Run our #else/#endif annotator on our source code.

src/common/address.c

@@ -33,7 +33,7 @@
 #include <process.h>
 #include <windows.h>
 #include <iphlpapi.h>
-#endif
+#endif /* defined(_WIN32) */
 
 #include "compat.h"
 #include "util.h"
@@ -198,7 +198,7 @@ tor_sockaddr_to_str(const struct sockaddr *sa)
     tor_asprintf(&result, "unix:%s", s_un->sun_path);
     return result;
   }
-#endif
+#endif /* defined(HAVE_SYS_UN_H) */
   if (sa->sa_family == AF_UNSPEC)
     return tor_strdup("unspec");
 
@@ -305,7 +305,7 @@ tor_addr_lookup,(const char *name, uint16_t family, tor_addr_t *addr))
       return result;
     }
     return (err == EAI_AGAIN) ? 1 : -1;
-#else
+#else /* !(defined(HAVE_GETADDRINFO)) */
     struct hostent *ent;
     int err;
 #ifdef HAVE_GETHOSTBYNAME_R_6_ARG
@@ -330,7 +330,7 @@ tor_addr_lookup,(const char *name, uint16_t family, tor_addr_t *addr))
 #else
     err = h_errno;
 #endif
-#endif /* endif HAVE_GETHOSTBYNAME_R_6_ARG. */
+#endif /* defined(HAVE_GETHOSTBYNAME_R_6_ARG) || ... */
     if (ent) {
       if (ent->h_addrtype == AF_INET) {
         tor_addr_from_in(addr, (struct in_addr*) ent->h_addr);
@@ -346,7 +346,7 @@ tor_addr_lookup,(const char *name, uint16_t family, tor_addr_t *addr))
 #else
     return (err == TRY_AGAIN) ? 1 : -1;
 #endif
-#endif
+#endif /* defined(HAVE_GETADDRINFO) */
   }
 }
 
@@ -1409,7 +1409,7 @@ get_interface_addresses_ifaddrs(int severity, sa_family_t family)
 
   return result;
 }
-#endif
+#endif /* defined(HAVE_IFADDRS_TO_SMARTLIST) */
 
 #ifdef HAVE_IP_ADAPTER_TO_SMARTLIST
 
@@ -1500,7 +1500,7 @@ get_interface_addresses_win32(int severity, sa_family_t family)
   return result;
 }
 
-#endif
+#endif /* defined(HAVE_IP_ADAPTER_TO_SMARTLIST) */
 
 #ifdef HAVE_IFCONF_TO_SMARTLIST
 
@@ -1602,7 +1602,7 @@ get_interface_addresses_ioctl(int severity, sa_family_t family)
   tor_free(ifc.ifc_buf);
   return result;
 }
-#endif
+#endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */
 
 /** Try to ask our network interfaces what addresses they are bound to.
  * Return a new smartlist of tor_addr_t on success, and NULL on failure.

src/common/address.h

@@ -44,7 +44,7 @@
 #endif
 
 // TODO win32 specific includes
-#endif // ADDRESS_PRIVATE
+#endif /* defined(ADDRESS_PRIVATE) */
 
 /** The number of bits from an address to consider while doing a masked
  * comparison. */
@@ -358,23 +358,23 @@ STATIC smartlist_t *ifaddrs_to_smartlist(const struct ifaddrs *ifa,
                                          sa_family_t family);
 STATIC smartlist_t *get_interface_addresses_ifaddrs(int severity,
                                                     sa_family_t family);
-#endif
+#endif /* defined(HAVE_IFADDRS_TO_SMARTLIST) */
 
 #ifdef HAVE_IP_ADAPTER_TO_SMARTLIST
 STATIC smartlist_t *ip_adapter_addresses_to_smartlist(
                                         const IP_ADAPTER_ADDRESSES *addresses);
 STATIC smartlist_t *get_interface_addresses_win32(int severity,
                                                   sa_family_t family);
-#endif
+#endif /* defined(HAVE_IP_ADAPTER_TO_SMARTLIST) */
 
 #ifdef HAVE_IFCONF_TO_SMARTLIST
 STATIC smartlist_t *ifreq_to_smartlist(char *ifr,
                                        size_t buflen);
 STATIC smartlist_t *get_interface_addresses_ioctl(int severity,
                                                   sa_family_t family);
-#endif
+#endif /* defined(HAVE_IFCONF_TO_SMARTLIST) */
 
-#endif // ADDRESS_PRIVATE
+#endif /* defined(ADDRESS_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_ADDRESS_H) */
 

src/common/aes.c

@@ -70,7 +70,7 @@ ENABLE_GCC_WARNING(redundant-decls)
 
 #define USE_EVP_AES_CTR
 
-#endif
+#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0) || ... */
 
 /* We have 2 strategies for getting the AES block cipher: Via OpenSSL's
  * AES_encrypt function, or via OpenSSL's EVP_EncryptUpdate function.
@@ -142,7 +142,7 @@ evaluate_ctr_for_aes(void)
 {
   return 0;
 }
-#else
+#else /* !(defined(USE_EVP_AES_CTR)) */
 
 /*======================================================================*/
 /* Interface to AES code, and counter implementation */
@@ -163,7 +163,7 @@ struct aes_cnt_cipher {
   uint32_t counter2;
   uint32_t counter1;
   uint32_t counter0;
-#endif
+#endif /* !defined(WORDS_BIGENDIAN) */
 
   union {
     /** The counter, in big-endian order, as bytes. */
@@ -212,7 +212,7 @@ evaluate_evp_for_aes(int force_val)
     log_info(LD_CRYPTO, "No AES engine found; using AES_* functions.");
     should_use_EVP = 0;
   }
-#endif
+#endif /* defined(DISABLE_ENGINES) */
 
   return 0;
 }
@@ -312,7 +312,7 @@ aes_set_key(aes_cnt_cipher_t *cipher, const uint8_t *key, int key_bits)
   cipher->counter1 = 0;
   cipher->counter2 = 0;
   cipher->counter3 = 0;
-#endif
+#endif /* defined(USING_COUNTER_VARS) */
 
   memset(cipher->ctr_buf.buf, 0, sizeof(cipher->ctr_buf.buf));
 
@@ -341,7 +341,7 @@ aes_cipher_free(aes_cnt_cipher_t *cipher)
   STMT_END
 #else
 #define UPDATE_CTR_BUF(c, n)
-#endif
+#endif /* defined(USING_COUNTER_VARS) */
 
 /* Helper function to use EVP with openssl's counter-mode wrapper. */
 static void
@@ -396,10 +396,10 @@ aes_set_iv(aes_cnt_cipher_t *cipher, const uint8_t *iv)
   cipher->counter2 = ntohl(get_uint32(iv+4));
   cipher->counter1 = ntohl(get_uint32(iv+8));
   cipher->counter0 = ntohl(get_uint32(iv+12));
-#endif
+#endif /* defined(USING_COUNTER_VARS) */
   cipher->pos = 0;
   memcpy(cipher->ctr_buf.buf, iv, 16);
 }
 
-#endif
+#endif /* defined(USE_EVP_AES_CTR) */
 

src/common/aes.h

@@ -23,5 +23,5 @@ void aes_crypt_inplace(aes_cnt_cipher_t *cipher, char *data, size_t len);
 int evaluate_evp_for_aes(int force_value);
 int evaluate_ctr_for_aes(void);
 
-#endif
+#endif /* !defined(TOR_AES_H) */
 

src/common/backtrace.c

@@ -37,7 +37,7 @@
 #include <sys/ucontext.h>
 #elif defined(HAVE_UCONTEXT_H)
 #include <ucontext.h>
-#endif
+#endif /* defined(HAVE_CYGWIN_SIGNAL_H) || ... */
 
 #define EXPOSE_CLEAN_BACKTRACE
 #include "backtrace.h"
@@ -81,16 +81,16 @@ clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx)
   const size_t n = 2;
 #else
   const size_t n = 1;
-#endif
+#endif /* defined(__linux__) || ... */
   if (depth <= n)
     return;
 
   stack[n] = (void*) ctx->PC_FROM_UCONTEXT;
-#else
+#else /* !(defined(PC_FROM_UCONTEXT)) */
   (void) depth;
   (void) ctx;
   (void) stack;
-#endif
+#endif /* defined(PC_FROM_UCONTEXT) */
 }
 
 /** Log a message <b>msg</b> at <b>severity</b> in <b>domain</b>, and follow
@@ -202,7 +202,7 @@ remove_bt_handler(void)
 {
   tor_mutex_uninit(&cb_buf_mutex);
 }
-#endif
+#endif /* defined(USE_BACKTRACE) */
 
 #ifdef NO_BACKTRACE_IMPL
 void
@@ -221,7 +221,7 @@ static void
 remove_bt_handler(void)
 {
 }
-#endif
+#endif /* defined(NO_BACKTRACE_IMPL) */
 
 /** Set up code to handle generating error messages on crashes. */
 int

src/common/backtrace.h

@@ -15,7 +15,7 @@ void clean_up_backtrace_handler(void);
   defined(HAVE_BACKTRACE_SYMBOLS_FD) && defined(HAVE_SIGACTION)
 void clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx);
 #endif
-#endif
+#endif /* defined(EXPOSE_CLEAN_BACKTRACE) */
 
-#endif
+#endif /* !defined(TOR_BACKTRACE_H) */
 

src/common/buffers.c

@@ -39,7 +39,7 @@
 #define check() STMT_BEGIN buf_assert_ok(buf); STMT_END
 #else
 #define check() STMT_NIL
-#endif
+#endif /* defined(PARANOIA) */
 
 /* Implementation notes:
  *
@@ -98,7 +98,7 @@
     DBG_S(tor_assert(a == b));                                          \
     memset(a,0,SENTINEL_LEN);                                           \
   } while (0)
-#endif
+#endif /* defined(DISABLE_MEMORY_SENTINELS) */
 
 /** Move all bytes stored in <b>chunk</b> to the front of <b>chunk</b>->mem,
  * to free up space at the end. */
@@ -311,7 +311,7 @@ buf_new_with_data(const char *cp, size_t sz)
 
   return buf;
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Remove the first <b>n</b> bytes from buf. */
 void

src/common/buffers.h

@@ -119,7 +119,7 @@ CHUNK_WRITE_PTR(chunk_t *chunk)
   return chunk->data + chunk->datalen;
 }
 
-#endif
+#endif /* defined(BUFFERS_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_BUFFERS_H) */
 

src/common/buffers_tls.h

@@ -15,5 +15,5 @@ int buf_read_from_tls(struct buf_t *buf,
 int buf_flush_to_tls(struct buf_t *buf, struct tor_tls_t *tls,
                      size_t sz, size_t *buf_flushlen);
 
-#endif
+#endif /* !defined(TOR_BUFFERS_TLS_H) */
 

src/common/compat.c

@@ -88,12 +88,12 @@ SecureZeroMemory(PVOID ptr, SIZE_T cnt)
   while (cnt--)
     *vcptr++ = 0;
 }
-#endif
+#endif /* defined(HAVE_DECL_SECUREZEROMEMORY) && !HAVE_DECL_SECUREZEROMEMORY */
 #elif defined(HAVE_READPASSPHRASE_H)
 #include <readpassphrase.h>
 #else
 #include "tor_readpassphrase.h"
-#endif
+#endif /* defined(_WIN32) || ... */
 
 /* Includes for the process attaching prevention */
 #if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
@@ -102,7 +102,7 @@ SecureZeroMemory(PVOID ptr, SIZE_T cnt)
 #elif defined(__APPLE__)
 #include <sys/types.h>
 #include <sys/ptrace.h>
-#endif
+#endif /* defined(HAVE_SYS_PRCTL_H) && defined(__linux__) || ... */
 
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -161,7 +161,7 @@ tor_open_cloexec(const char *path, int flags, unsigned mode)
    * are running on one without. */
   if (errno != EINVAL)
     return -1;
-#endif
+#endif /* defined(O_CLOEXEC) */
 
   log_debug(LD_FS, "Opening %s with flags %x", p, flags);
   fd = open(p, flags, mode);
@@ -173,7 +173,7 @@ tor_open_cloexec(const char *path, int flags, unsigned mode)
       return -1;
     }
   }
-#endif
+#endif /* defined(FD_CLOEXEC) */
   return fd;
 }
 
@@ -191,7 +191,7 @@ tor_fopen_cloexec(const char *path, const char *mode)
       return NULL;
     }
   }
-#endif
+#endif /* defined(FD_CLOEXEC) */
   return result;
 }
 
@@ -451,7 +451,7 @@ tor_munmap_file(tor_mmap_t *handle)
   /* Can't fail in this mmap()/munmap()-free case */
   return 0;
 }
-#endif
+#endif /* defined(COMPAT_HAS_MMAN_AND_PAGESIZE) || ... || ... */
 
 /** Replacement for snprintf.  Differs from platform snprintf in two
  * ways: First, always NUL-terminates its output.  Second, always
@@ -591,7 +591,7 @@ tor_vasprintf(char **strp, const char *fmt, va_list args)
   }
   *strp = strp_tmp;
   return len;
-#endif
+#endif /* defined(HAVE_VASPRINTF) || ... */
 }
 
 /** Given <b>hlen</b> bytes at <b>haystack</b> and <b>nlen</b> bytes at
@@ -637,7 +637,7 @@ tor_memmem(const void *_haystack, size_t hlen,
     }
   }
   return NULL;
-#endif
+#endif /* defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2) */
 }
 
 /**
@@ -775,7 +775,7 @@ tor_fix_source_file(const char *fname)
   }
   return r;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /**
  * Read a 16-bit value beginning at <b>cp</b>.  Equivalent to
@@ -869,7 +869,7 @@ replace_file(const char *from, const char *to)
       return -1;
     }
   return tor_rename(from,to);
-#endif
+#endif /* !defined(_WIN32) */
 }
 
 /** Change <b>fname</b>'s modification time to now. */
@@ -955,7 +955,7 @@ tor_lockfile_lock(const char *filename, int blocking, int *locked_out)
       return NULL;
     }
   }
-#endif
+#endif /* defined(_WIN32) || ... */
 
   result = tor_malloc(sizeof(tor_lockfile_t));
   result->filename = tor_strdup(filename);
@@ -983,7 +983,7 @@ tor_lockfile_unlock(tor_lockfile_t *lockfile)
   }
 #else
   /* Closing the lockfile is sufficient. */
-#endif
+#endif /* defined(_WIN32) || ... */
 
   close(lockfile->fd);
   lockfile->fd = -1;
@@ -1031,9 +1031,9 @@ tor_fd_seekend(int fd)
    * no need to worry. */
   if (rc < 0 && errno == ESPIPE)
     rc = 0;
-#endif
+#endif /* defined(ESPIPE) */
   return (rc < 0) ? -1 : 0;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Move <b>fd</b> to position <b>pos</b> in the file. Return -1 on error, 0
@@ -1072,7 +1072,7 @@ tor_ftruncate(int fd)
 static bitarray_t *open_sockets = NULL;
 /** The size of <b>open_sockets</b>, in bits. */
 static int max_socket = -1;
-#endif
+#endif /* defined(DEBUG_SOCKET_COUNTING) */
 
 /** Count of number of sockets currently open.  (Undercounts sockets opened by
  * eventdns and libevent.) */
@@ -1142,7 +1142,7 @@ tor_close_socket,(tor_socket_t s))
     tor_assert(open_sockets && s <= max_socket);
     bitarray_clear(open_sockets, s);
   }
-#endif
+#endif /* defined(DEBUG_SOCKET_COUNTING) */
   if (r == 0) {
     --n_sockets_open;
   } else {
@@ -1152,7 +1152,7 @@ tor_close_socket,(tor_socket_t s))
 #else
     if (r != EBADF)
       --n_sockets_open; // LCOV_EXCL_LINE -- EIO and EINTR too hard to force.
-#endif
+#endif /* defined(_WIN32) */
     r = -1;
   }
 
@@ -1185,9 +1185,9 @@ mark_socket_open(tor_socket_t s)
   }
   bitarray_set(open_sockets, s);
 }
-#else
+#else /* !(defined(DEBUG_SOCKET_COUNTING)) */
 #define mark_socket_open(s) STMT_NIL
-#endif
+#endif /* defined(DEBUG_SOCKET_COUNTING) */
 /** @} */
 
 /** As socket(), but counts the number of open sockets. */
@@ -1245,7 +1245,7 @@ tor_open_socket_with_extensions(int domain, int type, int protocol,
    * support, we are running on one without. */
   if (errno != EINVAL)
     return s;
-#endif /* SOCK_CLOEXEC && SOCK_NONBLOCK */
+#endif /* defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK) */
 
   s = socket(domain, type, protocol);
   if (! SOCKET_OK(s))
@@ -1259,9 +1259,9 @@ tor_open_socket_with_extensions(int domain, int type, int protocol,
       return TOR_INVALID_SOCKET;
     }
   }
-#else
+#else /* !(defined(FD_CLOEXEC)) */
   (void)cloexec;
-#endif
+#endif /* defined(FD_CLOEXEC) */
 
   if (nonblock) {
     if (set_socket_nonblocking(s) == -1) {
@@ -1330,7 +1330,7 @@ tor_accept_socket_with_extensions(tor_socket_t sockfd, struct sockaddr *addr,
    * we are missing SOCK_CLOEXEC/SOCK_NONBLOCK support. */
   if (errno != EINVAL && errno != ENOSYS)
     return s;
-#endif
+#endif /* defined(HAVE_ACCEPT4) && defined(SOCK_CLOEXEC) ... */
 
   s = accept(sockfd, addr, len);
   if (!SOCKET_OK(s))
@@ -1344,9 +1344,9 @@ tor_accept_socket_with_extensions(tor_socket_t sockfd, struct sockaddr *addr,
       return TOR_INVALID_SOCKET;
     }
   }
-#else
+#else /* !(defined(FD_CLOEXEC)) */
   (void)cloexec;
-#endif
+#endif /* defined(FD_CLOEXEC) */
 
   if (nonblock) {
     if (set_socket_nonblocking(s) == -1) {
@@ -1406,7 +1406,7 @@ set_socket_nonblocking(tor_socket_t sock)
     log_warn(LD_NET, "Couldn't set file status flags: %s", strerror(errno));
     return -1;
   }
-#endif
+#endif /* defined(_WIN32) */
 
   return 0;
 }
@@ -1444,7 +1444,7 @@ tor_socketpair(int family, int type, int protocol, tor_socket_t fd[2])
    * are running on one without. */
   if (errno != EINVAL)
     return -errno;
-#endif
+#endif /* defined(SOCK_CLOEXEC) */
 
   r = socketpair(family, type, protocol, fd);
   if (r < 0)
@@ -1467,7 +1467,7 @@ tor_socketpair(int family, int type, int protocol, tor_socket_t fd[2])
       return -errno;
     }
   }
-#endif
+#endif /* defined(FD_CLOEXEC) */
   goto sockets_ok; /* So that sockets_ok will not be unused. */
 
  sockets_ok:
@@ -1483,9 +1483,9 @@ tor_socketpair(int family, int type, int protocol, tor_socket_t fd[2])
   socket_accounting_unlock();
 
   return 0;
-#else
+#else /* !(defined(HAVE_SOCKETPAIR) && !defined(_WIN32)) */
   return tor_ersatz_socketpair(family, type, protocol, fd);
-#endif
+#endif /* defined(HAVE_SOCKETPAIR) && !defined(_WIN32) */
 }
 
 #ifdef NEED_ERSATZ_SOCKETPAIR
@@ -1642,7 +1642,7 @@ tor_ersatz_socketpair(int family, int type, int protocol, tor_socket_t fd[2])
 
 #undef SIZEOF_SOCKADDR
 
-#endif
+#endif /* defined(NEED_ERSATZ_SOCKETPAIR) */
 
 /* Return the maximum number of allowed sockets. */
 int
@@ -1696,7 +1696,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
 #else
   const char *platform = "unknown platforms with no getrlimit()";
   const unsigned long MAX_CONNECTIONS = 15000;
-#endif
+#endif /* defined(CYGWIN) || defined(__CYGWIN__) || ... */
   log_fn(LOG_INFO, LD_NET,
          "This platform is missing getrlimit(). Proceeding.");
   if (limit > MAX_CONNECTIONS) {
@@ -1707,7 +1707,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
     return -1;
   }
   limit = MAX_CONNECTIONS;
-#else /* HAVE_GETRLIMIT */
+#else /* !(!defined(HAVE_GETRLIMIT)) */
   struct rlimit rlim;
 
   if (getrlimit(RLIMIT_NOFILE, &rlim) != 0) {
@@ -1756,7 +1756,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
         bad = 0;
       }
     }
-#endif /* OPEN_MAX */
+#endif /* defined(OPEN_MAX) */
     if (bad) {
       log_warn(LD_CONFIG,"Couldn't set maximum number of file descriptors: %s",
                strerror(errno));
@@ -1765,7 +1765,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
   }
   /* leave some overhead for logs, etc, */
   limit = rlim.rlim_cur;
-#endif /* HAVE_GETRLIMIT */
+#endif /* !defined(HAVE_GETRLIMIT) */
 
   if (limit > INT_MAX)
     limit = INT_MAX;
@@ -1803,7 +1803,7 @@ log_credential_status(void)
            "UID is %u (real), %u (effective), %u (saved)",
            (unsigned)ruid, (unsigned)euid, (unsigned)suid);
   }
-#else
+#else /* !(defined(HAVE_GETRESUID)) */
   /* getresuid is not present on MacOS X, so we can't get the saved (E)UID */
   ruid = getuid();
   euid = geteuid();
@@ -1812,7 +1812,7 @@ log_credential_status(void)
   log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
          "UID is %u (real), %u (effective), unknown (saved)",
          (unsigned)ruid, (unsigned)euid);
-#endif
+#endif /* defined(HAVE_GETRESUID) */
 
   /* log GIDs */
 #ifdef HAVE_GETRESGID
@@ -1824,7 +1824,7 @@ log_credential_status(void)
            "GID is %u (real), %u (effective), %u (saved)",
            (unsigned)rgid, (unsigned)egid, (unsigned)sgid);
   }
-#else
+#else /* !(defined(HAVE_GETRESGID)) */
   /* getresgid is not present on MacOS X, so we can't get the saved (E)GID */
   rgid = getgid();
   egid = getegid();
@@ -1832,7 +1832,7 @@ log_credential_status(void)
   log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
          "GID is %u (real), %u (effective), unknown (saved)",
          (unsigned)rgid, (unsigned)egid);
-#endif
+#endif /* defined(HAVE_GETRESGID) */
 
