Use gcc -ansi -pedantic in 9c. Fix many non-C89-isms.

26 files changed, 169 insertions, 168 deletions

diff --git a/src/cmd/auth/factotum/apop.c b/src/cmd/auth/factotum/apop.c
index 5703571d..992cc0ad 100644
--- a/src/cmd/auth/factotum/apop.c
+++ b/src/cmd/auth/factotum/apop.c
@@ -148,7 +148,7 @@ struct ServerState
 
 enum
 {
-	APOPCHALLEN = 128,
+	APOPCHALLEN = 128
 };
 
 static int apopchal(ServerState*, int, char[APOPCHALLEN]);
diff --git a/src/cmd/auth/factotum/attr.c b/src/cmd/auth/factotum/attr.c
index 2f2511b9..1c037a53 100644
--- a/src/cmd/auth/factotum/attr.c
+++ b/src/cmd/auth/factotum/attr.c
@@ -143,7 +143,7 @@ hasqueries(Attr *a)
 
 char *ignored[] = {
 	"role",
-	"disabled",
+	"disabled"
 };
 
 static int
diff --git a/src/cmd/auth/factotum/chap.c b/src/cmd/auth/factotum/chap.c
index 2b258902..b27f64a7 100644
--- a/src/cmd/auth/factotum/chap.c
+++ b/src/cmd/auth/factotum/chap.c
@@ -33,7 +33,7 @@ enum {
 
 	MShashlen = 16,
 	MSchallen = 8,
-	MSresplen = 24,
+	MSresplen = 24
 };
 
 static int
@@ -315,7 +315,7 @@ out:
 	keyclose(s.k);
 	free(user);
 	free(resp);
-//	xioclose(s.asfd);
+/*	xioclose(s.asfd); */
 	return ret;
 }
 
@@ -411,16 +411,17 @@ chaproles[] =
 };
 
 Proto chap = {
-.name=		"chap",
-.roles=		chaproles,
-.checkkey=	chapcheck,
-.keyprompt=	"user? !password?",
+	"chap",
+	chaproles,
+	"user? !password?",
+	chapcheck
 };
 
 Proto mschap = {
-.name=		"mschap",
-.roles=		chaproles,
-.checkkey=	chapcheck,
-.keyprompt=	"user? !password?",
+	"mschap",
+	chaproles,
+	"user? !password?",
+	chapcheck
 };
 
+
diff --git a/src/cmd/auth/factotum/cpu.c b/src/cmd/auth/factotum/cpu.c
index da8280ad..46399049 100644
--- a/src/cmd/auth/factotum/cpu.c
+++ b/src/cmd/auth/factotum/cpu.c
@@ -56,7 +56,7 @@ struct AuthMethod {
 {
 	{ "p9",		p9auth,		srvp9auth,},
 	{ "netkey",	netkeyauth,	netkeysrvauth,},
-//	{ "none",	noauth,		srvnoauth,},
+/*	{ "none",	noauth,		srvnoauth,}, */
 	{ nil,	nil}
 };
 AuthMethod *am = authmethod;	/* default is p9 */
@@ -687,7 +687,7 @@ enum
 	Qdir,
 	Qcpunote,
 
-	Nfid = 32,
+	Nfid = 32
 };
 
 struct {
@@ -697,7 +697,7 @@ struct {
 } fstab[] =
 {
 	[Qdir]		{ ".",		{Qdir, 0, QTDIR},	DMDIR|0555	},
-	[Qcpunote]	{ "cpunote",	{Qcpunote, 0},		0444		},
+	[Qcpunote]	{ "cpunote",	{Qcpunote, 0},		0444		}
 };
 
 typedef struct Note Note;
diff --git a/src/cmd/auth/factotum/ctl.c b/src/cmd/auth/factotum/ctl.c
index d426f86f..6195bb84 100644
--- a/src/cmd/auth/factotum/ctl.c
+++ b/src/cmd/auth/factotum/ctl.c
@@ -17,7 +17,7 @@
 static char *msg[] = {
 	"key",
 	"delkey",
-	"debug",
+	"debug"
 };
 
 static int
diff --git a/src/cmd/auth/factotum/dat.h b/src/cmd/auth/factotum/dat.h
index eaf94caf..49377f40 100644
--- a/src/cmd/auth/factotum/dat.h
+++ b/src/cmd/auth/factotum/dat.h
@@ -13,7 +13,7 @@ enum
 	RpcWriteHex,
 
 	/* thread stack size - big buffers for printing */
-	STACK = 65536,
+	STACK = 65536
 };
 
 typedef struct Conv Conv;
diff --git a/src/cmd/auth/factotum/fs.c b/src/cmd/auth/factotum/fs.c
index 68e86289..08894ae6 100644
--- a/src/cmd/auth/factotum/fs.c
+++ b/src/cmd/auth/factotum/fs.c
@@ -12,7 +12,7 @@ enum
 	Qlog,
 	Qctl,
 	Qneedkey,
-	Qconv,
+	Qconv
 };
 
 static int qtop;
@@ -41,7 +41,7 @@ static struct
 	"rpc",		Qrpc,		0666,
 	"proto",		Qprotolist,	0444,
 	"log",		Qlog,		0600|DMEXCL,
-	"conv",		Qconv,		0400,
+	"conv",		Qconv,		0400
 };
 
 static void
diff --git a/src/cmd/auth/factotum/main.c b/src/cmd/auth/factotum/main.c
index b18cbf3d..010b5d51 100644
--- a/src/cmd/auth/factotum/main.c
+++ b/src/cmd/auth/factotum/main.c
@@ -26,7 +26,7 @@ threadmain(int argc, char *argv[])
 	char *mtpt;
 	char err[ERRMAX];
 
