- markus@cvs.openbsd.org 2001/06/26 17:27:25

     [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h
      canohost.h channels.h cipher.h clientloop.h compat.h compress.h
      crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h
      hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h
      packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h
      session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h
      sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h
      tildexpand.h uidswap.h uuencode.h xmalloc.h]
     remove comments from .h, since they are cut&paste from the .c files
     and out of sync

50 files changed, 412 insertions, 911 deletions

diff --git a/ChangeLog b/ChangeLog
index c27402b5f..9c8aca4fe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -62,7 +62,18 @@
    - markus@cvs.openbsd.org 2001/06/26 17:25:34
      [ssh.1]
      document SSH_ASKPASS; fubob@MIT.EDU
-
+   - markus@cvs.openbsd.org 2001/06/26 17:27:25
+     [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h 
+      canohost.h channels.h cipher.h clientloop.h compat.h compress.h 
+      crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h 
+      hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h 
+      packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h 
+      session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h 
+      sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h 
+      tildexpand.h uidswap.h uuencode.h xmalloc.h]
+     remove comments from .h, since they are cut&paste from the .c files
+     and out of sync
+ 
 20010629
  - (bal) Removed net_aton() since we don't use it any more
  - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c.
@@ -5889,4 +5900,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1359 2001/07/04 04:31:38 mouring Exp $
+$Id: ChangeLog,v 1.1360 2001/07/04 04:46:56 mouring Exp $
diff --git a/auth-options.h b/auth-options.h
index db0e6e8fb..3b2ce344b 100644
--- a/auth-options.h
+++ b/auth-options.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* $OpenBSD: auth-options.h,v 1.9 2001/06/26 06:32:47 itojun Exp $ */
+/* $OpenBSD: auth-options.h,v 1.10 2001/06/26 17:27:22 markus Exp $ */
 
 #ifndef AUTH_OPTIONS_H
 #define AUTH_OPTIONS_H
@@ -30,14 +30,7 @@ extern int no_pty_flag;
 extern char *forced_command;
 extern struct envstring *custom_environment;
 
-/*
- * return 1 if access is granted, 0 if not.
- * side effect: sets key option flags
- */
-int
-auth_parse_options(struct passwd *, char *, char *, u_long);
-
-/* reset options flags */
+int     auth_parse_options(struct passwd *, char *, char *, u_long);
 void    auth_clear_options(void);
 
 #endif
diff --git a/auth.h b/auth.h
index 1c72dffa3..edfc9fb55 100644
--- a/auth.h
+++ b/auth.h
@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $OpenBSD: auth.h,v 1.21 2001/06/26 16:15:23 dugsong Exp $
+ * $OpenBSD: auth.h,v 1.22 2001/06/26 17:27:22 markus Exp $
  */
 #ifndef AUTH_H
 #define AUTH_H
@@ -87,70 +87,29 @@ struct KbdintDevice
         void    (*free_ctx)     __P((void *ctx));
 };
 
-/*
- * Tries to authenticate the user using the .rhosts file.  Returns true if
- * authentication succeeds.  If ignore_rhosts is non-zero, this will not
- * consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
- */
 int     auth_rhosts(struct passwd *, const char *);
-
-/* extended interface similar to auth_rhosts() */
 int
 auth_rhosts2(struct passwd *, const char *, const char *, const char *);
 
-/*
- * Tries to authenticate the user using the .rhosts file and the host using
- * its host key.  Returns true if authentication succeeds.
- */
-int
-auth_rhosts_rsa(struct passwd *, const char *, RSA *);
-
-/*
- * Tries to authenticate the user using password.  Returns true if
- * authentication succeeds.
- */
-int     auth_password(Authctxt *, const char *);
-
-/*
- * Performs the RSA authentication dialog with the client.  This returns 0 if
- * the client could not be authenticated, and 1 if authentication was
- * successful.  This may exit if there is a serious protocol violation.
- */
-int     auth_rsa(struct passwd *, BIGNUM *);
-
-/*
- * Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
- * over the key.  Skips any whitespace at the beginning and at end.
- */
-int     auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *);
-
-/*
- * Performs the RSA authentication challenge-response dialog with the client,
- * and returns true (non-zero) if the client gave the correct answer to our
- * challenge; returns zero if the client gives a wrong answer.
- */
-int     auth_rsa_challenge_dialog(RSA *);
+int      auth_rhosts_rsa(struct passwd *, const char *, RSA *);
+int      auth_password(Authctxt *, const char *);
+int      auth_rsa(struct passwd *, BIGNUM *);
+int      auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *);
+int      auth_rsa_challenge_dialog(RSA *);
 
 #ifdef KRB4
 #include <krb.h>
-/*
- * Performs Kerberos v4 mutual authentication with the client. This returns 0
- * if the client could not be authenticated, and 1 if authentication was
- * successful.  This may exit if there is a serious protocol violation.
- */
 int     auth_krb4(Authctxt *, KTEXT, char **);
 int     auth_krb4_password(Authctxt *, const char *);
 void    krb4_cleanup_proc(void *);
 
 #ifdef AFS
 #include <kafs.h>
-
-/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */
 int     auth_krb4_tgt(Authctxt *, const char *);
 int     auth_afs_token(Authctxt *, const char *);
-#endif                          /* AFS */
+#endif /* AFS */
 
-#endif                          /* KRB4 */
+#endif /* KRB4 */
 
 #ifdef KRB5
 int     auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client);
@@ -179,16 +138,13 @@ int	verify_response(Authctxt *, const char *);
 
 struct passwd * auth_get_user(void);
 
-/* expand a filename - return buffer is allocated by xmalloc */
 char    *expand_filename(const char *, struct passwd *);
 char    *authorized_keys_file(struct passwd *);
 char    *authorized_keys_file2(struct passwd *);
 
-/* check a file and the path to it */
 int
 secure_filename(FILE *, const char *, struct passwd *, char *, size_t);
 
-/* helper for hostbased auth */
 HostStatus
 check_key_in_hostfiles(struct passwd *, Key *, const char *,
     const char *, const char *);
diff --git a/authfd.h b/authfd.h
index 4fe35aff8..5aac78bda 100644
--- a/authfd.h
+++ b/authfd.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: authfd.h,v 1.18 2001/06/26 06:32:47 itojun Exp $"); */
+/* RCSID("$OpenBSD: authfd.h,v 1.19 2001/06/26 17:27:22 markus Exp $"); */
 
 #ifndef AUTHFD_H
 #define AUTHFD_H
@@ -43,96 +43,35 @@
 #define SSH_AGENTC_REMOVE_SMARTCARD_KEY         21
 
 /* additional error code for ssh.com's ssh-agent2 */
-#define SSH_COM_AGENT2_FAILURE                   102
+#define SSH_COM_AGENT2_FAILURE                  102
 
 #define SSH_AGENT_OLD_SIGNATURE                 0x01
 
-
 typedef struct {
         int     fd;
         Buffer  identities;
         int     howmany;
 }       AuthenticationConnection;
 
-/* Returns the number of the authentication fd, or -1 if there is none. */
-int     ssh_get_authentication_socket(void);
-
-/*
- * This should be called for any descriptor returned by
- * ssh_get_authentication_socket().  Depending on the way the descriptor was
- * obtained, this may close the descriptor.
- */
-void    ssh_close_authentication_socket(int);
+int      ssh_get_authentication_socket(void);
+void     ssh_close_authentication_socket(int);
 
-/*
- * Opens and connects a private socket for communication with the
- * authentication agent.  Returns NULL if an error occurred and the
- * connection could not be opened.  The connection should be closed by the
- * caller by calling ssh_close_authentication_connection().
- */
 AuthenticationConnection *ssh_get_authentication_connection(void);
-
-/*
- * Closes the connection to the authentication agent and frees any associated
- * memory.
- */
-void    ssh_close_authentication_connection(AuthenticationConnection *);
-
-/*
- * Returns the number authentication identity held by the agent.
- */
-int     ssh_get_num_identities(AuthenticationConnection *, int);
-
-/*
- * Returns the first authentication identity held by the agent or NULL if
- * no identies are available. Caller must free comment and key.
- * Note that you cannot mix calls with different versions.
- */
+void     ssh_close_authentication_connection(AuthenticationConnection *);
+int      ssh_get_num_identities(AuthenticationConnection *, int);
 Key     *ssh_get_first_identity(AuthenticationConnection *, char **, int);
-
-/*
- * Returns the next authentication identity for the agent.  Other functions
- * can be called between this and ssh_get_first_identity or two calls of this
- * function.  This returns NULL if there are no more identities.  The caller
- * must free key and comment after a successful return.
- */
 Key     *ssh_get_next_identity(AuthenticationConnection *, char **, int);
+int      ssh_add_identity(AuthenticationConnection *, Key *, const char *);
+int      ssh_remove_identity(AuthenticationConnection *, Key *);
+int      ssh_remove_all_identities(AuthenticationConnection *, int);
+int      ssh_update_card(AuthenticationConnection *, int, int);
 
-/*
- * Requests the agent to decrypt the given challenge.  Returns true if the
- * agent claims it was able to decrypt it.
- */
 int
 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
     u_int, u_char[16]);
 
-/* Requests the agent to sign data using key */
-int
-ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, int *,
-    u_char *, int);
-
-/*
- * Adds an identity to the authentication server.  This call is not meant to
- * be used by normal applications.  This returns true if the identity was
- * successfully added.
- */
 int
-ssh_add_identity(AuthenticationConnection *, Key *, const char *);
-
-/*
- * Removes the identity from the authentication server.  This call is not
- * meant to be used by normal applications.  This returns true if the
- * identity was successfully added.
- */
-int     ssh_remove_identity(AuthenticationConnection *, Key *);
-
-/*
- * Removes all identities from the authentication agent.  This call is not
- * meant to be used by normal applications.  This returns true if the
- * operation was successful.
- */
-int     ssh_remove_all_identities(AuthenticationConnection *, int);
-
-int     ssh_update_card(AuthenticationConnection *, int, int);
+ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, int *, u_char *,
+    int);
 