   /* log supplementary groups */
   sup_gids_size = 64;
@@ -1872,7 +1872,7 @@ log_credential_status(void)
 
   return 0;
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 #ifndef _WIN32
 /** Cached struct from the last getpwname() call we did successfully. */
@@ -1972,7 +1972,7 @@ tor_getpwuid(uid_t uid)
 
   return NULL;
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 /** Return true iff we were compiled with capability support, and capabilities
  * seem to work. **/
@@ -1985,9 +1985,9 @@ have_capability_support(void)
     return 0;
   cap_free(caps);
   return 1;
-#else
+#else /* !(defined(HAVE_LINUX_CAPABILITIES)) */
   return 0;
-#endif
+#endif /* defined(HAVE_LINUX_CAPABILITIES) */
 }
 
 #ifdef HAVE_LINUX_CAPABILITIES
@@ -2046,7 +2046,7 @@ drop_capabilities(int pre_setuid)
 
   return 0;
 }
-#endif
+#endif /* defined(HAVE_LINUX_CAPABILITIES) */
 
 /** Call setuid and setgid to run as <b>user</b> and switch to their
  * primary group.  Return 0 on success.  On failure, log and return -1.
@@ -2096,13 +2096,13 @@ switch_id(const char *user, const unsigned flags)
     if (drop_capabilities(1))
       return -1;
   }
-#else
+#else /* !(defined(HAVE_LINUX_CAPABILITIES)) */
   (void) keep_bindlow;
   if (warn_if_no_caps) {
     log_warn(LD_CONFIG, "KeepBindCapabilities set, but no capability support "
              "on this system.");
   }
-#endif
+#endif /* defined(HAVE_LINUX_CAPABILITIES) */
 
   /* Properly switch egid,gid,euid,uid here or bail out */
   if (setgroups(1, &pw->pw_gid)) {
@@ -2162,7 +2162,7 @@ switch_id(const char *user, const unsigned flags)
     if (drop_capabilities(0))
       return -1;
   }
-#endif
+#endif /* defined(HAVE_LINUX_CAPABILITIES) */
 
 #if !defined(CYGWIN) && !defined(__CYGWIN__)
   /* If we tried to drop privilege to a group/user other than root, attempt to
@@ -2186,7 +2186,7 @@ switch_id(const char *user, const unsigned flags)
       return -1;
     }
   }
-#endif
+#endif /* !defined(CYGWIN) && !defined(__CYGWIN__) */
 
   /* Check what really happened */
   if (log_credential_status()) {
@@ -2204,16 +2204,16 @@ switch_id(const char *user, const unsigned flags)
       log_warn(LD_CONFIG, "Unable to re-enable coredumps: %s",strerror(errno));
     }
   }
-#endif
+#endif /* defined(__linux__) && defined(HAVE_SYS_PRCTL_H) && ... */
   return 0;
 
-#else
+#else /* !(!defined(_WIN32)) */
   (void)user;
   (void)flags;
 
   log_warn(LD_CONFIG, "Switching users is unsupported on your OS.");
   return -1;
-#endif
+#endif /* !defined(_WIN32) */
 }
 
 /* We only use the linux prctl for now. There is no Win32 support; this may
@@ -2252,7 +2252,7 @@ tor_disable_debugger_attach(void)
     attempted = 1;
     r = ptrace(PT_DENY_ATTACH, 0, 0, 0);
   }
-#endif
+#endif /* defined(__APPLE__) && defined(PT_DENY_ATTACH) */
 
   // XXX: TODO - Mac OS X has dtrace and this may be disabled.
   // XXX: TODO - Windows probably has something similar
@@ -2282,7 +2282,7 @@ get_user_homedir(const char *username)
   }
   return tor_strdup(pw->pw_dir);
 }
-#endif
+#endif /* defined(HAVE_PWD_H) */
 
 /** Modify <b>fname</b> to contain the name of its parent directory.  Doesn't
  * actually examine the filesystem; does a purely syntactic modification.
@@ -2310,7 +2310,7 @@ get_parent_directory(char *fname)
   if (fname[0] && fname[1] == ':') {
     fname += 2;
   }
-#endif
+#endif /* defined(_WIN32) */
   /* Now we want to remove all path-separators at the end of the string,
    * and to remove the end of the string starting with the path separator
    * before the last non-path-separator.  In perl, this would be
@@ -2359,7 +2359,7 @@ alloc_getcwd(void)
     raw_free(cwd); // alias for free to avoid tripping check-spaces.
   }
   return result;
-#else
+#else /* !(defined(HAVE_GET_CURRENT_DIR_NAME)) */
   size_t size = 1024;
   char *buf = NULL;
   char *ptr = NULL;
@@ -2376,9 +2376,9 @@ alloc_getcwd(void)
     size *= 2;
   }
   return buf;
-#endif
+#endif /* defined(HAVE_GET_CURRENT_DIR_NAME) */
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 /** Expand possibly relative path <b>fname</b> to an absolute path.
  * Return a newly allocated string, possibly equal to <b>fname</b>. */
@@ -2394,7 +2394,7 @@ make_path_absolute(char *fname)
   if (absfname_malloced) raw_free(absfname_malloced);
 
   return absfname;
-#else
+#else /* !(defined(_WIN32)) */
   char *absfname = NULL, *path = NULL;
 
   tor_assert(fname);
@@ -2417,7 +2417,7 @@ make_path_absolute(char *fname)
     }
   }
   return absfname;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 #ifndef HAVE__NSGETENVIRON
@@ -2426,8 +2426,8 @@ make_path_absolute(char *fname)
 #ifndef RUNNING_DOXYGEN
 extern char **environ;
 #endif
-#endif
-#endif
+#endif /* !defined(HAVE_EXTERN_ENVIRON_DECLARED) */
+#endif /* !defined(HAVE__NSGETENVIRON) */
 
 /** Return the current environment. This is a portable replacement for
  * 'environ'. */
@@ -2439,9 +2439,9 @@ get_environment(void)
    * when we do a mostly-static build on OSX 10.7, the resulting binary won't
    * work on OSX 10.6. */
   return *_NSGetEnviron();
-#else
+#else /* !(defined(HAVE__NSGETENVIRON)) */
   return environ;
-#endif
+#endif /* defined(HAVE__NSGETENVIRON) */
 }
 
 /** Get name of current host and write it to <b>name</b> array, whose
@@ -2718,7 +2718,7 @@ get_uname,(void))
       /* (Linux says 0 is success, Solaris says 1 is success) */
       strlcpy(uname_result, u.sysname, sizeof(uname_result));
     } else
-#endif
+#endif /* defined(HAVE_UNAME) */
       {
 #ifdef _WIN32
         OSVERSIONINFOEX info;
@@ -2780,12 +2780,12 @@ get_uname,(void))
           info.wProductType == VER_NT_DOMAIN_CONTROLLER) {
         strlcat(uname_result, " [server]", sizeof(uname_result));
       }
-#endif
-#else
+#endif /* defined(VER_NT_SERVER) */
+#else /* !(defined(_WIN32)) */
         /* LCOV_EXCL_START -- can't provoke uname failure */
         strlcpy(uname_result, "Unknown platform", sizeof(uname_result));
         /* LCOV_EXCL_STOP */
-#endif
+#endif /* defined(_WIN32) */
       }
     uname_result_is_set = 1;
   }
@@ -2841,7 +2841,7 @@ compute_num_cpus_impl(void)
     return -1;
 #else
   return -1;
-#endif
+#endif /* defined(_WIN32) || ... */
 }
 
 #define MAX_DETECTABLE_CPUS 16
@@ -3004,7 +3004,7 @@ tor_localtime_r(const time_t *timep, struct tm *result)
     memcpy(result, r, sizeof(struct tm));
   return correct_tm(1, timep, result, r);
 }
-#endif
+#endif /* defined(HAVE_LOCALTIME_R) || ... */
 /** @} */
 
 /** @{ */
@@ -3047,7 +3047,7 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
     memcpy(result, r, sizeof(struct tm));
   return correct_tm(0, timep, result, r);
 }
-#endif
+#endif /* defined(HAVE_GMTIME_R) || ... */
 
 #if defined(HAVE_MLOCKALL) && HAVE_DECL_MLOCKALL && defined(RLIMIT_MEMLOCK)
 #define HAVE_UNIX_MLOCKALL
@@ -3084,7 +3084,7 @@ tor_set_max_memlock(void)
 
   return 0;
 }
-#endif
+#endif /* defined(HAVE_UNIX_MLOCKALL) */
 
 /** Attempt to lock all current and all future memory pages.
  * This should only be called once and while we're privileged.
@@ -3130,10 +3130,10 @@ tor_mlockall(void)
                            "pages: %s", strerror(errno));
     return -1;
   }
-#else
+#else /* !(defined(HAVE_UNIX_MLOCKALL)) */
   log_warn(LD_GENERAL, "Unable to lock memory pages. mlockall() unsupported?");
   return -1;
-#endif
+#endif /* defined(HAVE_UNIX_MLOCKALL) */
 }
 
 /**
@@ -3161,7 +3161,7 @@ tor_socket_errno(tor_socket_t sock)
   }
   return err;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 #if defined(_WIN32)
 #define E(code, s) { code, (s " [" #code " ]") }
@@ -3237,7 +3237,7 @@ tor_socket_strerror(int e)
   }
   return strerror(e);
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Called before we make any calls to network-related functions.
  * (Some operating systems require their network libraries to be
@@ -3263,7 +3263,7 @@ network_init(void)
   /* WSAData.iMaxSockets might show the max sockets we're allowed to use.
    * We might use it to complain if we're trying to be a server but have
    * too few sockets available. */
-#endif
+#endif /* defined(_WIN32) */
   return 0;
 }
 
@@ -3299,9 +3299,9 @@ format_win32_error(DWORD err)
     result = tor_malloc(len);
     wcstombs(result,str,len);
     result[len-1] = '\0';
-#else
+#else /* !(defined(UNICODE)) */
     result = tor_strdup(str);
-#endif
+#endif /* defined(UNICODE) */
   } else {
     result = tor_strdup("<unformattable error>");
   }
@@ -3310,7 +3310,7 @@ format_win32_error(DWORD err)
   }
   return result;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 #if defined(HW_PHYSMEM64)
 /* This appears to be an OpenBSD thing */
@@ -3318,7 +3318,7 @@ format_win32_error(DWORD err)
 #elif defined(HW_MEMSIZE)
 /* OSX defines this one */
 #define INT64_HW_MEM HW_MEMSIZE
-#endif
+#endif /* defined(HW_PHYSMEM64) || ... */
 
 /**
  * Helper: try to detect the total system memory, and return it. On failure,
@@ -3392,7 +3392,7 @@ get_total_system_memory_impl(void)
 #else
   /* I have no clue. */
   return 0;
-#endif
+#endif /* defined(__linux__) || ... */
 }
 
 /**
@@ -3425,7 +3425,7 @@ get_total_system_memory(size_t *mem_out)
      * size_t. */
     m = SIZE_MAX;
   }
-#endif
+#endif /* SIZE_MAX != UINT64_MAX */
 
   *mem_out = mem_cached = (size_t) m;
 
@@ -3506,7 +3506,7 @@ tor_getpass(const char *prompt, char *output, size_t buflen)
   return r;
 #else
 #error "No implementation for tor_getpass found!"
-#endif
+#endif /* defined(HAVE_READPASSPHRASE) || ... */
 }
 
 /** Return the amount of free disk space we have permission to use, in
@@ -3546,6 +3546,6 @@ tor_get_avail_disk_space(const char *path)
   (void)path;
   errno = ENOSYS;
   return -1;
-#endif
+#endif /* defined(HAVE_STATVFS) || ... */
 }
 

src/common/compat.h

@@ -50,8 +50,8 @@
  * clang rejects because it is off the end of a less-than-3. Clang hates this,
  * even though those references never actually happen. */
 #    undef strcmp
-#  endif
-#endif
+#endif /* __has_feature(address_sanitizer) */
+#endif /* defined(__has_feature) */
 
 #include <stdio.h>
 #include <errno.h>
@@ -76,13 +76,13 @@
    __attribute__ ((format(printf, formatIdx, firstArg)))
 #else
 #define CHECK_PRINTF(formatIdx, firstArg)
-#endif
+#endif /* defined(__GNUC__) */
 #ifdef __GNUC__
 #define CHECK_SCANF(formatIdx, firstArg) \
    __attribute__ ((format(scanf, formatIdx, firstArg)))
 #else
 #define CHECK_SCANF(formatIdx, firstArg)
-#endif
+#endif /* defined(__GNUC__) */
 
 /* What GCC do we have? */
 #ifdef __GNUC__
@@ -109,18 +109,18 @@
           PRAGMA_DIAGNOSTIC_(ignored PRAGMA_JOIN_STRINGIFY_(-W,warningopt))
 #    define ENABLE_GCC_WARNING(warningopt) \
           PRAGMA_DIAGNOSTIC_(pop)
-#  else
+#else /* !(defined(__clang__) || GCC_VERSION >= 406) */
 /* older version of gcc: no push/pop support. */
 #    define DISABLE_GCC_WARNING(warningopt) \
          PRAGMA_DIAGNOSTIC_(ignored PRAGMA_JOIN_STRINGIFY_(-W,warningopt))
 #    define ENABLE_GCC_WARNING(warningopt) \
          PRAGMA_DIAGNOSTIC_(warning PRAGMA_JOIN_STRINGIFY_(-W,warningopt))
-#  endif
-#else /* ifdef __GNUC__ */
+#endif /* defined(__clang__) || GCC_VERSION >= 406 */
+#else /* !(defined(__GNUC__)) */
 /* not gcc at all */
 # define DISABLE_GCC_WARNING(warning)
 # define ENABLE_GCC_WARNING(warning)
-#endif
+#endif /* defined(__GNUC__) */
 
 /* inline is __inline on windows. */
 #ifdef _WIN32
@@ -142,9 +142,9 @@
 #define __func__ __FUNC__
 #else
 #define __func__ "???"
-#endif
-#endif /* ifndef MAVE_MACRO__func__ */
-#endif /* if not windows */
+#endif /* defined(HAVE_MACRO__FUNCTION__) || ... */
+#endif /* !defined(HAVE_MACRO__func__) */
+#endif /* defined(_MSC_VER) */
 
 #define U64_TO_DBL(x) ((double) (x))
 #define DBL_TO_U64(x) ((uint64_t) (x))
@@ -157,7 +157,7 @@
  * problems), but if enumerated types are unsigned, we must use unsigned,
  * so that the loss of precision doesn't make large values negative. */
 #define ENUM_BF(t) t
-#endif
+#endif /* defined(ENUM_VALS_ARE_SIGNED) */
 
 /* GCC has several useful attributes. */
 #if defined(__GNUC__) && __GNUC__ >= 3
@@ -194,7 +194,7 @@
  * taken.  This can generate slightly better code with some CPUs.
  */
 #define PREDICT_UNLIKELY(exp) __builtin_expect(!!(exp), 0)
-#else
+#else /* !(defined(__GNUC__) && __GNUC__ >= 3) */
 #define ATTR_NORETURN
 #define ATTR_CONST
 #define ATTR_MALLOC
@@ -204,7 +204,7 @@
 #define ATTR_WUR
 #define PREDICT_LIKELY(exp) (exp)
 #define PREDICT_UNLIKELY(exp) (exp)
-#endif
+#endif /* defined(__GNUC__) && __GNUC__ >= 3 */
 
 /** Expands to a syntactically valid empty statement.  */
 #define STMT_NIL (void)0
@@ -224,7 +224,7 @@
 #else
 #define STMT_BEGIN do {
 #define STMT_END } while (0)
-#endif
+#endif /* defined(__GNUC__) || ... */
 
 /* Some tools (like coccinelle) don't like to see operators as macro
  * arguments. */
@@ -251,7 +251,7 @@
  */
 #undef strlcat
 #undef strlcpy
-#endif
+#endif /* defined __APPLE__ */
 
 #ifndef HAVE_STRLCAT
 size_t strlcat(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2));
@@ -272,14 +272,14 @@ size_t strlcpy(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2));
 #define I64_PRINTF_ARG(a) (a)
 #define I64_SCANF_ARG(a) (a)
 #define I64_LITERAL(n) (n ## i64)
-#else
+#else /* !(defined(_MSC_VER)) */
 #define U64_PRINTF_ARG(a) ((long long unsigned int)(a))
 #define U64_SCANF_ARG(a) ((long long unsigned int*)(a))
 #define U64_LITERAL(n) (n ## llu)
 #define I64_PRINTF_ARG(a) ((long long signed int)(a))
 #define I64_SCANF_ARG(a) ((long long signed int*)(a))
 #define I64_LITERAL(n) (n ## ll)
-#endif
+#endif /* defined(_MSC_VER) */
 
 #if defined(__MINGW32__) || defined(__MINGW64__)
 #define MINGW_ANY
@@ -290,10 +290,10 @@ size_t strlcpy(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2));
  * scanf() function.  See also U64_PRINTF_ARG and U64_SCANF_ARG. */
 #define U64_FORMAT "%I64u"
 #define I64_FORMAT "%I64d"
-#else
+#else /* !(defined(_MSC_VER) || defined(MINGW_ANY)) */
 #define U64_FORMAT "%llu"
 #define I64_FORMAT "%lld"
-#endif
+#endif /* defined(_MSC_VER) || defined(MINGW_ANY) */
 
 #if (SIZEOF_INTPTR_T == SIZEOF_INT)
 #define INTPTR_T_FORMAT "%d"
@@ -306,7 +306,7 @@ size_t strlcpy(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2));
 #define INTPTR_PRINTF_ARG(x) I64_PRINTF_ARG(x)
 #else
 #error Unknown: SIZEOF_INTPTR_T
-#endif
+#endif /* (SIZEOF_INTPTR_T == SIZEOF_INT) || ... */
 
 /** Represents an mmaped file. Allocated via tor_mmap_file; freed with
  * tor_munmap_file. */
@@ -320,7 +320,7 @@ typedef struct tor_mmap_t {
                         * size, rounded up to the nearest page.) */
 #elif defined _WIN32
   HANDLE mmap_handle;
-#endif
+#endif /* defined(HAVE_SYS_MMAN_H) || ... */
 
 } tor_mmap_t;
 
@@ -382,7 +382,7 @@ const char *tor_fix_source_file(const char *fname);
 #else
 #define SHORT_FILE__ (__FILE__)
 #define tor_fix_source_file(s) (s)
-#endif
+#endif /* defined(_WIN32) */
 
 /* ===== Time compatibility */
 
@@ -401,7 +401,7 @@ struct tm *tor_gmtime_r(const time_t *timep, struct tm *result);
       (tvout)->tv_sec++;                                \
     }                                                   \
   } while (0)
-#endif
+#endif /* !defined(timeradd) */
 
 #ifndef timersub
 /** Replacement for timersub on platforms that do not have it: sets tvout to
@@ -415,7 +415,7 @@ struct tm *tor_gmtime_r(const time_t *timep, struct tm *result);
       (tvout)->tv_sec--;                                \
     }                                                   \
   } while (0)
-#endif
+#endif /* !defined(timersub) */
 
 #ifndef timercmp
 /** Replacement for timercmp on platforms that do not have it: returns true
@@ -429,7 +429,7 @@ struct tm *tor_gmtime_r(const time_t *timep, struct tm *result);
   (((tv1)->tv_sec == (tv2)->tv_sec) ?           \
    ((tv1)->tv_usec op (tv2)->tv_usec) :         \
    ((tv1)->tv_sec op (tv2)->tv_sec))
-#endif
+#endif /* !defined(timercmp) */
 
 /* ===== File compatibility */
 int tor_open_cloexec(const char *path, int flags, unsigned mode);
@@ -471,7 +471,7 @@ typedef int socklen_t;
 #define TOR_SOCKET_T_FORMAT INTPTR_T_FORMAT
 #define SOCKET_OK(s) ((SOCKET)(s) != INVALID_SOCKET)
 #define TOR_INVALID_SOCKET INVALID_SOCKET
-#else
+#else /* !(defined(_WIN32)) */
 /** Type used for a network socket. */
 #define tor_socket_t int
 #define TOR_SOCKET_T_FORMAT "%d"
@@ -479,7 +479,7 @@ typedef int socklen_t;
 #define SOCKET_OK(s) ((s) >= 0)
 /** Error/uninitialized value for a tor_socket_t. */
 #define TOR_INVALID_SOCKET (-1)
-#endif
+#endif /* defined(_WIN32) */
 
 int tor_close_socket_simple(tor_socket_t s);
 MOCK_DECL(int, tor_close_socket, (tor_socket_t s));
@@ -526,7 +526,7 @@ struct in6_addr
 #define s6_addr16 in6_u.u6_addr16
 #define s6_addr32 in6_u.u6_addr32
 };
-#endif
+#endif /* !defined(HAVE_STRUCT_IN6_ADDR) */
 
 /** @{ */
 /** Many BSD variants seem not to define these. */
@@ -538,7 +538,7 @@ struct in6_addr
 #ifndef s6_addr32
 #define s6_addr32 __u6_addr.__u6_addr32
 #endif
-#endif
+#endif /* defined(__APPLE__) || defined(__darwin__) || ... */
 /** @} */
 
 #ifndef HAVE_SA_FAMILY_T
@@ -570,7 +570,7 @@ struct sockaddr_in6 {
   struct in6_addr sin6_addr;
   // uint32_t sin6_scope_id;
 };
-#endif
+#endif /* !defined(HAVE_STRUCT_SOCKADDR_IN6) */
 
 MOCK_DECL(int,tor_gethostname,(char *name, size_t namelen));
 int tor_inet_aton(const char *cp, struct in_addr *addr) ATTR_NONNULL((1,2));
@@ -611,14 +611,14 @@ int network_init(void);
 #define ERRNO_IS_EINTR(e)            ((e) == WSAEINTR || 0)
 int tor_socket_errno(tor_socket_t sock);
 const char *tor_socket_strerror(int e);
-#else
+#else /* !(defined(_WIN32)) */
 #define SOCK_ERRNO(e) e
 #if EAGAIN == EWOULDBLOCK
 /* || 0 is for -Wparentheses-equality (-Wall?) appeasement under clang */
 #define ERRNO_IS_EAGAIN(e)           ((e) == EAGAIN || 0)
 #else
 #define ERRNO_IS_EAGAIN(e)           ((e) == EAGAIN || (e) == EWOULDBLOCK)
-#endif
+#endif /* EAGAIN == EWOULDBLOCK */
 #define ERRNO_IS_EINTR(e)            ((e) == EINTR || 0)
 #define ERRNO_IS_EINPROGRESS(e)      ((e) == EINPROGRESS || 0)
 #define ERRNO_IS_CONN_EINPROGRESS(e) ((e) == EINPROGRESS || 0)
@@ -629,7 +629,7 @@ const char *tor_socket_strerror(int e);
 #define ERRNO_IS_EADDRINUSE(e)       (((e) == EADDRINUSE) || 0)
 #define tor_socket_errno(sock)       (errno)
 #define tor_socket_strerror(e)       strerror(e)
-#endif
+#endif /* defined(_WIN32) */
 