-//	mtpt = "/mnt";
+/*	mtpt = "/mnt"; */
 	mtpt = nil;
 	owner = getuser();
 	quotefmtinstall();
diff --git a/src/cmd/auth/factotum/p9any.c b/src/cmd/auth/factotum/p9any.c
index 789d4d70..0267a616 100644
--- a/src/cmd/auth/factotum/p9any.c
+++ b/src/cmd/auth/factotum/p9any.c
@@ -15,7 +15,7 @@ extern Proto p9sk1, p9sk2, p9cr;
 static Proto* okproto[] =
 {
 	&p9sk1,
-	nil,
+	nil
 };
 
 static int
@@ -267,6 +267,6 @@ p9anyroles[] =
 
 Proto p9any = {
 	"p9any",
-	p9anyroles,
+	p9anyroles
 };
 
diff --git a/src/cmd/auth/factotum/p9cr.c b/src/cmd/auth/factotum/p9cr.c
index abbad4c4..32cccb82 100644
--- a/src/cmd/auth/factotum/p9cr.c
+++ b/src/cmd/auth/factotum/p9cr.c
@@ -197,7 +197,7 @@ out:
 
 enum
 {
-	MAXCHAL = 64,
+	MAXCHAL = 64
 };
 
 typedef struct State State;
@@ -222,7 +222,7 @@ enum
 	SHaveChal,
 	SNeedResp,
 
-	Maxphase,
+	Maxphase
 };
 
 static char *phasenames[Maxphase] =
@@ -231,7 +231,7 @@ static char *phasenames[Maxphase] =
 [CHaveResp]	"CHaveResp",
 
 [SHaveChal]	"SHaveChal",
-[SNeedResp]	"SNeedResp",
+[SNeedResp]	"SNeedResp"
 };
 
 static void
@@ -525,7 +525,7 @@ Proto p9cr =
 .write=		p9crwrite,
 .read=		p9crread,
 .close=		p9crclose,
-.keyprompt=	"user? !password?",
+.keyprompt=	"user? !password?"
 };
 
 Proto vnc =
@@ -536,5 +536,5 @@ Proto vnc =
 .read=		p9crread,
 .close=		p9crclose,
 .keyprompt=	"!password?",
-.addkey=	vncaddkey,
+.addkey=	vncaddkey
 };
diff --git a/src/cmd/auth/factotum/p9sk1.c b/src/cmd/auth/factotum/p9sk1.c
index 04981e58..46156939 100644
--- a/src/cmd/auth/factotum/p9sk1.c
+++ b/src/cmd/auth/factotum/p9sk1.c
@@ -343,11 +343,11 @@ Proto p9sk1 = {
 	p9sk1roles,
 	"user? dom? !password?",
 	p9sk1check,
-	p9sk1close,
+	p9sk1close
 };
 
 Proto p9sk2 = {
 	"p9sk2",
-	p9sk2roles,
+	p9sk2roles
 };
 
diff --git a/src/cmd/auth/factotum/proto.c b/src/cmd/auth/factotum/proto.c
index 97da15ec..daf90cdd 100644
--- a/src/cmd/auth/factotum/proto.c
+++ b/src/cmd/auth/factotum/proto.c
@@ -23,7 +23,7 @@ Proto *prototab[] = {
 	&p9sk2,
 	&pass,
 	&rsa,
-	nil,
+	nil
 };
 
 Proto*
diff --git a/src/cmd/auth/factotum/rpc.c b/src/cmd/auth/factotum/rpc.c
index 350a0795..ad894330 100644
--- a/src/cmd/auth/factotum/rpc.c
+++ b/src/cmd/auth/factotum/rpc.c
@@ -41,7 +41,7 @@ char *rpcname[] =
 	"start",
 	"write",
 	"readhex",
-	"writehex",
+	"writehex"
 };
 
 static int
diff --git a/src/cmd/auth/factotum/secstore.c b/src/cmd/auth/factotum/secstore.c
index 0156e170..315de0eb 100644
--- a/src/cmd/auth/factotum/secstore.c
+++ b/src/cmd/auth/factotum/secstore.c
@@ -10,9 +10,9 @@
 enum{ CHK = 16};
 enum{ MAXFILESIZE = 10*1024*1024 };
 
-enum{// PW status bits
+enum{/* PW status bits */
 	Enabled 	= (1<<0),
-	STA 		= (1<<1),	// extra SecurID step
+	STA 		= (1<<1)	/* extra SecurID step */
 };
 
 static char testmess[] = "__secstore\tPAK\nC=%s\nm=0\n";
@@ -75,28 +75,28 @@ havesecstore(void)
 	return strcmp((char*)buf, "!account exists") == 0;
 }
 
-// delimited, authenticated, encrypted connection
-enum{ Maxmsg=4096 };	// messages > Maxmsg bytes are truncated
+/* delimited, authenticated, encrypted connection */
+enum{ Maxmsg=4096 };	/* messages > Maxmsg bytes are truncated */
 typedef struct SConn SConn;
 
-extern SConn* newSConn(int);	// arg is open file descriptor
+extern SConn* newSConn(int);	/* arg is open file descriptor */
 struct SConn{
 	void *chan;
 	int secretlen;
-	int (*secret)(SConn*, uchar*, int);// 
-	int (*read)(SConn*, uchar*, int); // <0 if error;  errmess in buffer
+	int (*secret)(SConn*, uchar*, int);/*  */
+	int (*read)(SConn*, uchar*, int); /* <0 if error;  errmess in buffer */
 	int (*write)(SConn*, uchar*, int);
-	void (*free)(SConn*);		// also closes file descriptor
+	void (*free)(SConn*);		/* also closes file descriptor */
 };
-// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen
-//		bytes in b to form keys 	for the two directions;
-//	  set dir=0 in client, dir=1 in server
+/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */
+/*		bytes in b to form keys 	for the two directions; */
+/*	  set dir=0 in client, dir=1 in server */
 