 #endif                          /* AUTHFD_H */
diff --git a/authfile.h b/authfile.h
index 982645d50..c8b31fbe6 100644
--- a/authfile.h
+++ b/authfile.h
@@ -10,24 +10,15 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* $OpenBSD: authfile.h,v 1.7 2001/06/26 06:32:48 itojun Exp $ */
+/* $OpenBSD: authfile.h,v 1.8 2001/06/26 17:27:22 markus Exp $ */
 
 #ifndef AUTHFILE_H
 #define AUTHFILE_H
 
-int
-key_save_private(Key *, const char *, const char *, const char *);
-
-Key *
-key_load_public(const char *, char **);
-
-Key *
-key_load_public_type(int, const char *, char **);
-
-Key *
-key_load_private(const char *, const char *, char **);
-
-Key *
-key_load_private_type(int, const char *, const char *, char **);
+int      key_save_private(Key *, const char *, const char *, const char *);
+Key     *key_load_public(const char *, char **);
+Key     *key_load_public_type(int, const char *, char **);
+Key     *key_load_private(const char *, const char *, char **);
+Key     *key_load_private_type(int, const char *, const char *, char **);
 
 #endif
diff --git a/bufaux.h b/bufaux.h
index 765ee5e79..d1af09881 100644
--- a/bufaux.h
+++ b/bufaux.h
@@ -10,7 +10,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: bufaux.h,v 1.12 2001/06/26 06:32:48 itojun Exp $"); */
+/* RCSID("$OpenBSD: bufaux.h,v 1.13 2001/06/26 17:27:22 markus Exp $"); */
 
 #ifndef BUFAUX_H
 #define BUFAUX_H
@@ -18,46 +18,26 @@
 #include "buffer.h"
 #include <openssl/bn.h>
 
-/*
- * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
- * by (bits+7)/8 bytes of binary data, msb first.
- */
 void    buffer_put_bignum(Buffer *, BIGNUM *);
 void    buffer_put_bignum2(Buffer *, BIGNUM *);
 
-/* Retrieves an BIGNUM from the buffer. */
 int     buffer_get_bignum(Buffer *, BIGNUM *);
 int     buffer_get_bignum2(Buffer *, BIGNUM *);
 
-/* Returns an integer from the buffer (4 bytes, msb first). */
 u_int buffer_get_int(Buffer *);
-#ifdef HAVE_U_INT64_T
-u_int64_t buffer_get_int64(Buffer *);
-#endif
-
-/* Stores an integer in the buffer in 4 bytes, msb first. */
 void    buffer_put_int(Buffer *, u_int);
+
 #ifdef HAVE_U_INT64_T
+u_int64_t buffer_get_int64(Buffer *);
 void    buffer_put_int64(Buffer *, u_int64_t);
 #endif
 
-/* Returns a character from the buffer (0 - 255). */
 int     buffer_get_char(Buffer *);
 
-/* Stores a character in the buffer. */
 void    buffer_put_char(Buffer *, int);
 
-/*
- * Returns an arbitrary binary string from the buffer.  The string cannot be
- * longer than 256k.  The returned value points to memory allocated with
- * xmalloc; it is the responsibility of the calling function to free the
- * data.  If length_ptr is non-NULL, the length of the returned data will be
- * stored there.  A null character will be automatically appended to the
- * returned string, and is not counted in length.
- */
 char   *buffer_get_string(Buffer *, u_int *);
 
-/* Stores and arbitrary binary string in the buffer. */
 void    buffer_put_string(Buffer *, const void *, u_int);
 void    buffer_put_cstring(Buffer *, const char *);
 
diff --git a/buffer.h b/buffer.h
index 5e9fc278d..845bfb697 100644
--- a/buffer.h
+++ b/buffer.h
@@ -11,56 +11,33 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: buffer.h,v 1.8 2001/06/26 06:32:48 itojun Exp $"); */
+/* RCSID("$OpenBSD: buffer.h,v 1.9 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef BUFFER_H
 #define BUFFER_H
 
 typedef struct {
-        char   *buf;            /* Buffer for data. */
-        u_int alloc;    /* Number of bytes allocated for data. */
-        u_int offset;   /* Offset of first byte containing data. */
-        u_int end;      /* Offset of last byte containing data. */
+        char    *buf;           /* Buffer for data. */
+        u_int    alloc;         /* Number of bytes allocated for data. */
+        u_int    offset;        /* Offset of first byte containing data. */
+        u_int    end;           /* Offset of last byte containing data. */
 }       Buffer;
-/* Initializes the buffer structure. */
-void    buffer_init(Buffer *);
 
-/* Frees any memory used for the buffer. */
-void    buffer_free(Buffer *);
+void     buffer_init(Buffer *);
+void     buffer_clear(Buffer *);
+void     buffer_free(Buffer *);
 
-/* Clears any data from the buffer, making it empty.  This does not actually
-   zero the memory. */
-void    buffer_clear(Buffer *);
+u_int    buffer_len(Buffer *);
+char    *buffer_ptr(Buffer *);
 
-/* Appends data to the buffer, expanding it if necessary. */
-void    buffer_append(Buffer *, const char *, u_int);
+void     buffer_append(Buffer *, const char *, u_int);
+void     buffer_append_space(Buffer *, char **, u_int);
 
-/*
- * Appends space to the buffer, expanding the buffer if necessary. This does
- * not actually copy the data into the buffer, but instead returns a pointer
- * to the allocated region.
- */
-void    buffer_append_space(Buffer *, char **, u_int);
-
-/* Returns the number of bytes of data in the buffer. */
-u_int buffer_len(Buffer *);
-
-/* Gets data from the beginning of the buffer. */
-void    buffer_get(Buffer *, char *, u_int);
+void     buffer_get(Buffer *, char *, u_int);
 
-/* Consumes the given number of bytes from the beginning of the buffer. */
-void    buffer_consume(Buffer *, u_int);
+void     buffer_consume(Buffer *, u_int);
+void     buffer_consume_end(Buffer *, u_int);
 
-/* Consumes the given number of bytes from the end of the buffer. */
-void    buffer_consume_end(Buffer *, u_int);
-
-/* Returns a pointer to the first used byte in the buffer. */
-char   *buffer_ptr(Buffer *);
-
-/*
- * Dumps the contents of the buffer to stderr in hex.  This intended for
- * debugging purposes only.
- */
-void    buffer_dump(Buffer *);
+void     buffer_dump(Buffer *);
 
 #endif                          /* BUFFER_H */
diff --git a/canohost.h b/canohost.h
index 66e64d506..4347b488a 100644
--- a/canohost.h
+++ b/canohost.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: canohost.h,v 1.7 2001/06/26 06:32:49 itojun Exp $     */
+/*      $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $     */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -12,27 +12,14 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/*
- * Return the canonical name of the host in the other side of the current
- * connection (as returned by packet_get_connection).  The host name is
- * cached, so it is efficient to call this several times.
- */
-const char *get_canonical_hostname(int);
-
-/*
- * Returns the IP-address of the remote host as a string.  The returned
- * string is cached and must not be freed.
- */
-const char *get_remote_ipaddr(void);
-
-const char *get_remote_name_or_ip(u_int, int);
+const char      *get_canonical_hostname(int);
+const char      *get_remote_ipaddr(void);
+const char      *get_remote_name_or_ip(u_int, int);
 
-/* Returns the ipaddr/port number of the peer of the socket. */
-char *  get_peer_ipaddr(int);
-int     get_peer_port(int);
-char *  get_local_ipaddr(int);
-char *  get_local_name(int);
+char            *get_peer_ipaddr(int);
+int              get_peer_port(int);
+char            *get_local_ipaddr(int);
+char            *get_local_name(int);
 
-/* Returns the port number of the remote/local host. */
-int     get_remote_port(void);
-int     get_local_port(void);
+int              get_remote_port(void);
+int              get_local_port(void);
diff --git a/channels.h b/channels.h
index 3a114e070..98bba1aed 100644
--- a/channels.h
+++ b/channels.h
@@ -32,7 +32,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: channels.h,v 1.41 2001/06/26 06:32:49 itojun Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.42 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef CHANNEL_H
 #define CHANNEL_H
@@ -58,10 +58,6 @@
 
 #define SSH_CHANNEL_PATH_LEN            30
 
-/*
- * Data structure for channel data.  This is initialized in channel_new
- * and cleared in channel_free.
- */
 struct Channel;
 typedef struct Channel Channel;
 
@@ -139,87 +135,87 @@ struct Channel {
 #define CHAN_CLOSE_SENT                 0x01
 #define CHAN_CLOSE_RCVD                 0x02
 
-
 /* channel management */
 
 Channel *channel_lookup(int);
 Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int);
-void    channel_set_fds(int, int, int, int, int, int);
-void    channel_free(Channel *);
-void    channel_free_all(void);
-
-void    channel_send_open(int);
-void    channel_request(int, char *, int);
-void    channel_request_start(int, char *, int);
-void    channel_register_callback(int, int mtype, channel_callback_fn *, void *);
-void    channel_register_cleanup(int, channel_callback_fn *);
-void    channel_register_filter(int, channel_filter_fn *);
-void    channel_cancel_cleanup(int);
+void     channel_set_fds(int, int, int, int, int, int);
+void     channel_free(Channel *);
+void     channel_free_all(void);
+
+void     channel_send_open(int);
+void     channel_request(int, char *, int);
+void     channel_request_start(int, char *, int);
+void     channel_register_callback(int, int mtype, channel_callback_fn *, void *);
+void     channel_register_cleanup(int, channel_callback_fn *);
+void     channel_register_filter(int, channel_filter_fn *);
+void     channel_cancel_cleanup(int);
 
