indent: Reformat and extend some comments in dirmngr.

--

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 29 insertions, 29 deletions

diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c
index 10757c890..d13d80b44 100644
--- a/dirmngr/certcache.c
+++ b/dirmngr/certcache.c
@@ -154,8 +154,8 @@ compare_serialno (ksba_sexp_t serial1, ksba_sexp_t serial2 )
 
 
 /* Return a malloced canonical S-Expression with the serial number
-   converted from the hex string HEXSN.  Return NULL on memory
-   error. */
+ * converted from the hex string HEXSN.  Return NULL on memory
+ * error.  */
 ksba_sexp_t
 hexsn_to_sexp (const char *hexsn)
 {
@@ -981,7 +981,7 @@ get_certs_bypattern (const char *pattern,
 
 
 /* Return the certificate matching ISSUER_DN and SERIALNO; if it is
-   not already in the cache, try to find it from other resources.  */
+ * not already in the cache, try to find it from other resources.  */
 ksba_cert_t
 find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno)
 {
@@ -996,8 +996,8 @@ find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno)
     return cert;
 
   /* Ask back to the service requester to return the certificate.
-     This is because we can assume that he already used the
-     certificate while checking for the CRL. */
+   * This is because we can assume that he already used the
+   * certificate while checking for the CRL.  */
   hexsn = serial_hex (serialno);
   if (!hexsn)
     {
@@ -1093,10 +1093,10 @@ find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno)
 
 
 /* Return the certificate matching SUBJECT_DN and (if not NULL)
-   KEYID. If it is not already in the cache, try to find it from other
-   resources.  Note, that the external search does not work for user
-   certificates because the LDAP lookup is on the caCertificate
-   attribute. For our purposes this is just fine.  */
+ * KEYID. If it is not already in the cache, try to find it from other
+ * resources.  Note, that the external search does not work for user
+ * certificates because the LDAP lookup is on the caCertificate
+ * attribute. For our purposes this is just fine.  */
 ksba_cert_t
 find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid)
 {
@@ -1107,11 +1107,11 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid)
   ksba_sexp_t subj;
 
   /* If we have certificates from an OCSP request we first try to use
-     them.  This is because these certificates will really be the
-     required ones and thus even in the case that they can't be
-     uniquely located by the following code we can use them.  This is
-     for example required by Telesec certificates where a keyId is
-     used but the issuer certificate comes without a subject keyId! */
+   * them.  This is because these certificates will really be the
+   * required ones and thus even in the case that they can't be
+   * uniquely located by the following code we can use them.  This is
+   * for example required by Telesec certificates where a keyId is
+   * used but the issuer certificate comes without a subject keyId! */
   if (ctrl->ocsp_certs && subject_dn)
     {
       cert_item_t ci;
@@ -1136,8 +1136,7 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid)
         log_debug ("find_cert_bysubject: certificate not in ocsp_certs\n");
     }
 
-
-  /* First we check whether the certificate is cached.  */
+  /* No check whether the certificate is cached.  */
   for (seq=0; (cert = get_cert_bysubject (subject_dn, seq)); seq++)
     {
       if (!keyid)
@@ -1158,15 +1157,15 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid)
     log_debug ("find_cert_bysubject: certificate not in cache\n");
 
   /* Ask back to the service requester to return the certificate.
-     This is because we can assume that he already used the
-     certificate while checking for the CRL. */
+   * This is because we can assume that he already used the
+   * certificate while checking for the CRL. */
   if (keyid)
     cert = get_cert_local_ski (ctrl, subject_dn, keyid);
   else
     {
       /* In contrast to get_cert_local_ski, get_cert_local uses any
-         passed pattern, so we need to make sure that an exact subject
-         search is done. */
+       * passed pattern, so we need to make sure that an exact subject
+       * search is done.  */
       char *buf;
 
       buf = strconcat ("/", subject_dn, NULL);
@@ -1263,7 +1262,6 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid)
 }
 
 
-
 /* Return 0 if the certificate is a trusted certificate. Returns
    GPG_ERR_NOT_TRUSTED if it is not trusted or other error codes in
    case of systems errors. */
@@ -1294,8 +1292,8 @@ is_trusted_cert (ksba_cert_t cert)
 
 
 /* Given the certificate CERT locate the issuer for this certificate
-   and return it at R_CERT.  Returns 0 on success or
-   GPG_ERR_NOT_FOUND.  */
+ * and return it at R_CERT.  Returns 0 on success or
+ * GPG_ERR_NOT_FOUND.  */
 gpg_error_t
 find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert)
 {
@@ -1331,16 +1329,18 @@ find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert)
         {
           issuer_cert = find_cert_bysn (ctrl, s, authidno);
         }
+
       if (!issuer_cert && keyid)
         {
           /* Not found by issuer+s/n.  Now that we have an AKI
-             keyIdentifier look for a certificate with a matching
-             SKI. */
+           * keyIdentifier look for a certificate with a matching
+           * SKI. */
           issuer_cert = find_cert_bysubject (ctrl, issuer_dn, keyid);
         }
+
       /* Print a note so that the user does not feel too helpless when
-         an issuer certificate was found and gpgsm prints BAD
-         signature because it is not the correct one. */
+       * an issuer certificate was found and gpgsm prints BAD
+       * signature because it is not the correct one.  */
       if (!issuer_cert)
         {
           log_info ("issuer certificate ");
@@ -1366,8 +1366,8 @@ find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert)
     }
 
   /* If this did not work, try just with the issuer's name and assume
-     that there is only one such certificate.  We only look into our
-     cache then. */
+   * that there is only one such certificate.  We only look into our
+   * cache then.  */
   if (err || !issuer_cert)
     {
       issuer_cert = get_cert_bysubject (issuer_dn, 0);