-// error convention: write !message in-band
+/* error convention: write !message in-band */
 #define readstr secstore_readstr
 static void writerr(SConn*, char*);
-static int readstr(SConn*, char*);  // call with buf of size Maxmsg+1
-	// returns -1 upon error, with error message in buf
+static int readstr(SConn*, char*);  /* call with buf of size Maxmsg+1 */
+	/* returns -1 upon error, with error message in buf */
 
 typedef struct ConnState {
 	uchar secret[SHA1dlen];
@@ -105,8 +105,8 @@ typedef struct ConnState {
 } ConnState;
 
 typedef struct SS{
-	int fd;		// file descriptor for read/write of encrypted data
-	int alg;	// if nonzero, "alg sha rc4_128"
+	int fd;		/* file descriptor for read/write of encrypted data */
+	int alg;	/* if nonzero, "alg sha rc4_128" */
 	ConnState in, out;
 } SS;
 
@@ -123,7 +123,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction)
 		hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil);
 		hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil);
 	}
-	setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits
+	setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */
 	setupRC4state(&ss->out.rc4, ss->out.secret, 16);
 	ss->alg = 1;
 	return 0;
@@ -174,7 +174,7 @@ SC_read(SConn *conn, uchar *buf, int n)
 		werrstr("!SC_read invalid count");
 		return -1;
 	}
-	len = (count[0]&0x7f)<<8 | count[1];	// SSL-style count; no pad
+	len = (count[0]&0x7f)<<8 | count[1];	/* SSL-style count; no pad */
 	if(ss->alg){
 		len -= SHA1dlen;
 		if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){
@@ -328,7 +328,7 @@ getfile(SConn *conn, uchar *key, int nkey)
 	if((len = atoi(s)) < 0){
 		werrstr("secstore: remote file %s does not exist", gf);
 		return -1;
-	}else if(len > MAXFILESIZE){//assert
+	}else if(len > MAXFILESIZE){/*assert */
 		werrstr("secstore: implausible file size %d for %s", len, gf);
 		return -1;
 	}
@@ -400,7 +400,7 @@ typedef struct PAKparams{
 
 static PAKparams *pak;
 
-// This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E.
+/* This group was generated by the seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E. */
 static void
 initPAKparams(void)
 {
@@ -422,8 +422,8 @@ initPAKparams(void)
 		"2A6E0BAE08B14258F8C03CC1B30E0DDADFCF7CEDF0727684D3D255F1", nil, 16, nil);
 }
 
-// H = (sha(ver,C,sha(passphrase)))^r mod p,
-// a hash function expensive to attack by brute force.
+/* H = (sha(ver,C,sha(passphrase)))^r mod p, */
+/* a hash function expensive to attack by brute force. */
 static void
 longhash(char *ver, char *C, uchar *passwd, mpint *H)
 {
@@ -449,7 +449,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H)
 	mpexp(H, pak->r, pak->p, H);
 }
 
-// Hi = H^-1 mod p
+/* Hi = H^-1 mod p */
 static char *
 PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi)
 {
@@ -462,8 +462,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi)
 	return mptoa(Hi, 64, nil, 0);
 }
 
-// another, faster, hash function for each party to
-// confirm that the other has the right secrets.
+/* another, faster, hash function for each party to */
+/* confirm that the other has the right secrets. */
 static void
 shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest)
 {
@@ -485,12 +485,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi
 	sha1((uchar*)Hi, strlen(Hi), digest, state);
 }
 
-// On input, conn provides an open channel to the server;
-//	C is the name this client calls itself;
-//	pass is the user's passphrase
-// On output, session secret has been set in conn
-//	(unless return code is negative, which means failure).
-//    If pS is not nil, it is set to the (alloc'd) name the server calls itself.
+/* On input, conn provides an open channel to the server; */
+/*	C is the name this client calls itself; */
+/*	pass is the user's passphrase */
+/* On output, session secret has been set in conn */
+/*	(unless return code is negative, which means failure). */
+/*    If pS is not nil, it is set to the (alloc'd) name the server calls itself. */
 static int
 PAKclient(SConn *conn, char *C, char *pass, char **pS)
 {
@@ -503,7 +503,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 
 	hexHi = PAK_Hi(C, pass, H, Hi);
 
-	// random 1<=x<=q-1; send C, m=g**x H
+	/* random 1<=x<=q-1; send C, m=g**x H */
 	x = mprand(164, genrandom, nil);
 	mpmod(x, pak->q, x);
 	if(mpcmp(x, mpzero) == 0)
@@ -517,7 +517,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 	snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm);
 	conn->write(conn, (uchar*)mess, strlen(mess));
 
-	// recv g**y, S, check hash1(g**xy)
+	/* recv g**y, S, check hash1(g**xy) */
 	if(readstr(conn, mess) < 0){
 		fprint(2, "error: %s\n", mess);
 		writerr(conn, "couldn't read g**y");
@@ -556,18 +556,18 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 		goto done;
 	}
 
-	// send hash2(g**xy)
+	/* send hash2(g**xy) */
 	shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest);
 	enc64(kc, sizeof kc, digest, SHA1dlen);
 	snprint(mess2, Maxmsg, "k'=%s\n", kc);
 	conn->write(conn, (uchar*)mess2, strlen(mess2));
 
