pgindent run for 8.3.

6 files changed, 193 insertions, 176 deletions

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 22a03f3afc..89cb3e9ad4 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.158 2007/11/15 20:04:38 petere Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.159 2007/11/15 21:14:35 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -197,7 +197,7 @@ pg_krb5_recvauth(Port *port)
 
 	if (get_role_line(port->user_name) == NULL)
 		return STATUS_ERROR;
-	
+
 	ret = pg_krb5_init();
 	if (ret != STATUS_OK)
 		return ret;
@@ -326,7 +326,7 @@ pg_krb5_recvauth(Port *port)
  * from src/athena/auth/krb5/src/lib/gssapi/generic/gssapi_generic.c
  */
 static const gss_OID_desc GSS_C_NT_USER_NAME_desc =
- {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"};
+{10, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"};
 static GSS_DLLIMP gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_desc;
 #endif
 
@@ -334,30 +334,33 @@ static GSS_DLLIMP gss_OID GSS_C_NT_USER_NAME = &GSS_C_NT_USER_NAME_desc;
 static void
 pg_GSS_error(int severity, char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
 {
-	gss_buffer_desc	gmsg;
-	OM_uint32		lmaj_s, lmin_s, msg_ctx;
-	char			msg_major[128],
-					msg_minor[128];
+	gss_buffer_desc gmsg;
+	OM_uint32	lmaj_s,
+				lmin_s,
+				msg_ctx;
+	char		msg_major[128],
+				msg_minor[128];
 
 	/* Fetch major status message */
 	msg_ctx = 0;
 	lmaj_s = gss_display_status(&lmin_s, maj_stat, GSS_C_GSS_CODE,
-			GSS_C_NO_OID, &msg_ctx, &gmsg);
+								GSS_C_NO_OID, &msg_ctx, &gmsg);
 	strlcpy(msg_major, gmsg.value, sizeof(msg_major));
 	gss_release_buffer(&lmin_s, &gmsg);
 
 	if (msg_ctx)
-		/* More than one message available.
-		 * XXX: Should we loop and read all messages?
-		 * (same below)
+
+		/*
+		 * More than one message available. XXX: Should we loop and read all
+		 * messages? (same below)
 		 */
-		ereport(WARNING, 
+		ereport(WARNING,
 				(errmsg_internal("incomplete GSS error report")));
 
 	/* Fetch mechanism minor status message */
 	msg_ctx = 0;
 	lmaj_s = gss_display_status(&lmin_s, min_stat, GSS_C_MECH_CODE,
-			GSS_C_NO_OID, &msg_ctx, &gmsg);
+								GSS_C_NO_OID, &msg_ctx, &gmsg);
 	strlcpy(msg_minor, gmsg.value, sizeof(msg_minor));
 	gss_release_buffer(&lmin_s, &gmsg);
 
@@ -365,8 +368,10 @@ pg_GSS_error(int severity, char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
 		ereport(WARNING,
 				(errmsg_internal("incomplete GSS minor error report")));
 
-	/* errmsg_internal, since translation of the first part must be
-	 * done before calling this function anyway. */
+	/*
+	 * errmsg_internal, since translation of the first part must be done
+	 * before calling this function anyway.
+	 */
 	ereport(severity,
 			(errmsg_internal("%s", errmsg),
 			 errdetail("%s: %s", msg_major, msg_minor)));
@@ -375,36 +380,38 @@ pg_GSS_error(int severity, char *errmsg, OM_uint32 maj_stat, OM_uint32 min_stat)
 static int
 pg_GSS_recvauth(Port *port)
 {
-	OM_uint32		maj_stat, min_stat, lmin_s, gflags;
-	char		   *kt_path;
-	int				mtype;
-	int				ret;
-	StringInfoData	buf;
-	gss_buffer_desc	gbuf;
+	OM_uint32	maj_stat,
+				min_stat,
+				lmin_s,
+				gflags;
+	char	   *kt_path;
+	int			mtype;
+	int			ret;
+	StringInfoData buf;
+	gss_buffer_desc gbuf;
 