 /* protocol handler */
 
-void    channel_input_channel_request(int, int, void *);
-void    channel_input_close(int, int, void *);
-void    channel_input_close_confirmation(int, int, void *);
-void    channel_input_data(int, int, void *);
-void    channel_input_extended_data(int, int, void *);
-void    channel_input_ieof(int, int, void *);
-void    channel_input_oclose(int, int, void *);
-void    channel_input_open_confirmation(int, int, void *);
-void    channel_input_open_failure(int, int, void *);
-void    channel_input_port_open(int, int, void *);
-void    channel_input_window_adjust(int, int, void *);
+void     channel_input_channel_request(int, int, void *);
+void     channel_input_close(int, int, void *);
+void     channel_input_close_confirmation(int, int, void *);
+void     channel_input_data(int, int, void *);
+void     channel_input_extended_data(int, int, void *);
+void     channel_input_ieof(int, int, void *);
+void     channel_input_oclose(int, int, void *);
+void     channel_input_open_confirmation(int, int, void *);
+void     channel_input_open_failure(int, int, void *);
+void     channel_input_port_open(int, int, void *);
+void     channel_input_window_adjust(int, int, void *);
 
 /* file descriptor handling (read/write) */
 
-void
-channel_prepare_select(fd_set **, fd_set **, int *, int);
-void    channel_after_select(fd_set *, fd_set *);
-void    channel_output_poll(void);
+void     channel_prepare_select(fd_set **, fd_set **, int *, int);
+void     channel_after_select(fd_set *, fd_set *);
+void     channel_output_poll(void);
 
-int     channel_not_very_much_buffered_data(void);
-void    channel_close_all(void);
-void    channel_free_all(void);
-int     channel_still_open(void);
-char   *channel_open_message(void);
-int     channel_find_open(void);
+int      channel_not_very_much_buffered_data(void);
+void     channel_close_all(void);
+void     channel_free_all(void);
+int      channel_still_open(void);
+char    *channel_open_message(void);
+int      channel_find_open(void);
 
 /* channel_tcpfwd.c */
-int
-channel_request_local_forwarding(u_short, const char *, u_short, int);
+void     channel_permit_all_opens(void);
+void     channel_add_permitted_opens(char *, int);
+void     channel_clear_permitted_opens(void);
+void     channel_input_port_forward_request(int, int);
+int      channel_connect_to(const char *, u_short);
+int      channel_connect_by_listen_adress(u_short);
+void     channel_request_remote_forwarding(u_short, const char *, u_short);
+int      channel_request_local_forwarding(u_short, const char *, u_short, int);
 int
 channel_request_forwarding(const char *, u_short, const char *, u_short, int,
     int);
-void
-channel_request_remote_forwarding(u_short, const char *, u_short);
-void    channel_permit_all_opens(void);
-void    channel_add_permitted_opens(char *, int);
-void    channel_clear_permitted_opens(void);
-void    channel_input_port_forward_request(int, int);
-int     channel_connect_to(const char *, u_short);
-int     channel_connect_by_listen_adress(u_short);
 
 /* x11 forwarding */
 
-int     x11_connect_display(void);
-char   *x11_create_display(int);
-char   *x11_create_display_inet(int, int);
-void    x11_input_open(int, int, void *);
-void    x11_request_forwarding(void);
-void
-x11_request_forwarding_with_spoofing(int, const char *, const char *);
-void    deny_input_open(int, int, void *);
+int      x11_connect_display(void);
+char    *x11_create_display(int);
+char    *x11_create_display_inet(int, int);
+void     x11_input_open(int, int, void *);
+void     x11_request_forwarding(void);
+void     x11_request_forwarding_with_spoofing(int, const char *, const char *);
+void     deny_input_open(int, int, void *);
 
 /* agent forwarding */
 
-void    auth_request_forwarding(void);
-char   *auth_get_socket_name(void);
-void    auth_sock_cleanup_proc(void *);
-int     auth_input_request_forwarding(struct passwd *);
-void    auth_input_open_request(int, int, void *);
+void     auth_request_forwarding(void);
+char    *auth_get_socket_name(void);
+void     auth_sock_cleanup_proc(void *);
+int      auth_input_request_forwarding(struct passwd *);
+void     auth_input_open_request(int, int, void *);
 
 /* channel close */
 
+int      chan_is_dead(Channel *);
+void     chan_mark_dead(Channel *);
+void     chan_init_iostates(Channel *);
+void     chan_init(void);
+
 typedef void    chan_event_fn(Channel *);
 
 /* for the input state */
@@ -232,9 +228,4 @@ extern chan_event_fn	*chan_rcvd_ieof;
 extern chan_event_fn    *chan_write_failed;
 extern chan_event_fn    *chan_obuf_empty;
 
-int     chan_is_dead(Channel *);
-void    chan_mark_dead(Channel *);
-void    chan_init_iostates(Channel *);
-void    chan_init(void);
-
 #endif
diff --git a/cipher.h b/cipher.h
index 16dd06230..1b79d4d69 100644
--- a/cipher.h
+++ b/cipher.h
@@ -32,7 +32,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-/* RCSID("$OpenBSD: cipher.h,v 1.27 2001/06/26 06:32:49 itojun Exp $"); */
+/* RCSID("$OpenBSD: cipher.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef CIPHER_H
 #define CIPHER_H
@@ -104,16 +104,16 @@ struct Cipher {
         void    (*decrypt)(CipherContext *, u_char *, const u_char *, u_int);
 };
 
-u_int cipher_mask_ssh1(int);
-Cipher *cipher_by_name(const char *);
-Cipher *cipher_by_number(int);
-int cipher_number(const char *);
-char *cipher_name(int);
-int ciphers_valid(const char *);
-void cipher_init(CipherContext *, Cipher *, const u_char *, u_int,
+u_int    cipher_mask_ssh1(int);
+Cipher  *cipher_by_name(const char *);
+Cipher  *cipher_by_number(int);
+int      cipher_number(const char *);
+char    *cipher_name(int);
+int      ciphers_valid(const char *);
+void     cipher_init(CipherContext *, Cipher *, const u_char *, u_int,
     const u_char *, u_int);
-void cipher_encrypt(CipherContext *, u_char *, const u_char *, u_int);
-void cipher_decrypt(CipherContext *, u_char *, const u_char *, u_int);
-void cipher_set_key_string(CipherContext *, Cipher *, const char *);
+void     cipher_encrypt(CipherContext *, u_char *, const u_char *, u_int);
+void     cipher_decrypt(CipherContext *, u_char *, const u_char *, u_int);
+void     cipher_set_key_string(CipherContext *, Cipher *, const char *);
 
 #endif                          /* CIPHER_H */
diff --git a/clientloop.h b/clientloop.h
index b7f48aa86..1bc9a9523 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: clientloop.h,v 1.5 2001/06/26 06:32:50 itojun Exp $   */
+/*      $OpenBSD: clientloop.h,v 1.6 2001/06/26 17:27:23 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -36,4 +36,4 @@
  */
 
 /* Client side main loop for the interactive session. */
-int     client_loop(int, int, int);
+int      client_loop(int, int, int);
diff --git a/compat.h b/compat.h
index a44f321ce..7d688cc9e 100644
--- a/compat.h
+++ b/compat.h
@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: compat.h,v 1.27 2001/06/26 06:32:50 itojun Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef COMPAT_H
 #define COMPAT_H
@@ -51,11 +51,12 @@
 #define SSH_BUG_OPENFAILURE     0x00020000
 #define SSH_BUG_DERIVEKEY       0x00040000
 
-void    enable_compat13(void);
-void    enable_compat20(void);
-void    compat_datafellows(const char *);
-int     proto_spec(const char *);
+void     enable_compat13(void);
+void     enable_compat20(void);
+void     compat_datafellows(const char *);
+int      proto_spec(const char *);
 char    *compat_cipher_proposal(char *);
+
 extern int compat13;
 extern int compat20;
 extern int datafellows;
diff --git a/compress.h b/compress.h
index a9d06fc05..2721d450c 100644
--- a/compress.h
+++ b/compress.h
@@ -11,39 +11,15 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: compress.h,v 1.9 2001/06/26 06:32:50 itojun Exp $"); */
+/* RCSID("$OpenBSD: compress.h,v 1.10 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef COMPRESS_H
 #define COMPRESS_H
 
-/*
- * Initializes compression; level is compression level from 1 to 9 (as in
- * gzip).
- */
-void    buffer_compress_init_send(int);
-void    buffer_compress_init_recv(void);
-
-/* Frees any data structures allocated by buffer_compress_init. */
-void    buffer_compress_uninit(void);
-
-/*
- * Compresses the contents of input_buffer into output_buffer.  All packets
- * compressed using this function will form a single compressed data stream;
- * however, data will be flushed at the end of every call so that each
- * output_buffer can be decompressed independently (but in the appropriate
- * order since they together form a single compression stream) by the
- * receiver.  This appends the compressed data to the output buffer.
- */
-void    buffer_compress(Buffer *, Buffer *);
-
-/*
- * Uncompresses the contents of input_buffer into output_buffer.  All packets
- * uncompressed using this function will form a single compressed data
- * stream; however, data will be flushed at the end of every call so that
- * each output_buffer.  This must be called for the same size units that the
- * buffer_compress was called, and in the same order that buffers compressed
- * with that.  This appends the uncompressed data to the output buffer.
- */
-void    buffer_uncompress(Buffer *, Buffer *);
+void     buffer_compress_init_send(int);
+void     buffer_compress_init_recv(void);
+void     buffer_compress_uninit(void);
+void     buffer_compress(Buffer *, Buffer *);
+void     buffer_uncompress(Buffer *, Buffer *);
 
