand_record PROTO_LIST(
-  segment *q,int direction,UCHAR *data,int len));
+    (ssl_obj * ssl, segment *q, int direction, UCHAR *data, int len));
 int ssl_decode_switch PROTO_LIST((ssl_obj * ssl,
-  decoder *dtable,int value,int dir,segment *seg,Data *data));
+                                  decoder *dtable,
-int ssl_decode_uintX PROTO_LIST((ssl_obj *ssl,char *name,int size,
+                                  int value,
-  UINT4 print,Data *data,UINT4 *x));
+                                  int dir,
-int ssl_decode_opaque_array PROTO_LIST((ssl_obj *ssl,char *name,int size,
+                                  segment *seg,
-  UINT4 print,Data *data,Data *x));
+                                  Data *data));
-int ssl_decode_enum PROTO_LIST((ssl_obj *ssl,char *name,
+int ssl_decode_uintX PROTO_LIST(
-  int size,decoder *decode,UINT4 p,Data *data,
+    (ssl_obj * ssl, char *name, int size, UINT4 print, Data *data, UINT4 *x));
 int ssl_decode_opaque_array PROTO_LIST(
    (ssl_obj * ssl, char *name, int size, UINT4 print, Data *data, Data *x));
 int ssl_decode_enum PROTO_LIST((ssl_obj * ssl,
                                char *name,
                                int size,
                                decoder *decode,
                                UINT4 p,
                                Data *data,
                                UINT4 *x));
-int ssl_lookup_enum PROTO_LIST((ssl_obj *ssl,decoder *dtable,
+int ssl_lookup_enum
-  UINT4 val,char **ptr));
+    PROTO_LIST((ssl_obj * ssl, decoder *dtable, UINT4 val, char **ptr));
-int ssl_print_enum PROTO_LIST((ssl_obj *obj,char *name,
+int ssl_print_enum
-  decoder *decode,UINT4 value));
+    PROTO_LIST((ssl_obj * obj, char *name, decoder *decode, UINT4 value));
-int ssl_get_enum_str PROTO_LIST((ssl_obj *obj,char *outstr,
+int ssl_get_enum_str
-  decoder *decode,UINT4 value));
+    PROTO_LIST((ssl_obj * obj, char *outstr, decoder *decode, UINT4 value));
 int print_data PROTO_LIST((ssl_obj * ssl, Data *d));
 int process_v2_hello PROTO_LIST((ssl_obj * ssl, segment *seg));
 int process_beginning_plaintext PROTO_LIST((ssl_obj * ssl,
-  segment *seg,int direction));
+                                            segment *seg,
                                            int direction));
 int ssl_print_direction_indicator PROTO_LIST((ssl_obj * ssl, int dir));
 int ssl_print_timestamp PROTO_LIST((ssl_obj * ssl, struct timeval *ts));
 int ssl_print_record_num PROTO_LIST((ssl_obj * ssl));
-int ssl_print_cipher_suite PROTO_LIST((ssl_obj *ssl,int version,int p,
+int ssl_print_cipher_suite
-  UINT4 val));
+    PROTO_LIST((ssl_obj * ssl, int version, int p, UINT4 val));
 int explain PROTO_LIST((ssl_obj * ssl, char *format, ...));
 int exdump PROTO_LIST((ssl_obj * ssl, char *name, Data *data));
 int exstr PROTO_LIST((ssl_obj * ssl, char *name, Data *data));
-
+#define SSL_DECODE_UINT8(a, n, b, c, d)        \
-#define SSL_DECODE_UINT8(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,1,b,c,d))) ERETURN(r)
+  if((r = ssl_decode_uintX(a, n, 1, b, c, d))) \
-#define SSL_DECODE_UINT16(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,2,b,c,d))) ERETURN(r)
+  ERETURN(r)
-#define SSL_DECODE_UINT24(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,3,b,c,d))) ERETURN(r)
+#define SSL_DECODE_UINT16(a, n, b, c, d)       \
-#define SSL_DECODE_UINT32(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ERETURN(r)
+  if((r = ssl_decode_uintX(a, n, 2, b, c, d))) \
-#define SSL_DECODE_OPAQUE_ARRAY(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ERETURN(r)
+  ERETURN(r)
-#define SSL_DECODE_ENUM(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ERETURN(r)
+#define SSL_DECODE_UINT24(a, n, b, c, d)       \
-#define SSL_DECODE_UINT8_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,1,b,c,d))) ABORT(r)