 	if (pg_krb_server_keyfile && strlen(pg_krb_server_keyfile) > 0)
 	{
 		/*
 		 * Set default Kerberos keytab file for the Krb5 mechanism.
 		 *
-		 * setenv("KRB5_KTNAME", pg_krb_server_keyfile, 0);
-		 *		except setenv() not always available.
+		 * setenv("KRB5_KTNAME", pg_krb_server_keyfile, 0); except setenv()
+		 * not always available.
 		 */
 		if (!getenv("KRB5_KTNAME"))
 		{
 			kt_path = palloc(MAXPGPATH + 13);
 			snprintf(kt_path, MAXPGPATH + 13,
-					"KRB5_KTNAME=%s", pg_krb_server_keyfile);
+					 "KRB5_KTNAME=%s", pg_krb_server_keyfile);
 			putenv(kt_path);
 		}
 	}
 
 	/*
-	 * We accept any service principal that's present in our
-	 * keytab. This increases interoperability between kerberos
-	 * implementations that see for example case sensitivity
-	 * differently, while not really opening up any vector
-	 * of attack.
+	 * We accept any service principal that's present in our keytab. This
+	 * increases interoperability between kerberos implementations that see
+	 * for example case sensitivity differently, while not really opening up
+	 * any vector of attack.
 	 */
 	port->gss->cred = GSS_C_NO_CREDENTIAL;
 
@@ -414,12 +421,12 @@ pg_GSS_recvauth(Port *port)
 	port->gss->ctx = GSS_C_NO_CONTEXT;
 
 	/*
-	 * Loop through GSSAPI message exchange. This exchange can consist
-	 * of multiple messags sent in both directions. First message is always
-	 * from the client. All messages from client to server are password
-	 * packets (type 'p').
+	 * Loop through GSSAPI message exchange. This exchange can consist of
+	 * multiple messags sent in both directions. First message is always from
+	 * the client. All messages from client to server are password packets
+	 * (type 'p').
 	 */
-	do 
+	do
 	{
 		mtype = pq_getbyte();
 		if (mtype != 'p')
@@ -429,7 +436,7 @@ pg_GSS_recvauth(Port *port)
 				ereport(COMMERROR,
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("expected GSS response, got message type %d",
-							 mtype)));
+								mtype)));
 			return STATUS_ERROR;
 		}
 
@@ -446,21 +453,21 @@ pg_GSS_recvauth(Port *port)
 		gbuf.length = buf.len;
 		gbuf.value = buf.data;
 
-		elog(DEBUG4, "Processing received GSS token of length %u", 
+		elog(DEBUG4, "Processing received GSS token of length %u",
 			 (unsigned int) gbuf.length);
 
 		maj_stat = gss_accept_sec_context(
-				&min_stat,
-				&port->gss->ctx,
-				port->gss->cred,
-				&gbuf,
-				GSS_C_NO_CHANNEL_BINDINGS,
-				&port->gss->name,
-				NULL,
-				&port->gss->outbuf,
-				&gflags,
-				NULL,
-				NULL);
+										  &min_stat,
+										  &port->gss->ctx,
+										  port->gss->cred,
+										  &gbuf,
+										  GSS_C_NO_CHANNEL_BINDINGS,
+										  &port->gss->name,
+										  NULL,
+										  &port->gss->outbuf,
+										  &gflags,
+										  NULL,
+										  NULL);
 
 		/* gbuf no longer used */
 		pfree(buf.data);
@@ -488,10 +495,11 @@ pg_GSS_recvauth(Port *port)
 		if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED)
 		{
 			OM_uint32	lmin_s;
+
 			gss_delete_sec_context(&lmin_s, &port->gss->ctx, GSS_C_NO_BUFFER);
-			pg_GSS_error(ERROR, 
-					gettext_noop("accepting GSS security context failed"),
-					maj_stat, min_stat);
+			pg_GSS_error(ERROR,
+					   gettext_noop("accepting GSS security context failed"),
+						 maj_stat, min_stat);
 		}
 