 #endif                          /* COMPRESS_H */
diff --git a/crc32.h b/crc32.h
index 4cd933390..bdabc1b09 100644
--- a/crc32.h
+++ b/crc32.h
@@ -11,15 +11,11 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: crc32.h,v 1.11 2001/06/26 06:32:51 itojun Exp $"); */
+/* RCSID("$OpenBSD: crc32.h,v 1.12 2001/06/26 17:27:23 markus Exp $"); */
 
 #ifndef CRC32_H
 #define CRC32_H
 
-/*
- * This computes a 32 bit CRC of the data in the buffer, and returns the CRC.
- * The polynomial used is 0xedb88320.
- */
-u_int ssh_crc32(const u_char *, u_int);
+u_int    ssh_crc32(const u_char *, u_int);
 
 #endif                          /* CRC32_H */
diff --git a/deattack.h b/deattack.h
index 24d3957a6..ddccdea50 100644
--- a/deattack.h
+++ b/deattack.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: deattack.h,v 1.6 2001/06/26 06:32:51 itojun Exp $     */
+/*      $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $     */
 
 /*
  * Cryptographic attack detector for ssh - Header file
@@ -26,5 +26,5 @@
 #define DEATTACK_OK             0
 #define DEATTACK_DETECTED       1
 
-int     detect_attack(u_char *, u_int32_t, u_char[8]);
+int      detect_attack(u_char *, u_int32_t, u_char[8]);
 #endif
diff --git a/dh.h b/dh.h
index fd90fab5a..a0c97b2ff 100644
--- a/dh.h
+++ b/dh.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: dh.h,v 1.6 2001/06/26 06:32:52 itojun Exp $   */
+/*      $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $   */
 
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
@@ -37,10 +37,10 @@ DH	*dh_new_group_asc(const char *, const char *);
 DH      *dh_new_group(BIGNUM *, BIGNUM *);
 DH      *dh_new_group1(void);
 
-void    dh_gen_key(DH *, int);
-int     dh_pub_is_valid(DH *, BIGNUM *);
+void     dh_gen_key(DH *, int);
+int      dh_pub_is_valid(DH *, BIGNUM *);
 
-int     dh_estimate(int);
+int      dh_estimate(int);
 
 #define DH_GRP_MIN      1024
 #define DH_GRP_MAX      8192
diff --git a/dispatch.h b/dispatch.h
index f796705a2..7b94032af 100644
--- a/dispatch.h
+++ b/dispatch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: dispatch.h,v 1.5 2001/06/26 06:32:52 itojun Exp $     */
+/*      $OpenBSD: dispatch.h,v 1.6 2001/06/26 17:27:23 markus Exp $     */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -30,7 +30,7 @@ enum {
 
 typedef void dispatch_fn(int, int, void *);
 
-void    dispatch_init(dispatch_fn *);
-void    dispatch_set(int, dispatch_fn *);
-void    dispatch_run(int, int *, void *);
-void    dispatch_protocol_error(int, int, void *);
+void     dispatch_init(dispatch_fn *);
+void     dispatch_set(int, dispatch_fn *);
+void     dispatch_run(int, int *, void *);
+void     dispatch_protocol_error(int, int, void *);
diff --git a/groupaccess.c b/groupaccess.c
index ac9e00aca..cbfe72035 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: groupaccess.c,v 1.3 2001/01/29 01:58:15 niklas Exp $  */
+/*      $OpenBSD: groupaccess.c,v 1.4 2001/06/26 17:27:23 markus Exp $  */
 
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
@@ -34,6 +34,10 @@
 static int ngroups;
 static char *groups_byname[NGROUPS_MAX + 1];    /* +1 for base/primary group */
 
+/*
+ * Initialize group access list for user with primary (base) and
+ * supplementary groups.  Return the number of groups in the list.
+ */
 int
 ga_init(const char *user, gid_t base)
 {
@@ -53,6 +57,10 @@ ga_init(const char *user, gid_t base)
         return (ngroups = j);
 }
 
+/*
+ * Return 1 if one of user's groups is contained in groups.
+ * Return 0 otherwise.  Use match_pattern() for string comparison.
+ */
 int
 ga_match(char * const *groups, int n)
 {
@@ -65,6 +73,9 @@ ga_match(char * const *groups, int n)
         return 0;
 }
 
+/*
+ * Free memory allocated for group access list.
+ */
 void
 ga_free(void)
 {
diff --git a/groupaccess.h b/groupaccess.h
index 01e394f69..ede4805c2 100644
--- a/groupaccess.h
+++ b/groupaccess.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: groupaccess.h,v 1.3 2001/06/26 06:32:52 itojun Exp $  */
+/*      $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $  */
 
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
@@ -29,21 +29,8 @@
 
 #include <grp.h>
 
-/*
- * Initialize group access list for user with primary (base) and
- * supplementary groups.  Return the number of groups in the list.
- */
-int ga_init(const char *, gid_t);
-
-/*
- * Return 1 if one of user's groups is contained in groups.
- * Return 0 otherwise.  Use match_pattern() for string comparison.
- */
-int ga_match(char * const *, int);
-
-/*
- * Free memory allocated for group access list.
- */
-void ga_free(void);
+int      ga_init(const char *, gid_t);
+int      ga_match(char * const *, int);
+void     ga_free(void);
 
 #endif
diff --git a/hostfile.h b/hostfile.h
index b83b77008..05ef69174 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: hostfile.h,v 1.8 2001/06/26 06:32:53 itojun Exp $     */
+/*      $OpenBSD: hostfile.h,v 1.9 2001/06/26 17:27:23 markus Exp $     */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -14,26 +14,13 @@
 #ifndef HOSTFILE_H
 #define HOSTFILE_H
 
-int
-auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *);
-
-/*
- * Checks whether the given host is already in the list of our known hosts.
- * Returns HOST_OK if the host is known and has the specified key, HOST_NEW
- * if the host is not known, and HOST_CHANGED if the host is known but used
- * to have a different host key.  The host must be in all lowercase.
- */
 typedef enum {
         HOST_OK, HOST_NEW, HOST_CHANGED
 }       HostStatus;
 
 HostStatus
 check_host_in_hostfile(const char *, const char *, Key *, Key *, int *);
-
-/*
- * Appends an entry to the host file.  Returns false if the entry could not
- * be appended.
- */
-int     add_host_to_hostfile(const char *, const char *, Key *);
+int      add_host_to_hostfile(const char *, const char *, Key *);
+int      auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *);
 
 #endif
diff --git a/kex.h b/kex.h
index 80ce31cef..fe339211a 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: kex.h,v 1.25 2001/06/26 06:32:53 itojun Exp $ */
+/*      $OpenBSD: kex.h,v 1.26 2001/06/26 17:27:23 markus Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -112,14 +112,14 @@ struct Kex {
 };
 
 Kex     *kex_setup(char *[PROPOSAL_MAX]);
-void    kex_finish(Kex *);
+void     kex_finish(Kex *);
 
-void    kex_send_kexinit(Kex *);
-void    kex_input_kexinit(int, int, void *);
-void    kex_derive_keys(Kex *, u_char *, BIGNUM *);
+void     kex_send_kexinit(Kex *);
+void     kex_input_kexinit(int, int, void *);
+void     kex_derive_keys(Kex *, u_char *, BIGNUM *);
 
-void    kexdh(Kex *);
-void    kexgex(Kex *);
+void     kexdh(Kex *);
+void     kexgex(Kex *);
 
 Newkeys *kex_get_newkeys(int);
 
diff --git a/key.h b/key.h
index db2dd324c..562834c98 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: key.h,v 1.14 2001/06/26 06:32:54 itojun Exp $ */
+/*      $OpenBSD: key.h,v 1.15 2001/06/26 17:27:23 markus Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -52,25 +52,24 @@ struct Key {
 
 Key     *key_new(int);
 Key     *key_new_private(int);
-void    key_free(Key *);
-int     key_equal(Key *, Key *);
+void     key_free(Key *);
+int      key_equal(Key *, Key *);
 char    *key_fingerprint(Key *, enum fp_type, enum fp_rep);
 char    *key_type(Key *);
-int     key_write(Key *, FILE *);
-int     key_read(Key *, char **);
-u_int   key_size(Key *);
+int      key_write(Key *, FILE *);
+int      key_read(Key *, char **);
+u_int    key_size(Key *);
 
 Key     *key_generate(int, u_int);
 Key     *key_from_private(Key *);
-int     key_type_from_name(char *);
+int      key_type_from_name(char *);
 
 Key     *key_from_blob(char *, int);
-int     key_to_blob(Key *, u_char **, u_int *);
+int      key_to_blob(Key *, u_char **, u_int *);
 char    *key_ssh_name(Key *);
-int     key_names_valid2(const char *);
+int      key_names_valid2(const char *);
 
-int     key_sign(Key *, u_char **, int *, u_char *, int);
-
-int     key_verify(Key *, u_char *, int, u_char *, int);
+int      key_sign(Key *, u_char **, int *, u_char *, int);
+int      key_verify(Key *, u_char *, int, u_char *, int);
 
 #endif
diff --git a/log.c b/log.c
index f8f6c1c4a..39bc8b5d7 100644
--- a/log.c
+++ b/log.c
@@ -34,7 +34,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: log.c,v 1.17 2001/03/04 17:42:28 millert Exp $");
+RCSID("$OpenBSD: log.c,v 1.18 2001/06/26 17:27:23 markus Exp $");
 
