@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Compression module documentation file.

+ * @file

+ * Data Channel Compression module documentation file.

  */

 /**

@@ -23,7 +23,8 @@

  */

 /**

- * @file Network protocol overview documentation file.

+ * @file

+ * Network protocol overview documentation file.

  */

 /**

@@ -44,7 +44,7 @@ plugin_base64_decode_t ovpn_base64_decode = NULL;  /**< Pointer to the openvpn_b

  * returns, any returned pointers are invalid.

  *

  * @param name  String containing the env.var name to search for

- * @param envp  String array pointer to the environment variable

+ * @param envp  String array pointer to the environment variables

  *

  * @return Returns a pointer to the value in the environment variable

  *         table on successful match.  Otherwise NULL is returned

@@ -138,10 +138,11 @@ openvpn_plugin_open_v3(const int v3structver,

  * For the arguments, see the include/openvpn-plugin.h file

  * for details on the function parameters

  *

- * @param args        Pointer to a struct with details about the plug-in

- *                    call from the main OpenVPN process.

- * @param returndata  Pointer to a struct where the plug-in can provide

- *                    information back to OpenVPN to be processed

+ * @param handle   Pointer to the plug-in global context buffer, which

+ *                 need to be released by this function

+ * @param type     Type of the hook

+ * @param argv     String array pointer to arguments for the hook

+ * @param envp     String array pointer to current environment variables

  *

  * @return  Must return OPENVPN_PLUGIN_FUNC_SUCCESS or

  *          OPENVPN_PLUGIN_FUNC_DEFERRED on success.  Otherwise it

@@ -42,7 +42,7 @@

  *  Resizes the list of arguments struct argv can carry.  This resize

  *  operation will only increase the size, never decrease the size.

  *

- *  @param *a      Valid pointer to a struct argv to resize

+ *  @param a       Valid pointer to a struct argv to resize

  *  @param newcap  size_t with the new size of the argument list.

  */

 static void

@@ -66,7 +66,7 @@ argv_extend(struct argv *a, const size_t newcap)

  *  Initialise an already allocated struct argv.

  *  It is expected that the input argument is a valid pointer.

  *

- *  @param *a  Pointer to a struct argv to initialise

+ *  @param a  Pointer to a struct argv to initialise

  */

 static void

 argv_init(struct argv *a)

@@ -96,7 +96,7 @@ argv_new(void)

  *  Frees all memory allocations allocated by the struct argv

  *  related functions.

  *

- *  @param *a  Valid pointer to a struct argv to release memory from

+ *  @param a  Valid pointer to a struct argv to release memory from

  */

 void

 argv_free(struct argv *a)

@@ -108,7 +108,7 @@ argv_free(struct argv *a)

  *  Resets the struct argv to an initial state.  No memory buffers

  *  will be released by this call.

  *

- *  @param *a      Valid pointer to a struct argv to resize

+ *  @param a      Valid pointer to a struct argv to resize

  */

 static void

 argv_reset(struct argv *a)

@@ -133,7 +133,7 @@ argv_reset(struct argv *a)

  *  This approach ensures that the list does grow bulks and only when the

  *  current limit is reached.

  *

- *  @param *a   Valid pointer to the struct argv to extend

+ *  @param a    Valid pointer to the struct argv to extend

  *  @param add  size_t with the number of elements to add.

  *

  */

@@ -150,9 +150,9 @@ argv_grow(struct argv *a, const size_t add)

  *  This will ensure the list size in struct argv has the needed capacity to

  *  store the value.

  *

- *  @param *a    struct argv where to append the new string value

- *  @param *str  Pointer to string to append.  The provided string *MUST* have

- *               been malloc()ed or NULL.

+ *  @param a    struct argv where to append the new string value

+ *  @param str  Pointer to string to append.  The provided string *MUST* have

+ *              been malloc()ed or NULL.

  */

 static void

 argv_append(struct argv *a, char *str)

@@ -167,7 +167,7 @@ argv_append(struct argv *a, char *str)

  *  values being copied from the source input.