 		if (maj_stat == GSS_S_CONTINUE_NEEDED)
@@ -510,8 +518,8 @@ pg_GSS_recvauth(Port *port)
 	/*
 	 * GSS_S_COMPLETE indicates that authentication is now complete.
 	 *
-	 * Get the name of the user that authenticated, and compare it to the
-	 * pg username that was specified for the connection.
+	 * Get the name of the user that authenticated, and compare it to the pg
+	 * username that was specified for the connection.
 	 */
 	maj_stat = gss_display_name(&min_stat, port->gss->name, &gbuf, NULL);
 	if (maj_stat != GSS_S_COMPLETE)
@@ -524,7 +532,8 @@ pg_GSS_recvauth(Port *port)
 	 */
 	if (strchr(gbuf.value, '@'))
 	{
-		char *cp = strchr(gbuf.value, '@');
+		char	   *cp = strchr(gbuf.value, '@');
+
 		*cp = '\0';
 		cp++;
 
@@ -542,7 +551,7 @@ pg_GSS_recvauth(Port *port)
 			{
 				/* GSS realm does not match */
 				elog(DEBUG2,
-					 "GSSAPI realm (%s) and configured realm (%s) don't match",
+				   "GSSAPI realm (%s) and configured realm (%s) don't match",
 					 cp, pg_krb_realm);
 				gss_release_buffer(&lmin_s, &gbuf);
 				return STATUS_ERROR;
@@ -566,20 +575,19 @@ pg_GSS_recvauth(Port *port)
 	if (ret)
 	{
 		/* GSS name and PGUSER are not equivalent */
-		elog(DEBUG2, 
+		elog(DEBUG2,
 			 "provided username (%s) and GSSAPI username (%s) don't match",
-			 port->user_name, (char *)gbuf.value);
+			 port->user_name, (char *) gbuf.value);
 
 		gss_release_buffer(&lmin_s, &gbuf);
 		return STATUS_ERROR;
 	}
-	
+
 	gss_release_buffer(&lmin_s, &gbuf);
 
 	return STATUS_OK;
 }
-
-#else /* no ENABLE_GSS */
+#else							/* no ENABLE_GSS */
 static int
 pg_GSS_recvauth(Port *port)
 {
@@ -588,78 +596,78 @@ pg_GSS_recvauth(Port *port)
 			 errmsg("GSSAPI not implemented on this server")));
 	return STATUS_ERROR;
 }
-#endif	/* ENABLE_GSS */
+#endif   /* ENABLE_GSS */
 
 #ifdef ENABLE_SSPI
 static void
 pg_SSPI_error(int severity, char *errmsg, SECURITY_STATUS r)
 {
-	char sysmsg[256];
+	char		sysmsg[256];
 
 	if (FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, r, 0, sysmsg, sizeof(sysmsg), NULL) == 0)
 		ereport(severity,
-		        (errmsg_internal("%s", errmsg),
-				errdetail("sspi error %x", (unsigned int)r)));
+				(errmsg_internal("%s", errmsg),
+				 errdetail("sspi error %x", (unsigned int) r)));
 	else
 		ereport(severity,
-		        (errmsg_internal("%s", errmsg),
-				errdetail("%s (%x)", sysmsg, (unsigned int)r)));
+				(errmsg_internal("%s", errmsg),
+				 errdetail("%s (%x)", sysmsg, (unsigned int) r)));
 }
 
-typedef SECURITY_STATUS
-(WINAPI * QUERY_SECURITY_CONTEXT_TOKEN_FN)(
-    PCtxtHandle, void **);
+typedef		SECURITY_STATUS
+			(WINAPI * QUERY_SECURITY_CONTEXT_TOKEN_FN) (
+													   PCtxtHandle, void **);
 