 #include "log.h"
 #include "xmalloc.h"
@@ -88,6 +88,8 @@ static struct {
         { NULL, 0 }
 };
 
+static void      do_log(LogLevel level, const char *fmt, va_list args);
+
 SyslogFacility
 log_facility_number(char *name)
 {
@@ -326,7 +328,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
 
 #define MSGBUFSIZ 1024
 
-void
+static void
 do_log(LogLevel level, const char *fmt, va_list args)
 {
         char msgbuf[MSGBUFSIZ];
diff --git a/log.h b/log.h
index 95ec864f3..23451f74f 100644
--- a/log.h
+++ b/log.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: log.h,v 1.3 2001/06/26 06:32:55 itojun Exp $  */
+/*      $OpenBSD: log.h,v 1.4 2001/06/26 17:27:24 markus Exp $  */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -45,36 +45,22 @@ typedef enum {
         SYSLOG_LEVEL_DEBUG2,
         SYSLOG_LEVEL_DEBUG3
 }       LogLevel;
-/* Initializes logging. */
-void    log_init(char *, LogLevel, SyslogFacility, int);
 
-/* Logging implementation, depending on server or client */
-void    do_log(LogLevel, const char *, va_list);
+void     log_init(char *, LogLevel, SyslogFacility, int);
 
-/* name to facility/level */
-SyslogFacility log_facility_number(char *);
+SyslogFacility  log_facility_number(char *);
 LogLevel log_level_number(char *);
 
-/* Output a message to syslog or stderr */
-void    fatal(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    error(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    log(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    debug(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
-void    debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     fatal(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     error(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     log(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     debug(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
+void     debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
 
-/* same as fatal() but w/o logging */
-void    fatal_cleanup(void);
-
-/*
- * Registers a cleanup function to be called by fatal()/fatal_cleanup()
- * before exiting. It is permissible to call fatal_remove_cleanup for the
- * function itself from the function.
- */
-void    fatal_add_cleanup(void (*) (void *), void *);
-
-/* Removes a cleanup function to be called at fatal(). */
-void    fatal_remove_cleanup(void (*) (void *), void *);
+void     fatal_cleanup(void);
+void     fatal_add_cleanup(void (*) (void *), void *);
+void     fatal_remove_cleanup(void (*) (void *), void *);
 
 #endif
diff --git a/mac.h b/mac.h
index 67df3b605..43b485dd9 100644
--- a/mac.h
+++ b/mac.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: mac.h,v 1.2 2001/06/26 06:32:55 itojun Exp $   */
+/*      $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $   */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -23,6 +23,6 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-int     mac_valid(const char *);
-int     mac_init(Mac *, char *);
+int      mac_valid(const char *);
+int      mac_init(Mac *, char *);
 u_char  *mac_compute(Mac *, u_int32_t, u_char *, int);
diff --git a/misc.c b/misc.c
index db9c2e481..620121fdc 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: misc.c,v 1.11 2001/06/16 08:58:34 markus Exp $        */
+/*      $OpenBSD: misc.c,v 1.12 2001/06/26 17:27:24 markus Exp $        */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,12 +25,13 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: misc.c,v 1.11 2001/06/16 08:58:34 markus Exp $");
+RCSID("$OpenBSD: misc.c,v 1.12 2001/06/26 17:27:24 markus Exp $");
 
 #include "misc.h"
 #include "log.h"
 #include "xmalloc.h"
 
+/* remove newline at end of string */
 char *
 chop(char *s)
 {
@@ -46,6 +47,7 @@ chop(char *s)
 
 }
 
+/* set/unset filedescriptor to non-blocking */
 void
 set_nonblock(int fd)
 {
@@ -93,6 +95,7 @@ unset_nonblock(int fd)
 /* Characters considered whitespace in strsep calls. */
 #define WHITESPACE " \t\r\n"
 
+/* return next token in configuration line */
 char *
 strdelim(char **s)
 {
@@ -145,7 +148,13 @@ pwcopy(struct passwd *pw)
         return copy;
 }
 
-int a2port(const char *s)
+/*
+ * Convert ASCII string to TCP/IP port number.
+ * Port must be >0 and <=65535.
+ * Return 0 if invalid.
+ */
+int
+a2port(const char *s)
 {
         long port;
         char *endp;
@@ -166,7 +175,29 @@ int a2port(const char *s)
 #define DAYS            (HOURS * 24)
 #define WEEKS           (DAYS * 7)
 
-long convtime(const char *s)
+/*
+ * Convert a time string into seconds; format is
+ * a sequence of:
+ *      time[qualifier]
+ *
+ * Valid time qualifiers are:
+ *      <none>  seconds
+ *      s|S     seconds
+ *      m|M     minutes
+ *      h|H     hours
+ *      d|D     days
+ *      w|W     weeks
+ *
+ * Examples:
+ *      90m     90 minutes
+ *      1h30m   90 minutes
+ *      2d      2 days
+ *      1w      1 week
+ *
+ * Return -1 if time string is invalid.
+ */
+long
+convtime(const char *s)
 {
         long total, secs;
         const char *p;
@@ -253,6 +284,7 @@ colon(char *cp)
         return (0);
 }
 
+/* function to assist building execv() arguments */
 void
 addargs(arglist *args, char *fmt, ...)
 {
diff --git a/misc.h b/misc.h
index 829208d29..5f0b0aa4f 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: misc.h,v 1.9 2001/06/26 06:32:56 itojun Exp $ */
+/*      $OpenBSD: misc.h,v 1.10 2001/06/26 17:27:24 markus Exp $        */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -11,54 +11,16 @@
  * incompatible with the protocol description in the RFC file, it must be
  * called by a name other than "ssh" or "Secure Shell".
  */
-/* remove newline at end of string */
-char    *chop(char *);
 
-/* return next token in configuration line */
-char    *strdelim(char **);
+char  *chop(char *);
+char  *strdelim(char **);
+void   set_nonblock(int);
+void   unset_nonblock(int);
+int    a2port(const char *);
+char  *cleanhostname(char *);
+char  *colon(char *);
+long   convtime(const char *);
 
-/* set/unset filedescriptor to non-blocking */
-void    set_nonblock(int);
-void    unset_nonblock(int);
-
-struct passwd * pwcopy(struct passwd *);
-
-/*
- * Convert ASCII string to TCP/IP port number.
- * Port must be >0 and <=65535.
- * Return 0 if invalid.
- */
-int a2port(const char *);
-
-/* code from scp.c/rcp.c */
-char *cleanhostname(char *);
-char *colon(char *);
-
-/*
- * Convert a time string into seconds; format is
- * a sequence of:
- *      time[qualifier]
- *
- * Valid time qualifiers are:
- *      <none>  seconds
- *      s|S     seconds
- *      m|M     minutes
- *      h|H     hours
- *      d|D     days
- *      w|W     weeks
- *
- * Examples:
- *      90m     90 minutes
- *      1h30m   90 minutes
- *      2d      2 days
- *      1w      1 week
- *
- * Return -1 if time string is invalid.
- */
-
-long convtime(const char *);
-
-/* function to assist building execv() arguments */
 typedef struct arglist arglist;
 struct arglist {
         char    **list;
@@ -66,7 +28,7 @@ struct arglist {
         int     nalloc;
 };
 
-void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3)));
+void   addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3)));
 
 /* wrapper for signal interface */
 typedef void (*mysig_t)(int);
diff --git a/mpaux.h b/mpaux.h
index a4d324fca..082b7fd47 100644
--- a/mpaux.h
+++ b/mpaux.h
@@ -12,17 +12,11 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: mpaux.h,v 1.10 2001/06/26 06:32:57 itojun Exp $"); */
+/* RCSID("$OpenBSD: mpaux.h,v 1.11 2001/06/26 17:27:24 markus Exp $"); */
 
 #ifndef MPAUX_H
 #define MPAUX_H
 
-/*
- * Computes a 16-byte session id in the global variable session_id. The
- * session id is computed by concatenating the linearized, msb first
- * representations of host_key_n, session_key_n, and the cookie.
- */
-void
-compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *);
+void     compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *);
 
 #endif                          /* MPAUX_H */
diff --git a/packet.h b/packet.h
index 97afbdf60..ffae736d6 100644
--- a/packet.h
+++ b/packet.h
@@ -11,186 +11,75 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: packet.h,v 1.24 2001/06/26 06:32:57 itojun Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.25 2001/06/26 17:27:24 markus Exp $"); */
 