  *

  *

- *  @param *source   Valid pointer to the source struct argv to clone.  It may

+ *  @param source    Valid pointer to the source struct argv to clone.  It may

  *                   be NULL.

  *  @param headroom  Number of slots to leave empty in front of the slots

  *                   copied from the source.

@@ -199,8 +199,8 @@ argv_clone(const struct argv *source, const size_t headroom)

 /**

  *  Inserts an argument string in front of all other argument slots.

  *

- *  @param  *a     Valid pointer to the struct argv to insert the argument into

- *  @param  *head  Pointer to the char * string with the argument to insert

+ *  @param  a     Valid pointer to the struct argv to insert the argument into

+ *  @param  head  Pointer to the string with the argument to insert

  *

  *  @returns Returns a new struct argv with the inserted argument in front

  */

@@ -217,8 +217,8 @@ argv_insert_head(const struct argv *a, const char *head)

  *  Generate a single string with all the arguments in a struct argv

  *  concatenated.

  *

- *  @param *a    Valid pointer to the struct argv with the arguments to list

- *  @param *gc   Pointer to a struct gc_arena managed buffer

+ *  @param a     Valid pointer to the struct argv with the arguments to list

+ *  @param gc    Pointer to a struct gc_arena managed buffer

  *  @param flags Flags passed to the print_argv() function.

  *

  *  @returns Returns a string generated by print_argv() with all the arguments

@@ -237,7 +237,7 @@ argv_str(const struct argv *a, struct gc_arena *gc, const unsigned int flags)

  *  Write the arguments stored in a struct argv via the msg() command.

  *

  *  @param msglev  Integer with the message level used by msg().

- *  @param *a      Valid pointer to the struct argv with the arguments to write.

+ *  @param a       Valid pointer to the struct argv with the arguments to write.

  */

 void

 argv_msg(const int msglev, const struct argv *a)

@@ -251,9 +251,9 @@ argv_msg(const int msglev, const struct argv *a)

  *  Similar to argv_msg() but prefixes the messages being written with a

  *  given string.

  *

- *  @param msglev   Integer with the message level used by msg().

- *  @param *a       Valid pointer to the struct argv with the arguments to write

- *  @param *prefix  Valid char * pointer to the prefix string

+ *  @param msglev  Integer with the message level used by msg().

+ *  @param a       Valid pointer to the struct argv with the arguments to write

+ *  @param prefix  Valid pointer to the prefix string

  *

  */

 void

@@ -272,13 +272,13 @@ argv_msg_prefix(const int msglev, const struct argv *a, const char *prefix)

  *  format string, with space replaced by delim and adds the number of

  *  arguments to the count parameter.

  *

- *  @param *format  Pointer to a the format string to process

- *  @param delim    Char with the delimiter to use

- *  @param *count   size_t pointer used to return the number of

- *                  tokens (argument slots) found in the format string.

- *  @param *gc      Pointer to a gc_arena managed buffer.

+ *  @param format  Pointer to a the format string to process

+ *  @param delim   Char with the delimiter to use

+ *  @param count   size_t pointer used to return the number of

+ *                 tokens (argument slots) found in the format string.

+ *  @param gc      Pointer to a gc_arena managed buffer.

  *

- *  @returns Returns a parsed format string (char *), together with the

+ *  @returns Returns a parsed format string, together with the

  *           number of tokens parts found (via *count).  The result string

  *           is allocated within the gc_arena managed buffer.  If the

  *           gc_arena pointer is NULL, the returned string must be explicitly

@@ -332,11 +332,11 @@ argv_prep_format(const char *format, const char delim, size_t *count,

  *  argv_prep_format() before we let libc's printf() do the parsing.

  *  Then split the resulting string at the injected delimiters.

  *

- *  @param *argres  Valid pointer to a struct argv where the resulting parsed

- *                  arguments, based on the format string.

- *  @param *format  Char* string with a printf() compliant format string

- *  @param arglist  A va_list with the arguments to be consumed by the format

- *                  string

+ *  @param argres  Valid pointer to a struct argv where the resulting parsed

+ *                 arguments, based on the format string.