+  if((r = ssl_decode_uintX(a, n, 3, b, c, d))) \
-#define SSL_DECODE_UINT16_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,2,b,c,d))) ABORT(r)
+  ERETURN(r)
-#define SSL_DECODE_UINT24_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,3,b,c,d))) ABORT(r)
+#define SSL_DECODE_UINT32(a, n, b, c, d)       \
-#define SSL_DECODE_UINT32_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ABORT(r)
+  if((r = ssl_decode_uintX(a, n, 4, b, c, d))) \
-#define SSL_DECODE_OPAQUE_ARRAY_ABORT(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ABORT(r)
+  ERETURN(r)
-#define SSL_DECODE_ENUM_ABORT(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ABORT(r)
+#define SSL_DECODE_OPAQUE_ARRAY(a, n, b, c, d, e)     \
  if((r = ssl_decode_opaque_array(a, n, b, c, d, e))) \
  ERETURN(r)
 #define SSL_DECODE_ENUM(a, b, c, d, e, f, g)     \
  if((r = ssl_decode_enum(a, b, c, d, e, f, g))) \
  ERETURN(r)
 #define SSL_DECODE_UINT8_ABORT(a, n, b, c, d)  \
  if((r = ssl_decode_uintX(a, n, 1, b, c, d))) \
  ABORT(r)
 #define SSL_DECODE_UINT16_ABORT(a, n, b, c, d) \
  if((r = ssl_decode_uintX(a, n, 2, b, c, d))) \
  ABORT(r)
 #define SSL_DECODE_UINT24_ABORT(a, n, b, c, d) \
  if((r = ssl_decode_uintX(a, n, 3, b, c, d))) \
  ABORT(r)
 #define SSL_DECODE_UINT32_ABORT(a, n, b, c, d) \
  if((r = ssl_decode_uintX(a, n, 4, b, c, d))) \
  ABORT(r)
 #define SSL_DECODE_OPAQUE_ARRAY_ABORT(a, n, b, c, d, e) \
  if((r = ssl_decode_opaque_array(a, n, b, c, d, e)))   \
  ABORT(r)
 #define SSL_DECODE_ENUM_ABORT(a, b, c, d, e, f, g) \
  if((r = ssl_decode_enum(a, b, c, d, e, f, g)))   \
  ABORT(r)
 #define P_(p) if((p == SSL_PRINT_ALL) || (p & SSL_print_flags))
-#define INDENT if(!(NET_print_flags & NET_PRINT_JSON)) do {int i; for(i=0;i<(ssl->indent_depth + ssl->indent_name_len);i++)  printf("%s",SSL_print_flags & SSL_PRINT_NROFF?" ":" ");} while(0)
+#define INDENT                                                        \
  if(!(NET_print_flags & NET_PRINT_JSON))                             \
    do {                                                              \
      int i;                                                          \
      for(i = 0; i < (ssl->indent_depth + ssl->indent_name_len); i++) \
        printf("%s", SSL_print_flags &SSL_PRINT_NROFF ? " " : " ");   \
  } while(0)
 #define INDENT_INCR ssl->indent_depth += 2
 #define INDENT_POP ssl->indent_depth -= 2
 #define INDENT_NAME(x) ssl->indent_name_len += strlen(x)
 #define INDENT_NAME_POP ssl->indent_name_len = 0
 #define LINE_LEFT (80-(ssl->indent_name_len + ssl->indent_depth)
-#define LF if(!(NET_print_flags & NET_PRINT_JSON)) printf("\n")
+#define LF                                \
  if(!(NET_print_flags & NET_PRINT_JSON)) \
  printf("\n")
 #endif
--- a/ssl/sslxprint.c
+++ b/ssl/sslxprint.c
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Thu Mar 25 21:17:16 1999
 */
 #include <json.h>
 #include "network.h"
 #include "ssl_h.h"
@ -62,11 +62,7 @@ static int sslx__print_dn PROTO_LIST((ssl_obj *ssl,char *x));
 static int sslx__print_serial PROTO_LIST((ssl_obj * ssl, ASN1_INTEGER *a));
 #endif
-int sslx_print_certificate(ssl,data,pf)
+int sslx_print_certificate(ssl_obj *ssl, Data *data, int pf) {
  ssl_obj *ssl;
  Data *data;
  int pf;
  {
 #ifdef OPENSSL
  X509 *x = 0;
  ASN1_INTEGER *a;
@ -91,29 +87,31 @@ int sslx_print_certificate(ssl,data,pf)
    d = data->data;
-      if(!(b64_cert=(char *)calloc(1,sizeof(char) * ((((data->len) + 3 - 1)/3) * 4 + 1))))
+    if(!(b64_cert = (char *)calloc(
             1, sizeof(char) * ((((data->len) + 3 - 1) / 3) * 4 + 1))))
      ABORT(R_NO_MEMORY);
    EVP_EncodeBlock((unsigned char *)b64_cert, d, data->len);
-      json_object_object_add(cert_obj, "cert_der", json_object_new_string(b64_cert));
+    json_object_object_add(cert_obj, "cert_der",
                           json_object_new_string(b64_cert));