 #ifndef PACKET_H
 #define PACKET_H
 
 #include <openssl/bn.h>
 
-/*
- * Sets the socket used for communication.  Disables encryption until
- * packet_set_encryption_key is called.  It is permissible that fd_in and
- * fd_out are the same descriptor; in that case it is assumed to be a socket.
- */
-void    packet_set_connection(int, int);
-
-/* Puts the connection file descriptors into non-blocking mode. */
-void    packet_set_nonblocking(void);
-
-/* Returns the file descriptor used for input. */
-int     packet_get_connection_in(void);
-
-/* Returns the file descriptor used for output. */
-int     packet_get_connection_out(void);
-
-/*
- * Closes the connection (both descriptors) and clears and frees internal
- * data structures.
- */
-void    packet_close(void);
-
-/*
- * Causes any further packets to be encrypted using the given key.  The same
- * key is used for both sending and reception.  However, both directions are
- * encrypted independently of each other.  Cipher types are defined in ssh.h.
- */
-void
-packet_set_encryption_key(const u_char *, u_int, int);
-
-/*
- * Sets remote side protocol flags for the current connection.  This can be
- * called at any time.
- */
-void    packet_set_protocol_flags(u_int);
-
-/* Returns the remote protocol flags set earlier by the above function. */
-u_int packet_get_protocol_flags(void);
-
-/* Enables compression in both directions starting from the next packet. */
-void    packet_start_compression(int);
-
-/*
- * Informs that the current session is interactive.  Sets IP flags for
- * optimal performance in interactive use.
- */
-void    packet_set_interactive(int);
-
-/* Returns true if the current connection is interactive. */
-int     packet_is_interactive(void);
-
-/* Starts constructing a packet to send. */
-void    packet_start(u_char);
-
-/* Appends a character to the packet data. */
-void    packet_put_char(int ch);
-
-/* Appends an integer to the packet data. */
-void    packet_put_int(u_int value);
-
-/* Appends an arbitrary precision integer to packet data. */
-void    packet_put_bignum(BIGNUM * value);
-void    packet_put_bignum2(BIGNUM * value);
-
-/* Appends a string to packet data. */
-void    packet_put_string(const char *buf, u_int len);
-void    packet_put_cstring(const char *str);
-void    packet_put_raw(const char *buf, u_int len);
-
-/*
- * Finalizes and sends the packet.  If the encryption key has been set,
- * encrypts the packet before sending.
- */
-void    packet_send(void);
-
-/* Waits until a packet has been received, and returns its type. */
-int     packet_read(int *payload_len_ptr);
-
-/*
- * Waits until a packet has been received, verifies that its type matches
- * that given, and gives a fatal error and exits if there is a mismatch.
- */
-void    packet_read_expect(int *payload_len_ptr, int type);
-
-/*
- * Checks if a full packet is available in the data received so far via
- * packet_process_incoming.  If so, reads the packet; otherwise returns
- * SSH_MSG_NONE.  This does not wait for data from the connection.
- * SSH_MSG_DISCONNECT is handled specially here.  Also, SSH_MSG_IGNORE
- * messages are skipped by this function and are never returned to higher
- * levels.
- */
-int     packet_read_poll(int *packet_len_ptr);
-
-/*
- * Buffers the given amount of input characters.  This is intended to be used
- * together with packet_read_poll.
- */
-void    packet_process_incoming(const char *buf, u_int len);
-
-/* Returns a character (0-255) from the packet data. */
-u_int packet_get_char(void);
-
-/* Returns an integer from the packet data. */
-u_int packet_get_int(void);
-
-/*
- * Returns an arbitrary precision integer from the packet data.  The integer
- * must have been initialized before this call.
- */
-void    packet_get_bignum(BIGNUM * value, int *length_ptr);
-void    packet_get_bignum2(BIGNUM * value, int *length_ptr);
+void     packet_set_connection(int, int);
+void     packet_set_nonblocking(void);
+int      packet_get_connection_in(void);
+int      packet_get_connection_out(void);
+void     packet_close(void);
+void     packet_set_encryption_key(const u_char *, u_int, int);
+void     packet_set_protocol_flags(u_int);
+u_int    packet_get_protocol_flags(void);
+void     packet_start_compression(int);
+void     packet_set_interactive(int);
+int      packet_is_interactive(void);
+
+void     packet_start(u_char);
+void     packet_put_char(int ch);
+void     packet_put_int(u_int value);
+void     packet_put_bignum(BIGNUM * value);
+void     packet_put_bignum2(BIGNUM * value);
+void     packet_put_string(const char *buf, u_int len);
+void     packet_put_cstring(const char *str);
+void     packet_put_raw(const char *buf, u_int len);
+void     packet_send(void);
+
+int      packet_read(int *payload_len_ptr);
+void     packet_read_expect(int *payload_len_ptr, int type);
+int      packet_read_poll(int *packet_len_ptr);
+void     packet_process_incoming(const char *buf, u_int len);
+
+u_int    packet_get_char(void);
+u_int    packet_get_int(void);
+void     packet_get_bignum(BIGNUM * value, int *length_ptr);
+void     packet_get_bignum2(BIGNUM * value, int *length_ptr);
 char    *packet_get_raw(int *length_ptr);
+char    *packet_get_string(u_int *length_ptr);
+void     packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void     packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
-/*
- * Returns a string from the packet data.  The string is allocated using
- * xmalloc; it is the responsibility of the calling program to free it when
- * no longer needed.  The length_ptr argument may be NULL, or point to an
- * integer into which the length of the string is stored.
- */
-char   *packet_get_string(u_int *length_ptr);
-
-/*
- * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect
- * packet, closes the connection, and exits.  This function never returns.
- * The error message should not contain a newline.  The total length of the
- * message must not exceed 1024 bytes.
- */
-void    packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-
-/*
- * Sends a diagnostic message to the other side.  This message can be sent at
- * any time (but not while constructing another message). The message is
- * printed immediately, but only if the client is being executed in verbose
- * mode.  These messages are primarily intended to ease debugging
- * authentication problems.  The total length of the message must not exceed
- * 1024 bytes.  This will automatically call packet_write_wait.  If the
- * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG,
- * this will do nothing.
- */
-void    packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-
-/* Checks if there is any buffered output, and tries to write some of the output. */
-void    packet_write_poll(void);
-
-/* Waits until all pending output data has been written. */
-void    packet_write_wait(void);
+void     packet_write_poll(void);
+void     packet_write_wait(void);
+int      packet_have_data_to_write(void);
+int      packet_not_very_much_data_to_write(void);
 
-/* Returns true if there is buffered data to write to the connection. */
-int     packet_have_data_to_write(void);
+int      packet_connection_is_on_socket(void);
+int      packet_connection_is_ipv4(void);
+int      packet_remaining(void);
+void     packet_send_ignore(int);
+void     packet_inject_ignore(int);
 
-/* Returns true if there is not too much data to write to the connection. */
-int     packet_not_very_much_data_to_write(void);
+void     tty_make_modes(int, struct termios *);
+void     tty_parse_modes(int, int *);
 
-/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */
 extern int max_packet_size;
-int     packet_set_maxsize(int);
-#define packet_get_maxsize() max_packet_size
-
-/* Stores tty modes from the fd or tiop into current packet. */
-void    tty_make_modes(int, struct termios *);
-
-/* Parses tty modes for the fd from the current packet. */
-void    tty_parse_modes(int, int *);
+int      packet_set_maxsize(int);
+#define  packet_get_maxsize() max_packet_size
 
 #define packet_integrity_check(payload_len, expected_len, type) \
 do { \
-  int _p = (payload_len), _e = (expected_len); \
-  if (_p != _e) { \
-    log("Packet integrity error (%d != %d) at %s:%d", \
-        _p, _e, __FILE__, __LINE__); \
-    packet_disconnect("Packet integrity error. (%d)", (type)); \
-  } \
+        int _p = (payload_len), _e = (expected_len); \
+        if (_p != _e) { \
+                log("Packet integrity error (%d != %d) at %s:%d", \
+                    _p, _e, __FILE__, __LINE__); \
+                packet_disconnect("Packet integrity error. (%d)", (type)); \
+        } \
 } while (0)
 
 #define packet_done() \
@@ -203,17 +92,4 @@ do { \
         } \
 } while (0)
 
-/* remote host is connected via a socket/ipv4 */
-int     packet_connection_is_on_socket(void);
-int     packet_connection_is_ipv4(void);
-
-/* returns remaining payload bytes */
-int     packet_remaining(void);
-
-/* append an ignore message */
-void    packet_send_ignore(int);
-
-/* add an ignore message and make sure size (current+ignore) = n*sumlen */
-void    packet_inject_ignore(int);
-
 #endif                          /* PACKET_H */
diff --git a/radix.h b/radix.h
index 6f3428cd3..e94e4acc6 100644
--- a/radix.h
+++ b/radix.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: radix.h,v 1.3 2001/06/26 06:32:57 itojun Exp $        */
+/*      $OpenBSD: radix.h,v 1.4 2001/06/26 17:27:24 markus Exp $        */
 
 /*
  * Copyright (c) 1999 Dug Song.  All rights reserved.
@@ -24,5 +24,5 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-int     creds_to_radix(CREDENTIALS *, u_char *, size_t);
-int     radix_to_creds(const char *, CREDENTIALS *);
+int      creds_to_radix(CREDENTIALS *, u_char *, size_t);
+int      radix_to_creds(const char *, CREDENTIALS *);
diff --git a/readconf.h b/readconf.h
index 2f784e6e2..f91dc3899 100644
--- a/readconf.h
+++ b/readconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: readconf.h,v 1.34 2001/06/26 16:15:24 dugsong Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.35 2001/06/26 17:27:24 markus Exp $"); */
 
 #ifndef READCONF_H
 #define READCONF_H
@@ -102,48 +102,14 @@ typedef struct {
 }       Options;
 
 
-/*
- * Initializes options to special values that indicate that they have not yet
- * been set.  Read_config_file will only set options with this value. Options
- * are processed in the following order: command line, user config file,
- * system config file.  Last, fill_default_options is called.
- */
-void    initialize_options(Options *);
-
-/*
- * Called after processing other sources of option data, this fills those
- * options for which no value has been specified with their default values.
- */
-void    fill_default_options(Options *);
+void     initialize_options(Options *);
+void     fill_default_options(Options *);
+void     read_config_file(const char *, const char *, Options *);
 
-/*
- * Processes a single option line as used in the configuration files. This
- * only sets those values that have not already been set. Returns 0 for legal
- * options
- */
 int
 process_config_line(Options *, const char *, char *, const char *, int, int *);
 