 static int
 pg_SSPI_recvauth(Port *port)
 {
-	int				mtype;
-	StringInfoData	buf;
+	int			mtype;
+	StringInfoData buf;
 	SECURITY_STATUS r;
-	CredHandle		sspicred;
-	CtxtHandle		*sspictx = NULL,
-		            newctx;
-	TimeStamp		expiry;
-	ULONG			contextattr;
-	SecBufferDesc	inbuf;
-	SecBufferDesc	outbuf;
-	SecBuffer		OutBuffers[1];
-	SecBuffer		InBuffers[1];
-	HANDLE			token;
-	TOKEN_USER		*tokenuser;
-	DWORD			retlen;
-	char			accountname[MAXPGPATH];
-	char			domainname[MAXPGPATH];
-	DWORD			accountnamesize = sizeof(accountname);
-	DWORD			domainnamesize = sizeof(domainname);
-	SID_NAME_USE	accountnameuse;
-	HMODULE			secur32;
-	QUERY_SECURITY_CONTEXT_TOKEN_FN	_QuerySecurityContextToken;
+	CredHandle	sspicred;
+	CtxtHandle *sspictx = NULL,
+				newctx;
+	TimeStamp	expiry;
+	ULONG		contextattr;
+	SecBufferDesc inbuf;
+	SecBufferDesc outbuf;
+	SecBuffer	OutBuffers[1];
+	SecBuffer	InBuffers[1];
+	HANDLE		token;
+	TOKEN_USER *tokenuser;
+	DWORD		retlen;
+	char		accountname[MAXPGPATH];
+	char		domainname[MAXPGPATH];
+	DWORD		accountnamesize = sizeof(accountname);
+	DWORD		domainnamesize = sizeof(domainname);
+	SID_NAME_USE accountnameuse;
+	HMODULE		secur32;
+	QUERY_SECURITY_CONTEXT_TOKEN_FN _QuerySecurityContextToken;
 
 
 	/*
 	 * Acquire a handle to the server credentials.
 	 */
 	r = AcquireCredentialsHandle(NULL,
-		"negotiate",
-		SECPKG_CRED_INBOUND,
-		NULL,
-		NULL,
-		NULL,
-		NULL,
-		&sspicred,
-		&expiry);
+								 "negotiate",
+								 SECPKG_CRED_INBOUND,
+								 NULL,
+								 NULL,
+								 NULL,
+								 NULL,
+								 &sspicred,
+								 &expiry);
 	if (r != SEC_E_OK)
-		pg_SSPI_error(ERROR, 
-					gettext_noop("could not acquire SSPI credentials handle"), r);
+		pg_SSPI_error(ERROR,
+			   gettext_noop("could not acquire SSPI credentials handle"), r);
 
 	/*
-	 * Loop through SSPI message exchange. This exchange can consist
-	 * of multiple messags sent in both directions. First message is always
-	 * from the client. All messages from client to server are password
-	 * packets (type 'p').
+	 * Loop through SSPI message exchange. This exchange can consist of
+	 * multiple messags sent in both directions. First message is always from
+	 * the client. All messages from client to server are password packets
+	 * (type 'p').
 	 */
-	do 
+	do
 	{
 		mtype = pq_getbyte();
 		if (mtype != 'p')
@@ -669,7 +677,7 @@ pg_SSPI_recvauth(Port *port)
 				ereport(COMMERROR,
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("expected SSPI response, got message type %d",
-							 mtype)));
+								mtype)));
 			return STATUS_ERROR;
 		}
 
@@ -699,18 +707,18 @@ pg_SSPI_recvauth(Port *port)
 		outbuf.ulVersion = SECBUFFER_VERSION;
 
 
-		elog(DEBUG4, "Processing received SSPI token of length %u", 
+		elog(DEBUG4, "Processing received SSPI token of length %u",
 			 (unsigned int) buf.len);
 
 		r = AcceptSecurityContext(&sspicred,
-			sspictx,
-			&inbuf,
-			ASC_REQ_ALLOCATE_MEMORY,
-			SECURITY_NETWORK_DREP,
-			&newctx,
-			&outbuf,
-			&contextattr,
-			NULL);
+								  sspictx,
+								  &inbuf,
+								  ASC_REQ_ALLOCATE_MEMORY,
+								  SECURITY_NETWORK_DREP,
+								  &newctx,
+								  &outbuf,
+								  &contextattr,
+								  NULL);
 