-	// set session key
+	/* set session key */
 	shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest);
 	memset(hexsigma, 0, strlen(hexsigma));
 	n = conn->secret(conn, digest, 0);
 	memset(digest, 0, SHA1dlen);
-	if(n < 0){//assert
+	if(n < 0){/*assert */
 		writerr(conn, "can't set secret");
 		goto done;
 	}
diff --git a/src/cmd/auth/factotum/test.c b/src/cmd/auth/factotum/test.c
index b4104898..c9403c0b 100644
--- a/src/cmd/auth/factotum/test.c
+++ b/src/cmd/auth/factotum/test.c
@@ -41,7 +41,7 @@ Test test[] =
 	"cram",		proxyserver,		proxyclient,
 	"p9sk1",		proxyserver,		proxyclient,
 	"p9sk2",		proxyserver,		proxyclient,
-	"p9any",		proxyserver,		proxyclient,
+	"p9any",		proxyserver,		proxyclient
 };
 
 void
diff --git a/src/cmd/auth/secstore/SConn.c b/src/cmd/auth/secstore/SConn.c
index 7a8654ac..9ad9a7cc 100644
--- a/src/cmd/auth/secstore/SConn.c
+++ b/src/cmd/auth/secstore/SConn.c
@@ -13,8 +13,8 @@ typedef struct ConnState {
 } ConnState;
 
 typedef struct SS{
-	int fd;		// file descriptor for read/write of encrypted data
-	int alg;	// if nonzero, "alg sha rc4_128"
+	int fd;		/* file descriptor for read/write of encrypted data */
+	int alg;	/* if nonzero, "alg sha rc4_128" */
 	ConnState in, out;
 } SS;
 
@@ -31,7 +31,7 @@ SC_secret(SConn *conn, uchar *sigma, int direction)
 		hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil);
 		hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil);
 	}
-	setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits
+	setupRC4state(&ss->in.rc4, ss->in.secret, 16); /* restrict to 128 bits */
 	setupRC4state(&ss->out.rc4, ss->out.secret, 16);
 	ss->alg = 1;
 	return 0;
@@ -82,7 +82,7 @@ SC_read(SConn *conn, uchar *buf, int n)
 		snprint((char*)buf,n,"!SC_read invalid count");
 		return -1;
 	}
-	len = (count[0]&0x7f)<<8 | count[1];	// SSL-style count; no pad
+	len = (count[0]&0x7f)<<8 | count[1];	/* SSL-style count; no pad */
 	if(ss->alg){
 		len -= SHA1dlen;
 		if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){
diff --git a/src/cmd/auth/secstore/SConn.h b/src/cmd/auth/secstore/SConn.h
index 9a428d83..31765f3e 100644
--- a/src/cmd/auth/secstore/SConn.h
+++ b/src/cmd/auth/secstore/SConn.h
@@ -1,24 +1,24 @@
-// delimited, authenticated, encrypted connection
-enum{ Maxmsg=4096 };	// messages > Maxmsg bytes are truncated
+/* delimited, authenticated, encrypted connection */
+enum{ Maxmsg=4096 };	/* messages > Maxmsg bytes are truncated */
 typedef struct SConn SConn;
 
-extern SConn* newSConn(int);	// arg is open file descriptor
+extern SConn* newSConn(int);	/* arg is open file descriptor */
 struct SConn{
 	void *chan;
 	int secretlen;
-	int (*secret)(SConn*, uchar*, int);// 
-	int (*read)(SConn*, uchar*, int); // <0 if error;  errmess in buffer
+	int (*secret)(SConn*, uchar*, int);/*  */
+	int (*read)(SConn*, uchar*, int); /* <0 if error;  errmess in buffer */
 	int (*write)(SConn*, uchar*, int);
-	void (*free)(SConn*);		// also closes file descriptor
+	void (*free)(SConn*);		/* also closes file descriptor */
 };
-// secret(s,b,dir) sets secret for digest, encrypt, using the secretlen
-//		bytes in b to form keys 	for the two directions;
-//	  set dir=0 in client, dir=1 in server
+/* secret(s,b,dir) sets secret for digest, encrypt, using the secretlen */
+/*		bytes in b to form keys 	for the two directions; */
+/*	  set dir=0 in client, dir=1 in server */
 
-// error convention: write !message in-band
+/* error convention: write !message in-band */
 extern void writerr(SConn*, char*);
-extern int readstr(SConn*, char*);  // call with buf of size Maxmsg+1
-	// returns -1 upon error, with error message in buf
+extern int readstr(SConn*, char*);  /* call with buf of size Maxmsg+1 */
+	/* returns -1 upon error, with error message in buf */
 
 extern void *emalloc(ulong); /* dies on failure; clears memory */
 extern void *erealloc(void *, ulong);
diff --git a/src/cmd/auth/secstore/aescbc.c b/src/cmd/auth/secstore/aescbc.c
index 56aeb00b..86cb1bff 100644
--- a/src/cmd/auth/secstore/aescbc.c
+++ b/src/cmd/auth/secstore/aescbc.c
@@ -100,7 +100,7 @@ main(int argc, char **argv)
 		aesCBCencrypt(buf+AESbsize, AESbsize, &aes);  /* use second AESbsize bytes as initial plaintext */
 		safewrite(buf, 2*AESbsize);
 		dstate = hmac_sha1(buf+AESbsize, AESbsize, key2, MD5dlen, 0, 0);
-		while(1){
+		for(;;){
 			n = Bread(&bin, buf, BUF);
 			if(n < 0){
 				fprint(2,"read error\n");
@@ -134,9 +134,9 @@ main(int argc, char **argv)
 				exits("decrypted file failed to authenticate");
 			}
 		}else{ /* compatibility with past mistake */
-			// if file was encrypted with bad aescbc use this:
-			//         memset(key, 0, AESmaxkey);
-			//    else assume we're decrypting secstore files
+			/* if file was encrypted with bad aescbc use this: */
+			/*         memset(key, 0, AESmaxkey); */
+			/*    else assume we're decrypting secstore files */
 			setupAESstate(&aes, key, AESbsize, buf);
 			saferead(buf, CHK);
 			aesCBCdecrypt(buf, CHK, &aes);
diff --git a/src/cmd/auth/secstore/dirls.c b/src/cmd/auth/secstore/dirls.c
index b4479413..eaae8cdc 100644
--- a/src/cmd/auth/secstore/dirls.c
+++ b/src/cmd/auth/secstore/dirls.c
@@ -74,7 +74,7 @@ dirls(char *path)
 	}
 	for(list=nil, len=0, i=0; i<ndir; i++){
 		date = ctime(dirbuf[i].mtime);
-		date[28] = 0;  // trim newline
+		date[28] = 0;  /* trim newline */
 		n = snprint(buf, sizeof buf, "%*ulld %s", lenwid, dirbuf[i].length, date+4);
 		n += enc64(dig, sizeof dig, sha1file(path, dirbuf[i].name), SHA1dlen);
 		n += nmwid+3+strlen(dirbuf[i].name);
diff --git a/src/cmd/auth/secstore/pak.c b/src/cmd/auth/secstore/pak.c
index fb008e0f..effc01d9 100644
--- a/src/cmd/auth/secstore/pak.c
+++ b/src/cmd/auth/secstore/pak.c
@@ -1,6 +1,6 @@
-// PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al.
-// It is patented and use outside Plan 9 requires you get a license.
-// (All other EKE protocols are patented as well, by Lucent or others.)
+/* PAK is an encrypted key exchange protocol designed by Philip MacKenzie et al. */
+/* It is patented and use outside Plan 9 requires you get a license. */
+/* (All other EKE protocols are patented as well, by Lucent or others.) */
 #include <u.h>
 #include <libc.h>
 #include <mp.h>
@@ -19,7 +19,7 @@ typedef struct PAKparams{
 