 /** Specified SOCKS5 status codes. */
 typedef enum {
@@ -732,7 +732,7 @@ char *format_win32_error(DWORD err);
 #define VER_SUITE_SINGLEUSERTS 0x00000100
 #endif
 
-#endif
+#endif /* defined(_WIN32) */
 
 #ifdef COMPAT_PRIVATE
 #if !defined(HAVE_SOCKETPAIR) || defined(_WIN32) || defined(TOR_UNIT_TESTS)
@@ -740,12 +740,12 @@ char *format_win32_error(DWORD err);
 STATIC int tor_ersatz_socketpair(int family, int type, int protocol,
                                    tor_socket_t fd[2]);
 #endif
-#endif
+#endif /* defined(COMPAT_PRIVATE) */
 
 ssize_t tor_getpass(const char *prompt, char *output, size_t buflen);
 
 /* This needs some of the declarations above so we include it here. */
 #include "compat_threads.h"
 
-#endif
+#endif /* !defined(TOR_COMPAT_H) */
 

src/common/compat_libevent.c

@@ -88,8 +88,8 @@ static struct event_base *the_event_base = NULL;
   (__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1040)
 #else
 #define MACOSX_KQUEUE_IS_BROKEN 0
-#endif
-#endif
+#endif /* defined(__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__) */
+#endif /* defined(__APPLE__) */
 
 /** Initialize the Libevent library and set up the event base. */
 void
@@ -250,7 +250,7 @@ tor_gettimeofday_cache_clear(void)
 {
   event_base_update_cache_time(the_event_base);
 }
-#else
+#else /* !(defined(LIBEVENT_VERSION_NUMBER) &&         ...) */
 /** Cache the current hi-res time; the cache gets reset when libevent
  * calls us. */
 static struct timeval cached_time_hires = {0, 0};
@@ -290,6 +290,6 @@ tor_libevent_postfork(void)
   int r = event_reinit(tor_libevent_get_base());
   tor_assert(r == 0);
 }
-#endif
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
+#endif /* defined(LIBEVENT_VERSION_NUMBER) &&         ... */
 

src/common/compat_libevent.h

@@ -70,7 +70,7 @@ void tor_libevent_postfork(void);
 
 STATIC void
 libevent_logging_callback(int severity, const char *msg);
-#endif
+#endif /* defined(COMPAT_LIBEVENT_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_COMPAT_LIBEVENT_H) */
 

src/common/compat_openssl.h

@@ -25,7 +25,7 @@
 /* We define this macro if we're trying to build with the majorly refactored
  * API in OpenSSL 1.1 */
 #define OPENSSL_1_1_API
-#endif
+#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && ... */
 
 #ifndef OPENSSL_1_1_API
 #define OPENSSL_VERSION SSLEAY_VERSION
@@ -37,11 +37,11 @@
    ((st) == SSL3_ST_SW_SRVR_HELLO_B))
 #define OSSL_HANDSHAKE_STATE int
 #define CONST_IF_OPENSSL_1_1_API
-#else
+#else /* !(!defined(OPENSSL_1_1_API)) */
 #define STATE_IS_SW_SERVER_HELLO(st) \
   ((st) == TLS_ST_SW_SRVR_HELLO)
 #define CONST_IF_OPENSSL_1_1_API const
-#endif
+#endif /* !defined(OPENSSL_1_1_API) */
 
-#endif
+#endif /* !defined(TOR_COMPAT_OPENSSL_H) */
 

src/common/compat_pthreads.c

@@ -209,13 +209,13 @@ tor_cond_init(tor_cond_t *cond)
     return -1;
   }
 #define USE_COND_CLOCK CLOCK_MONOTONIC
-#else /* !defined HAVE_PTHREAD_CONDATTR_SETCLOCK */
+#else /* !(defined(HAVE_PTHREAD_CONDATTR_SETCLOCK) && ...) */
   /* On OSX Sierra, there is no pthread_condattr_setclock, so we are stuck
    * with the realtime clock.
    */
 #define USE_COND_CLOCK CLOCK_REALTIME
-#endif /* which clock to use */
-#endif /* HAVE_CLOCK_GETTIME */
+#endif /* defined(HAVE_PTHREAD_CONDATTR_SETCLOCK) && ... */
+#endif /* defined(HAVE_CLOCK_GETTIME) */
   if (pthread_cond_init(&cond->cond, &condattr)) {
     return -1;
   }
@@ -267,11 +267,11 @@ tor_cond_wait(tor_cond_t *cond, tor_mutex_t *mutex, const struct timeval *tv)
       tvnow.tv_sec = ts.tv_sec;
       tvnow.tv_usec = (int)(ts.tv_nsec / 1000);
       timeradd(tv, &tvnow, &tvsum);
-#else
+#else /* !(defined(HAVE_CLOCK_GETTIME) && defined(USE_COND_CLOCK)) */
       if (gettimeofday(&tvnow, NULL) < 0)
         return -1;
       timeradd(tv, &tvnow, &tvsum);
-#endif /* HAVE_CLOCK_GETTIME, CLOCK_MONOTONIC */
+#endif /* defined(HAVE_CLOCK_GETTIME) && defined(USE_COND_CLOCK) */
 
       ts.tv_sec = tvsum.tv_sec;
       ts.tv_nsec = tvsum.tv_usec * 1000;

src/common/compat_rust.h

@@ -24,5 +24,5 @@ const char *rust_str_get(const rust_str_t);
 
 rust_str_t rust_welcome_string(void);
 
-#endif
+#endif /* !defined(TOR_RUST_COMPAT_H) */
 

src/common/compat_threads.c

@@ -126,7 +126,7 @@ read_ni(int fd, void *buf, size_t n)
   }
   return r;
 }
-#endif
+#endif /* defined(HAVE_EVENTFD) || defined(HAVE_PIPE) */
 
 /** As send(), but retry on EINTR, and return the negative error code on
  * error. */
@@ -186,7 +186,7 @@ eventfd_drain(int fd)
     return r;
   return 0;
 }
-#endif
+#endif /* defined(HAVE_EVENTFD) */
 
 #ifdef HAVE_PIPE
 /** Send a byte over a pipe. Return 0 on success or EAGAIN; -1 on error */
@@ -214,7 +214,7 @@ pipe_drain(int fd)
   /* A value of r = 0 means EOF on the fd so successfully drained. */
   return 0;
 }
-#endif
+#endif /* defined(HAVE_PIPE) */
 
 /** Send a byte on socket <b>fd</b>t.  Return 0 on success or EAGAIN,
  * -1 on error. */
@@ -276,7 +276,7 @@ alert_sockets_create(alert_sockets_t *socks_out, uint32_t flags)
     socks_out->drain_fn = eventfd_drain;
     return 0;
   }
-#endif
+#endif /* defined(HAVE_EVENTFD) */
 
 #ifdef HAVE_PIPE2
   /* Now we're going to try pipes. First type the pipe2() syscall, if we
@@ -289,7 +289,7 @@ alert_sockets_create(alert_sockets_t *socks_out, uint32_t flags)
     socks_out->drain_fn = pipe_drain;
     return 0;
   }
-#endif
+#endif /* defined(HAVE_PIPE2) */
 
 #ifdef HAVE_PIPE
   /* Now try the regular pipe() syscall.  Pipes have a bit lower overhead than
@@ -313,7 +313,7 @@ alert_sockets_create(alert_sockets_t *socks_out, uint32_t flags)
     socks_out->drain_fn = pipe_drain;
     return 0;
   }
-#endif
+#endif /* defined(HAVE_PIPE) */
 
   /* If nothing else worked, fall back on socketpair(). */
   if (!(flags & ASOCKS_NOSOCKETPAIR) &&

src/common/compat_threads.h

@@ -20,7 +20,7 @@
 #define USE_PTHREADS
 #else
 #error "No threading system was found"
-#endif
+#endif /* defined(_WIN32) || ... */
 
 int spawn_func(void (*func)(void *), void *data);
 void spawn_exit(void) ATTR_NORETURN;
@@ -41,7 +41,7 @@ typedef struct tor_mutex_t {
 #else
   /** No-threads only: Dummy variable so that tor_mutex_t takes up space. */
   int _unused;
-#endif
+#endif /* defined(USE_WIN32_THREADS) || ... */
 } tor_mutex_t;
 
 tor_mutex_t *tor_mutex_new(void);
@@ -73,7 +73,7 @@ typedef struct tor_cond_t {
   int generation;
 #else
 #error no known condition implementation.
-#endif
+#endif /* defined(USE_PTHREADS) || ... */
 } tor_cond_t;
 
 tor_cond_t *tor_cond_new(void);
@@ -161,5 +161,5 @@ void atomic_counter_add(atomic_counter_t *counter, size_t add);
 void atomic_counter_sub(atomic_counter_t *counter, size_t sub);
 size_t atomic_counter_get(atomic_counter_t *counter);
 
-#endif
+#endif /* !defined(TOR_COMPAT_THREADS_H) */
 

src/common/compat_time.c

@@ -28,7 +28,7 @@
 /* as fallback implementation for tor_sleep_msec */
 #include <sys/select.h>
 #endif
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 #ifdef __APPLE__
 #include <mach/mach_time.h>
@@ -64,9 +64,9 @@ tor_sleep_msec(int msec)
   select(0, NULL, NULL, NULL, &tv);
 #else
   sleep(CEIL_DIV(msec, 1000));
-#endif
+#endif /* defined(_WIN32) || ... */
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Set *timeval to the current time of day.  On error, log and terminate.
  * (Same as gettimeofday(timeval,NULL), but never returns -1.)
@@ -112,7 +112,7 @@ tor_gettimeofday(struct timeval *timeval)
   timeval->tv_usec = tb.millitm * 1000;
 #else
 #error "No way to get time."
-#endif
+#endif /* defined(_WIN32) || ... */
   return;
 }
 
@@ -187,8 +187,8 @@ monotime_coarse_set_mock_time_nsec(int64_t nsec)
   tor_assert_nonfatal(monotime_mocking_enabled == 1);
   mock_time_nsec_coarse = nsec;
 }
-#endif
-#endif
+#endif /* defined(MONOTIME_COARSE_FN_IS_DIFFERENT) */
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /* "ratchet" functions for monotonic time. */
 
@@ -235,7 +235,7 @@ ratchet_coarse_performance_counter(const int64_t count_raw)
   last_tick_count = count;
   return count;
 }
-#endif
+#endif /* defined(_WIN32) || defined(TOR_UNIT_TESTS) */
 
 #if defined(MONOTIME_USING_GETTIMEOFDAY) || defined(TOR_UNIT_TESTS)
 static struct timeval last_timeofday = { 0, 0 };
@@ -259,7 +259,7 @@ ratchet_timeval(const struct timeval *timeval_raw, struct timeval *out)
     memcpy(&last_timeofday, out, sizeof(struct timeval));
   }
 }
-#endif
+#endif /* defined(MONOTIME_USING_GETTIMEOFDAY) || defined(TOR_UNIT_TESTS) */
 
 #ifdef TOR_UNIT_TESTS
 /** For testing: reset all the ratchets */
@@ -271,7 +271,7 @@ monotime_reset_ratchets_for_testing(void)
   memset(&last_timeofday, 0, sizeof(struct timeval));
   memset(&timeofday_offset, 0, sizeof(struct timeval));
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 #ifdef __APPLE__
 
@@ -301,7 +301,7 @@ monotime_get(monotime_t *out)
       / mach_time_info.numer;
     return;
   }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
   out->abstime_ = mach_absolute_time();
 }
 
@@ -332,7 +332,7 @@ monotime_diff_nsec(const monotime_t *start,
  * an old Linux kernel. In that case, we will fall back to CLOCK_MONOTONIC.
  */
 static int clock_monotonic_coarse = CLOCK_MONOTONIC_COARSE;
-#endif
+#endif /* defined(CLOCK_MONOTONIC_COARSE) */
 
 static void
 monotime_init_internal(void)
@@ -344,7 +344,7 @@ monotime_init_internal(void)
              "falling back to CLOCK_MONOTONIC.", strerror(errno));
     clock_monotonic_coarse = CLOCK_MONOTONIC;
   }
-#endif
+#endif /* defined(CLOCK_MONOTONIC_COARSE) */
 }
 
 void
@@ -356,7 +356,7 @@ monotime_get(monotime_t *out)
     out->ts_.tv_nsec = (int) (mock_time_nsec % ONE_BILLION);
     return;
   }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
   int r = clock_gettime(CLOCK_MONOTONIC, &out->ts_);
   tor_assert(r == 0);
 }
@@ -371,7 +371,7 @@ monotime_coarse_get(monotime_coarse_t *out)
     out->ts_.tv_nsec = (int) (mock_time_nsec_coarse % ONE_BILLION);
     return;
   }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
   int r = clock_gettime(clock_monotonic_coarse, &out->ts_);
   if (PREDICT_UNLIKELY(r < 0) &&
       errno == EINVAL &&
@@ -386,7 +386,7 @@ monotime_coarse_get(monotime_coarse_t *out)
 
   tor_assert(r == 0);
 }
-#endif
+#endif /* defined(CLOCK_MONOTONIC_COARSE) */
 
 int64_t
 monotime_diff_nsec(const monotime_t *start,
@@ -462,7 +462,7 @@ monotime_get(monotime_t *out)
       / nsec_per_tick_numer;
     return;
   }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
   /* Alas, QueryPerformanceCounter is not always monotonic: see bug list at
 
@@ -486,7 +486,7 @@ monotime_coarse_get(monotime_coarse_t *out)
     out->tick_count_ = mock_time_nsec_coarse / ONE_MILLION;
     return;
   }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
   if (GetTickCount64_fn) {
     out->tick_count_ = (int64_t)GetTickCount64_fn();
@@ -570,7 +570,7 @@ monotime_diff_nsec(const monotime_t *start,
 /* end of "MONOTIME_USING_GETTIMEOFDAY" */
 #else
 #error "No way to implement monotonic timers."
-#endif
+#endif /* defined(__APPLE__) || ... */
 
 /**
  * Initialize the monotonic timer subsystem. Must be called before any
@@ -653,5 +653,5 @@ monotime_coarse_absolute_msec(void)
 {
   return monotime_coarse_absolute_nsec() / ONE_MILLION;
 }
-#endif
+#endif /* defined(MONOTIME_COARSE_FN_IS_DIFFERENT) */
 

src/common/compat_time.h

@@ -34,7 +34,7 @@ struct timeval {
   time_t tv_sec;
   unsigned int tv_usec;
 };
-#endif
+#endif /* !defined(HAVE_STRUCT_TIMEVAL_TV_SEC) */
 
 /** Represents a monotonic timer in a platform-dependent way. */
 typedef struct monotime_t {
@@ -51,7 +51,7 @@ typedef struct monotime_t {
 #define MONOTIME_USING_GETTIMEOFDAY
   /* Otherwise, we will be stuck using gettimeofday. */
   struct timeval tv_;
-#endif
+#endif /* defined(__APPLE__) || ... */
 } monotime_t;
 
 #if defined(CLOCK_MONOTONIC_COARSE) && \
@@ -67,7 +67,7 @@ typedef struct monotime_coarse_t {
 } monotime_coarse_t;
 #else
 #define monotime_coarse_t monotime_t
-#endif
+#endif /* defined(CLOCK_MONOTONIC_COARSE) && ... || ... */
 
 /**
  * Initialize the timing subsystem. This function is idempotent.
@@ -110,12 +110,12 @@ void monotime_coarse_get(monotime_coarse_t *out);
 uint64_t monotime_coarse_absolute_nsec(void);
 uint64_t monotime_coarse_absolute_usec(void);
 uint64_t monotime_coarse_absolute_msec(void);
-#else
+#else /* !(defined(MONOTIME_COARSE_FN_IS_DIFFERENT)) */
 #define monotime_coarse_get monotime_get
 #define monotime_coarse_absolute_nsec monotime_absolute_nsec
 #define monotime_coarse_absolute_usec monotime_absolute_usec
 #define monotime_coarse_absolute_msec monotime_absolute_msec
-#endif
+#endif /* defined(MONOTIME_COARSE_FN_IS_DIFFERENT) */
 
 #if defined(MONOTIME_COARSE_TYPE_IS_DIFFERENT)
 int64_t monotime_coarse_diff_nsec(const monotime_coarse_t *start,
@@ -124,11 +124,11 @@ int64_t monotime_coarse_diff_usec(const monotime_coarse_t *start,
     const monotime_coarse_t *end);
 int64_t monotime_coarse_diff_msec(const monotime_coarse_t *start,
     const monotime_coarse_t *end);
-#else
+#else /* !(defined(MONOTIME_COARSE_TYPE_IS_DIFFERENT)) */
 #define monotime_coarse_diff_nsec monotime_diff_nsec
 #define monotime_coarse_diff_usec monotime_diff_usec
 #define monotime_coarse_diff_msec monotime_diff_msec
-#endif
+#endif /* defined(MONOTIME_COARSE_TYPE_IS_DIFFERENT) */
 
 void tor_gettimeofday(struct timeval *timeval);
 
@@ -143,7 +143,7 @@ void monotime_coarse_set_mock_time_nsec(int64_t);
 #else
 #define monotime_coarse_set_mock_time_nsec monotime_set_mock_time_nsec
 #endif
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 #ifdef COMPAT_TIME_PRIVATE
 #if defined(_WIN32) || defined(TOR_UNIT_TESTS)
@@ -157,7 +157,7 @@ STATIC void ratchet_timeval(const struct timeval *timeval_raw,
 #ifdef TOR_UNIT_TESTS
 void monotime_reset_ratchets_for_testing(void);
 #endif
-#endif
+#endif /* defined(COMPAT_TIME_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_COMPAT_TIME_H) */
 

src/common/compat_winthreads.c

@@ -246,5 +246,5 @@ tor_threads_init(void)
   set_main_thread();
 }
 
-#endif
+#endif /* defined(_WIN32) */
 

src/common/compress.h

@@ -85,5 +85,5 @@ size_t tor_compress_state_size(const tor_compress_state_t *state);
 
 void tor_compress_init(void);
 
-#endif // TOR_COMPRESS_H.
+#endif /* !defined(TOR_COMPRESS_H) */
 

src/common/compress_lzma.c

@@ -75,7 +75,7 @@ lzma_error_str(lzma_ret error)
       return "Unknown LZMA error";
   }
 }
-#endif // HAVE_LZMA.
+#endif /* defined(HAVE_LZMA) */
 
 /** Return 1 if LZMA compression is supported; otherwise 0. */
 int
@@ -161,7 +161,7 @@ tor_lzma_state_size_precalc(int compress, compression_level_t level)
  err:
   return 0; // LCOV_EXCL_LINE
 }
-#endif // HAVE_LZMA.
+#endif /* defined(HAVE_LZMA) */
 
 /** Construct and return a tor_lzma_compress_state_t object using
  * <b>method</b>. If <b>compress</b>, it's for compression; otherwise it's for
@@ -215,13 +215,13 @@ tor_lzma_compress_new(int compress,
  err:
   tor_free(result); // LCOV_EXCL_LINE
   return NULL;
-#else // HAVE_LZMA.
+#else /* !(defined(HAVE_LZMA)) */
   (void)compress;
   (void)method;
   (void)level;
 
   return NULL;
-#endif // HAVE_LZMA.
+#endif /* defined(HAVE_LZMA) */
 }
 
 /** Compress/decompress some bytes using <b>state</b>.  Read up to
@@ -306,7 +306,7 @@ tor_lzma_compress_process(tor_lzma_compress_state_t *state,
                lzma_error_str(retval));
       return TOR_COMPRESS_ERROR;
   }
-#else // HAVE_LZMA.
+#else /* !(defined(HAVE_LZMA)) */
   (void)state;
   (void)out;
   (void)out_len;
@@ -314,7 +314,7 @@ tor_lzma_compress_process(tor_lzma_compress_state_t *state,
   (void)in_len;
   (void)finish;
   return TOR_COMPRESS_ERROR;
-#endif // HAVE_LZMA.
+#endif /* defined(HAVE_LZMA) */
 }
 
 /** Deallocate <b>state</b>. */

src/common/compress_lzma.h

@@ -39,5 +39,5 @@ size_t tor_lzma_get_total_allocation(void);
 
 void tor_lzma_init(void);
 
-#endif // TOR_COMPRESS_LZMA_H.
+#endif /* !defined(TOR_COMPRESS_LZMA_H) */
 

src/common/compress_none.h

@@ -16,5 +16,5 @@ tor_cnone_compress_process(char **out, size_t *out_len,
                            const char **in, size_t *in_len,
                            int finish);
 
-#endif // TOR_COMPRESS_NONE_H.
+#endif /* !defined(TOR_COMPRESS_NONE_H) */
 

src/common/compress_zlib.h

@@ -39,5 +39,5 @@ size_t tor_zlib_get_total_allocation(void);
 
 void tor_zlib_init(void);
 
-#endif // TOR_COMPRESS_ZLIB_H.
+#endif /* !defined(TOR_COMPRESS_ZLIB_H) */
 

src/common/compress_zstd.c

@@ -38,7 +38,7 @@ memory_level(compression_level_t level)
     case LOW_COMPRESSION: return 7;
   }
 }
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 
 /** Return 1 if Zstandard compression is supported; otherwise 0. */
 int
@@ -68,9 +68,9 @@ tor_zstd_get_version_str(void)
                version_number % 100);
 
   return version_str;
-#else
+#else /* !(defined(HAVE_ZSTD)) */
   return NULL;
-#endif
+#endif /* defined(HAVE_ZSTD) */
 }
 
 /** Return a string representation of the version of the version of libzstd
@@ -95,7 +95,7 @@ struct tor_zstd_compress_state_t {
     /** Decompression stream. Used when <b>compress</b> is false. */
     ZSTD_DStream *decompress_stream;
   } u; /**< Zstandard stream objects. */
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 
   int compress; /**< True if we are compressing; false if we are inflating */
   int have_called_end; /**< True if we are compressing and we've called
@@ -171,7 +171,7 @@ tor_zstd_state_size_precalc(int compress, int preset)
 
   return memory_usage;
 }
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 
 /** Construct and return a tor_zstd_compress_state_t object using
  * <b>method</b>. If <b>compress</b>, it's for compression; otherwise it's for
@@ -248,13 +248,13 @@ tor_zstd_compress_new(int compress,
   tor_free(result);
   return NULL;
   // LCOV_EXCL_STOP
-#else // HAVE_ZSTD.
+#else /* !(defined(HAVE_ZSTD)) */
   (void)compress;
   (void)method;
   (void)level;
 
   return NULL;
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 }
 
 /** Compress/decompress some bytes using <b>state</b>.  Read up to
@@ -385,7 +385,7 @@ tor_zstd_compress_process(tor_zstd_compress_state_t *state,
       return TOR_COMPRESS_OK;
   }
 