 		/* input buffer no longer used */
 		pfree(buf.data);
@@ -739,8 +747,8 @@ pg_SSPI_recvauth(Port *port)
 				free(sspictx);
 			}
 			FreeCredentialsHandle(&sspicred);
-			pg_SSPI_error(ERROR, 
-					gettext_noop("could not accept SSPI security context"), r);
+			pg_SSPI_error(ERROR,
+				  gettext_noop("could not accept SSPI security context"), r);
 		}
 
 		if (sspictx == NULL)
@@ -748,7 +756,7 @@ pg_SSPI_recvauth(Port *port)
 			sspictx = malloc(sizeof(CtxtHandle));
 			if (sspictx == NULL)
 				ereport(ERROR,
-					(errmsg("out of memory")));
+						(errmsg("out of memory")));
 
 			memcpy(sspictx, &newctx, sizeof(CtxtHandle));
 		}
@@ -768,18 +776,18 @@ pg_SSPI_recvauth(Port *port)
 	/*
 	 * SEC_E_OK indicates that authentication is now complete.
 	 *
-	 * Get the name of the user that authenticated, and compare it to the
-	 * pg username that was specified for the connection.
+	 * Get the name of the user that authenticated, and compare it to the pg
+	 * username that was specified for the connection.
 	 *
-	 * MingW is missing the export for QuerySecurityContextToken in
-	 * the secur32 library, so we have to load it dynamically.
+	 * MingW is missing the export for QuerySecurityContextToken in the
+	 * secur32 library, so we have to load it dynamically.
 	 */
 
 	secur32 = LoadLibrary("SECUR32.DLL");
 	if (secur32 == NULL)
 		ereport(ERROR,
-			(errmsg_internal("could not load secur32.dll: %d",
-			(int)GetLastError())));
+				(errmsg_internal("could not load secur32.dll: %d",
+								 (int) GetLastError())));
 
 	_QuerySecurityContextToken = (QUERY_SECURITY_CONTEXT_TOKEN_FN)
 		GetProcAddress(secur32, "QuerySecurityContextToken");
@@ -787,16 +795,16 @@ pg_SSPI_recvauth(Port *port)
 	{
 		FreeLibrary(secur32);
 		ereport(ERROR,
-			(errmsg_internal("could not locate QuerySecurityContextToken in secur32.dll: %d",
-			(int)GetLastError())));
+				(errmsg_internal("could not locate QuerySecurityContextToken in secur32.dll: %d",
+								 (int) GetLastError())));
 	}
 
-	r = (_QuerySecurityContextToken)(sspictx, &token);
+	r = (_QuerySecurityContextToken) (sspictx, &token);
 	if (r != SEC_E_OK)
 	{
 		FreeLibrary(secur32);
 		pg_SSPI_error(ERROR,
-			gettext_noop("could not get security token from context"), r);
+			   gettext_noop("could not get security token from context"), r);
 	}
 
 	FreeLibrary(secur32);
@@ -810,8 +818,8 @@ pg_SSPI_recvauth(Port *port)
 
 	if (!GetTokenInformation(token, TokenUser, NULL, 0, &retlen) && GetLastError() != 122)
 		ereport(ERROR,
-				(errmsg_internal("could not get token user size: error code %d",
-					(int) GetLastError())));
+			 (errmsg_internal("could not get token user size: error code %d",
+							  (int) GetLastError())));
 
 	tokenuser = malloc(retlen);
 	if (tokenuser == NULL)
@@ -821,18 +829,19 @@ pg_SSPI_recvauth(Port *port)
 	if (!GetTokenInformation(token, TokenUser, tokenuser, retlen, &retlen))
 		ereport(ERROR,
 				(errmsg_internal("could not get user token: error code %d",
-					(int) GetLastError())));
+								 (int) GetLastError())));
 
-	if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize, 
-							domainname, &domainnamesize, &accountnameuse))
+	if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize,
+						  domainname, &domainnamesize, &accountnameuse))
 		ereport(ERROR,
-				(errmsg_internal("could not lookup acconut sid: error code %d",
-					(int) GetLastError())));
+			  (errmsg_internal("could not lookup acconut sid: error code %d",
+							   (int) GetLastError())));
 
 	free(tokenuser);
 