 static PAKparams *pak;
 
-// from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E
+/* from seed EB7B6E35F7CD37B511D96C67D6688CC4DD440E1E */
 static void
 initPAKparams(void)
 {
@@ -43,8 +43,8 @@ initPAKparams(void)
 		nil, 16, nil);
 }
 
-// H = (sha(ver,C,sha(passphrase)))^r mod p,
-// a hash function expensive to attack by brute force.
+/* H = (sha(ver,C,sha(passphrase)))^r mod p, */
+/* a hash function expensive to attack by brute force. */
 static void
 longhash(char *ver, char *C, uchar *passwd, mpint *H)
 {
@@ -70,7 +70,7 @@ longhash(char *ver, char *C, uchar *passwd, mpint *H)
 	mpexp(H, pak->r, pak->p, H);
 }
 
-// Hi = H^-1 mod p
+/* Hi = H^-1 mod p */
 char *
 PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi)
 {
@@ -83,8 +83,8 @@ PAK_Hi(char *C, char *passphrase, mpint *H, mpint *Hi)
 	return mptoa(Hi, 64, nil, 0);
 }
 
-// another, faster, hash function for each party to
-// confirm that the other has the right secrets.
+/* another, faster, hash function for each party to */
+/* confirm that the other has the right secrets. */
 static void
 shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi, uchar *digest)
 {
@@ -106,12 +106,12 @@ shorthash(char *mess, char *C, char *S, char *m, char *mu, char *sigma, char *Hi
 	sha1((uchar*)Hi, strlen(Hi), digest, state);
 }
 
-// On input, conn provides an open channel to the server;
-//	C is the name this client calls itself;
-//	pass is the user's passphrase
-// On output, session secret has been set in conn
-//	(unless return code is negative, which means failure).
-//    If pS is not nil, it is set to the (alloc'd) name the server calls itself.
+/* On input, conn provides an open channel to the server; */
+/*	C is the name this client calls itself; */
+/*	pass is the user's passphrase */
+/* On output, session secret has been set in conn */
+/*	(unless return code is negative, which means failure). */
+/*    If pS is not nil, it is set to the (alloc'd) name the server calls itself. */
 int
 PAKclient(SConn *conn, char *C, char *pass, char **pS)
 {
@@ -124,9 +124,9 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 
 	hexHi = PAK_Hi(C, pass, H, Hi);
 	if(verbose)
-		fprint(2,"%s\n", feedback[H->p[0]&0x7]);  // provide a clue to catch typos
+		fprint(2,"%s\n", feedback[H->p[0]&0x7]);  /* provide a clue to catch typos */
 
-	// random 1<=x<=q-1; send C, m=g**x H
+	/* random 1<=x<=q-1; send C, m=g**x H */
 	x = mprand(240, genrandom, nil);
 	mpmod(x, pak->q, x);
 	if(mpcmp(x, mpzero) == 0)
@@ -140,7 +140,7 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 	snprint(mess, Maxmsg, "%s\tPAK\nC=%s\nm=%s\n", VERSION, C, hexm);
 	conn->write(conn, (uchar*)mess, strlen(mess));
 
-	// recv g**y, S, check hash1(g**xy)
+	/* recv g**y, S, check hash1(g**xy) */
 	if(readstr(conn, mess) < 0){
 		fprint(2, "error: %s\n", mess);
 		writerr(conn, "couldn't read g**y");
@@ -179,13 +179,13 @@ PAKclient(SConn *conn, char *C, char *pass, char **pS)
 		goto done;
 	}
 
-	// send hash2(g**xy)
+	/* send hash2(g**xy) */
 	shorthash("client", C, S, hexm, hexmu, hexsigma, hexHi, digest);
 	enc64(kc, sizeof kc, digest, SHA1dlen);
 	snprint(mess2, Maxmsg, "k'=%s\n", kc);
 	conn->write(conn, (uchar*)mess2, strlen(mess2));
 
-	// set session key
+	/* set session key */
 	shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest);
 	memset(hexsigma, 0, strlen(hexsigma));
 	n = conn->secret(conn, digest, 0);
@@ -210,12 +210,12 @@ done:
 	return rc;
 }
 
-// On input,
-//	mess contains first message;
-//	name is name this server should call itself.
-// On output, session secret has been set in conn;
-//	if pw!=nil, then *pw points to PW struct for authenticated user.
-//	returns -1 if error
+/* On input, */
+/*	mess contains first message; */
+/*	name is name this server should call itself. */
+/* On output, session secret has been set in conn; */
+/*	if pw!=nil, then *pw points to PW struct for authenticated user. */
+/*	returns -1 if error */
 int
 PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 {
@@ -227,7 +227,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	mpint *y = nil, *m = mpnew(0), *mu = mpnew(0), *sigma = mpnew(0);
 	PW *pw = nil;
 