-#else // HAVE_ZSTD.
+#else /* !(defined(HAVE_ZSTD)) */
   (void)state;
   (void)out;
   (void)out_len;
@@ -394,7 +394,7 @@ tor_zstd_compress_process(tor_zstd_compress_state_t *state,
   (void)finish;
 
   return TOR_COMPRESS_ERROR;
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 }
 
 /** Deallocate <b>state</b>. */
@@ -412,7 +412,7 @@ tor_zstd_compress_free(tor_zstd_compress_state_t *state)
   } else {
     ZSTD_freeDStream(state->u.decompress_stream);
   }
-#endif // HAVE_ZSTD.
+#endif /* defined(HAVE_ZSTD) */
 
   tor_free(state);
 }

src/common/compress_zstd.h

@@ -39,5 +39,5 @@ size_t tor_zstd_get_total_allocation(void);
 
 void tor_zstd_init(void);
 
-#endif // TOR_COMPRESS_ZSTD_H.
+#endif /* !defined(TOR_COMPRESS_ZSTD_H) */
 

src/common/confline.c

@@ -288,7 +288,7 @@ config_process_include(const char *path, int recursion_level, int extended,
     return -1;
   }
   tor_free(unquoted_path);
-#endif
+#endif /* 0 */
   smartlist_t *config_files = config_get_file_list(path);
   if (!config_files) {
     return -1;

src/common/confline.h

@@ -49,5 +49,5 @@ void config_free_lines(config_line_t *front);
 const char *parse_config_line_from_str_verbose(const char *line,
                                        char **key_out, char **value_out,
                                        const char **err_out);
-#endif
+#endif /* !defined(TOR_CONFLINE_H) */
 

src/common/container.h

@@ -74,11 +74,11 @@ static inline void smartlist_set(smartlist_t *sl, int idx, void *val) {
   tor_assert(sl->num_used > idx);
   sl->list[idx] = val;
 }
-#else
+#else /* !(defined(DEBUG_SMARTLIST)) */
 #define smartlist_len(sl) ((sl)->num_used)
 #define smartlist_get(sl, idx) ((sl)->list[idx])
 #define smartlist_set(sl, idx, val) ((sl)->list[idx] = (val))
-#endif
+#endif /* defined(DEBUG_SMARTLIST) */
 
 /** Exchange the elements at indices <b>idx1</b> and <b>idx2</b> of the
  * smartlist <b>sl</b>. */
@@ -580,7 +580,7 @@ void* strmap_remove_lc(strmap_t *map, const char *key);
 #define BITARRAY_SHIFT 6
 #else
 #error "int is neither 4 nor 8 bytes. I can't deal with that."
-#endif
+#endif /* SIZEOF_INT == 4 || ... */
 #define BITARRAY_MASK ((1u<<BITARRAY_SHIFT)-1)
 
 /** A random-access array of one-bit-wide elements. */
@@ -723,5 +723,5 @@ third_quartile_uint32(uint32_t *array, int n_elements)
   return find_nth_uint32(array, n_elements, (n_elements*3)/4);
 }
 
-#endif
+#endif /* !defined(TOR_CONTAINER_H) */
 

src/common/crypto.c

@@ -20,7 +20,7 @@
 /* Windows defines this; so does OpenSSL 0.9.8h and later. We don't actually
  * use either definition. */
 #undef OCSP_RESPONSE
-#endif
+#endif /* defined(_WIN32) */
 
 #define CRYPTO_PRIVATE
 #include "crypto.h"
@@ -50,7 +50,7 @@ ENABLE_GCC_WARNING(redundant-decls)
 #else
 #pragma GCC diagnostic warning "-Wredundant-decls"
 #endif
-#endif
+#endif /* __GNUC__ && GCC_VERSION >= 402 */
 
 #ifdef HAVE_CTYPE_H
 #include <ctype.h>
@@ -101,7 +101,7 @@ ENABLE_GCC_WARNING(redundant-decls)
  * pointless, so let's not.
  */
 #define NEW_THREAD_API
-#endif
+#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && ... */
 
 /** Longest recognized */
 #define MAX_DNS_LABEL_SIZE 63
@@ -114,7 +114,7 @@ ENABLE_GCC_WARNING(redundant-decls)
 static tor_mutex_t **openssl_mutexes_ = NULL;
 /** How many mutexes have we allocated for use by OpenSSL? */
 static int n_openssl_mutexes_ = 0;
-#endif
+#endif /* !defined(NEW_THREAD_API) */
 
 /** A public key, or a public/private key-pair. */
 struct crypto_pk_t
@@ -198,7 +198,7 @@ log_engine(const char *fn, ENGINE *e)
     log_info(LD_CRYPTO, "Using default implementation for %s", fn);
   }
 }
-#endif
+#endif /* !defined(DISABLE_ENGINES) */
 
 #ifndef DISABLE_ENGINES
 /** Try to load an engine in a shared library via fully qualified path.
@@ -218,7 +218,7 @@ try_load_engine(const char *path, const char *engine)
   }
   return e;
 }
-#endif
+#endif /* !defined(DISABLE_ENGINES) */
 
 /* Returns a trimmed and human-readable version of an openssl version string
 * <b>raw_version</b>. They are usually in the form of 'OpenSSL 1.0.0b 10
@@ -394,7 +394,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
 #else
       log_engine("ECDH", ENGINE_get_default_ECDH());
       log_engine("ECDSA", ENGINE_get_default_ECDSA());
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
       log_engine("RAND", ENGINE_get_default_RAND());
       log_engine("RAND (which we will not use)", ENGINE_get_default_RAND());
       log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1));
@@ -412,7 +412,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
       log_engine("AES-256-GCM", ENGINE_get_cipher_engine(NID_aes_256_gcm));
 #endif
 
-#endif
+#endif /* defined(DISABLE_ENGINES) */
     } else {
       log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
     }
@@ -450,9 +450,9 @@ crypto_pk_private_ok(const crypto_pk_t *k)
   const BIGNUM *p, *q;
   RSA_get0_factors(k->key, &p, &q);
   return p != NULL; /* XXX/yawning: Should we check q? */
-#else
+#else /* !(defined(OPENSSL_1_1_API)) */
   return k && k->key && k->key->p;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 }
 
 /** used by tortls.c: wrap an RSA* in a crypto_pk_t. */
@@ -884,7 +884,7 @@ crypto_pk_public_exponent_ok(crypto_pk_t *env)
   RSA_get0_key(env->key, &n, &e, &d);
 #else
   e = env->key->e;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
   return BN_is_word(e, 65537);
 }
 
@@ -918,7 +918,7 @@ crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_pk_t *b)
   a_e = a->key->e;
   b_n = b->key->n;
   b_e = b->key->e;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 
   tor_assert(a_n != NULL && a_e != NULL);
   tor_assert(b_n != NULL && b_e != NULL);
@@ -967,10 +967,10 @@ crypto_pk_num_bits(crypto_pk_t *env)
   tor_assert(n != NULL);
 
   return RSA_bits(env->key);
-#else
+#else /* !(defined(OPENSSL_1_1_API)) */
   tor_assert(env->key->n);
   return BN_num_bits(env->key->n);
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 }
 
 /** Increase the reference count of <b>env</b>, and return it.
@@ -997,7 +997,7 @@ crypto_pk_assign_(crypto_pk_t *dest, const crypto_pk_t *src)
   RSA_free(dest->key);
   dest->key = RSAPrivateKey_dup(src->key);
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Make a real honest-to-goodness copy of <b>env</b>, and return it.
  * Returns NULL on failure. */
@@ -1871,7 +1871,7 @@ crypto_digest_get_algorithm(crypto_digest_t *digest)
   return digest->algorithm;
 }
 
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /**
  * Return the number of bytes we need to malloc in order to get a
@@ -2255,12 +2255,12 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g)
     goto out;
   if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
     goto out;
-#else
+#else /* !(defined(OPENSSL_1_1_API)) */
   if (!(dh->p = BN_dup(p)))
     goto out;
   if (!(dh->g = BN_dup(g)))
     goto out;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 
   /* Perform the validation. */
   int codes = 0;
@@ -2431,7 +2431,7 @@ crypto_dh_new(int dh_type)
 
   if (!DH_set_length(res->dh, DH_PRIVATE_KEY_BITS))
     goto err;
-#else
+#else /* !(defined(OPENSSL_1_1_API)) */
   if (dh_type == DH_TYPE_TLS) {
     if (!(res->dh->p = BN_dup(dh_param_p_tls)))
       goto err;
@@ -2444,7 +2444,7 @@ crypto_dh_new(int dh_type)
     goto err;
 
   res->dh->length = DH_PRIVATE_KEY_BITS;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 
   return res;
  err:
@@ -2506,7 +2506,7 @@ crypto_dh_generate_public(crypto_dh_t *dh)
              "the-universe chances really do happen.  Treating as a failure.");
     return -1;
   }
-#else
+#else /* !(defined(OPENSSL_1_1_API)) */
   if (tor_check_dh_key(LOG_WARN, dh->dh->pub_key)<0) {
     /* LCOV_EXCL_START
      * If this happens, then openssl's DH implementation is busted. */
@@ -2519,7 +2519,7 @@ crypto_dh_generate_public(crypto_dh_t *dh)
     goto again;
     /* LCOV_EXCL_STOP */
   }
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
   return 0;
 }
 
@@ -2540,7 +2540,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len)
   DH_get0_key(dh->dh, &dh_pub, &dh_priv);
 #else
   dh_pub = dh->dh->pub_key;
-#endif
+#endif /* defined(OPENSSL_1_1_API) */
 
   if (!dh_pub) {
     if (crypto_dh_generate_public(dh)<0)
@@ -2883,7 +2883,7 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
   return getentropy(out, out_len);
 #else
   (void) out;
-#endif
+#endif /* defined(_WIN32) || ... */
 
   /* This platform doesn't have a supported syscall based random. */
   return -1;
@@ -2907,7 +2907,7 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
   (void)out;
   (void)out_len;
   return -1;
-#else
+#else /* !(defined(_WIN32)) */
   static const char *filenames[] = {
     "/dev/srandom", "/dev/urandom", "/dev/random", NULL
   };
@@ -2935,7 +2935,7 @@ crypto_strongest_rand_fallback(uint8_t *out, size_t out_len)
   }
 
   return -1;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Try to get <b>out_len</b> bytes of the strongest entropy we can generate,
@@ -3184,7 +3184,7 @@ crypto_rand_double(void)
 #define UINT_MAX_AS_DOUBLE 1.8446744073709552e+19
 #else
 #error SIZEOF_INT is neither 4 nor 8
-#endif
+#endif /* SIZEOF_INT == 4 || ... */
   return ((double)u) / UINT_MAX_AS_DOUBLE;
 }
 
@@ -3313,7 +3313,7 @@ memwipe(void *mem, uint8_t byte, size_t sz)
    **/
 
   OPENSSL_cleanse(mem, sz);
-#endif
+#endif /* defined(SecureZeroMemory) || defined(HAVE_SECUREZEROMEMORY) || ... */
 
   /* Just in case some caller of memwipe() is relying on getting a buffer
    * filled with a particular value, fill the buffer.
@@ -3355,7 +3355,7 @@ tor_set_openssl_thread_id(CRYPTO_THREADID *threadid)
 {
   CRYPTO_THREADID_set_numeric(threadid, tor_get_thread_id());
 }
-#endif
+#endif /* !defined(NEW_THREAD_API) */
 
 #if 0
 /* This code is disabled, because OpenSSL never actually uses these callbacks.
@@ -3405,7 +3405,7 @@ openssl_dynlock_destroy_cb_(struct CRYPTO_dynlock_value *v,
   tor_mutex_free(v->lock);
   tor_free(v);
 }
-#endif
+#endif /* 0 */
 
 /** @{ */
 /** Helper: Construct mutexes, and set callbacks to help OpenSSL handle being
@@ -3422,7 +3422,7 @@ setup_openssl_threading(void)
     openssl_mutexes_[i] = tor_mutex_new();
   CRYPTO_set_locking_callback(openssl_locking_cb_);
   CRYPTO_THREADID_set_callback(tor_set_openssl_thread_id);
-#endif
+#endif /* !defined(NEW_THREAD_API) */
 #if 0
   CRYPTO_set_dynlock_create_callback(openssl_dynlock_create_cb_);
   CRYPTO_set_dynlock_lock_callback(openssl_dynlock_lock_cb_);
@@ -3469,7 +3469,7 @@ crypto_global_cleanup(void)
     }
     tor_free(ms);
   }
-#endif
+#endif /* !defined(NEW_THREAD_API) */
 
   tor_free(crypto_openssl_version_str);
   tor_free(crypto_openssl_header_version_str);
@@ -3488,5 +3488,5 @@ crypto_use_tor_alloc_functions(void)
   int r = CRYPTO_set_mem_ex_functions(tor_malloc_, tor_realloc_, tor_free_);
   return r ? 0 : -1;
 }
-#endif
+#endif /* defined(USE_DMALLOC) */
 

src/common/crypto.h

@@ -346,12 +346,12 @@ STATIC int crypto_strongest_rand_raw(uint8_t *out, size_t out_len);
 extern int break_strongest_rng_syscall;
 extern int break_strongest_rng_fallback;
 #endif
-#endif
+#endif /* defined(CRYPTO_PRIVATE) */
 
 #ifdef TOR_UNIT_TESTS
 void crypto_pk_assign_(crypto_pk_t *dest, const crypto_pk_t *src);
 digest_algorithm_t crypto_digest_get_algorithm(crypto_digest_t *digest);
 #endif
 
-#endif
+#endif /* !defined(TOR_CRYPTO_H) */
 

src/common/crypto_curve25519.c

@@ -43,7 +43,7 @@ int curve25519_donna(uint8_t *mypublic,
 #elif defined(HAVE_NACL_CRYPTO_SCALARMULT_CURVE25519_H)
 #include <nacl/crypto_scalarmult_curve25519.h>
 #endif
-#endif
+#endif /* defined(USE_CURVE25519_NACL) */
 
 static void pick_curve25519_basepoint_impl(void);
 
@@ -72,7 +72,7 @@ curve25519_impl(uint8_t *output, const uint8_t *secret,
   r = crypto_scalarmult_curve25519(output, secret, bp);
 #else
 #error "No implementation of curve25519 is available."
-#endif
+#endif /* defined(USE_CURVE25519_DONNA) || ... */
   memwipe(bp, 0, sizeof(bp));
   return r;
 }

src/common/crypto_curve25519.h

@@ -71,7 +71,7 @@ STATIC int curve25519_impl(uint8_t *output, const uint8_t *secret,
                            const uint8_t *basepoint);
 
 STATIC int curve25519_basepoint_impl(uint8_t *output, const uint8_t *secret);
-#endif
+#endif /* defined(CRYPTO_CURVE25519_PRIVATE) */
 
 #define CURVE25519_BASE64_PADDED_LEN 44
 
@@ -83,5 +83,5 @@ int curve25519_public_to_base64(char *output,
 void curve25519_set_impl_params(int use_ed);
 void curve25519_init(void);
 
-#endif
+#endif /* !defined(TOR_CRYPTO_CURVE25519_H) */
 

src/common/crypto_ed25519.c

@@ -151,7 +151,7 @@ crypto_ed25519_testing_restore_impl(void)
   ed25519_impl = saved_ed25519_impl;
   saved_ed25519_impl = NULL;
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /**
  * Initialize a new ed25519 secret key in <b>seckey_out</b>.  If

src/common/crypto_ed25519.h

@@ -138,5 +138,5 @@ void crypto_ed25519_testing_restore_impl(void);
 MOCK_DECL(STATIC int, ed25519_impl_spot_check, (void));
 #endif
 
-#endif
+#endif /* !defined(TOR_CRYPTO_ED25519_H) */
 

src/common/crypto_format.h

@@ -43,5 +43,5 @@ int digest_from_base64(char *digest, const char *d64);
 int digest256_to_base64(char *d64, const char *digest);
 int digest256_from_base64(char *digest, const char *d64);
 
-#endif
+#endif /* !defined(TOR_CRYPTO_FORMAT_H) */
 

src/common/crypto_pwbox.h

@@ -16,5 +16,5 @@ int crypto_unpwbox(uint8_t **out, size_t *outlen_out,
                    const uint8_t *inp, size_t input_len,
                    const char *secret, size_t secret_len);
 
-#endif
+#endif /* !defined(CRYPTO_PWBOX_H_INCLUDED_) */
 

src/common/crypto_s2k.c

@@ -290,9 +290,9 @@ secret_to_key_compute_key(uint8_t *key_out, size_t key_out_len,
       if (rv != 0)
         return S2K_FAILED;
       return (int)key_out_len;
-#else
+#else /* !(defined(HAVE_SCRYPT)) */
       return S2K_NO_SCRYPT_SUPPORT;
-#endif
+#endif /* defined(HAVE_SCRYPT) */
     }
     default:
       return S2K_BAD_ALGORITHM;

src/common/crypto_s2k.h

@@ -67,7 +67,7 @@ STATIC int secret_to_key_compute_key(uint8_t *key_out, size_t key_out_len,
                                      const uint8_t *spec, size_t spec_len,
                                      const char *secret, size_t secret_len,
                                      int type);
-#endif
+#endif /* defined(CRYPTO_S2K_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CRYPTO_S2K_H_INCLUDED) */
 

src/common/di_ops.c

@@ -86,7 +86,7 @@ tor_memcmp(const void *a, const void *b, size_t len)
   }
 
   return retval;
-#endif /* timingsafe_memcmp */
+#endif /* defined(HAVE_TIMINGSAFE_MEMCMP) */
 }
 
 /**
@@ -238,7 +238,7 @@ gt_i64_timei(uint64_t a, uint64_t b)
   int res = diff >> 63;
   return res & 1;
 }
-#endif
+#endif /* SIZEOF_VOID_P == 8 */
 
 /**
  * Given an array of list of <b>n_entries</b> uint64_t values, whose sum is

src/common/di_ops.h

@@ -46,5 +46,5 @@ int select_array_member_cumulative_timei(const uint64_t *entries,
                                          int n_entries,
                                          uint64_t total, uint64_t rand_val);
 
-#endif
+#endif /* !defined(TOR_DI_OPS_H) */
 

src/common/handles.h

@@ -149,5 +149,5 @@
     }                                                                   \
   }
 
-#endif /* TOR_HANDLE_H */
+#endif /* !defined(TOR_HANDLE_H) */
 

src/common/log.c

@@ -444,11 +444,11 @@ logfile_deliver(logfile_t *lf, const char *buf, size_t msg_len,
     if (m != msg_after_prefix) {
       tor_free(m);
     }
-#else
+#else /* !(defined(MAXLINE)) */
     /* We have syslog but not MAXLINE.  That's promising! */
     syslog(severity, "%s", msg_after_prefix);
-#endif
-#endif
+#endif /* defined(MAXLINE) */
+#endif /* defined(HAVE_SYSLOG_H) */
   } else if (lf->callback) {
     if (domain & LD_NOCB) {
       if (!*callbacks_deferred && pending_cb_messages) {
@@ -807,7 +807,7 @@ close_log(logfile_t *victim)
       /* There are no other syslogs; close the logging facility. */
       closelog();
     }
-#endif
+#endif /* defined(HAVE_SYSLOG_H) */
   }
 }
 
@@ -1144,7 +1144,7 @@ add_syslog_log(const log_severity_list_t *severity,
   UNLOCK_LOGS();
   return 0;
 }
-#endif
+#endif /* defined(HAVE_SYSLOG_H) */
 
 /** If <b>level</b> is a valid log severity, return the corresponding
  * numeric value.  Otherwise, return -1. */

src/common/memarea.c

@@ -33,7 +33,7 @@
 #define MEMAREA_ALIGN_MASK ((uintptr_t)7)
 #else
 #error "void* is neither 4 nor 8 bytes long. I don't know how to align stuff."
-#endif
+#endif /* MEMAREA_ALIGN == 4 || ... */
 
 #if defined(__GNUC__) && defined(FLEXIBLE_ARRAY_MEMBER)
 #define USE_ALIGNED_ATTRIBUTE
@@ -41,7 +41,7 @@
 #define U_MEM mem
 #else
 #define U_MEM u.mem
-#endif
+#endif /* defined(__GNUC__) && defined(FLEXIBLE_ARRAY_MEMBER) */
 
 #ifdef USE_SENTINELS
 /** Magic value that we stick at the end of a memarea so we can make sure
@@ -61,11 +61,11 @@
   uint32_t sent_val = get_uint32(&(chunk)->U_MEM[chunk->mem_size]);     \
   tor_assert(sent_val == SENTINEL_VAL);                                 \
   STMT_END
-#else
+#else /* !(defined(USE_SENTINELS)) */
 #define SENTINEL_LEN 0
 #define SET_SENTINEL(chunk) STMT_NIL
 #define CHECK_SENTINEL(chunk) STMT_NIL
-#endif
+#endif /* defined(USE_SENTINELS) */
 
 /** Increment <b>ptr</b> until it is aligned to MEMAREA_ALIGN. */
 static inline void *
@@ -97,7 +97,7 @@ typedef struct memarea_chunk_t {
     void *void_for_alignment_; /**< Dummy; used to make sure mem is aligned. */
   } u; /**< Union used to enforce alignment when we don't have support for
         * doing it right. */
-#endif
+#endif /* defined(USE_ALIGNED_ATTRIBUTE) */
 } memarea_chunk_t;
 
 /** How many bytes are needed for overhead before we get to the memory part
@@ -308,7 +308,7 @@ memarea_assert_ok(memarea_t *area)
   }
 }
 
-#else
+#else /* !(!defined(DISABLE_MEMORY_SENTINELS)) */
 
 struct memarea_t {
   smartlist_t *pieces;
@@ -394,5 +394,5 @@ memarea_assert_ok(memarea_t *area)
   (void)area;
 }
 
-#endif
+#endif /* !defined(DISABLE_MEMORY_SENTINELS) */
 

src/common/memarea.h

@@ -20,5 +20,5 @@ void memarea_get_stats(memarea_t *area,
                        size_t *allocated_out, size_t *used_out);
 void memarea_assert_ok(memarea_t *area);
 
-#endif
+#endif /* !defined(TOR_MEMAREA_H) */
 

src/common/procmon.c

@@ -36,7 +36,7 @@ typedef int pid_t;
 #define PID_T_FORMAT I64_FORMAT
 #else
 #error Unknown: SIZEOF_PID_T
-#endif
+#endif /* (0 == SIZEOF_PID_T) && defined(_WIN32) || ... */
 
 /* Define to 1 if process-termination monitors on this OS and Libevent
    version must poll for process termination themselves. */
@@ -114,7 +114,7 @@ struct tor_process_monitor_t {
   HANDLE hproc;
   /* XXXX We should have Libevent watch hproc for us,
    * if/when some version of Libevent can be told to do so. */
-#endif
+#endif /* defined(_WIN32) */
 