    free(b64_cert);
    if(!(x = d2i_X509(0, (const unsigned char **)&d, data->len))) {
      explain(ssl, "Bad certificate");
      ABORT(R_BAD_DATA);
    }
-      X509_NAME_oneline(X509_get_subject_name(x),buf,
+    X509_NAME_oneline(X509_get_subject_name(x), buf, BUFSIZE);
        BUFSIZE);
    explain(ssl, "Subject\n");
    INDENT_INCR;
-      json_object_object_add(cert_obj, "cert_subject", json_object_new_string(buf));
+    json_object_object_add(cert_obj, "cert_subject",
                           json_object_new_string(buf));
    sslx__print_dn(ssl, buf);
    INDENT_POP;
-      X509_NAME_oneline(X509_get_issuer_name(x),buf,
+    X509_NAME_oneline(X509_get_issuer_name(x), buf, BUFSIZE);
        BUFSIZE);
    explain(ssl, "Issuer\n");
    INDENT_INCR;
-      json_object_object_add(cert_obj, "cert_issuer", json_object_new_string(buf));
+    json_object_object_add(cert_obj, "cert_issuer",
                           json_object_new_string(buf));
    sslx__print_dn(ssl, buf);
    INDENT_POP;
    a = X509_get_serialNumber(x);
@ -122,7 +120,8 @@ int sslx_print_certificate(ssl,data,pf)
      ABORT(R_NO_MEMORY);
    INIT_DATA(data_tmp, a->data, a->length);
    exstr(ssl, serial_str, &data_tmp);
-      json_object_object_add(cert_obj, "cert_serial", json_object_new_string(serial_str));
+    json_object_object_add(cert_obj, "cert_serial",
                           json_object_new_string(serial_str));
    free(serial_str);
    sslx__print_serial(ssl, a);
@ -164,12 +163,9 @@ int sslx_print_certificate(ssl,data,pf)
      }
      INDENT_POP;
-      }
+    } else {
      else{
 #endif
-        P_(pf){
+      P_(pf) { exdump(ssl, "certificate", data); }
          exdump(ssl,"certificate",data);
        }
 #ifdef OPENSSL
    }
@ -182,17 +178,15 @@ int sslx_print_certificate(ssl,data,pf)
  _status = 0;
 abort:
 #ifdef OPENSSL
-    if(x) X509_free(x);
+  if(x)
    X509_free(x);
 #endif
-    if(_status && cert_obj) json_object_put(cert_obj);
+  if(_status && cert_obj)
    json_object_put(cert_obj);
  return (_status);
 }
-int sslx_print_dn(ssl,data,pf)
+int sslx_print_dn(ssl_obj *ssl, Data *data, int pf) {
  ssl_obj *ssl;
  Data *data;
  int pf;
  {
  UCHAR buf[BUFSIZE];
  int _status;
  UCHAR *d = data->data;
@ -202,9 +196,8 @@ int sslx_print_dn(ssl,data,pf)
  P_(pf){
 #ifdef OPENSSL
-      P_(P_ASN){
+      P_(P_ASN){if(!(n = d2i_X509_NAME(0, (const unsigned char **)&d,
-	if(!(n=d2i_X509_NAME(0,(const unsigned char **) &d,data->len)))
+                                       data->len))) ABORT(R_BAD_DATA);
 	  ABORT(R_BAD_DATA);
  X509_NAME_oneline(n, (char *)buf, BUFSIZE);
  sslx__print_dn(ssl, (char *)buf);
 }
@ -224,13 +217,11 @@ int sslx_print_dn(ssl,data,pf)
 return (_status);
 }
-static int sslx__print_dn(ssl,x)
+static int sslx__print_dn(ssl_obj *ssl, char *x) {
  ssl_obj *ssl;
  char *x;
  {
  char *slash;
-    if(*x=='/') x++;
+  if(*x == '/')
    x++;
  while(x) {
    if((slash = strchr(x, '/'))) {
@ -246,10 +237,7 @@ static int sslx__print_dn(ssl,x)
 }
 #ifdef OPENSSL
-static int sslx__print_serial(ssl,a)
+static int sslx__print_serial(ssl_obj *ssl, ASN1_INTEGER *a) {
  ssl_obj *ssl;
  ASN1_INTEGER *a;
  {
  Data d;
  if(a->length == 0)
--- a/ssl/sslxprint.h
+++ b/ssl/sslxprint.h
@ -35,7 +35,8 @@
   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
+   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
   DAMAGE.
   $Id: sslxprint.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
@ -43,7 +44,6 @@
   ekr@rtfm.com  Thu Mar 25 21:23:34 1999
 */
 #ifndef _sslxprint_h
 #define _sslxprint_h
@ -51,4 +51,3 @@ int sslx_print_certificate PROTO_LIST((ssl_obj *ssl,Data *data,int pf));
 int sslx_print_dn PROTO_LIST((ssl_obj * ssl, Data *data, int pf));
 #endif
`@ -4,4 +4,3 @@`
	`extern logger_mod pcap_mod;`	`extern logger_mod pcap_mod;`

	`#endif`	`#endif`