-	// secstore version and algorithm
+	/* secstore version and algorithm */
 	snprint(mess2,Maxmsg,"%s\tPAK\n", VERSION);
 	n = strlen(mess2);
 	if(strncmp(mess,mess2,n) != 0){
@@ -237,7 +237,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	mess += n;
 	initPAKparams();
 
-	// parse first message into C, m
+	/* parse first message into C, m */
 	eol = strchr(mess, '\n');
 	if(strncmp("C=", mess, 2) != 0 || !eol){
 		fprint(2,"mess[1]=%s\n", mess);
@@ -256,7 +256,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	strtomp(hexm, nil, 64, m);
 	mpmod(m, pak->p, m);
 
-	// lookup client
+	/* lookup client */
 	if((pw = getPW(C,0)) == nil) {
 		snprint(mess2, sizeof mess2, "%r");
 		writerr(conn, mess2);
@@ -270,7 +270,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	}
 	hexHi = mptoa(pw->Hi, 64, nil, 0);
 
-	// random y, mu=g**y, sigma=g**xy
+	/* random y, mu=g**y, sigma=g**xy */
 	y = mprand(240, genrandom, nil);
 	mpmod(y, pak->q, y);
 	if(mpcmp(y, mpzero) == 0){
@@ -281,7 +281,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	mpmod(m, pak->p, m);
 	mpexp(m, y, pak->p, sigma);
 
-	// send g**y, hash1(g**xy)
+	/* send g**y, hash1(g**xy) */
 	hexmu = mptoa(mu, 64, nil, 0);
 	hexsigma = mptoa(sigma, 64, nil, 0);
 	shorthash("server", C, S, hexm, hexmu, hexsigma, hexHi, digest);
@@ -289,7 +289,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 	snprint(mess2, sizeof mess2, "mu=%s\nk=%s\nS=%s\n", hexmu, ks, S);
 	conn->write(conn, (uchar*)mess2, strlen(mess2));
 
-	// recv hash2(g**xy)
+	/* recv hash2(g**xy) */
 	if(readstr(conn, mess2) < 0){
 		writerr(conn, "couldn't read verifier");
 		goto done;
@@ -308,7 +308,7 @@ PAKserver(SConn *conn, char *S, char *mess, PW **pwp)
 		goto done;
 	}
 
-	// set session key
+	/* set session key */
 	shorthash("session", C, S, hexm, hexmu, hexsigma, hexHi, digest);
 	n = conn->secret(conn, digest, 1);
 	if(n < 0){
diff --git a/src/cmd/auth/secstore/password.c b/src/cmd/auth/secstore/password.c
index aacadd9b..b2a00e72 100644
--- a/src/cmd/auth/secstore/password.c
+++ b/src/cmd/auth/secstore/password.c
@@ -42,7 +42,7 @@ getPW(char *id, int dead_or_alive)
 	uint now = time(0);
 	Biobuf *bin;
 	PW *pw;
-	char *f1, *f2; // fields 1, 2 = attribute, value
+	char *f1, *f2; /* fields 1, 2 = attribute, value */
 
 	if((bin = openPW(id, OREAD)) == 0){
 		id = "FICTITIOUS";
@@ -75,7 +75,7 @@ getPW(char *id, int dead_or_alive)
 	}
 	Bterm(bin);
 	if(dead_or_alive)
-		return pw;  // return PW entry for editing, whether currently valid or not
+		return pw;  /* return PW entry for editing, whether currently valid or not */
 	if(pw->expire <= now){
 		werrstr("account expired");
 		freePW(pw);
@@ -87,14 +87,14 @@ getPW(char *id, int dead_or_alive)
 		return nil;
 	}
 	if(pw->failed < 10)
-		return pw;  // success
+		return pw;  /* success */
 	if(now < mtimePW(id)+300){
 		werrstr("too many failures; try again in five minutes");
 		freePW(pw);
 		return nil;
 	}
 	pw->failed = 0;
-	putPW(pw);  // reset failed-login-counter after five minutes
+	putPW(pw);  /* reset failed-login-counter after five minutes */
 	return pw;
 }
 
diff --git a/src/cmd/auth/secstore/secstore.c b/src/cmd/auth/secstore/secstore.c
index cb6e585e..571c6fae 100644
--- a/src/cmd/auth/secstore/secstore.c
+++ b/src/cmd/auth/secstore/secstore.c
@@ -142,8 +142,8 @@ getfile(SConn *conn, char *gf, uchar **buf, ulong *buflen, uchar *key, int nkey)
 	return 0;
 }
 
-// This sends a file to the secstore disk that can, in an emergency, be
-// decrypted by the program aescbc.c.
+/* This sends a file to the secstore disk that can, in an emergency, be */
+/* decrypted by the program aescbc.c. */
 static int
 putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey)
 {
@@ -206,7 +206,7 @@ putfile(SConn *conn, char *pf, uchar *buf, ulong len, uchar *key, int nkey)
 		ivo = 0;
 		if(n < Maxmsg){ /* EOF on input; append XX... */
 			memset(b+n, 'X', CHK);
-			n += CHK; // might push n>Maxmsg
+			n += CHK; /* might push n>Maxmsg */
 			done = 1;
 		}
 		aesCBCencrypt(b, n, &aes);
@@ -255,7 +255,7 @@ cmd(AuthConn *c, char **gf, int *Gflag, char **pf, char **rf)
 		if(getfile(c->conn, *gf, *Gflag ? &memfile : nil, &len, (uchar*)c->pass, c->passlen) < 0)
 			goto Out;
 		if(*Gflag){
-			// write one line at a time, as required by /mnt/factotum/ctl
+			/* write one line at a time, as required by /mnt/factotum/ctl */
 			memcur = memfile;
 			while(len>0){
 				memnext = (uchar*)strchr((char*)memcur, '\n');
@@ -309,7 +309,7 @@ chpasswd(AuthConn *c, char *id)
 