-	/* 
-	 * Compare realm/domain if requested. In SSPI, always compare case insensitive.
+	/*
+	 * Compare realm/domain if requested. In SSPI, always compare case
+	 * insensitive.
 	 */
 	if (pg_krb_realm && strlen(pg_krb_realm))
 	{
@@ -841,28 +850,28 @@ pg_SSPI_recvauth(Port *port)
 			elog(DEBUG2,
 				 "SSPI domain (%s) and configured domain (%s) don't match",
 				 domainname, pg_krb_realm);
-			
+
 			return STATUS_ERROR;
 		}
 	}
 
 	/*
-	 * We have the username (without domain/realm) in accountname, compare 
-	 * to the supplied value. In SSPI, always compare case insensitive.
+	 * We have the username (without domain/realm) in accountname, compare to
+	 * the supplied value. In SSPI, always compare case insensitive.
 	 */
 	if (pg_strcasecmp(port->user_name, accountname))
 	{
 		/* GSS name and PGUSER are not equivalent */
-		elog(DEBUG2, 
+		elog(DEBUG2,
 			 "provided username (%s) and SSPI username (%s) don't match",
 			 port->user_name, accountname);
 
 		return STATUS_ERROR;
 	}
-	
+
 	return STATUS_OK;
 }
-#else	/* no ENABLE_SSPI */
+#else							/* no ENABLE_SSPI */
 static int
 pg_SSPI_recvauth(Port *port)
 {
@@ -871,7 +880,7 @@ pg_SSPI_recvauth(Port *port)
 			 errmsg("SSPI not implemented on this server")));
 	return STATUS_ERROR;
 }
-#endif	/* ENABLE_SSPI */
+#endif   /* ENABLE_SSPI */
 
 
 /*
@@ -1113,8 +1122,11 @@ sendAuthRequest(Port *port, AuthRequest areq)
 		pq_sendbytes(&buf, port->cryptSalt, 2);
 
 #if defined(ENABLE_GSS) || defined(ENABLE_SSPI)
-	/* Add the authentication data for the next step of
-	 * the GSSAPI or SSPI negotiation. */
+
+	/*
+	 * Add the authentication data for the next step of the GSSAPI or SSPI
+	 * negotiation.
+	 */
 	else if (areq == AUTH_REQ_GSS_CONT)
 	{
 		if (port->gss->outbuf.length > 0)
@@ -1413,7 +1425,7 @@ CheckLDAPAuth(Port *port)
 	{
 		ldap_unbind(ldap);
 		ereport(LOG,
-				(errmsg("could not set LDAP protocol version: error code %d", r)));
+		  (errmsg("could not set LDAP protocol version: error code %d", r)));
 		return STATUS_ERROR;
 	}
 
@@ -1456,9 +1468,9 @@ CheckLDAPAuth(Port *port)
 			}
 
 			/*
-			 * Leak LDAP handle on purpose, because we need the library to stay
-			 * open. This is ok because it will only ever be leaked once per
-			 * process and is automatically cleaned up on process exit.
+			 * Leak LDAP handle on purpose, because we need the library to
+			 * stay open. This is ok because it will only ever be leaked once
+			 * per process and is automatically cleaned up on process exit.
 			 */
 		}
 		if ((r = _ldap_start_tls_sA(ldap, NULL, NULL, NULL, NULL)) != LDAP_SUCCESS)
@@ -1466,7 +1478,7 @@ CheckLDAPAuth(Port *port)
 		{
 			ldap_unbind(ldap);
 			ereport(LOG,
-					(errmsg("could not start LDAP TLS session: error code %d", r)));
+			 (errmsg("could not start LDAP TLS session: error code %d", r)));
 			return STATUS_ERROR;
 		}
 	}
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index efb8ecbb77..d7df99e496 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.81 2007/11/07 12:24:24 petere Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.82 2007/11/15 21:14:35 momjian Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -95,7 +95,7 @@
 #if SSLEAY_VERSION_NUMBER >= 0x0907000L
 #include <openssl/conf.h>
 #endif
-#endif /* USE_SSL */
+#endif   /* USE_SSL */
 
 #include "libpq/libpq.h"
 #include "tcop/tcopprot.h"
@@ -130,8 +130,7 @@ static const char *SSLerrmessage(void);
 static SSL_CTX *SSL_context = NULL;
 