-/*
- * Reads the config file and modifies the options accordingly.  Options
- * should already be initialized before this call.  This never returns if
- * there is an error.  If the file does not exist, this returns immediately.
- */
-void
-read_config_file(const char *, const char *, Options *);
-
-/*
- * Adds a local TCP/IP port forward to options.  Never returns if there is an
- * error.
- */
-void
-add_local_forward(Options *, u_short, const char *, u_short);
-
-/*
- * Adds a remote TCP/IP port forward to options.  Never returns if there is
- * an error.
- */
-void
-add_remote_forward(Options *, u_short, const char *, u_short);
+void     add_local_forward(Options *, u_short, const char *, u_short);
+void     add_remote_forward(Options *, u_short, const char *, u_short);
 
 #endif                          /* READCONF_H */
diff --git a/readpass.h b/readpass.h
index da362ab41..229973c68 100644
--- a/readpass.h
+++ b/readpass.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: readpass.h,v 1.5 2001/06/26 06:32:58 itojun Exp $     */
+/*      $OpenBSD: readpass.h,v 1.6 2001/06/26 17:27:24 markus Exp $     */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -14,4 +14,5 @@
 
 #define RP_ECHO                 0x0001
 #define RP_ALLOW_STDIN          0x0002
+
 char    *read_passphrase(const char *, int);
diff --git a/rsa.h b/rsa.h
index b803b3ad3..70756f83c 100644
--- a/rsa.h
+++ b/rsa.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: rsa.h,v 1.12 2001/06/26 06:32:58 itojun Exp $"); */
+/* RCSID("$OpenBSD: rsa.h,v 1.13 2001/06/26 17:27:24 markus Exp $"); */
 
 #ifndef RSA_H
 #define RSA_H
@@ -19,9 +19,8 @@
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
 
-void rsa_public_encrypt __P((BIGNUM *, BIGNUM *, RSA *));
-int rsa_private_decrypt __P((BIGNUM *, BIGNUM *, RSA *));
-
-void generate_additional_parameters __P((RSA *));
+void     rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *);
+int      rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *);
+void     generate_additional_parameters(RSA *);
 
 #endif                          /* RSA_H */
diff --git a/servconf.h b/servconf.h
index 1b0220283..3552bb11a 100644
--- a/servconf.h
+++ b/servconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: servconf.h,v 1.46 2001/06/26 16:15:24 dugsong Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.47 2001/06/26 17:27:24 markus Exp $"); */
 
 #ifndef SERVCONF_H
 #define SERVCONF_H
@@ -130,19 +130,9 @@ typedef struct {
         char   *authorized_keys_file2;  /* File containing public SSH2 keys */
         int     pam_authentication_via_kbd_int;
 }       ServerOptions;
-/*
- * Initializes the server options to special values that indicate that they
- * have not yet been set.
- */
-void    initialize_server_options(ServerOptions *);
-
-/*
- * Reads the server configuration file.  This only sets the values for those
- * options that have the special value indicating they have not been set.
- */
-void    read_server_config(ServerOptions *, const char *);
 
-/* Sets values for those values that have not yet been set. */
-void    fill_default_server_options(ServerOptions *);
+void     initialize_server_options(ServerOptions *);
+void     read_server_config(ServerOptions *, const char *);
+void     fill_default_server_options(ServerOptions *);
 
 #endif                          /* SERVCONF_H */
diff --git a/serverloop.h b/serverloop.h
index 9c2c2ccb9..9ea2b38d4 100644
--- a/serverloop.h
+++ b/serverloop.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: serverloop.h,v 1.3 2001/06/26 06:33:00 itojun Exp $   */
+/*      $OpenBSD: serverloop.h,v 1.4 2001/06/26 17:27:24 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -18,5 +18,10 @@
  * (of the child program), and reads from stdout and stderr (of the child
  * program).
  */
+#ifndef SERVERLOOP_H
+#define SERVERLOOP_H
+
 void    server_loop(pid_t, int, int, int);
 void    server_loop2(void);
+
+#endif
diff --git a/session.h b/session.h
index 9ed83585c..39ab7d0e6 100644
--- a/session.h
+++ b/session.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: session.h,v 1.8 2001/06/26 06:33:01 itojun Exp $      */
+/*      $OpenBSD: session.h,v 1.9 2001/06/26 17:27:24 markus Exp $      */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -26,11 +26,11 @@
 #ifndef SESSION_H
 #define SESSION_H
 
-void    do_authenticated(Authctxt *);
+void     do_authenticated(Authctxt *);
 
-int     session_open(int);
-void    session_input_channel_req(int, void *);
-void    session_close_by_pid(pid_t, int);
-void    session_close_by_channel(int, void *);
+int      session_open(int);
+void     session_input_channel_req(int, void *);
+void     session_close_by_pid(pid_t, int);
+void     session_close_by_channel(int, void *);
 
 #endif
diff --git a/sftp-common.c b/sftp-common.c
index 3310eabab..aed95f2f0 100644
--- a/sftp-common.c
+++ b/sftp-common.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-common.c,v 1.2 2001/02/06 23:50:10 markus Exp $");
+RCSID("$OpenBSD: sftp-common.c,v 1.3 2001/06/26 17:27:24 markus Exp $");
 
 #include "buffer.h"
 #include "bufaux.h"
@@ -35,6 +35,7 @@ RCSID("$OpenBSD: sftp-common.c,v 1.2 2001/02/06 23:50:10 markus Exp $");
 #include "sftp.h"
 #include "sftp-common.h"
 
+/* Clear contents of attributes structure */
 void
 attrib_clear(Attrib *a)
 {
@@ -47,6 +48,7 @@ attrib_clear(Attrib *a)
         a->mtime = 0;
 }
 
+/* Convert from struct stat to filexfer attribs */
 void
 stat_to_attrib(struct stat *st, Attrib *a)
 {
@@ -64,6 +66,7 @@ stat_to_attrib(struct stat *st, Attrib *a)
         a->mtime = st->st_mtime;
 }
 
+/* Decode attributes in buffer */
 Attrib *
 decode_attrib(Buffer *b)
 {
@@ -98,6 +101,7 @@ decode_attrib(Buffer *b)
         return &a;
 }
 
+/* Encode attributes to buffer */
 void
 encode_attrib(Buffer *b, Attrib *a)
 {
@@ -116,6 +120,7 @@ encode_attrib(Buffer *b, Attrib *a)
         }
 }
 
+/* Convert from SSH2_FX_ status to text error message */
 const char *
 fx2txt(int status)
 {
@@ -143,4 +148,3 @@ fx2txt(int status)
         };
         /* NOTREACHED */
 }
-
diff --git a/sftp-common.h b/sftp-common.h
index 3e4f502b0..4c126bf10 100644
--- a/sftp-common.h
+++ b/sftp-common.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sftp-common.h,v 1.2 2001/06/26 06:33:01 itojun Exp $  */
+/*      $OpenBSD: sftp-common.h,v 1.3 2001/06/26 17:27:24 markus Exp $  */
 
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -38,18 +38,9 @@ struct Attrib {
         u_int32_t       mtime;
 };
 
-/* Clear contents of attributes structure */
-void attrib_clear(Attrib *);
+void     attrib_clear(Attrib *);
+void     stat_to_attrib(struct stat *, Attrib *);
+Attrib  *decode_attrib(Buffer *);
+void     encode_attrib(Buffer *, Attrib *);
 
-/* Convert from struct stat to filexfer attribs */
-void stat_to_attrib(struct stat *, Attrib *);
-
-/* Decode attributes in buffer */
-Attrib *decode_attrib(Buffer *);
-
-/* Encode attributes to buffer */
-void encode_attrib(Buffer *, Attrib *);
-
-/* Convert from SSH2_FX_ status to text error message */
 const char *fx2txt(int);
-
diff --git a/sftp-glob.h b/sftp-glob.h
index 37bd5d2da..2885044ae 100644
--- a/sftp-glob.h
+++ b/sftp-glob.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-glob.h,v 1.4 2001/06/26 06:33:01 itojun Exp $ */
+/* $OpenBSD: sftp-glob.h,v 1.5 2001/06/26 17:27:24 markus Exp $ */
 
 /*
  * Copyright (c) 2001 Damien Miller.  All rights reserved.
@@ -28,4 +28,3 @@
 
 int
 remote_glob(int, int, const char *, int, int (*)(const char *, int), glob_t *);
-
diff --git a/sftp-int.h b/sftp-int.h
index bbb138a6b..699e758b1 100644
--- a/sftp-int.h
+++ b/sftp-int.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-int.h,v 1.3 2001/06/26 06:33:02 itojun Exp $ */
+/* $OpenBSD: sftp-int.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */
 
 /*
  * Copyright (c) 2001 Damien Miller.  All rights reserved.
@@ -24,4 +24,4 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-void interactive_loop(int, int, char *, char *);
+void     interactive_loop(int, int, char *, char *);
diff --git a/ssh-dss.h b/ssh-dss.h
index fe7e3207c..0613acba3 100644
--- a/ssh-dss.h
+++ b/ssh-dss.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-dss.h,v 1.4 2001/06/26 06:33:02 itojun Exp $      */
+/*      $OpenBSD: ssh-dss.h,v 1.5 2001/06/26 17:27:25 markus Exp $      */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,8 +26,7 @@
 #ifndef DSA_H
 #define DSA_H
 
-int     ssh_dss_sign(Key *, u_char **, int *, u_char *, int);
-
-int     ssh_dss_verify(Key *, u_char *, int, u_char *, int);
+int      ssh_dss_sign(Key *, u_char **, int *, u_char *, int);
+int      ssh_dss_verify(Key *, u_char *, int, u_char *, int);
 
 #endif
diff --git a/ssh-rsa.h b/ssh-rsa.h
index 1e94c8b3c..11d355d58 100644
--- a/ssh-rsa.h
+++ b/ssh-rsa.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-rsa.h,v 1.4 2001/06/26 06:33:03 itojun Exp $      */
+/*      $OpenBSD: ssh-rsa.h,v 1.5 2001/06/26 17:27:25 markus Exp $      */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,8 +26,7 @@
 #ifndef SSH_RSA_H
 #define SSH_RSA_H
 