 	H = mpnew(0);
 	Hi = mpnew(0);
-	// changing our password is vulnerable to connection failure
+	/* changing our password is vulnerable to connection failure */
 	for(;;){
 		snprint(prompt, sizeof(prompt), "new password for %s: ", id);
 		newpass = readcons(prompt, nil, 1);
@@ -392,7 +392,7 @@ login(char *id, char *dest, int pass_stdin, int pass_nvram)
 		strecpy(c->pass, c->pass+sizeof c->pass, nvr.config);
 	}
 	if(pass_stdin){
-		n = readn(0, s, Maxmsg-2);  // so len(PINSTA)<Maxmsg-3
+		n = readn(0, s, Maxmsg-2);  /* so len(PINSTA)<Maxmsg-3 */
 		if(n < 1)
 			exits("no password on standard input");
 		s[n] = 0;
@@ -442,7 +442,7 @@ login(char *id, char *dest, int pass_stdin, int pass_nvram)
 			exits("invalid password on standard input");
 		if(pass_nvram)
 			exits("invalid password in nvram");
-		// and let user try retyping the password
+		/* and let user try retyping the password */
 		if(ntry==3)
 			fprint(2, "Enter an empty password to quit.\n");
 	}
diff --git a/src/cmd/auth/secstore/secstore.h b/src/cmd/auth/secstore/secstore.h
index dbd2ec9c..d9cb807d 100644
--- a/src/cmd/auth/secstore/secstore.h
+++ b/src/cmd/auth/secstore/secstore.h
@@ -1,26 +1,26 @@
 enum{ MAXFILESIZE = 10*1024*1024 };
 
-enum{// PW status bits
+enum{/* PW status bits */
 	Enabled 	= (1<<0),
-	STA 		= (1<<1),	// extra SecurID step
+	STA 		= (1<<1)	/* extra SecurID step */
 };
 
 typedef struct PW {
-	char *id;		// user id
-	ulong expire;	// expiration time (epoch seconds)
-	ushort status;	// Enabled, STA, ...
-	ushort failed;	// number of failed login attempts
-	char *other;	// other information, e.g. sponsor
-	mpint *Hi;  	// H(passphrase)^-1 mod p
+	char *id;		/* user id */
+	ulong expire;	/* expiration time (epoch seconds) */
+	ushort status;	/* Enabled, STA, ... */
+	ushort failed;	/* number of failed login attempts */
+	char *other;	/* other information, e.g. sponsor */
+	mpint *Hi;  	/* H(passphrase)^-1 mod p */
 } PW;
 
 PW *getPW(char *, int);
 int putPW(PW *);
 void freePW(PW *);
 
-// *client: SConn, client name, passphrase
-// *server: SConn, (partial) 1st msg, PW entry
-// *setpass: Username, hashed passphrase, PW entry
+/* *client: SConn, client name, passphrase */
+/* *server: SConn, (partial) 1st msg, PW entry */
+/* *setpass: Username, hashed passphrase, PW entry */
 int PAKclient(SConn *, char *, char *, char **);
 int PAKserver(SConn *, char *, char *, PW **);
 char *PAK_Hi(char *, char *, mpint *, mpint *);
diff --git a/src/cmd/auth/secstore/secstored.c b/src/cmd/auth/secstore/secstored.c
index ecf59e2f..9a3c4b66 100644
--- a/src/cmd/auth/secstore/secstored.c
+++ b/src/cmd/auth/secstore/secstored.c
@@ -8,7 +8,7 @@
 #include "secstore.h"
 
 char *SECSTORE_DIR;
-char* secureidcheck(char *, char *);   // from /sys/src/cmd/auth/
+char* secureidcheck(char *, char *);   /* from /sys/src/cmd/auth/ */
 extern char* dirls(char *path);
 
 int verbose;
@@ -247,7 +247,7 @@ dologin(int fd, char *S, int forceSTA)
 	pw = nil;
 	rv = -1;
 
-	// collect the first message
+	/* collect the first message */
 	if((conn = newSConn(fd)) == nil)
 		return -1;
 	if(readstr(conn, msg) < 0){
@@ -256,7 +256,7 @@ dologin(int fd, char *S, int forceSTA)
 		goto Out;
 	}
 
-	// authenticate
+	/* authenticate */
 	if(PAKserver(conn, S, msg, &pw) < 0){
 		if(pw != nil)
 			syslog(0, LOG, "secstore denied for %s", pw->id);
@@ -277,7 +277,7 @@ dologin(int fd, char *S, int forceSTA)
 	conn->write(conn, (uchar*)"OK", 2);
 	syslog(0, LOG, "AUTH %s", pw->id);
 
-	// perform operations as asked
+	/* perform operations as asked */
 	while((n = readstr(conn, msg)) > 0){
 		syslog(0, LOG, "[%s] %s", pw->id, msg);
 
@@ -346,7 +346,7 @@ main(int argc, char **argv)
 