 /* GUC variable controlling SSL cipher list */
-char *SSLCipherSuites = NULL;
-
+char	   *SSLCipherSuites = NULL;
 #endif
 
 /* ------------------------------------------------------------ */
@@ -282,7 +281,7 @@ rloop:
 #ifdef WIN32
 				pgwin32_waitforsinglesocket(SSL_get_fd(port->ssl),
 											(err == SSL_ERROR_WANT_READ) ?
-								   FD_READ | FD_CLOSE : FD_WRITE | FD_CLOSE,
+									FD_READ | FD_CLOSE : FD_WRITE | FD_CLOSE,
 											INFINITE);
 #endif
 				goto rloop;
@@ -376,7 +375,7 @@ wloop:
 #ifdef WIN32
 				pgwin32_waitforsinglesocket(SSL_get_fd(port->ssl),
 											(err == SSL_ERROR_WANT_READ) ?
-								   FD_READ | FD_CLOSE : FD_WRITE | FD_CLOSE,
+									FD_READ | FD_CLOSE : FD_WRITE | FD_CLOSE,
 											INFINITE);
 #endif
 				goto wloop;
@@ -811,9 +810,9 @@ initialize_SSL(void)
 						  X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
 #else
 				ereport(LOG,
-						(errmsg("SSL certificate revocation list file \"%s\" ignored",
-								ROOT_CRL_FILE),
-				  errdetail("SSL library does not support certificate revocation lists.")));
+				(errmsg("SSL certificate revocation list file \"%s\" ignored",
+						ROOT_CRL_FILE),
+				 errdetail("SSL library does not support certificate revocation lists.")));
 #endif
 			else
 			{
@@ -821,7 +820,7 @@ initialize_SSL(void)
 				ereport(LOG,
 						(errmsg("SSL certificate revocation list file \"%s\" not found, skipping: %s",
 								ROOT_CRL_FILE, SSLerrmessage()),
-					 errdetail("Certificates will not be checked against revocation list.")));
+						 errdetail("Certificates will not be checked against revocation list.")));
 			}
 		}
 
@@ -889,7 +888,7 @@ aloop:
 #ifdef WIN32
 				pgwin32_waitforsinglesocket(SSL_get_fd(port->ssl),
 											(err == SSL_ERROR_WANT_READ) ?
-					   FD_READ | FD_CLOSE | FD_ACCEPT : FD_WRITE | FD_CLOSE,
+						FD_READ | FD_CLOSE | FD_ACCEPT : FD_WRITE | FD_CLOSE,
 											INFINITE);
 #endif
 				goto aloop;
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index c3cde8cb1b..e1be331b79 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -10,7 +10,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.162 2007/07/23 10:16:53 mha Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.163 2007/11/15 21:14:35 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -1595,7 +1595,7 @@ authident(hbaPort *port)
 
 	if (get_role_line(port->user_name) == NULL)
 		return STATUS_ERROR;
-	
+
 	switch (port->raddr.addr.ss_family)
 	{
 		case AF_INET:
diff --git a/src/backend/libpq/ip.c b/src/backend/libpq/ip.c
index 2e9bd98890..69c4189e95 100644
--- a/src/backend/libpq/ip.c
+++ b/src/backend/libpq/ip.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/ip.c,v 1.40 2007/02/10 14:58:54 petere Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/ip.c,v 1.41 2007/11/15 21:14:35 momjian Exp $
  *
  * This file and the IPV6 implementation were initially provided by
  * Nigel Kukard <nkukard@lbsd.net>, Linux Based Systems Design
@@ -79,6 +79,7 @@ pg_getaddrinfo_all(const char *hostname, const char *servname,
 					 servname, hintp, result);
 