   /* XXXX On Linux, we can and should receive the 22nd
    * (space-delimited) field (‘starttime’) of /proc/$PID/stat from the
@@ -219,7 +219,7 @@ tor_process_monitor_new(struct event_base *base,
              "try again later.",
              procmon->pid);
   }
-#endif
+#endif /* defined(_WIN32) */
 
   procmon->cb = cb;
   procmon->cb_arg = cb_arg;
@@ -232,9 +232,9 @@ tor_process_monitor_new(struct event_base *base,
    * tor_evtimer_new never returns NULL. */
 
   evtimer_add(procmon->e, &poll_interval_tv);
-#else
+#else /* !(defined(PROCMON_POLLS)) */
 #error OOPS?
-#endif
+#endif /* defined(PROCMON_POLLS) */
 
   return procmon;
  err:
@@ -306,11 +306,11 @@ tor_process_monitor_poll_cb(evutil_socket_t unused1, short unused2,
       tor_free(errmsg);
     }
   }
-#else
+#else /* !(defined(_WIN32)) */
   /* Unix makes this part easy, if a bit racy. */
   its_dead_jim = kill(procmon->pid, 0);
   its_dead_jim = its_dead_jim && (errno == ESRCH);
-#endif
+#endif /* defined(_WIN32) */
 
   tor_log(its_dead_jim ? LOG_NOTICE : LOG_INFO,
       procmon->log_domain, "Monitored process "PID_T_FORMAT" is %s.",
@@ -321,7 +321,7 @@ tor_process_monitor_poll_cb(evutil_socket_t unused1, short unused2,
     procmon->cb(procmon->cb_arg);
   }
 }
-#endif
+#endif /* defined(PROCMON_POLLS) */
 
 /** Free the process-termination monitor <b>procmon</b>. */
 void

src/common/procmon.h

@@ -29,5 +29,5 @@ tor_process_monitor_t *tor_process_monitor_new(struct event_base *base,
                                                const char **msg);
 void tor_process_monitor_free(tor_process_monitor_t *procmon);
 
-#endif
+#endif /* !defined(TOR_PROCMON_H) */
 

src/common/pubsub.h

@@ -175,5 +175,5 @@ int pubsub_notify_(pubsub_topic_t *topic, pubsub_notify_fn_t notify_fn,
     pubsub_clear_(&name##_topic_);                                      \
   }
 
-#endif /* TOR_PUBSUB_H */
+#endif /* !defined(TOR_PUBSUB_H) */
 

src/common/sandbox.c

@@ -17,7 +17,7 @@
  * with the libevent fix.
  */
 #define _LARGEFILE64_SOURCE
-#endif
+#endif /* !defined(_LARGEFILE64_SOURCE) */
 
 /** Malloc mprotect limit in bytes.
  *
@@ -77,7 +77,7 @@
 #define USE_BACKTRACE
 #define EXPOSE_CLEAN_BACKTRACE
 #include "backtrace.h"
-#endif
+#endif /* defined(HAVE_EXECINFO_H) && defined(HAVE_BACKTRACE) && ... */
 
 #ifdef USE_BACKTRACE
 #include <execinfo.h>
@@ -103,7 +103,7 @@
 
 #define M_SYSCALL arm_r7
 
-#endif
+#endif /* defined(__i386__) || ... */
 
 /**Determines if at least one sandbox is active.*/
 static int sandbox_active = 0;
@@ -302,7 +302,7 @@ sb_time(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
        SCMP_CMP(0, SCMP_CMP_EQ, 0));
 #else
   return 0;
-#endif
+#endif /* defined(__NR_time) */
 }
 
 /**
@@ -321,7 +321,7 @@ sb_accept4(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
   if (rc) {
     return rc;
   }
-#endif
+#endif /* defined(__i386__) */
 
   rc = seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(accept4),
                    SCMP_CMP_MASKED(3, SOCK_CLOEXEC|SOCK_NONBLOCK, 0));
@@ -394,7 +394,7 @@ sb_mmap2(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
   return 0;
 }
-#endif
+#endif /* defined(__NR_mmap2) */
 
 /**
  * Function responsible for setting up the open syscall for
@@ -670,7 +670,7 @@ sb_ioctl(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
   return 0;
 }
 
-#endif /* HAVE_KIST_SUPPORT */
+#endif /* defined(HAVE_KIST_SUPPORT) */
 
 /**
  * Function responsible for setting up the setsockopt syscall for
@@ -712,7 +712,7 @@ sb_setsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, SO_SNDBUFFORCE));
   if (rc)
     return rc;
-#endif
+#endif /* defined(HAVE_SYSTEMD) */
 
 #ifdef IP_TRANSPARENT
   rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt),
@@ -720,7 +720,7 @@ sb_setsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, IP_TRANSPARENT));
   if (rc)
     return rc;
-#endif
+#endif /* defined(IP_TRANSPARENT) */
 
 #ifdef IPV6_V6ONLY
   rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt),
@@ -728,7 +728,7 @@ sb_setsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, IPV6_V6ONLY));
   if (rc)
     return rc;
-#endif
+#endif /* defined(IPV6_V6ONLY) */
 
   return 0;
 }
@@ -761,7 +761,7 @@ sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, SO_SNDBUF));
   if (rc)
     return rc;
-#endif
+#endif /* defined(HAVE_SYSTEMD) */
 
 #ifdef HAVE_LINUX_NETFILTER_IPV4_H
   rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt),
@@ -769,7 +769,7 @@ sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, SO_ORIGINAL_DST));
   if (rc)
     return rc;
-#endif
+#endif /* defined(HAVE_LINUX_NETFILTER_IPV4_H) */
 
 #ifdef HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H
   rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt),
@@ -777,7 +777,7 @@ sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, IP6T_SO_ORIGINAL_DST));
   if (rc)
     return rc;
-#endif
+#endif /* defined(HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H) */
 
 #ifdef HAVE_KIST_SUPPORT
 #include <netinet/tcp.h>
@@ -786,7 +786,7 @@ sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       SCMP_CMP(2, SCMP_CMP_EQ, TCP_INFO));
   if (rc)
     return rc;
-#endif
+#endif /* defined(HAVE_KIST_SUPPORT) */
 
   return 0;
 }
@@ -826,7 +826,7 @@ sb_fcntl64(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
   return 0;
 }
-#endif
+#endif /* defined(__NR_fcntl64) */
 
 /**
  * Function responsible for setting up the epoll_ctl syscall for
@@ -1051,7 +1051,7 @@ sb_stat64(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
   return 0;
 }
-#endif
+#endif /* defined(__NR_stat64) */
 
 /**
  * Array of function pointers responsible for filtering different syscalls at
@@ -1740,7 +1740,7 @@ sigsys_debugging(int nr, siginfo_t *info, void *void_context)
   /* Clean up the top stack frame so we get the real function
    * name for the most recently failing function. */
   clean_backtrace(syscall_cb_buf, depth, ctx);
-#endif
+#endif /* defined(USE_BACKTRACE) */
 
   syscall_name = get_syscall_name(syscall);
 
@@ -1814,7 +1814,7 @@ register_cfg(sandbox_cfg_t* cfg)
   return 0;
 }
 
-#endif // USE_LIBSECCOMP
+#endif /* defined(USE_LIBSECCOMP) */
 
 #ifdef USE_LIBSECCOMP
 /**
@@ -1844,7 +1844,7 @@ sandbox_is_active(void)
 {
   return sandbox_active != 0;
 }
-#endif // USE_LIBSECCOMP
+#endif /* defined(USE_LIBSECCOMP) */
 
 sandbox_cfg_t*
 sandbox_cfg_new(void)
@@ -1872,7 +1872,7 @@ sandbox_init(sandbox_cfg_t *cfg)
            "Currently, sandboxing is only implemented on Linux. The feature "
            "is disabled on your platform.");
   return 0;
-#endif
+#endif /* defined(USE_LIBSECCOMP) || ... */
 }
 
 #ifndef USE_LIBSECCOMP
@@ -1928,5 +1928,5 @@ void
 sandbox_disable_getaddrinfo_cache(void)
 {
 }
-#endif
+#endif /* !defined(USE_LIBSECCOMP) */
 

src/common/sandbox.h

@@ -23,7 +23,7 @@
  */
 #define SYS_SECCOMP 1
 
-#endif
+#endif /* !defined(SYS_SECCOMP) */
 
 #if defined(HAVE_SECCOMP_H) && defined(__linux__)
 #define USE_LIBSECCOMP
@@ -101,7 +101,7 @@ typedef struct {
   sandbox_cfg_t *filter_dynamic;
 } sandbox_t;
 
-#endif // USE_LIBSECCOMP
+#endif /* defined(USE_LIBSECCOMP) */
 
 #ifdef USE_LIBSECCOMP
 /** Pre-calls getaddrinfo in order to pre-record result. */
@@ -114,7 +114,7 @@ int sandbox_getaddrinfo(const char *name, const char *servname,
                         struct addrinfo **res);
 void sandbox_freeaddrinfo(struct addrinfo *addrinfo);
 void sandbox_free_getaddrinfo_cache(void);
-#else
+#else /* !(defined(USE_LIBSECCOMP)) */
 #define sandbox_getaddrinfo(name, servname, hints, res)  \
   getaddrinfo((name),(servname), (hints),(res))
 #define sandbox_add_addrinfo(name) \
@@ -122,16 +122,16 @@ void sandbox_free_getaddrinfo_cache(void);
 #define sandbox_freeaddrinfo(addrinfo) \
   freeaddrinfo((addrinfo))
 #define sandbox_free_getaddrinfo_cache()
-#endif
+#endif /* defined(USE_LIBSECCOMP) */
 
 #ifdef USE_LIBSECCOMP
 /** Returns a registered protected string used with the sandbox, given that
  * it matches the parameter.
  */
 const char* sandbox_intern_string(const char *param);
-#else
+#else /* !(defined(USE_LIBSECCOMP)) */
 #define sandbox_intern_string(s) (s)
-#endif
+#endif /* defined(USE_LIBSECCOMP) */
 
 /** Creates an empty sandbox configuration file.*/
 sandbox_cfg_t * sandbox_cfg_new(void);
@@ -170,5 +170,5 @@ int sandbox_is_active(void);
 
 void sandbox_disable_getaddrinfo_cache(void);
 
-#endif /* SANDBOX_H_ */
+#endif /* !defined(SANDBOX_H_) */
 

src/common/storagedir.h

@@ -47,5 +47,5 @@ int storage_dir_shrink(storage_dir_t *d,
 int storage_dir_remove_all(storage_dir_t *d);
 int storage_dir_get_max_files(storage_dir_t *d);
 
-#endif
+#endif /* !defined(TOR_STORAGEDIR_H) */
 

src/common/testsupport.h

@@ -10,7 +10,7 @@
 #else
 #define STATIC static
 #define EXTERN(type, name)
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Quick and dirty macros to implement test mocking.
  *
@@ -76,15 +76,15 @@
   do {                                          \
     func = func ##__real;                       \
   } while (0)
-#else
+#else /* !(defined(TOR_UNIT_TESTS)) */
 #define MOCK_DECL(rv, funcname, arglist) \
   rv funcname arglist
 #define MOCK_DECL_ATTR(rv, funcname, arglist, attr) \
   rv funcname arglist attr
 #define MOCK_IMPL(rv, funcname, arglist) \
   rv funcname arglist
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 /** @} */
 
-#endif
+#endif /* !defined(TOR_TESTSUPPORT_H) */
 

src/common/timers.c

@@ -53,7 +53,7 @@ struct timeout_cb {
 #else
 /* We're not exposing any of the functions outside this file. */
 #define TIMEOUT_PUBLIC static
-#endif
+#endif /* defined(__GNUC__) */
 /* We're not using periodic events. */
 #define TIMEOUT_DISABLE_INTERVALS
 /* We always know the global_timeouts object, so we don't need each timeout

src/common/timers.h

@@ -26,5 +26,5 @@ void timers_shutdown(void);
 STATIC void timers_run_pending(void);
 #endif
 
-#endif
+#endif /* !defined(TOR_TIMERS_H) */
 

src/common/torint.h

@@ -34,8 +34,8 @@
       does the same thing (but doesn't defined __FreeBSD__).
      */
 #include <machine/limits.h>
-#endif
-#endif
+#endif /* !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) */
+#endif /* defined(HAVE_MACHINE_LIMITS_H) */
 #ifdef HAVE_INTTYPES_H
 #include <inttypes.h>
 #endif
@@ -80,7 +80,7 @@ typedef signed char int8_t;
 typedef unsigned char uint8_t;
 #define HAVE_UINT8_T
 #endif
-#endif
+#endif /* (SIZEOF_CHAR == 1) */
 
 #if (SIZEOF_SHORT == 2)
 #ifndef HAVE_INT16_T
@@ -91,7 +91,7 @@ typedef signed short int16_t;
 typedef unsigned short uint16_t;
 #define HAVE_UINT16_T
 #endif
-#endif
+#endif /* (SIZEOF_SHORT == 2) */
 
 #if (SIZEOF_INT == 2)
 #ifndef HAVE_INT16_T
@@ -129,7 +129,7 @@ typedef unsigned int uint32_t;
 #ifndef INT32_MIN
 #define INT32_MIN (-2147483647-1)
 #endif
-#endif
+#endif /* (SIZEOF_INT == 2) || ... */
 
 #if (SIZEOF_LONG == 4)
 #ifndef HAVE_INT32_T
@@ -142,7 +142,7 @@ typedef unsigned long uint32_t;
 #ifndef UINT32_MAX
 #define UINT32_MAX 0xfffffffful
 #endif
-#endif
+#endif /* !defined(HAVE_UINT32_T) */
 #elif (SIZEOF_LONG == 8)
 #ifndef HAVE_INT64_T
 typedef signed long int64_t;
@@ -155,7 +155,7 @@ typedef unsigned long uint64_t;
 #ifndef UINT64_MAX
 #define UINT64_MAX 0xfffffffffffffffful
 #endif
-#endif
+#endif /* (SIZEOF_LONG == 4) || ... */
 
 #if (SIZEOF_LONG_LONG == 8)
 #ifndef HAVE_INT64_T
@@ -172,7 +172,7 @@ typedef unsigned long long uint64_t;
 #ifndef INT64_MAX
 #define INT64_MAX 0x7fffffffffffffffll
 #endif
-#endif
+#endif /* (SIZEOF_LONG_LONG == 8) */
 
 #if (SIZEOF___INT64 == 8)
 #ifndef HAVE_INT64_T
@@ -189,7 +189,7 @@ typedef unsigned __int64 uint64_t;
 #ifndef INT64_MAX
 #define INT64_MAX 0x7fffffffffffffffi64
 #endif
-#endif
+#endif /* (SIZEOF___INT64 == 8) */
 
 #ifndef INT64_MIN
 #define INT64_MIN ((- INT64_MAX) - 1)
@@ -202,8 +202,8 @@ typedef unsigned __int64 uint64_t;
 #define SIZE_MAX UINT32_MAX
 #else
 #error "Can't define SIZE_MAX"
-#endif
-#endif
+#endif /* SIZEOF_SIZE_T == 8 || ... */
+#endif /* !defined(SIZE_MAX) */
 
 #ifndef HAVE_SSIZE_T
 #if SIZEOF_SIZE_T == 8
@@ -212,8 +212,8 @@ typedef int64_t ssize_t;
 typedef int32_t ssize_t;
 #else
 #error "Can't define ssize_t."
-#endif
-#endif
+#endif /* SIZEOF_SIZE_T == 8 || ... */
+#endif /* !defined(HAVE_SSIZE_T) */
 
 #if (SIZEOF_VOID_P > 4 && SIZEOF_VOID_P <= 8)
 #ifndef HAVE_INTPTR_T
@@ -235,7 +235,7 @@ typedef uint32_t uintptr_t;
 #endif
 #else
 #error "void * is either >8 bytes or <= 2.  In either case, I am confused."
-#endif
+#endif /* (SIZEOF_VOID_P > 4 && SIZEOF_VOID_P <= 8) || ... */
 
 #ifndef HAVE_INT8_T
 #error "Missing type int8_t"
@@ -275,8 +275,8 @@ typedef uint32_t uintptr_t;
 #define LONG_MAX 0x7fffffffffffffffL
 #else
 #error "Can't define LONG_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_LONG == 4) || ... */
+#endif /* !defined(LONG_MAX) */
 
 #ifndef INT_MAX
 #if (SIZEOF_INT == 4)
@@ -285,8 +285,8 @@ typedef uint32_t uintptr_t;
 #define INT_MAX 0x7fffffffffffffffL
 #else
 #error "Can't define INT_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_INT == 4) || ... */
+#endif /* !defined(INT_MAX) */
 
 #ifndef UINT_MAX
 #if (SIZEOF_INT == 2)
@@ -297,8 +297,8 @@ typedef uint32_t uintptr_t;
 #define UINT_MAX 0xffffffffffffffffu
 #else
 #error "Can't define UINT_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_INT == 2) || ... */
+#endif /* !defined(UINT_MAX) */
 
 #ifndef SHORT_MAX
 #if (SIZEOF_SHORT == 2)
@@ -307,8 +307,8 @@ typedef uint32_t uintptr_t;
 #define SHORT_MAX 0x7fffffff
 #else
 #error "Can't define SHORT_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_SHORT == 2) || ... */
+#endif /* !defined(SHORT_MAX) */
 
 #ifndef TIME_MAX
 
@@ -320,9 +320,9 @@ typedef uint32_t uintptr_t;
 #define TIME_MAX ((time_t)INT64_MAX)
 #else
 #error "Can't define TIME_MAX"
-#endif
+#endif /* (SIZEOF_TIME_T == SIZEOF_INT) || ... */
 
-#endif /* ifndef(TIME_MAX) */
+#endif /* !defined(TIME_MAX) */
 
 #ifndef TIME_MIN
 
@@ -334,9 +334,9 @@ typedef uint32_t uintptr_t;
 #define TIME_MIN ((time_t)INT64_MIN)
 #else
 #error "Can't define TIME_MIN"
-#endif
+#endif /* (SIZEOF_TIME_T == SIZEOF_INT) || ... */
 
-#endif /* ifndef(TIME_MIN) */
+#endif /* !defined(TIME_MIN) */
 
 #ifndef SIZE_MAX
 #if (SIZEOF_SIZE_T == 4)
@@ -345,8 +345,8 @@ typedef uint32_t uintptr_t;
 #define SIZE_MAX UINT64_MAX
 #else
 #error "Can't define SIZE_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_SIZE_T == 4) || ... */
+#endif /* !defined(SIZE_MAX) */
 
 #ifndef SSIZE_MAX
 #if (SIZEOF_SIZE_T == 4)
@@ -355,13 +355,13 @@ typedef uint32_t uintptr_t;
 #define SSIZE_MAX INT64_MAX
 #else
 #error "Can't define SSIZE_MAX"
-#endif
-#endif
+#endif /* (SIZEOF_SIZE_T == 4) || ... */
+#endif /* !defined(SSIZE_MAX) */
 
 /** Any ssize_t larger than this amount is likely to be an underflow. */
 #define SSIZE_T_CEILING ((ssize_t)(SSIZE_MAX-16))
 /** Any size_t larger than this amount is likely to be an underflow. */
 #define SIZE_T_CEILING  ((size_t)(SSIZE_MAX-16))
 
-#endif /* __TORINT_H */
+#endif /* !defined(TOR_TORINT_H) */
 

src/common/torlog.h

@@ -22,7 +22,7 @@
 #error "Your syslog.h thinks high numbers are more important.  " \
        "We aren't prepared to deal with that."
 #endif
-#else
+#else /* !(defined(HAVE_SYSLOG_H)) */
 /* Note: Syslog's logging code refers to priorities, with 0 being the most
  * important.  Thus, all our comparisons needed to be reversed when we added
  * syslog support.
@@ -48,7 +48,7 @@
 /** Error-level severity: for messages that only appear when something has gone
  * very wrong, and the Tor process can no longer proceed. */
 #define LOG_ERR     3
-#endif
+#endif /* defined(HAVE_SYSLOG_H) */
 
 /* Logging domains */
 
@@ -213,7 +213,7 @@ void log_fn_ratelim_(struct ratelim_t *ratelim, int severity,
 #define log_err(domain, args...)                            \
   log_fn_(LOG_ERR, domain, __FUNCTION__, args)
 
-#else /* ! defined(__GNUC__) */
+#else /* !(defined(__GNUC__) && __GNUC__ <= 3) */
 
 /* Here are the c99 variadic macros, to work with non-GCC compilers */
 
@@ -240,7 +240,7 @@ void log_fn_ratelim_(struct ratelim_t *ratelim, int severity,
 #define log_fn_ratelim(ratelim, severity, domain, args,...)      \
   log_fn_ratelim_(ratelim, severity, domain, __FUNCTION__, \
                   args, ##__VA_ARGS__)
-#endif
+#endif /* defined(__GNUC__) && __GNUC__ <= 3 */
 
 #ifdef LOG_PRIVATE
 MOCK_DECL(STATIC void, logv, (int severity, log_domain_mask_t domain,
@@ -249,5 +249,5 @@ MOCK_DECL(STATIC void, logv, (int severity, log_domain_mask_t domain,
 #endif
 
 # define TOR_TORLOG_H
-#endif
+#endif /* !defined(TOR_TORLOG_H) */
 

src/common/tortls.c

@@ -76,7 +76,7 @@ ENABLE_GCC_WARNING(redundant-decls)
  * SSL3 safely at the same time.
  */
 #define DISABLE_SSL3_HANDSHAKE
-#endif
+#endif /* OPENSSL_VERSION_NUMBER <  OPENSSL_V(1,0,0,'f') */
 
 /* We redefine these so that we can run correctly even if the vendor gives us
  * a version of OpenSSL that does not match its header files.  (Apple: I am
@@ -390,7 +390,7 @@ tor_tls_init(void)
                    "when configuring it) would make ECDH much faster.");
     }
     /* LCOV_EXCL_STOP */
-#endif
+#endif /* (SIZEOF_VOID_P >= 8 &&                              ... */
 
     tor_tls_allocate_tor_tls_object_ex_data_index();
 
@@ -1134,7 +1134,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
    * with existing Tors. */
   if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
     goto error;
-#endif
+#endif /* 0 */
 
   /* Tell OpenSSL to use TLS 1.0 or later but not SSL2 or SSL3. */
 #ifdef HAVE_TLS_METHOD
@@ -1143,7 +1143,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
 #else
   if (!(result->ctx = SSL_CTX_new(SSLv23_method())))
     goto error;
-#endif
+#endif /* defined(HAVE_TLS_METHOD) */
   SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
   SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
 
@@ -1193,7 +1193,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
   if (result->ctx->comp_methods)
     result->ctx->comp_methods = NULL;
 #endif
-#endif
+#endif /* OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) */
 