+ *  @param format  Char string with a printf() compliant format string

+ *  @param arglist A va_list with the arguments to be consumed by the format

+ *                 string

  *

  *  @returns Returns true if the parsing and processing was successfully.  If

  *           the resulting number of arguments does not match the expected

@@ -429,8 +429,8 @@ out:

  *  This will always reset and ensure the result is based on a pristine

  *  struct argv.

  *

- *  @param *argres  Valid pointer to a struct argv where the result will be put.

- *  @param *format  printf() compliant (char *) format string.

+ *  @param argres  Valid pointer to a struct argv where the result will be put.

+ *  @param format  printf() compliant format string.

  *

  *  @returns Returns true if the parsing was successful.  See

  *           argv_printf_arglist() for more details.  The parsed result will

@@ -453,8 +453,8 @@ argv_printf(struct argv *argres, const char *format, ...)

  *  struct argv and populets the argument slots based on the printf() based

  *  format string.

  *

- *  @param *argres  Valid pointer to a struct argv where the result will be put.

- *  @param *format  printf() compliant (char *) format string.

+ *  @param argres  Valid pointer to a struct argv where the result will be put.

+ *  @param format  printf() compliant format string.

  *

  *  @returns Returns true if the parsing was successful.  See

  *           argv_printf_arglist() for more details.  The parsed result will

@@ -474,9 +474,9 @@ argv_printf_cat(struct argv *argres, const char *format, ...)

  *  Parses a command string, tokenizes it and puts each element into a separate

  *  struct argv argument slot.

  *

- *  @params *argres  Valid pointer to a struct argv where the parsed result

- *                   will be found.

- *  @params *cmdstr  Char * based string to parse

+ *  @param argres  Valid pointer to a struct argv where the parsed result

+ *                 will be found.

+ *  @param cmdstr  Char based string to parse

  *

  */

 void

@@ -1218,7 +1218,7 @@ struct buffer_list *buffer_list_file(const char *fn, int max_line_len);

 /**

  * buffer_read_from_file - copy the content of a file into a buffer

  *

- * @param file      path to the file to read

+ * @param filename  path to the file to read

  * @param gc        the garbage collector to use when allocating the buffer. It

  *                  is passed to alloc_buf_gc() and therefore can be NULL.

  *

@@ -112,7 +112,7 @@ query_user_exec(void)

 /**

- * A plain "make Gert happy" wrapper.  Same arguments as @query_user_add

+ * A plain "make Gert happy" wrapper.  Same arguments as query_user_add()

  *

  * FIXME/TODO: Remove this when refactoring the complete user query process

  *             to be called at start-up initialization of OpenVPN.

@@ -166,7 +166,7 @@ open_tty(const bool write)

 /**

  * Closes the TTY FILE pointer, but only if it is not a stdin/stderr FILE object.

  *

- * @params fp     FILE pointer to close

+ * @param fp     FILE pointer to close

  *

  */

 static void

@@ -184,10 +184,10 @@ close_tty(FILE *fp)

 /**

  *  Core function for getting input from console

  *

- *  @params prompt    The prompt to present to the user

- *  @params echo      Should the user see what is being typed

- *  @params input     Pointer to the buffer used to save the user input

- *  @params capacity  Size of the input buffer

+ *  @param prompt    The prompt to present to the user

+ *  @param echo      Should the user see what is being typed

+ *  @param input     Pointer to the buffer used to save the user input

+ *  @param capacity  Size of the input buffer

  *

  *  @returns Returns True if user input was gathered

  */

@@ -23,7 +23,8 @@

  */

 /**

- * @file Alternative method to query for user input, using systemd

+ * @file

+ * Alternative method to query for user input, using systemd

  *

  */

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography Module

+ * @file

+ * Data Channel Cryptography Module

  *

  * @addtogroup data_crypto Data Channel Crypto module

  *

@@ -491,7 +492,7 @@ bool crypto_check_replay(struct crypto_options *opt,

  * this and add it themselves.