 #ifdef _AIX
+
 	/*
 	 * It seems some versions of AIX's getaddrinfo don't reliably zero
 	 * sin_port when servname is NULL, so clean up after it.
diff --git a/src/backend/libpq/pqcomm.c b/src/backend/libpq/pqcomm.c
index ae9d47076a..4ed6722557 100644
--- a/src/backend/libpq/pqcomm.c
+++ b/src/backend/libpq/pqcomm.c
@@ -30,7 +30,7 @@
  * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- *	$PostgreSQL: pgsql/src/backend/libpq/pqcomm.c,v 1.196 2007/09/14 15:58:02 momjian Exp $
+ *	$PostgreSQL: pgsql/src/backend/libpq/pqcomm.c,v 1.197 2007/11/15 21:14:35 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -183,11 +183,11 @@ pq_close(int code, Datum arg)
 
 		if (MyProcPort->gss->cred != GSS_C_NO_CREDENTIAL)
 			gss_release_cred(&min_s, &MyProcPort->gss->cred);
-#endif /* ENABLE_GSS */
+#endif   /* ENABLE_GSS */
 		/* GSS and SSPI share the port->gss struct */
 
 		free(MyProcPort->gss);
-#endif /* ENABLE_GSS || ENABLE_SSPI */
+#endif   /* ENABLE_GSS || ENABLE_SSPI */
 
 		/* Cleanly shut down SSL layer */
 		secure_close(MyProcPort);
@@ -255,6 +255,7 @@ StreamServerPort(int family, char *hostName, unsigned short portNumber,
 	struct addrinfo hint;
 	int			listen_index = 0;
 	int			added = 0;
+
 #if !defined(WIN32) || defined(IPV6_V6ONLY)
 	int			one = 1;
 #endif
@@ -356,14 +357,17 @@ StreamServerPort(int family, char *hostName, unsigned short portNumber,
 		}
 
 #ifndef WIN32
+
 		/*
-		 * Without the SO_REUSEADDR flag, a new postmaster can't be started right away after
-		 * a stop or crash, giving "address already in use" error on TCP ports.
+		 * Without the SO_REUSEADDR flag, a new postmaster can't be started
+		 * right away after a stop or crash, giving "address already in use"
+		 * error on TCP ports.
 		 *
-		 * On win32, however, this behavior only happens if the SO_EXLUSIVEADDRUSE is set.
-		 * With SO_REUSEADDR, win32 allows multiple servers to listen on the same address,
-		 * resulting in unpredictable behavior. With no flags at all, win32 behaves as
-		 * Unix with SO_REUSEADDR.
+		 * On win32, however, this behavior only happens if the
+		 * SO_EXLUSIVEADDRUSE is set. With SO_REUSEADDR, win32 allows multiple
+		 * servers to listen on the same address, resulting in unpredictable
+		 * behavior. With no flags at all, win32 behaves as Unix with
+		 * SO_REUSEADDR.
 		 */
 		if (!IS_AF_UNIX(addr->ai_family))
 		{
@@ -577,6 +581,7 @@ StreamConnection(int server_fd, Port *port)
 		ereport(LOG,
 				(errcode_for_socket_access(),
 				 errmsg("could not accept new connection: %m")));
+
 		/*
 		 * If accept() fails then postmaster.c will still see the server
 		 * socket as read-ready, and will immediately try again.  To avoid
diff --git a/src/backend/libpq/pqformat.c b/src/backend/libpq/pqformat.c
index 606bb14a69..747e7b6163 100644
--- a/src/backend/libpq/pqformat.c
+++ b/src/backend/libpq/pqformat.c
@@ -24,7 +24,7 @@
  * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- *	$PostgreSQL: pgsql/src/backend/libpq/pqformat.c,v 1.45 2007/04/06 05:36:50 tgl Exp $
+ *	$PostgreSQL: pgsql/src/backend/libpq/pqformat.c,v 1.46 2007/11/15 21:14:35 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -318,7 +318,7 @@ pq_sendfloat8(StringInfo buf, float8 f)
 	appendBinaryStringInfo(buf, (char *) &swap.h[1], 4);
 	appendBinaryStringInfo(buf, (char *) &swap.h[0], 4);
 #endif
-#else  /* INT64 works */
+#else							/* INT64 works */
 	union
 	{
 		float8		f;
@@ -552,7 +552,7 @@ pq_getmsgfloat8(StringInfo msg)
 	swap.h[0] = pq_getmsgint(msg, 4);
 #endif
 	return swap.f;
-#else  /* INT64 works */
+#else							/* INT64 works */
 	union
 	{
 		float8		f;