 #ifdef SSL_MODE_RELEASE_BUFFERS
   SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
@@ -1354,7 +1354,7 @@ find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher)
       tor_assert((SSL_CIPHER_get_id(c) & 0xffff) == cipher);
     return c != NULL;
   }
-#else
+#else /* !(defined(HAVE_SSL_CIPHER_FIND)) */
 
 # if defined(HAVE_STRUCT_SSL_METHOD_ST_GET_CIPHER_BY_CHAR)
   if (m && m->get_cipher_by_char) {
@@ -1368,7 +1368,7 @@ find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher)
       tor_assert((c->id & 0xffff) == cipher);
     return c != NULL;
   }
-# endif
+#endif /* defined(HAVE_STRUCT_SSL_METHOD_ST_GET_CIPHER_BY_CHAR) */
 # ifndef OPENSSL_1_1_API
   if (m && m->get_cipher && m->num_ciphers) {
     /* It would seem that some of the "let's-clean-up-openssl" forks have
@@ -1384,12 +1384,12 @@ find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m, uint16_t cipher)
     }
     return 0;
   }
-# endif
+#endif /* !defined(OPENSSL_1_1_API) */
   (void) ssl;
   (void) m;
   (void) cipher;
   return 1; /* No way to search */
-#endif
+#endif /* defined(HAVE_SSL_CIPHER_FIND) */
 }
 
 /** Remove from v2_cipher_list every cipher that we don't support, so that
@@ -1517,7 +1517,7 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl)
     return CIPHERS_ERR;
   }
   ciphers = session->ciphers;
-#endif
+#endif /* defined(HAVE_SSL_GET_CLIENT_CIPHERS) */
 
   return tor_tls_classify_client_ciphers(ssl, ciphers) >= CIPHERS_V2;
 }
@@ -1648,7 +1648,7 @@ tor_tls_new(int sock, int isServer)
     SSL_set_tlsext_host_name(result->ssl, fake_hostname);
     tor_free(fake_hostname);
   }
-#endif
+#endif /* defined(SSL_set_tlsext_host_name) */
 
   if (!SSL_set_cipher_list(result->ssl,
                      isServer ? SERVER_CIPHER_LIST : CLIENT_CIPHER_LIST)) {
@@ -1775,7 +1775,7 @@ tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls)
   tor_assert(0 != (options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION));
 #else
   (void) tls;
-#endif
+#endif /* defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && ... */
 }
 
 /** Return whether this tls initiated the connect (client) or
@@ -2311,7 +2311,7 @@ tor_x509_cert_replace_expiration(const tor_x509_cert_t *inp,
   EVP_PKEY_free(pk);
   return tor_x509_cert_new(newc);
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Return the number of bytes available for reading from <b>tls</b>.
  */
@@ -2355,10 +2355,10 @@ tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written)
   if (BIO_method_type(wbio) == BIO_TYPE_BUFFER &&
         (tmpbio = BIO_next(wbio)) != NULL)
     wbio = tmpbio;
-#else
+#else /* !(OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5)) */
   if (wbio->method == BIO_f_buffer() && (tmpbio = BIO_next(wbio)) != NULL)
     wbio = tmpbio;
-#endif
+#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) */
   w = (unsigned long) BIO_number_written(wbio);
 
   /* We are ok with letting these unsigned ints go "negative" here:
@@ -2437,7 +2437,7 @@ SSL_get_client_random(SSL *s, uint8_t *out, size_t len)
   memcpy(out, s->s3->client_random, len);
   return len;
 }
-#endif
+#endif /* !defined(HAVE_SSL_GET_CLIENT_RANDOM) */
 
 #ifndef HAVE_SSL_GET_SERVER_RANDOM
 static size_t
@@ -2450,7 +2450,7 @@ SSL_get_server_random(SSL *s, uint8_t *out, size_t len)
   memcpy(out, s->s3->server_random, len);
   return len;
 }
-#endif
+#endif /* !defined(HAVE_SSL_GET_SERVER_RANDOM) */
 
 #ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
 STATIC size_t
@@ -2464,7 +2464,7 @@ SSL_SESSION_get_master_key(SSL_SESSION *s, uint8_t *out, size_t len)
   memcpy(out, s->master_key, len);
   return len;
 }
-#endif
+#endif /* !defined(HAVE_SSL_SESSION_GET_MASTER_KEY) */
 
 /** Set the DIGEST256_LEN buffer at <b>secrets_out</b> to the value used in
  * the v3 handshake to prove that the client knows the TLS secrets for the
@@ -2573,7 +2573,7 @@ tor_tls_get_buffer_sizes(tor_tls_t *tls,
   (void)wbuf_bytes;
 
   return -1;
-#else
+#else /* !(OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)) */
   if (tls->ssl->s3->rbuf.buf)
     *rbuf_capacity = tls->ssl->s3->rbuf.len;
   else
@@ -2585,7 +2585,7 @@ tor_tls_get_buffer_sizes(tor_tls_t *tls,
   *rbuf_bytes = tls->ssl->s3->rbuf.left;
   *wbuf_bytes = tls->ssl->s3->wbuf.left;
   return 0;
-#endif
+#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) */
 }
 
 /** Check whether the ECC group requested is supported by the current OpenSSL

src/common/tortls.h

@@ -161,7 +161,7 @@ STATIC int tor_tls_session_secret_cb(struct ssl_st *ssl, void *secret,
                             void *arg);
 STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m,
                              uint16_t cipher);
-#endif
+#endif /* defined(TORTLS_OPENSSL_PRIVATE) */
 MOCK_DECL(STATIC struct x509_st *, tor_tls_create_certificate,
                                                    (crypto_pk_t *rsa,
                                                     crypto_pk_t *rsa_sign,
@@ -192,9 +192,9 @@ STATIC tor_x509_cert_t *tor_x509_cert_replace_expiration(
                                                const tor_x509_cert_t *inp,
                                                time_t new_expiration_time,
                                                crypto_pk_t *signing_key);
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
-#endif /* endif TORTLS_PRIVATE */
+#endif /* defined(TORTLS_PRIVATE) */
 
 tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert);
 const char *tor_tls_err_to_string(int err);
@@ -288,5 +288,5 @@ const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
 
 int evaluate_ecgroup_for_tls(const char *ecgroup);
 
-#endif
+#endif /* !defined(TOR_TORTLS_H) */
 

src/common/util.c

@@ -31,11 +31,11 @@
 #include <process.h>
 #include <tchar.h>
 #include <winbase.h>
-#else
+#else /* !(defined(_WIN32)) */
 #include <dirent.h>
 #include <pwd.h>
 #include <grp.h>
-#endif
+#endif /* defined(_WIN32) */
 
 /* math.h needs this on Linux */
 #ifndef _USE_ISOC99_
@@ -84,8 +84,8 @@
  * scold us for being so stupid as to autodetect its presence.  To be fair,
  * they've done this since 1996, when autoconf was only 5 years old. */
 #include <malloc.h>
-#endif
-#endif
+#endif /* !defined(OpenBSD) && !defined(__FreeBSD__) */
+#endif /* defined(HAVE_MALLOC_H) */
 #ifdef HAVE_MALLOC_NP_H
 #include <malloc_np.h>
 #endif
@@ -116,12 +116,12 @@
          dmalloc_strndup(file, line, (string), -1, xalloc_b)
  #else
  #error "No dmalloc_strdup or equivalent"
- #endif
+#endif /* defined(HAVE_DMALLOC_STRDUP) || ... */
 
-#else /* not using dmalloc */
+#else /* !(defined(USE_DMALLOC)) */
 
  #define DMALLOC_FN_ARGS
-#endif
+#endif /* defined(USE_DMALLOC) */
 
 /** Allocate a chunk of <b>size</b> bytes of memory, and return a pointer to
  * result.  On error, log and terminate the process.  (Same as malloc(size),
@@ -142,7 +142,7 @@ tor_malloc_(size_t size DMALLOC_PARAMS)
   if (size==0) {
     size=1;
   }
-#endif
+#endif /* !defined(MALLOC_ZERO_WORKS) */
 
 #ifdef USE_DMALLOC
   result = dmalloc_malloc(file, line, size, DMALLOC_FUNC_MALLOC, 0, 0);
@@ -233,7 +233,7 @@ tor_realloc_(void *ptr, size_t size DMALLOC_PARAMS)
   if (size==0) {
     size=1;
   }
-#endif
+#endif /* !defined(MALLOC_ZERO_WORKS) */
 
 #ifdef USE_DMALLOC
   result = dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0);
@@ -362,16 +362,16 @@ tor_log_mallinfo(int severity)
       mi.arena, mi.ordblks, mi.smblks, mi.hblks,
       mi.hblkhd, mi.usmblks, mi.fsmblks, mi.uordblks, mi.fordblks,
       mi.keepcost);
-#else
+#else /* !(defined(HAVE_MALLINFO)) */
   (void)severity;
-#endif
+#endif /* defined(HAVE_MALLINFO) */
 #ifdef USE_DMALLOC
   dmalloc_log_changed(0, /* Since the program started. */
                       1, /* Log info about non-freed pointers. */
                       0, /* Do not log info about freed pointers. */
                       0  /* Do not log individual pointers. */
                       );
-#endif
+#endif /* defined(USE_DMALLOC) */
 }
 ENABLE_GCC_WARNING(aggregate-return)
 
@@ -401,7 +401,7 @@ tor_lround(double d)
   return (long)rint(d);
 #else
   return (long)(d > 0 ? d + 0.5 : ceil(d - 0.5));
-#endif
+#endif /* defined(HAVE_LROUND) || ... */
 }
 
 /** Return the 64-bit integer closest to d.  We define this wrapper here so
@@ -416,7 +416,7 @@ tor_llround(double d)
   return (int64_t)rint(d);
 #else
   return (int64_t)(d > 0 ? d + 0.5 : ceil(d - 0.5));
-#endif
+#endif /* defined(HAVE_LLROUND) || ... */
 }
 
 /** Returns floor(log2(u64)).  If u64 is 0, (incorrectly) returns 0. */
@@ -1238,7 +1238,7 @@ tor_parse_uint64(const char *s, int base, uint64_t min,
   r = (uint64_t)strtoul(s, &endptr, base);
 #else
 #error "I don't know how to parse 64-bit numbers."
-#endif
+#endif /* defined(HAVE_STRTOULL) || ... */
 
   CHECK_STRTOX_RESULT();
 }
@@ -1636,7 +1636,7 @@ tor_timegm(const struct tm *tm, time_t *time_out)
     log_warn(LD_BUG, "Result does not fit in tor_timegm");
     return -1;
   }
-#endif
+#endif /* SIZEOF_TIME_T < 8 */
   *time_out = (time_t)seconds;
   return 0;
 }
@@ -2014,7 +2014,7 @@ update_approx_time(time_t now)
 {
   cached_approx_time = now;
 }
-#endif
+#endif /* !defined(TIME_IS_FAST) */
 
 /* =====
  * Rate limiting
@@ -2143,9 +2143,9 @@ clean_name_for_stat(char *name)
       return;
     name[len-1]='\0';
   }
-#else
+#else /* !(defined(_WIN32)) */
   (void)name;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Wrapper for unlink() to make it mockable for the test suite; returns 0
@@ -2419,7 +2419,7 @@ check_private_dir,(const char *dirname, cpd_check_t check,
     }
   }
   close(fd);
-#else
+#else /* !(!defined(_WIN32)) */
   /* Win32 case: we can't open() a directory. */
   (void)effective_user;
 
@@ -2453,7 +2453,7 @@ check_private_dir,(const char *dirname, cpd_check_t check,
     return -1;
   }
 
-#endif
+#endif /* !defined(_WIN32) */
   return 0;
 }
 
@@ -2473,7 +2473,7 @@ write_str_to_file,(const char *fname, const char *str, int bin))
              "We're writing a text string that already contains a CR to %s",
              escaped(fname));
   }
-#endif
+#endif /* defined(_WIN32) */
   return write_bytes_to_file(fname, str, strlen(str), bin);
 }
 
@@ -2873,7 +2873,7 @@ read_file_to_str, (const char *filename, int flags, struct stat *stat_out))
       errno = save_errno;
     return string;
   }
-#endif
+#endif /* !defined(_WIN32) */
 
   if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING) {
     close(fd);
@@ -2906,7 +2906,7 @@ read_file_to_str, (const char *filename, int flags, struct stat *stat_out))
   if (!bin) {
     statbuf.st_size = (size_t) r;
   } else
-#endif
+#endif /* defined(_WIN32) || defined(__CYGWIN__) */
     if (r != statbuf.st_size) {
       /* Unless we're using text mode on win32, we'd better have an exact
        * match for size. */
@@ -3090,7 +3090,7 @@ expand_filename(const char *filename)
    *     Chapter+3.+Input+Validation/3.7+Validating+Filenames+and+Paths/
    */
   return tor_strdup(filename);
-#else
+#else /* !(defined(_WIN32)) */
   if (*filename == '~') {
     char *home, *result=NULL;
     const char *rest;
@@ -3120,10 +3120,10 @@ expand_filename(const char *filename)
       }
       tor_free(username);
       rest = slash ? (slash+1) : "";
-#else
+#else /* !(defined(HAVE_PWD_H)) */
       log_warn(LD_CONFIG, "Couldn't expand homedir on system without pwd.h");
       return tor_strdup(filename);
-#endif
+#endif /* defined(HAVE_PWD_H) */
     }
     tor_assert(home);
     /* Remove trailing slash. */
@@ -3136,7 +3136,7 @@ expand_filename(const char *filename)
   } else {
     return tor_strdup(filename);
   }
-#endif
+#endif /* defined(_WIN32) */
 }
 
 #define MAX_SCANF_WIDTH 9999
@@ -3505,7 +3505,7 @@ tor_listdir, (const char *dirname))
     name[sizeof(name)-1] = '\0';
 #else
     strlcpy(name,findData.cFileName,sizeof(name));
-#endif
+#endif /* defined(UNICODE) */
     if (strcmp(name, ".") &&
         strcmp(name, "..")) {
       smartlist_add_strdup(result, name);
@@ -3522,7 +3522,7 @@ tor_listdir, (const char *dirname))
   }
   FindClose(handle);
   tor_free(pattern);
-#else
+#else /* !(defined(_WIN32)) */
   const char *prot_dname = sandbox_intern_string(dirname);
   DIR *d;
   struct dirent *de;
@@ -3537,7 +3537,7 @@ tor_listdir, (const char *dirname))
     smartlist_add_strdup(result, de->d_name);
   }
   closedir(d);
-#endif
+#endif /* defined(_WIN32) */
   return result;
 }
 
@@ -3553,7 +3553,7 @@ path_is_relative(const char *filename)
   else if (filename && strlen(filename)>3 && TOR_ISALPHA(filename[0]) &&
            filename[1] == ':' && filename[2] == '\\')
     return 0;
-#endif
+#endif /* defined(_WIN32) */
   else
     return 1;
 }
@@ -3683,7 +3683,7 @@ finish_daemon(const char *desired_cwd)
   }
   close(daemon_filedes[1]);
 }
-#else
+#else /* !(!defined(_WIN32)) */
 /* defined(_WIN32) */
 void
 start_daemon(void)
@@ -3694,7 +3694,7 @@ finish_daemon(const char *cp)
 {
   (void)cp;
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 /** Write the current process ID, followed by NL, into <b>filename</b>.
  * Return 0 on success, -1 on failure.
@@ -3736,7 +3736,7 @@ load_windows_system_library(const TCHAR *library_name)
   _tcscat(path, library_name);
   return LoadLibrary(path);
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Format a single argument for being put on a Windows command line.
  * Returns a newly allocated string */
@@ -4031,7 +4031,7 @@ format_helper_exit_status(unsigned char child_state, int saved_errno,
  done:
   return res;
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 /* Maximum number of file descriptors, if we cannot get it via sysconf() */
 #define DEFAULT_MAX_FD 256
@@ -4055,12 +4055,12 @@ tor_terminate_process(process_handle_t *process_handle)
     else
       return 0;
   }
-#else /* Unix */
+#else /* !(defined(_WIN32)) */
   if (process_handle->waitpid_cb) {
     /* We haven't got a waitpid yet, so we can just kill off the process. */
     return kill(process_handle->pid, SIGTERM);
   }
-#endif
+#endif /* defined(_WIN32) */
 
   return 0; /* We didn't need to kill the process, so report success */
 }
@@ -4082,14 +4082,14 @@ tor_process_get_stdout_pipe(process_handle_t *process_handle)
 {
   return process_handle->stdout_pipe;
 }
-#else
+#else /* !(defined(_WIN32)) */
 /* DOCDOC tor_process_get_stdout_pipe */
 int
 tor_process_get_stdout_pipe(process_handle_t *process_handle)
 {
   return process_handle->stdout_pipe;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /* DOCDOC process_handle_new */
 static process_handle_t *
@@ -4105,7 +4105,7 @@ process_handle_new(void)
   out->stdin_pipe = -1;
   out->stdout_pipe = -1;
   out->stderr_pipe = -1;
-#endif
+#endif /* defined(_WIN32) */
 
   return out;
 }
@@ -4125,7 +4125,7 @@ process_handle_waitpid_cb(int status, void *arg)
     process_handle->status = PROCESS_STATUS_NOTRUNNING;
   process_handle->waitpid_cb = 0;
 }
-#endif
+#endif /* !defined(_WIN32) */
 
 /**
  * @name child-process states
@@ -4308,7 +4308,7 @@ tor_spawn_background(const char *const filename, const char **argv,
   /* TODO: Close pipes on exit */
   *process_handle_out = process_handle;
   return status;
-#else // _WIN32
+#else /* !(defined(_WIN32)) */
   pid_t pid;
   int stdout_pipe[2];
   int stderr_pipe[2];
@@ -4383,9 +4383,9 @@ tor_spawn_background(const char *const filename, const char **argv,
                "Cannot find maximum file descriptor, assuming %d", max_fd);
     }
   }
-#else
+#else /* !(defined(_SC_OPEN_MAX)) */
   max_fd = DEFAULT_MAX_FD;
-#endif
+#endif /* defined(_SC_OPEN_MAX) */
 
   child_state = CHILD_STATE_FORK;
 
@@ -4400,7 +4400,7 @@ tor_spawn_background(const char *const filename, const char **argv,
      * than nothing.
      */
     prctl(PR_SET_PDEATHSIG, SIGTERM);
-#endif
+#endif /* defined(HAVE_SYS_PRCTL_H) && defined(__linux__) */
 
     child_state = CHILD_STATE_DUPOUT;
 
@@ -4541,7 +4541,7 @@ tor_spawn_background(const char *const filename, const char **argv,
 
   *process_handle_out = process_handle;
   return process_handle->status;
-#endif // _WIN32
+#endif /* defined(_WIN32) */
 }
 
 /** Destroy all resources allocated by the process handle in
@@ -4583,13 +4583,13 @@ tor_process_handle_destroy,(process_handle_t *process_handle,
 
   if (process_handle->stdin_pipe)
     CloseHandle(process_handle->stdin_pipe);
-#else
+#else /* !(defined(_WIN32)) */
   close(process_handle->stdout_pipe);
   close(process_handle->stderr_pipe);
   close(process_handle->stdin_pipe);
 
   clear_waitpid_callback(process_handle->waitpid_cb);
-#endif
+#endif /* defined(_WIN32) */
 
   memset(process_handle, 0x0f, sizeof(process_handle_t));
   tor_free(process_handle);
@@ -4642,7 +4642,7 @@ tor_get_exit_code(process_handle_t *process_handle,
       return PROCESS_EXIT_ERROR;
     }
   }
-#else
+#else /* !(defined(_WIN32)) */
   int stat_loc;
   int retval;
 
@@ -4677,7 +4677,7 @@ tor_get_exit_code(process_handle_t *process_handle,
 
   if (exit_code != NULL)
     *exit_code = WEXITSTATUS(stat_loc);
-#endif // _WIN32
+#endif /* defined(_WIN32) */
 
   return PROCESS_EXIT_EXITED;
 }
@@ -4917,7 +4917,7 @@ tor_read_all_handle(HANDLE h, char *buf, size_t count,
   }
   return (ssize_t)numread;
 }
-#else
+#else /* !(defined(_WIN32)) */
 /** Read from a handle <b>fd</b> into <b>buf</b>, up to <b>count</b> bytes.  If
  * <b>process</b> is NULL, the function will return immediately if there is
  * nothing more to read. Otherwise data will be read until end of file, or
@@ -4962,7 +4962,7 @@ tor_read_all_handle(int fd, char *buf, size_t count,
   log_debug(LD_GENERAL, "read() read %d bytes from handle", (int)numread);
   return (ssize_t)numread;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Read from stdout of a process until the process exits. */
 ssize_t
@@ -4975,7 +4975,7 @@ tor_read_all_from_process_stdout(const process_handle_t *process_handle,
 #else
   return tor_read_all_handle(process_handle->stdout_pipe, buf, count,
                              process_handle, NULL);
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Read from stdout of a process until the process exits. */
@@ -4989,7 +4989,7 @@ tor_read_all_from_process_stderr(const process_handle_t *process_handle,
 #else
   return tor_read_all_handle(process_handle->stderr_pipe, buf, count,
                              process_handle, NULL);
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Split buf into lines, and add to smartlist. The buffer <b>buf</b> will be
@@ -5178,7 +5178,7 @@ log_from_handle(HANDLE *pipe, int severity)
   return 0;
 }
 
-#else
+#else /* !(defined(_WIN32)) */
 
 /** Return a smartlist containing lines outputted from
  *  <b>fd</b>. Return NULL on error, and set
@@ -5243,7 +5243,7 @@ log_from_pipe(int fd, int severity, const char *executable,
   /* We should never get here */
   return -1;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Reads from <b>fd</b> and stores input in <b>buf_out</b> making
  *  sure it's below <b>count</b> bytes.
@@ -5495,7 +5495,7 @@ tor_check_port_forwarding(const char *filename,
     status = tor_spawn_background(NULL, argv, NULL, &child_handle);
 #else
     status = tor_spawn_background(filename, argv, NULL, &child_handle);
-#endif
+#endif /* defined(_WIN32) */
 
     tor_free_((void*)argv);
     argv=NULL;
@@ -5521,7 +5521,7 @@ tor_check_port_forwarding(const char *filename,
 #else
     stderr_status = log_from_pipe(child_handle->stderr_pipe,
                                   LOG_INFO, filename, &retval);
-#endif
+#endif /* defined(_WIN32) */
     if (handle_fw_helper_output(filename, child_handle) < 0) {
       log_warn(LD_GENERAL, "Failed to handle fw helper output.");
       stdout_status = -1;
@@ -5546,13 +5546,13 @@ tor_check_port_forwarding(const char *filename,
        * between log_from_handle and tor_get_exit_code? */
       retval = 1;
     }
-#else
+#else /* !(defined(_WIN32)) */
     else if (1 == stdout_status || 1 == stderr_status)
       /* stdout or stderr was closed, the process probably
        * exited. It will be reaped by waitpid() in main.c */
       /* TODO: Do something with the process return value */
       retval = 1;
-#endif
+#endif /* defined(_WIN32) */
     else
       /* Both are fine */
       retval = 0;
@@ -5632,7 +5632,7 @@ clamp_double_to_int64(double number)
 */
 #define PROBLEMATIC_FLOAT_CONVERSION_WARNING
 DISABLE_GCC_WARNING(float-conversion)
-#endif
+#endif /* defined(MINGW_ANY) && GCC_VERSION >= 409 */
 