  *

  * @param kt            Struct with the crypto algorithm to use

- * @param packet_id_size Size of the packet id

+ * @param pkt_id_size   Size of the packet id

  * @param occ           if true calculates the overhead for crypto in the same

  *                      incorrect way as all previous OpenVPN versions did, to

  *                      end up with identical numbers for OCC compatibility

@@ -509,7 +510,7 @@ unsigned int crypto_max_overhead(void);

  * and write to file.

  *

  * @param filename          Filename of the server key file to create.

- * @param pem_name          The name to use in the PEM header/footer.

+ * @param key_name          The name to use in the PEM header/footer.

  */

 void

 write_pem_key_file(const char *filename, const char *key_name);

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography SSL library-specific backend interface

+ * @file

+ * Data Channel Cryptography SSL library-specific backend interface

  */

 #ifndef CRYPTO_BACKEND_H_

@@ -339,7 +340,7 @@ void cipher_ctx_free(cipher_ctx_t *ctx);

  *                      \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT).

  */

 void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key,

-                     const char *cipername, crypto_operation_t enc);

+                     const char *ciphername, crypto_operation_t enc);

 /**

  * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is

@@ -357,7 +358,7 @@ int cipher_ctx_iv_length(const cipher_ctx_t *ctx);

  *

  * @param ctx           The cipher's context

  * @param tag           The buffer to write computed tag in.

- * @param tag_size      The tag buffer size, in bytes.

+ * @param tag_len       The tag buffer size, in bytes.

  */

 int cipher_ctx_get_tag(cipher_ctx_t *ctx, uint8_t *tag, int tag_len);

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography mbed TLS-specific backend interface

+ * @file

+ * Data Channel Cryptography mbed TLS-specific backend interface

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography mbed TLS-specific backend interface

+ * @file

+ * Data Channel Cryptography mbed TLS-specific backend interface

  */

 #ifndef CRYPTO_MBEDTLS_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography OpenSSL-specific backend interface

+ * @file

+ * Data Channel Cryptography OpenSSL-specific backend interface

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Data Channel Cryptography OpenSSL-specific backend interface

+ * @file

+ * Data Channel Cryptography OpenSSL-specific backend interface

  */

 #ifndef CRYPTO_OPENSSL_H_

@@ -110,8 +111,7 @@ void crypto_print_openssl_errors(const unsigned int flags);

  * This is just a convenience wrapper for often occurring situations.

  *

  * @param flags         Flags to indicate error type and priority.

- * @param format        Format string to print.

- * @param format args   (optional) arguments for the format string.

+ * @param ...           Format string and optional format arguments

  */

 #define crypto_msg(flags, ...) \

     do { \

@@ -34,7 +34,7 @@

  * Parses a string as port and stores it

  *

  * @param   port        Pointer to in_port_t where the port value is stored

- * @param   addr        Port number as string

+ * @param   port_str    Port number as string

  * @return              True if parsing was successful

  */

 static bool

@@ -86,11 +86,11 @@ void process_io(struct context *c, struct link_socket *sock);

  * - Check that the client authentication has succeeded; if not, drop the

  *   packet.

  * - If the \a comp_frag argument is true:

- *   - Call \c lzo_compress() of the \link Data Channel Compression

+ *   - Call \c lzo_compress() of the \link compression Data Channel Compression

  *     module\endlink to (possibly) compress the packet.

- *   - Call \c fragment_outgoing() of the \link Data Channel Fragmentation

+ *   - Call \c fragment_outgoing() of the \link fragmentation Data Channel Fragmentation

  *     module\endlink to (possibly) fragment the packet.

- * - Activate the \link Data Channel Crypto module\endlink to perform

+ * - Activate the \link data_crypto Data Channel Crypto module\endlink to perform

  *   security operations on the packet.

  *   - Call \c tls_pre_encrypt() to choose the appropriate security

  *     parameters for this packet.