-int     ssh_rsa_sign(Key *, u_char **, int *, u_char *, int);
-
-int     ssh_rsa_verify(Key *, u_char *, int, u_char *, int);
+int      ssh_rsa_sign(Key *, u_char **, int *, u_char *, int);
+int      ssh_rsa_verify(Key *, u_char *, int, u_char *, int);
 
 #endif
diff --git a/sshconnect.h b/sshconnect.h
index c15ed4bc4..27ed2b745 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshconnect.h,v 1.11 2001/06/26 06:33:03 itojun Exp $  */
+/*      $OpenBSD: sshconnect.h,v 1.12 2001/06/26 17:27:25 markus Exp $  */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -33,14 +33,14 @@ ssh_connect(const char *, struct sockaddr_storage *, u_short, int,
 void
 ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *);
 
-int     verify_host_key(char *, struct sockaddr *, Key *);
+int      verify_host_key(char *, struct sockaddr *, Key *);
 
-void    ssh_kex(char *, struct sockaddr *);
-void    ssh_kex2(char *, struct sockaddr *);
+void     ssh_kex(char *, struct sockaddr *);
+void     ssh_kex2(char *, struct sockaddr *);
 
-void    ssh_userauth1(const char *, const char *, char *, Key **, int);
-void    ssh_userauth2(const char *, const char *, char *, Key **, int);
+void     ssh_userauth1(const char *, const char *, char *, Key **, int);
+void     ssh_userauth2(const char *, const char *, char *, Key **, int);
 
-void    ssh_put_password(char *);
+void     ssh_put_password(char *);
 
 #endif
diff --git a/sshlogin.h b/sshlogin.h
index 05840c291..79d42a982 100644
--- a/sshlogin.h
+++ b/sshlogin.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshlogin.h,v 1.2 2001/06/26 06:33:04 itojun Exp $     */
+/*      $OpenBSD: sshlogin.h,v 1.3 2001/06/26 17:27:25 markus Exp $     */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -14,35 +14,10 @@
 #ifndef SSHLOGIN_H
 #define SSHLOGIN_H
 
-/*
- * Returns the time when the user last logged in.  Returns 0 if the
- * information is not available.  This must be called before record_login.
- * The host from which the user logged in is stored in buf.
- */
-u_long
-get_last_login_time(uid_t, const char *, char *, u_int);
-
-/*
- * Records that the user has logged in.  This does many things normally done
- * by login(1).
- */
 void
-record_login(pid_t, const char *, const char *, uid_t, const char *,
-                struct sockaddr *);
-
-#ifdef LOGIN_NEEDS_UTMPX
-/*
- * Record just the utmp info for /bin/login.
- */
-void
-record_utmp_only(pid_t, const char *, const char *, const char *, 
-                struct sockaddr *);
-#endif
-
-/*
- * Records that the user has logged out.  This does many thigs normally done
- * by login(1) or init.
- */
-void    record_logout(pid_t, const char *);
+record_login(pid_t, const char *, const char *, uid_t,
+    const char *, struct sockaddr *);
+void   record_logout(pid_t, const char *);
+u_long         get_last_login_time(uid_t, const char *, char *, u_int);
 
 #endif
diff --git a/sshpty.h b/sshpty.h
index d962924f8..4eb479f76 100644
--- a/sshpty.h
+++ b/sshpty.h
@@ -12,34 +12,15 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: sshpty.h,v 1.2 2001/06/26 06:33:04 itojun Exp $"); */
+/* RCSID("$OpenBSD: sshpty.h,v 1.3 2001/06/26 17:27:25 markus Exp $"); */
 
 #ifndef SSHPTY_H
 #define SSHPTY_H
 
-/*
- * Allocates and opens a pty.  Returns 0 if no pty could be allocated, or
- * nonzero if a pty was successfully allocated.  On success, open file
- * descriptors for the pty and tty sides and the name of the tty side are
- * returned (the buffer must be able to hold at least 64 characters).
- */
-int     pty_allocate(int *, int *, char *, int);
-
-/*
- * Releases the tty.  Its ownership is returned to root, and permissions to
- * 0666.
- */
-void    pty_release(const char *);
-
-/*
- * Makes the tty the processes controlling tty and sets it to sane modes.
- * This may need to reopen the tty to get rid of possible eavesdroppers.
- */
-void    pty_make_controlling_tty(int *, const char *);
-
-/* Changes the window size associated with the pty. */
-void    pty_change_window_size(int, int, int, int, int);
-
-void    pty_setowner(struct passwd *, const char *);
+int      pty_allocate(int *, int *, char *, int);
+void     pty_release(const char *);
+void     pty_make_controlling_tty(int *, const char *);
+void     pty_change_window_size(int, int, int, int, int);
+void     pty_setowner(struct passwd *, const char *);
 
 #endif                          /* SSHPTY_H */
diff --git a/sshtty.h b/sshtty.h
index e29385e35..7ba4a2627 100644
--- a/sshtty.h
+++ b/sshtty.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshtty.h,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */
+/* $OpenBSD: sshtty.h,v 1.2 2001/06/26 17:27:25 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -40,26 +40,9 @@
 
 #include <termios.h>
 
-/*
- * Accessor function indicating whether we are in raw mode.  Set by
- * enter_raw_mode() and leave_raw_mode().
- */
-int in_raw_mode(void);
-
-/*
- * Return terminal modes, as saved by enter_raw_mode().
- */
+int      in_raw_mode(void);
 struct termios get_saved_tio(void);
-
-/*
- * Returns the user's terminal to normal mode if it had been
- * put in raw mode.
- */
-void leave_raw_mode(void);
-
-/*
- * Puts the user's terminal in raw mode.
- */
-void enter_raw_mode(void);
+void     leave_raw_mode(void);
+void     enter_raw_mode(void);
 
 #endif
diff --git a/tildexpand.h b/tildexpand.h
index a30f0db30..f5e7e40bc 100644
--- a/tildexpand.h
+++ b/tildexpand.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tildexpand.h,v 1.3 2001/06/26 06:33:06 itojun Exp $   */
+/*      $OpenBSD: tildexpand.h,v 1.4 2001/06/26 17:27:25 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -12,8 +12,4 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/*
- * Expands tildes in the file name.  Returns data allocated by xmalloc.
- * Warning: this calls getpw*.
- */
-char   *tilde_expand_filename(const char *, uid_t);
+char    *tilde_expand_filename(const char *, uid_t);
diff --git a/uidswap.h b/uidswap.h
index 9aea88367..0726980d0 100644
--- a/uidswap.h
+++ b/uidswap.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: uidswap.h,v 1.8 2001/06/26 06:33:06 itojun Exp $      */
+/*      $OpenBSD: uidswap.h,v 1.9 2001/06/26 17:27:25 markus Exp $      */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -15,22 +15,8 @@
 #ifndef UIDSWAP_H
 #define UIDSWAP_H
 
-/*
- * Temporarily changes to the given uid.  If the effective user id is not
- * root, this does nothing.  This call cannot be nested.
- */
-void    temporarily_use_uid(struct passwd *);
-
-/*
- * Restores the original effective user id after temporarily_use_uid().
- * This should only be called while temporarily_use_uid is effective.
- */
-void    restore_uid(void);
-
-/*
- * Permanently sets all uids to the given uid.  This cannot be called while
- * temporarily_use_uid is effective.  This must also clear any saved uids.
- */
-void    permanently_set_uid(struct passwd *);
+void     temporarily_use_uid(struct passwd *);
+void     restore_uid(void);
+void     permanently_set_uid(struct passwd *);
 
 #endif                          /* UIDSWAP_H */
diff --git a/uuencode.h b/uuencode.h
index fd8f3dbda..0067635b6 100644
--- a/uuencode.h
+++ b/uuencode.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: uuencode.h,v 1.7 2001/06/26 06:33:06 itojun Exp $     */
+/*      $OpenBSD: uuencode.h,v 1.8 2001/06/26 17:27:25 markus Exp $     */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
 
 #ifndef UUENCODE_H
 #define UUENCODE_H
-int     uuencode(u_char *, u_int, char *, size_t);
-int     uudecode(const char *, u_char *, size_t);
-void    dump_base64(FILE *, u_char *, int);
+int      uuencode(u_char *, u_int, char *, size_t);
+int      uudecode(const char *, u_char *, size_t);
+void     dump_base64(FILE *, u_char *, int);
 #endif
diff --git a/xmalloc.h b/xmalloc.h
index d04f10293..e14d0141d 100644
--- a/xmalloc.h
+++ b/xmalloc.h
@@ -14,21 +14,14 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: xmalloc.h,v 1.6 2001/06/26 06:33:07 itojun Exp $"); */
+/* RCSID("$OpenBSD: xmalloc.h,v 1.7 2001/06/26 17:27:25 markus Exp $"); */
 
 #ifndef XMALLOC_H
 #define XMALLOC_H
 
-/* Like malloc, but calls fatal() if out of memory. */
-void   *xmalloc(size_t);
-
-/* Like realloc, but calls fatal() if out of memory. */
-void   *xrealloc(void *, size_t);
-
-/* Frees memory allocated using xmalloc or xrealloc. */
-void    xfree(void *);
-
-/* Allocates memory using xmalloc, and copies the string into that memory. */
-char   *xstrdup(const char *);
+void    *xmalloc(size_t);
+void    *xrealloc(void *, size_t);
+void     xfree(void *);
+char    *xstrdup(const char *);
 
 #endif                          /* XMALLOC_H */