 /*
   With clang 4.0 we apparently run into "double promotion" warnings here,
@@ -5643,7 +5643,7 @@ DISABLE_GCC_WARNING(float-conversion)
 #define PROBLEMATIC_DOUBLE_PROMOTION_WARNING
 DISABLE_GCC_WARNING(double-promotion)
 #endif
-#endif
+#endif /* defined(__clang__) */
 
   /* NaN is a special case that can't be used with the logic below. */
   if (isnan(number)) {
@@ -5690,7 +5690,7 @@ tor_htonll(uint64_t a)
   /* Little endian. The worst... */
   return htonl((uint32_t)(a>>32)) |
     (((uint64_t)htonl((uint32_t)a))<<32);
-#endif /* WORDS_BIGENDIAN */
+#endif /* defined(WORDS_BIGENDIAN) */
 }
 
 /** Return a uint64_t value from <b>a</b> in host byte order. */

src/common/util.h

@@ -45,7 +45,7 @@
 #else
 #define DMALLOC_PARAMS
 #define DMALLOC_ARGS
-#endif
+#endif /* defined(USE_DMALLOC) */
 
 /* Memory management */
 void *tor_malloc_(size_t size DMALLOC_PARAMS) ATTR_MALLOC;
@@ -72,7 +72,7 @@ extern int dmalloc_free(const char *file, const int line, void *pnt,
       (p)=NULL;                                     \
     }                                               \
   STMT_END
-#else
+#else /* !(defined(USE_DMALLOC)) */
 /** Release memory allocated by tor_malloc, tor_realloc, tor_strdup, etc.
  * Unlike the free() function, tor_free() will still work on NULL pointers,
  * and it sets the pointer value to NULL after freeing it.
@@ -86,7 +86,7 @@ extern int dmalloc_free(const char *file, const int line, void *pnt,
       (p)=NULL;                                                \
     }                                                          \
   STMT_END
-#endif
+#endif /* defined(USE_DMALLOC) */
 
 #define tor_malloc(size)       tor_malloc_(size DMALLOC_ARGS)
 #define tor_malloc_zero(size)  tor_malloc_zero_(size DMALLOC_ARGS)
@@ -261,7 +261,7 @@ int format_time_interval(char *out, size_t out_len, long interval);
 #else
 time_t approx_time(void);
 void update_approx_time(time_t now);
-#endif
+#endif /* defined(TIME_IS_FAST) */
 
 /* Rate-limiter */
 
@@ -451,7 +451,7 @@ struct process_handle_t {
   HANDLE stdout_pipe;
   HANDLE stderr_pipe;
   PROCESS_INFORMATION pid;
-#else
+#else /* !(defined(_WIN32)) */
   int stdin_pipe;
   int stdout_pipe;
   int stderr_pipe;
@@ -462,9 +462,9 @@ struct process_handle_t {
   struct waitpid_callback_t *waitpid_cb;
   /** The exit status reported by waitpid. */
   int waitpid_exit_status;
-#endif // _WIN32
+#endif /* defined(_WIN32) */
 };
-#endif
+#endif /* defined(UTIL_PRIVATE) */
 
 /* Return values of tor_get_exit_code() */
 #define PROCESS_EXIT_RUNNING 1
@@ -480,7 +480,7 @@ ssize_t tor_read_all_handle(HANDLE h, char *buf, size_t count,
 ssize_t tor_read_all_handle(int fd, char *buf, size_t count,
                             const process_handle_t *process,
                             int *eof);
-#endif
+#endif /* defined(_WIN32) */
 ssize_t tor_read_all_from_process_stdout(
     const process_handle_t *process_handle, char *buf, size_t count);
 ssize_t tor_read_all_from_process_stderr(
@@ -502,7 +502,7 @@ tor_get_lines_from_handle,(HANDLE *handle,
 MOCK_DECL(struct smartlist_t *,
 tor_get_lines_from_handle,(int fd,
                            enum stream_status *stream_status));
-#endif
+#endif /* defined(_WIN32) */
 
 int
 tor_terminate_process(process_handle_t *process_handle);
@@ -539,13 +539,13 @@ STATIC int format_helper_exit_status(unsigned char child_state,
    leading minus) and newline (no null) */
 #define HEX_ERRNO_SIZE (sizeof(char) * 2 + 1 + \
                         1 + sizeof(int) * 2 + 1)
-#endif
+#endif /* !defined(_WIN32) */
 
-#endif
+#endif /* defined(UTIL_PRIVATE) */
 
 int size_mul_check(const size_t x, const size_t y);
 
 #define ARRAY_LENGTH(x) ((sizeof(x)) / sizeof(x[0]))
 
-#endif
+#endif /* !defined(TOR_UTIL_H) */
 

src/common/util_bug.c

@@ -59,10 +59,10 @@ tor_set_failed_assertion_callback(void (*fn)(void))
 {
   failed_assertion_cb = fn;
 }
-#else
+#else /* !(defined(TOR_UNIT_TESTS)) */
 #define capturing_bugs() (0)
 #define add_captured_bug(s) do { } while (0)
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Helper for tor_assert: report the assertion failure. */
 void

src/common/util_bug.h

@@ -53,7 +53,7 @@
  * security-critical properties.
  */
 #error "Sorry; we don't support building with NDEBUG."
-#endif
+#endif /* defined(NDEBUG) */
 
 /* Sometimes we don't want to use assertions during branch coverage tests; it
  * leads to tons of unreached branches which in reality are only assertions we
@@ -70,7 +70,7 @@
     tor_assertion_failed_(SHORT_FILE__, __LINE__, __func__, #expr);     \
     abort();                                                            \
   } STMT_END
-#endif
+#endif /* defined(TOR_UNIT_TESTS) && defined(DISABLE_ASSERTS_IN_UNIT_TESTS) */
 
 #define tor_assert_unreached() tor_assert(0)
 
@@ -92,7 +92,7 @@ extern int bug_macro_deadcode_dummy__;
 // We use this "deadcode_dummy__" trick to prevent coverity from
 // complaining about unreachable bug cases.
 #nodef BUG(x) ((x)?(__coverity_panic__(),1):(0+bug_macro_deadcode_dummy__))
-#endif
+#endif /* defined(__COVERITY__) */
 
 #if defined(__COVERITY__) || defined(__clang_analyzer__)
 // We're running with a static analysis tool: let's treat even nonfatal
@@ -143,7 +143,7 @@ extern int bug_macro_deadcode_dummy__;
   (PREDICT_UNLIKELY(cond) ?                                             \
    (tor_bug_occurred_(SHORT_FILE__,__LINE__,__func__,"!("#cond")",0), 1) \
    : 0)
-#endif
+#endif /* defined(ALL_BUGS_ARE_FATAL) || ... */
 
 #ifdef __GNUC__
 #define IF_BUG_ONCE__(cond,var)                                         \
@@ -156,7 +156,7 @@ extern int bug_macro_deadcode_dummy__;
                           "!("#cond")", 1);                             \
       }                                                                 \
       PREDICT_UNLIKELY(bool_result); } ))
-#else
+#else /* !(defined(__GNUC__)) */
 #define IF_BUG_ONCE__(cond,var)                                         \
   static int var = 0;                                                   \
   if (PREDICT_UNLIKELY(cond) ?                                          \
@@ -166,7 +166,7 @@ extern int bug_macro_deadcode_dummy__;
                            "!("#cond")", 1),                            \
         1))                                                             \
       : 0)
-#endif
+#endif /* defined(__GNUC__) */
 #define IF_BUG_ONCE_VARNAME_(a)               \
   warning_logged_on_ ## a ## __
 #define IF_BUG_ONCE_VARNAME__(a)              \
@@ -196,7 +196,7 @@ void tor_capture_bugs_(int n);
 void tor_end_capture_bugs_(void);
 const struct smartlist_t *tor_get_captured_bug_log_(void);
 void tor_set_failed_assertion_callback(void (*fn)(void));
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
-#endif
+#endif /* !defined(TOR_UTIL_BUG_H) */
 

src/common/util_format.h

@@ -48,5 +48,5 @@ int hex_decode_digit(char c);
 void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen);
 int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen);
 
-#endif
+#endif /* !defined(TOR_UTIL_FORMAT_H) */
 

src/common/util_process.c

@@ -154,5 +154,5 @@ notify_pending_waitpid_callbacks(void)
   }
 }
 
-#endif
+#endif /* !defined(_WIN32) */
 

src/common/util_process.h

@@ -20,7 +20,7 @@ waitpid_callback_t *set_waitpid_callback(pid_t pid,
                                          void (*fn)(int, void *), void *arg);
 void clear_waitpid_callback(waitpid_callback_t *ent);
 void notify_pending_waitpid_callbacks(void);
-#endif
+#endif /* !defined(_WIN32) */
 
-#endif
+#endif /* !defined(TOR_UTIL_PROCESS_H) */
 

src/common/workqueue.h

@@ -59,5 +59,5 @@ replyqueue_t *replyqueue_new(uint32_t alertsocks_flags);
 tor_socket_t replyqueue_get_socket(replyqueue_t *rq);
 void replyqueue_process(replyqueue_t *queue);
 
-#endif
+#endif /* !defined(TOR_WORKQUEUE_H) */
 

src/or/addressmap.c

@@ -814,7 +814,7 @@ parse_virtual_addr_network(const char *val, sa_family_t family,
                    ipv6?"IPv6":"");
     return -1;
   }
-#endif
+#endif /* 0 */
 
   if (bits > max_prefix_bits) {
     if (msg)
@@ -1044,7 +1044,7 @@ addressmap_register_virtual_address(int type, char *new_address)
              safe_str_client(*addrp),
              safe_str_client(new_address));
   }
-#endif
+#endif /* 0 */
 
   return *addrp;
 }

src/or/addressmap.h

@@ -59,7 +59,7 @@ typedef struct virtual_addr_conf_t {
 
 STATIC void get_random_virtual_addr(const virtual_addr_conf_t *conf,
                                     tor_addr_t *addr_out);
-#endif
+#endif /* defined(ADDRESSMAP_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_ADDRESSMAP_H) */
 

src/or/bridges.c

@@ -310,7 +310,7 @@ learned_router_identity(const tor_addr_t *addr, uint16_t port,
     memcpy(&bridge->ed25519_identity, ed_id, sizeof(*ed_id));
     learned = 1;
   }
-#endif
+#endif /* 0 */
   if (learned) {
     char *transport_info = NULL;
     const char *transport_name =

src/or/bridges.h

@@ -66,5 +66,5 @@ MOCK_DECL(download_status_t *, get_bridge_dl_status_by_id,
 
 void bridges_free_all(void);
 
-#endif
+#endif /* !defined(TOR_BRIDGES_H) */
 

src/or/channel.c

@@ -701,7 +701,7 @@ channel_remove_from_digest_map(channel_t *chan)
 
     return;
   }
-#endif
+#endif /* 0 */
 
   /* Pull it out of its list, wherever that list is */
   TOR_LIST_REMOVE(chan, next_with_same_id);
@@ -1832,7 +1832,7 @@ cell_queue_entry_is_padding(cell_queue_entry_t *q)
 
   return 0;
 }
-#endif
+#endif /* 0 */
 
 /**
  * Allocate a new cell queue entry for a fixed-size cell

src/or/channel.h

@@ -487,7 +487,7 @@ STATIC void cell_queue_entry_free(cell_queue_entry_t *q, int handed_off);
 
 void channel_write_cell_generic_(channel_t *chan, const char *cell_type,
                                  void *cell, cell_queue_entry_t *q);
-#endif
+#endif /* defined(CHANNEL_PRIVATE_) */
 
 /* Channel operations for subclasses and internal use only */
 
@@ -580,7 +580,7 @@ void channel_do_open_actions(channel_t *chan);
 extern uint64_t estimated_total_queue_size;
 #endif
 
-#endif
+#endif /* defined(TOR_CHANNEL_INTERNAL_) */
 
 /* Helper functions to perform operations on channels */
 
@@ -719,5 +719,5 @@ int packed_cell_is_destroy(channel_t *chan,
 /* Declare the handle helpers */
 HANDLE_DECL(channel, channel_s,)
 
-#endif
+#endif /* !defined(TOR_CHANNEL_H) */
 

src/or/channelpadding.h

@@ -41,5 +41,5 @@ int channelpadding_get_circuits_available_timeout(void);
 unsigned int channelpadding_get_channel_idle_timeout(const channel_t *, int);
 void channelpadding_new_consensus_params(networkstatus_t *ns);
 
-#endif
+#endif /* !defined(TOR_CHANNELPADDING_H) */
 

src/or/channeltls.c

@@ -1044,7 +1044,7 @@ channel_tls_time_process_cell(cell_t *cell, channel_tls_t *chan, int *time,
 
   *time += time_passed;
 }
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
 /**
  * Handle an incoming cell on a channel_tls_t
@@ -1072,9 +1072,9 @@ channel_tls_handle_cell(cell_t *cell, or_connection_t *conn)
     channel_tls_time_process_cell(cl, cn, & tp ## time ,            \
                              channel_tls_process_ ## tp ## _cell);  \
     } STMT_END
-#else
+#else /* !(defined(KEEP_TIMING_STATS)) */
 #define PROCESS_CELL(tp, cl, cn) channel_tls_process_ ## tp ## _cell(cl, cn)
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
   tor_assert(cell);
   tor_assert(conn);
@@ -1204,7 +1204,7 @@ channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
     /* remember which second it is, for next time */
     current_second = now;
   }
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
   tor_assert(var_cell);
   tor_assert(conn);
@@ -1579,7 +1579,7 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
       connection_or_close_normally(chan->conn, 1);
       return;
     }
-#endif
+#endif /* defined(DISABLE_V3_LINKPROTO_SERVERSIDE) */
 
     if (send_versions) {
       if (connection_or_send_versions(chan->conn, 1) < 0) {

src/or/channeltls.h

@@ -26,7 +26,7 @@ struct channel_tls_s {
   or_connection_t *conn;
 };
 
-#endif /* TOR_CHANNEL_INTERNAL_ */
+#endif /* defined(TOR_CHANNEL_INTERNAL_) */
 
 channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port,
                                 const char *id_digest,
@@ -69,7 +69,7 @@ STATIC void channel_tls_process_auth_challenge_cell(var_cell_t *cell,
 STATIC void channel_tls_common_init(channel_tls_t *tlschan);
 STATIC void channel_tls_process_authenticate_cell(var_cell_t *cell,
                                                   channel_tls_t *tlschan);
-#endif
+#endif /* defined(CHANNELTLS_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CHANNELTLS_H) */
 

src/or/circpathbias.c

@@ -292,7 +292,7 @@ pathbias_is_new_circ_attempt(origin_circuit_t *circ)
   return circ->cpath &&
          circ->cpath->next != circ->cpath &&
          circ->cpath->next->state == CPATH_STATE_AWAITING_KEYS;
-#else
+#else /* !(defined(N2N_TAGGING_IS_POSSIBLE)) */
   /* If tagging attacks are no longer possible, we probably want to
    * count bias from the first hop. However, one could argue that
    * timing-based tagging is still more useful than per-hop failure.
@@ -300,7 +300,7 @@ pathbias_is_new_circ_attempt(origin_circuit_t *circ)
    */
   return circ->cpath &&
          circ->cpath->state == CPATH_STATE_AWAITING_KEYS;
-#endif
+#endif /* defined(N2N_TAGGING_IS_POSSIBLE) */
 }
 
 /**

src/or/circpathbias.h

@@ -25,5 +25,5 @@ void pathbias_mark_use_success(origin_circuit_t *circ);
 void pathbias_mark_use_rollback(origin_circuit_t *circ);
 const char *pathbias_state_to_string(path_state_t state);
 
-#endif
+#endif /* !defined(TOR_CIRCPATHBIAS_H) */
 

src/or/circuitbuild.c

@@ -1566,7 +1566,7 @@ circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer, int reason)
 
   log_info(LD_CIRC, "finished");
   return 0;
-#endif
+#endif /* 0 */
 }
 
 /** Given a response payload and keys, initialize, then send a created
@@ -2104,7 +2104,7 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags,
 
   return rp_node;
 }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) || defined(TOR_UNIT_TESTS) */
 
 /* Pick a Rendezvous Point for our HS circuits according to <b>flags</b>. */
 static const node_t *
@@ -2140,7 +2140,7 @@ pick_rendezvous_node(router_crn_flags_t flags)
              "Unable to find a random rendezvous point that is reachable via "
              "a direct connection, falling back to a 3-hop path.");
   }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) */
 
   return router_choose_random_node(NULL, options->ExcludeNodes, flags);
 }
@@ -2430,7 +2430,7 @@ cpath_get_n_hops(crypt_path_t **head_ptr)
   return n_hops;
 }
 
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** A helper function used by onion_extend_cpath(). Use <b>purpose</b>
  * and <b>state</b> and the cpath <b>head</b> (currently populated only

src/or/circuitbuild.h

@@ -86,9 +86,9 @@ STATIC const node_t *pick_tor2web_rendezvous_node(router_crn_flags_t flags,
                                                   const or_options_t *options);
 unsigned int cpath_get_n_hops(crypt_path_t **head_ptr);
 
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) || defined(TOR_UNIT_TESTS) */
 
-#endif
+#endif /* defined(CIRCUITBUILD_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CIRCUITBUILD_H) */
 

src/or/circuitlist.c

@@ -1434,7 +1434,7 @@ circuit_unlink_all_from_channel(channel_t *chan, int reason)
       smartlist_free(detached_2);
     }
   }
-#endif
+#endif /* defined(DEBUG_CIRCUIT_UNLINK_ALL) */
 
   SMARTLIST_FOREACH_BEGIN(detached, circuit_t *, circ) {
     int mark = 0;

src/or/circuitlist.h

@@ -86,7 +86,7 @@ STATIC size_t n_cells_in_circ_queues(const circuit_t *c);
 STATIC uint32_t circuit_max_queued_data_age(const circuit_t *c, uint32_t now);
 STATIC uint32_t circuit_max_queued_cell_age(const circuit_t *c, uint32_t now);
 STATIC uint32_t circuit_max_queued_item_age(const circuit_t *c, uint32_t now);
-#endif
+#endif /* defined(CIRCUITLIST_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CIRCUITLIST_H) */
 

src/or/circuitmux.c

@@ -185,7 +185,7 @@ struct chanid_circid_muxinfo_t {
   circuitmux_assert_okay(cmux)
 #else
 #define circuitmux_assert_okay_paranoid(cmux)
-#endif
+#endif /* defined(CMUX_PARANOIA) */
 
 /*
  * Static function declarations

src/or/circuitmux.h

@@ -156,5 +156,5 @@ void circuitmux_mark_destroyed_circids_usable(circuitmux_t *cmux,
 MOCK_DECL(int, circuitmux_compare_muxes,
           (circuitmux_t *cmux_1, circuitmux_t *cmux_2));
 
-#endif /* TOR_CIRCUITMUX_H */
+#endif /* !defined(TOR_CIRCUITMUX_H) */
 

src/or/circuitmux_ewma.h

@@ -20,5 +20,5 @@ unsigned int cell_ewma_get_tick(void);
 void cell_ewma_set_scale_factor(const or_options_t *options,
                                 const networkstatus_t *consensus);
 
-#endif /* TOR_CIRCUITMUX_EWMA_H */
+#endif /* !defined(TOR_CIRCUITMUX_EWMA_H) */
 

src/or/circuitstats.c

@@ -60,7 +60,7 @@ static circuit_build_times_t circ_times;
 static int unit_tests = 0;
 #else
 #define unit_tests 0
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /** Return a pointer to the data structure describing our current circuit
  * build time history and computations. */
@@ -148,7 +148,7 @@ circuit_build_times_disabled_(const or_options_t *options,
                "Consensus=%d, Config=%d, AuthDir=%d, StateFile=%d",
                consensus_disabled, config_disabled, dirauth_disabled,
                state_disabled);
-#endif
+#endif /* 0 */
       return 1;
     } else {
 #if 0
@@ -157,7 +157,7 @@ circuit_build_times_disabled_(const or_options_t *options,
                 "Consensus=%d, Config=%d, AuthDir=%d, StateFile=%d",
                 consensus_disabled, config_disabled, dirauth_disabled,
                 state_disabled);
-#endif
+#endif /* 0 */
       return 0;
     }
   }
@@ -608,7 +608,7 @@ circuit_build_times_rewind_history(circuit_build_times_t *cbt, int n)
           "Rewound history by %d places. Current index: %d. "
           "Total: %d", n, cbt->build_times_idx, cbt->total_build_times);
 }
-#endif
+#endif /* 0 */
 
 /**
  * Add a new build time value <b>time</b> to the set of build times. Time
@@ -676,7 +676,7 @@ circuit_build_times_min(circuit_build_times_t *cbt)
   }
   return min_build_time;
 }
-#endif
+#endif /* 0 */
 
 /**
  * Calculate and return a histogram for the set of build times.
@@ -1165,7 +1165,7 @@ circuit_build_times_cdf(circuit_build_times_t *cbt, double x)
   tor_assert(0 <= ret && ret <= 1.0);
   return ret;
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 #ifdef TOR_UNIT_TESTS
 /**
@@ -1200,7 +1200,7 @@ circuit_build_times_generate_sample(circuit_build_times_t *cbt,
   tor_assert(ret > 0);
   return ret;
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 #ifdef TOR_UNIT_TESTS
 /**
@@ -1223,7 +1223,7 @@ circuit_build_times_initial_alpha(circuit_build_times_t *cbt,
     (tor_mathlog(cbt->Xm)-tor_mathlog(timeout_ms));
   tor_assert(cbt->alpha > 0);
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /**
  * Returns true if we need circuits to be built
@@ -1682,7 +1682,7 @@ circuitbuild_running_unit_tests(void)
 {
   unit_tests = 1;
 }
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 void
 circuit_build_times_update_last_circ(circuit_build_times_t *cbt)

src/or/circuitstats.h

@@ -54,7 +54,7 @@ STATIC void circuit_build_times_reset(circuit_build_times_t *cbt);
 /* Network liveness functions */
 STATIC int circuit_build_times_network_check_changed(
                                              circuit_build_times_t *cbt);
-#endif
+#endif /* defined(CIRCUITSTATS_PRIVATE) */
 