 	S = sysname();
 	SECSTORE_DIR = unsharp("#9/secstore");
-//	setnetmtpt(net, sizeof(net), nil);
+/*	setnetmtpt(net, sizeof(net), nil); */
 	ARGBEGIN{
 	case 'R':
 		forceSTA = 1;
@@ -362,7 +362,7 @@ main(int argc, char **argv)
 		if(p == nil)
 			usage();
 		USED(p);
-	//	setnetmtpt(net, sizeof(net), p);
+	/*	setnetmtpt(net, sizeof(net), p); */
 		break;
 	case 'v':
 		verbose++;
@@ -395,7 +395,7 @@ main(int argc, char **argv)
 			close(lcfd);
 			break;
 		case 0:
-			// "/lib/ndb/common.radius does not exist" if db set before fork
+			/* "/lib/ndb/common.radius does not exist" if db set before fork */
 			db = ndbopen(dbpath=unsharp("#9/ndb/auth"));
 			if(db == 0)
 				syslog(0, LOG, "no ndb/auth");
@@ -405,7 +405,7 @@ main(int argc, char **argv)
 			db = ndbcat(db, db2);
 			if((dfd = accept(lcfd, ldir)) < 0)
 				exits("can't accept");
-			alarm(30*60*1000); 	// 30 min
+			alarm(30*60*1000); 	/* 30 min */
 			remote = remoteIP(ldir);
 			syslog(0, LOG, "secstore from %s", remote);
 			free(remote);
diff --git a/src/cmd/auth/secstore/secureidcheck.c b/src/cmd/auth/secstore/secureidcheck.c
index 95adb385..8ef6f6aa 100644
--- a/src/cmd/auth/secstore/secureidcheck.c
+++ b/src/cmd/auth/secstore/secureidcheck.c
@@ -29,7 +29,7 @@ typedef struct Secret{
 typedef struct Attribute{
 	struct Attribute *next;
 	uchar type;
-	uchar len;	// number of bytes in value
+	uchar len;	/* number of bytes in value */
 	uchar val[256];
 } Attribute;
 
@@ -39,7 +39,7 @@ typedef struct Packet{
 	Attribute first;
 } Packet;
 
-// assumes pass is at most 16 chars
+/* assumes pass is at most 16 chars */
 void
 hide(Secret *shared, uchar *auth, Secret *pass, uchar *x)
 {
@@ -60,9 +60,9 @@ authcmp(Secret *shared, uchar *buf, int m, uchar *auth)
 	DigestState *M;
 	uchar x[16];
 
-	M = md5(buf, 4, nil, nil); // Code+ID+Length
-	M = md5(auth, 16, nil, M); // RequestAuth
-	M = md5(buf+20, m-20, nil, M); // Attributes
+	M = md5(buf, 4, nil, nil); /* Code+ID+Length */
+	M = md5(auth, 16, nil, M); /* RequestAuth */
+	M = md5(buf+20, m-20, nil, M); /* Attributes */
 	md5(shared->s, shared->len, x, M);
 	return memcmp(x, buf+4, 16);
 }
@@ -118,7 +118,7 @@ rpc(char *dest, Secret *shared, Packet *req)
 	Attribute *a;
 	int m, n, fd, try;
 
-	// marshal request
+	/* marshal request */
 	e = buf + sizeof buf;
 	buf[0] = req->code;
 	buf[1] = req->ID;
@@ -136,7 +136,7 @@ rpc(char *dest, Secret *shared, Packet *req)
 	buf[2] = n>>8;
 	buf[3] = n;
 
-	// send request, wait for reply
+	/* send request, wait for reply */
 	fd = dial(dest, 0, 0, 0);
 	if(fd < 0){
 		syslog(0, AUTHLOG, "%s: rpc can't get udp channel", dest);
@@ -156,9 +156,9 @@ rpc(char *dest, Secret *shared, Packet *req)
 		alarm(0);
 		if(m < 0){
 			syslog(0, AUTHLOG, "%s rpc read err %d: %r", dest, m);
-			break; // failure
+			break; /* failure */
 		}
-		if(m == 0 || buf2[1] != buf[1]){  // need matching ID
+		if(m == 0 || buf2[1] != buf[1]){  /* need matching ID */
 			syslog(0, AUTHLOG, "%s unmatched reply %d", dest, m);
 			continue;
 		}
@@ -170,7 +170,7 @@ rpc(char *dest, Secret *shared, Packet *req)
 	if(m <= 0)
 		return nil;
 
-	// unmarshal reply
+	/* unmarshal reply */
 	b = buf2;
 	e = buf2+m;
 	resp = (Packet*)malloc(sizeof(*resp));
@@ -192,18 +192,18 @@ rpc(char *dest, Secret *shared, Packet *req)
 	while(1){
 		if(b >= e){
 			a->next = nil;
-			break;			// exit loop
+			break;			/* exit loop */
 		}
 		a->type = *b++;
 		a->len = (*b++) - 2;
-		if(b + a->len > e){ // corrupt packet
+		if(b + a->len > e){ /* corrupt packet */
 			a->next = nil;
 			freePacket(resp);
 			return nil;
 		}
 		memmove(a->val, b, a->len);
 		b += a->len;
-		if(b < e){  // any more attributes?
+		if(b < e){  /* any more attributes? */
 			a->next = (Attribute*)malloc(sizeof(*a));
 			if(a->next == nil){
 				free(req);
@@ -230,7 +230,7 @@ setAttribute(Packet *p, uchar type, uchar *s, int n)
 	}
 	a->type = type;
 	a->len = n;
-	if(a->len > 253 )  // RFC2138, section 5
+	if(a->len > 253 )  /* RFC2138, section 5 */
 		a->len = 253;
 	memmove(a->val, s, a->len);
 	return 0;
@@ -435,7 +435,7 @@ secureidcheck(char *user, char *response)
 			syslog(0, AUTHLOG, "%s code=%d ruser=%s %s", dest, resp->code, ruser, replymsg(resp));
 			break;
 		}
-		break; // we have a proper reply, no need to ask again
+		break; /* we have a proper reply, no need to ask again */
 	}
 	ndbfree(t);
 	free(radiussecret);
diff --git a/src/cmd/auth/ssh-agent.c b/src/cmd/auth/ssh-agent.c
index 00e24af8..eee98675 100644
--- a/src/cmd/auth/ssh-agent.c
+++ b/src/cmd/auth/ssh-agent.c
@@ -49,7 +49,7 @@ enum		/* agent protocol packet types */
 	SSH2_AGENT_FAILURE = 30,
 	
 	SSH_COM_AGENT2_FAILURE = 102,
-	SSH_AGENT_OLD_SIGNATURE = 0x01,
+	SSH_AGENT_OLD_SIGNATURE = 0x01
 };
 
 typedef struct Aconn Aconn;