 #ifdef TOR_UNIT_TESTS
 build_time_t circuit_build_times_generate_sample(circuit_build_times_t *cbt,
@@ -63,7 +63,7 @@ double circuit_build_times_cdf(circuit_build_times_t *cbt, double x);
 void circuit_build_times_initial_alpha(circuit_build_times_t *cbt,
                                        double quantile, double time_ms);
 void circuitbuild_running_unit_tests(void);
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
 /* Network liveness functions */
 void circuit_build_times_network_is_live(circuit_build_times_t *cbt);
@@ -95,7 +95,7 @@ struct circuit_build_times_s {
   /** How long we wait before actually closing the circuit. */
   double close_ms;
 };
-#endif
+#endif /* defined(CIRCUITSTATS_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CIRCUITSTATS_H) */
 

src/or/circuituse.c

@@ -410,7 +410,7 @@ circuit_conforms_to_options(const origin_circuit_t *circ,
 
   return 1;
 }
-#endif
+#endif /* 0 */
 
 /** Close all circuits that start at us, aren't open, and were born
  * at least CircuitBuildTimeout seconds ago.
@@ -634,7 +634,7 @@ circuit_expire_building(void)
                victim->n_circ_id,
                (int)(now - victim->timestamp_dirty));
     }
-#endif
+#endif /* 0 */
 
     /* if circ is !open, or if it's open but purpose is a non-finished
      * intro or rend, then mark it for close */
@@ -1339,7 +1339,7 @@ circuit_expire_old_circs_as_needed(time_t now)
       log_fn(LOG_INFO,"Creating a new testing circuit.");
       circuit_launch(CIRCUIT_PURPOSE_C_GENERAL, 0);
     }
-#endif
+#endif /* 0 */
   }
 }
 
@@ -2282,7 +2282,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
          new_circ_purpose == CIRCUIT_PURPOSE_C_INTRODUCING)) {
       want_onehop = 1;
     }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) */
 
     /* Determine what kind of a circuit to launch, and actually launch it. */
     {

src/or/circuituse.h

@@ -82,7 +82,7 @@ STATIC int needs_hs_client_circuits(time_t now,
 
 STATIC int needs_circuits_for_build(int num);
 
-#endif
+#endif /* defined(TOR_UNIT_TESTS) */
 
-#endif
+#endif /* !defined(TOR_CIRCUITUSE_H) */
 

src/or/command.c

@@ -128,7 +128,7 @@ command_time_process_cell(cell_t *cell, channel_t *chan, int *time,
   }
   *time += time_passed;
 }
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
 /** Process a <b>cell</b> that was just received on <b>chan</b>. Keep internal
  * statistics about how many of each cell we've processed so far
@@ -165,7 +165,7 @@ command_process_cell(channel_t *chan, cell_t *cell)
     /* remember which second it is, for next time */
     current_second = now;
   }
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
 #ifdef KEEP_TIMING_STATS
 #define PROCESS_CELL(tp, cl, cn) STMT_BEGIN {                   \
@@ -173,9 +173,9 @@ command_process_cell(channel_t *chan, cell_t *cell)
     command_time_process_cell(cl, cn, & tp ## time ,            \
                               command_process_ ## tp ## _cell);  \
   } STMT_END
-#else
+#else /* !(defined(KEEP_TIMING_STATS)) */
 #define PROCESS_CELL(tp, cl, cn) command_process_ ## tp ## _cell(cl, cn)
-#endif
+#endif /* defined(KEEP_TIMING_STATS) */
 
   switch (cell->command) {
     case CELL_CREATE:

src/or/command.h

@@ -27,5 +27,5 @@ extern uint64_t stats_n_created_cells_processed;
 extern uint64_t stats_n_relay_cells_processed;
 extern uint64_t stats_n_destroy_cells_processed;
 
-#endif
+#endif /* !defined(TOR_COMMAND_H) */
 

src/or/config.c

@@ -114,9 +114,9 @@
  * Coverity. Here's a kludge to unconfuse it.
  */
 #   define __INCLUDE_LEVEL__ 2
-#   endif
+#endif /* defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__) */
 #include <systemd/sd-daemon.h>
-#endif
+#endif /* defined(HAVE_SYSTEMD) */
 
 /* Prefix used to indicate a Unix socket in a FooPort configuration. */
 static const char unix_socket_prefix[] = "unix:";
@@ -345,7 +345,7 @@ static config_var_t option_vars_[] = {
     SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
   V(GeoIPv6File,                 FILENAME,
     SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip6"),
-#endif
+#endif /* defined(_WIN32) */
   OBSOLETE("Group"),
   V(GuardLifetime,               INTERVAL, "0 minutes"),
   V(HardwareAccel,               BOOL,     "0"),
@@ -1250,13 +1250,13 @@ options_act_reversible(const or_options_t *old_options, char **msg)
                       "on this OS/with this build.");
     goto rollback;
   }
-#else
+#else /* !(!defined(HAVE_SYS_UN_H)) */
   if (options->ControlSocketsGroupWritable && !options->ControlSocket) {
     *msg = tor_strdup("Setting ControlSocketGroupWritable without setting"
                       "a ControlSocket makes no sense.");
     goto rollback;
   }
-#endif
+#endif /* !defined(HAVE_SYS_UN_H) */
 
   if (running_tor) {
     int n_ports=0;
@@ -1333,7 +1333,7 @@ options_act_reversible(const or_options_t *old_options, char **msg)
       goto rollback;
     }
   }
-#endif
+#endif /* defined(HAVE_NET_IF_H) && defined(HAVE_NET_PFVAR_H) */
 
   /* Attempt to lock all current and future memory with mlockall() only once */
   if (options->DisableAllSwap) {
@@ -1385,7 +1385,7 @@ options_act_reversible(const or_options_t *old_options, char **msg)
                options->DataDirectory, strerror(errno));
     }
   }
-#endif
+#endif /* !defined(_WIN32) */
 
   /* Bail out at this point if we're not going to be a client or server:
    * we don't run Tor itself. */
@@ -1667,7 +1667,7 @@ options_act(const or_options_t *old_options)
     return -1;
   }
 /* LCOV_EXCL_STOP */
-#else
+#else /* !(defined(ENABLE_TOR2WEB_MODE)) */
   if (options->Tor2webMode) {
     log_err(LD_CONFIG, "This copy of Tor was not compiled to run in "
             "'tor2web mode'. It cannot be run with the Tor2webMode torrc "
@@ -1675,7 +1675,7 @@ options_act(const or_options_t *old_options)
             "--enable-tor2web-mode option.");
     return -1;
   }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) */
 
   /* If we are a bridge with a pluggable transport proxy but no
      Extended ORPort, inform the user that they are missing out. */
@@ -2868,7 +2868,7 @@ options_validate_cb(void *old_options, void *options, void *default_options,
 #else
 #define COMPLAIN(args, ...)                                     \
   STMT_BEGIN log_warn(LD_CONFIG, args, ##__VA_ARGS__); STMT_END
-#endif
+#endif /* defined(__GNUC__) && __GNUC__ <= 3 */
 
 /** Log a warning message iff <b>filepath</b> is not absolute.
  * Warning message must contain option name <b>option</b> and
@@ -3171,7 +3171,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
              "and OS X/Darwin-specific feature.");
 #else
       options->TransProxyType_parsed = TPT_PF_DIVERT;
-#endif
+#endif /* !defined(OpenBSD) && !defined( DARWIN ) */
     } else if (!strcasecmp(options->TransProxyType, "tproxy")) {
 #if !defined(__linux__)
       REJECT("TPROXY is a Linux-specific feature.");
@@ -3185,7 +3185,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
              "and OS X/Darwin-specific feature.");
 #else
       options->TransProxyType_parsed = TPT_IPFW;
-#endif
+#endif /* !defined(KERNEL_MAY_SUPPORT_IPFW) */
     } else {
       REJECT("Unrecognized value for TransProxyType");
     }
@@ -3195,10 +3195,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
       REJECT("Cannot use TransProxyType without any valid TransPort.");
     }
   }
-#else
+#else /* !(defined(USE_TRANSPARENT)) */
   if (options->TransPort_set)
     REJECT("TransPort is disabled in this build.");
-#endif
+#endif /* defined(USE_TRANSPARENT) */
 
   if (options->TokenBucketRefillInterval <= 0
       || options->TokenBucketRefillInterval > 1000) {
@@ -3519,7 +3519,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
                "Tor2WebMode is enabled; disabling UseEntryGuards.");
     options->UseEntryGuards = 0;
   }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) */
 
   if (options->Tor2webRendezvousPoints && !options->Tor2webMode) {
     REJECT("Tor2webRendezvousPoints cannot be set without Tor2webMode.");
@@ -4367,7 +4367,7 @@ compute_real_max_mem_in_queues(const uint64_t val, int log_guess)
 #else
       /* (presumably) 32-bit system. Let's hope for 1 GB. */
       result = ONE_GIGABYTE;
-#endif
+#endif /* SIZEOF_VOID_P >= 8 */
     } else {
       /* We detected it, so let's pick 3/4 of the total RAM as our limit. */
       const uint64_t avail = (ram / 4) * 3;
@@ -4700,7 +4700,7 @@ get_windows_conf_root(void)
   path[sizeof(path)-1] = '\0';
 #else
   strlcpy(path,tpath,sizeof(path));
-#endif
+#endif /* defined(UNICODE) */
 
   /* Now we need to free the memory that the path-idl was stored in.  In
    * typical Windows fashion, we can't just call 'free()' on it. */
@@ -4716,7 +4716,7 @@ get_windows_conf_root(void)
   is_set = 1;
   return path;
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Return the default location for our torrc file (if <b>defaults_file</b> is
  * false), or for the torrc-defaults file (if <b>defaults_file</b> is true). */
@@ -4740,7 +4740,7 @@ get_default_conf_file(int defaults_file)
   }
 #else
   return defaults_file ? CONFDIR "/torrc-defaults" : CONFDIR "/torrc";
-#endif
+#endif /* defined(DISABLE_SYSTEM_TORRC) || ... */
 }
 
 /** Verify whether lst is a list of strings containing valid-looking
@@ -4891,9 +4891,9 @@ find_torrc_filename(config_line_t *cmd_arg,
       } else {
         fname = dflt ? tor_strdup(dflt) : NULL;
       }
-#else
+#else /* !(!defined(_WIN32)) */
       fname = dflt ? tor_strdup(dflt) : NULL;
-#endif
+#endif /* !defined(_WIN32) */
     }
   }
   return fname;
@@ -5524,7 +5524,7 @@ options_init_logs(const or_options_t *old_options, or_options_t *options,
       }
 #else
       log_warn(LD_CONFIG, "Syslog is not supported on this system. Sorry.");
-#endif
+#endif /* defined(HAVE_SYSLOG_H) */
       goto cleanup;
     }
 
@@ -6735,7 +6735,7 @@ parse_port_config(smartlist_t *out,
         } else if (!strcasecmp(elt, "AllAddrs")) {
 
           all_addrs = 1;
-#endif
+#endif /* 0 */
         } else if (!strcasecmp(elt, "IPv4Only")) {
           bind_ipv4_only = 1;
         } else if (!strcasecmp(elt, "IPv6Only")) {
@@ -7518,7 +7518,7 @@ normalize_data_directory(or_options_t *options)
   strlcpy(p,get_windows_conf_root(),MAX_PATH);
   options->DataDirectory = p;
   return 0;
-#else
+#else /* !(defined(_WIN32)) */
   const char *d = options->DataDirectory;
   if (!d)
     d = "~/.tor";
@@ -7544,7 +7544,7 @@ normalize_data_directory(or_options_t *options)
    options->DataDirectory = fn;
  }
  return 0;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Check and normalize the value of options->DataDirectory; return 0 if it
@@ -8075,10 +8075,10 @@ config_load_geoip_file_(sa_family_t family,
   }
   geoip_load_file(family, fname);
   tor_free(free_fname);
-#else
+#else /* !(defined(_WIN32)) */
   (void)default_fname;
   geoip_load_file(family, fname);
-#endif
+#endif /* defined(_WIN32) */
 }
 
 /** Load geoip files for IPv4 and IPv6 if <a>options</a> and
@@ -8153,9 +8153,9 @@ init_cookie_authentication(const char *fname, const char *header,
       log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname));
     }
   }
-#else
+#else /* !(!defined(_WIN32)) */
   (void) group_readable;
-#endif
+#endif /* !defined(_WIN32) */
 
   /* Success! */
   log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname));

src/or/config.h

@@ -202,7 +202,7 @@ STATIC int parse_port_config(smartlist_t *out,
                   const char *defaultaddr,
                   int defaultport,
                   const unsigned flags);
-#endif
+#endif /* defined(CONFIG_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CONFIG_H) */
 

src/or/confparse.h

@@ -129,5 +129,5 @@ const char *config_expand_abbrev(const config_format_t *fmt,
                                  int command_line, int warn_obsolete);
 void warn_deprecated_option(const char *what, const char *why);
 
-#endif
+#endif /* !defined(TOR_CONFPARSE_H) */
 

src/or/connection.c

@@ -704,7 +704,7 @@ connection_free,(connection_t *conn))
     connection_ap_warn_and_unmark_if_pending_circ(TO_ENTRY_CONN(conn),
                                                   "connection_free");
   }
-#endif
+#endif /* 1 */
   connection_unregister_events(conn);
   connection_free_(conn);
 }
@@ -928,7 +928,7 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address,
   *len_out = sizeof(struct sockaddr_un);
   return sockaddr;
 }
-#else
+#else /* !(defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)) */
 static struct sockaddr *
 create_unix_sockaddr(const char *listenaddress, char **readable_address,
                      socklen_t *len_out)
@@ -941,7 +941,7 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address,
   tor_fragile_assert();
   return NULL;
 }
-#endif /* HAVE_SYS_UN_H */
+#endif /* defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN) */
 
 /** Warn that an accept or a connect has failed because we're running out of
  * TCP sockets we can use on current system.  Rate-limit these warnings so
@@ -1056,7 +1056,7 @@ check_location_for_unix_socket(const or_options_t *options, const char *path,
   tor_free(p);
   return r;
 }
-#endif
+#endif /* defined(HAVE_SYS_UN_H) */
 
 /** Tell the TCP stack that it shouldn't wait for a long time after
  * <b>sock</b> has closed before reusing its port. Return 0 on success,
@@ -1079,7 +1079,7 @@ make_socket_reuseable(tor_socket_t sock)
     return -1;
   }
   return 0;
-#endif
+#endif /* defined(_WIN32) */
 }
 
 #ifdef _WIN32
@@ -1100,12 +1100,12 @@ make_win32_socket_exclusive(tor_socket_t sock)
     return -1;
   }
   return 0;
-#else
+#else /* !(defined(SO_EXCLUSIVEADDRUSE)) */
   (void) sock;
   return 0;
-#endif
+#endif /* defined(SO_EXCLUSIVEADDRUSE) */
 }
-#endif
+#endif /* defined(_WIN32) */
 
 /** Max backlog to pass to listen.  We start at */
 static int listen_limit = INT_MAX;
@@ -1195,7 +1195,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
                conn_type_to_string(type),
                tor_socket_strerror(errno));
     }
-#endif
+#endif /* defined(_WIN32) */
 
 #if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
     if (options->TransProxyType_parsed == TPT_TPROXY &&
@@ -1212,7 +1212,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
                  tor_socket_strerror(e), extra);
       }
     }
-#endif
+#endif /* defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT) */
 
 #ifdef IPV6_V6ONLY
     if (listensockaddr->sa_family == AF_INET6) {
@@ -1227,7 +1227,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
         /* Keep going; probably not harmful. */
       }
     }
-#endif
+#endif /* defined(IPV6_V6ONLY) */
 
     if (bind(s,listensockaddr,socklen) < 0) {
       const char *helpfulhint = "";
@@ -1330,7 +1330,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
         goto err;
       }
     }
-#endif
+#endif /* defined(HAVE_PWD_H) */
 
     {
       unsigned mode;
@@ -1361,7 +1361,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
                tor_socket_strerror(tor_socket_errno(s)));
       goto err;
     }
-#endif /* HAVE_SYS_UN_H */
+#endif /* defined(HAVE_SYS_UN_H) */
   } else {
     log_err(LD_BUG, "Got unexpected address family %d.",
             listensockaddr->sa_family);
@@ -2626,7 +2626,7 @@ retry_listener_ports(smartlist_t *old_conns,
     if (port->is_unix_addr && !geteuid() && (options->User) &&
         strcmp(options->User, "root"))
       continue;
-#endif
+#endif /* !defined(_WIN32) */
 
     if (port->is_unix_addr) {
       listensockaddr = (struct sockaddr *)

src/or/connection.h

@@ -286,7 +286,7 @@ MOCK_DECL(STATIC int,connection_connect_sockaddr,
 MOCK_DECL(STATIC void, kill_conn_list_for_oos, (smartlist_t *conns));
 MOCK_DECL(STATIC smartlist_t *, pick_oos_victims, (int n));
 
-#endif
+#endif /* defined(CONNECTION_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CONNECTION_H) */
 

src/or/connection_edge.c

@@ -115,7 +115,7 @@
 #define TRANS_NETFILTER
 #define TRANS_NETFILTER_IPV6
 #endif
-#endif
+#endif /* defined(HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H) */
 
 #if defined(HAVE_NET_IF_H) && defined(HAVE_NET_PFVAR_H)
 #include <net/if.h>
@@ -661,7 +661,7 @@ connection_ap_about_to_close(entry_connection_t *entry_conn)
     connection_ap_warn_and_unmark_if_pending_circ(entry_conn,
                                                   "about_to_close");
   }
-#endif
+#endif /* 1 */
 
   control_event_stream_bandwidth(edge_conn);
   control_event_stream_status(entry_conn, STREAM_EVENT_CLOSED,
@@ -871,9 +871,9 @@ connection_ap_rescan_and_attach_pending(void)
     entry_conn->marked_pending_circ_line = 0;   \
     entry_conn->marked_pending_circ_file = 0;   \
   } while (0)
-#else
+#else /* !(defined(DEBUGGING_17659)) */
 #define UNMARK() do { } while (0)
-#endif
+#endif /* defined(DEBUGGING_17659) */
 
 /** Tell any AP streams that are listed as waiting for a new circuit to try
  * again.  If there is an available circuit for a stream, attach it. Otherwise,
@@ -979,7 +979,7 @@ connection_ap_mark_as_pending_circuit_(entry_connection_t *entry_conn,
     log_warn(LD_BUG, "(Previously called from %s:%d.)\n",
              f2 ? f2 : "<NULL>",
              entry_conn->marked_pending_circ_line);
-#endif
+#endif /* defined(DEBUGGING_17659) */
     log_backtrace(LOG_WARN, LD_BUG, "To debug, this may help");
     return;
   }
@@ -1791,7 +1791,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
       connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
       return -1;
     }
-#endif
+#endif /* defined(ENABLE_TOR2WEB_MODE) */
 
     /* socks->address is a non-onion hostname or IP address.
      * If we can't do any non-onion requests, refuse the connection.
@@ -2067,7 +2067,7 @@ get_pf_socket(void)
 #else
   /* works on NetBSD and FreeBSD */
   pf = tor_open_cloexec("/dev/pf", O_RDWR, 0);
-#endif
+#endif /* defined(OpenBSD) */
 
   if (pf < 0) {
     log_warn(LD_NET, "open(\"/dev/pf\") failed: %s", strerror(errno));
@@ -2077,7 +2077,7 @@ get_pf_socket(void)
   pf_socket = pf;
   return pf_socket;
 }
-#endif
+#endif /* defined(TRANS_PF) */
 
 #if defined(TRANS_NETFILTER) || defined(TRANS_PF) || \
   defined(TRANS_TPROXY)
@@ -2100,7 +2100,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req)
     }
     goto done;
   }
-#endif
+#endif /* defined(TRANS_TPROXY) */
 
 #ifdef TRANS_NETFILTER
   int rv = -1;
@@ -2110,13 +2110,13 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req)
       rv = getsockopt(ENTRY_TO_CONN(conn)->s, SOL_IP, SO_ORIGINAL_DST,
                   (struct sockaddr*)&orig_dst, &orig_dst_len);
       break;
-#endif
+#endif /* defined(TRANS_NETFILTER_IPV4) */
 #ifdef TRANS_NETFILTER_IPV6
     case AF_INET6:
       rv = getsockopt(ENTRY_TO_CONN(conn)->s, SOL_IPV6, IP6T_SO_ORIGINAL_DST,
                   (struct sockaddr*)&orig_dst, &orig_dst_len);
       break;
-#endif
+#endif /* defined(TRANS_NETFILTER_IPV6) */
     default:
       log_warn(LD_BUG,
                "Received transparent data from an unsuported socket family %d",
@@ -2142,7 +2142,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req)
   (void)req;
   log_warn(LD_BUG, "Unable to determine destination from socket.");
   return -1;
-#endif
+#endif /* defined(TRANS_NETFILTER) || ... */
 
  done:
   tor_addr_from_sockaddr(&addr, (struct sockaddr*)&orig_dst, &req->port);
@@ -2150,7 +2150,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req)
 
   return 0;
 }
-#endif
+#endif /* defined(TRANS_NETFILTER) || defined(TRANS_PF) || ... */
 
 #ifdef TRANS_PF
 static int
@@ -2184,7 +2184,7 @@ destination_from_pf(entry_connection_t *conn, socks_request_t *req)
 
     return 0;
   }
-#endif
+#endif /* defined(__FreeBSD__) */
 
   memset(&pnl, 0, sizeof(pnl));
   pnl.proto           = IPPROTO_TCP;
@@ -2233,7 +2233,7 @@ destination_from_pf(entry_connection_t *conn, socks_request_t *req)
 
   return 0;
 }
-#endif
+#endif /* defined(TRANS_PF) */
 
 /** Fetch the original destination address and port from a
  * system-specific interface and put them into a
@@ -2269,7 +2269,7 @@ connection_ap_get_original_destination(entry_connection_t *conn,
   log_warn(LD_BUG, "Called connection_ap_get_original_destination, but no "
            "transparent proxy method was configured.");
   return -1;
-#endif
+#endif /* defined(TRANS_NETFILTER) || ... */
 }
 
 /** connection_edge_process_inbuf() found a conn in state

src/or/connection_edge.h

@@ -191,7 +191,7 @@ STATIC void connection_ap_handshake_rewrite(entry_connection_t *conn,
                                             rewrite_result_t *out);
 
 STATIC int connection_ap_process_http_connect(entry_connection_t *conn);
-#endif
+#endif /* defined(CONNECTION_EDGE_PRIVATE) */
 
-#endif
+#endif /* !defined(TOR_CONNECTION_EDGE_H) */
 

src/or/connection_or.h

@@ -118,5 +118,5 @@ void connection_or_group_set_badness_(smartlist_t *group, int force);
 extern int certs_cell_ed25519_disabled_for_testing;
 #endif
 
-#endif
+#endif /* !defined(TOR_CONNECTION_OR_H) */