@@ -294,8 +294,8 @@ ce_management_query_proxy(struct context *c)

  *

  * This will write the control message

  *

- *  command parm1,parm2,..

- *  .

+ *  command parm1,parm2,...

+ *

  * to the control channel.

  *

  * @param arg           The context struct

@@ -2278,7 +2278,7 @@ add_delim_if_non_empty(struct buffer *buf, const char *header)

 /**

  * Prints the results of options imported for the data channel

- * @param o

+ * @param c

  */

 static void

 tls_print_deferred_options_results(struct context *c)

@@ -22,7 +22,8 @@

  */

 /**

- * @file Data Channel Compression module function definitions.

+ * @file

+ * Data Channel Compression module function definitions.

  */

 #ifdef HAVE_CONFIG_H

@@ -1240,6 +1240,7 @@ man_load_stats(struct management *man)

  * Checks if the correct number of arguments to a management command are present

  * and otherwise prints an error and returns false.

  *

+ * @param man       The management interface struct

  * @param p         pointer to the parameter array

  * @param n         number of arguments required

  * @param flags     if MN_AT_LEAST require at least n parameters and not exactly n

@@ -22,8 +22,8 @@

  */

 /**

- * @file mbedtls compatibility stub

- *

+ * @file

+ * mbedtls compatibility stub.

  * This file provide compatibility stubs for the mbedtls libraries

  * prior to version 3. This version made most fields in structs private

  * and requires accessor functions to be used. For earlier versions, we

@@ -22,7 +22,8 @@

  */

 /**

- * @file Header file for server-mode related structures and functions.

+ * @file

+ * Header file for server-mode related structures and functions.

  */

 #ifndef MULTI_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file OpenSSL compatibility stub

+ * @file

+ * OpenSSL compatibility stub

  *

  * This file provide compatibility stubs for the OpenSSL libraries

  * prior to version 1.1. This version introduces many changes in the

@@ -23,7 +23,8 @@

  */

 /**

- * @file PKCS #11 SSL library-specific backend

+ * @file

+ * PKCS #11 SSL library-specific backend

  */

 #ifndef PKCS11_BACKEND_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file PKCS #11 mbed TLS backend

+ * @file

+ * PKCS #11 mbed TLS backend

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file PKCS #11 OpenSSL backend

+ * @file

+ * PKCS #11 OpenSSL backend

  */

 #ifdef HAVE_CONFIG_H

@@ -604,7 +604,7 @@ prepare_auth_token_push_reply(struct tls_multi *tls_multi, struct gc_arena *gc,

 /**

  * Prepare push options, based on local options

  *

- * @param context       context structure storing data for VPN tunnel

+ * @param c             context structure storing data for VPN tunnel

  * @param gc            gc arena for allocating push options

  * @param push_list     push list to where options are added

  *

@@ -24,7 +24,8 @@

  */

 /**

- * @file Control Channel SSL/Data channel negotiation Module

+ * @file

+ * Control Channel SSL/Data channel negotiation Module

  */

 /*

@@ -98,7 +99,7 @@ show_tls_performance_stats(void)

 /**

  * Limit the reneg_bytes value when using a small-block (<128 bytes) cipher.

  *

- * @param cipher        The current cipher (may be NULL).

+ * @param ciphername    The current cipher (may be NULL).

  * @param reneg_bytes   Pointer to the current reneg_bytes, updated if needed.

  *                      May *not* be NULL.

  */

@@ -461,10 +462,10 @@ tls_version_parse(const char *vstr, const char *extra)

  * - the CRL file was passed inline

  * - the CRL file was not modified since the last (re)load

  *

- * @param ssl_ctx       The TLS context to use when reloading the CRL

- * @param crl_file      The file name to load the CRL from, or

- *                      "[[INLINE]]" in the case of inline files.

- * @param crl_inline    A string containing the CRL

+ * @param ssl_ctx         The TLS context to use when reloading the CRL

+ * @param crl_file        The file name to load the CRL from, or

+ *                        or an array containing the inline CRL.

+ * @param crl_file_inline True if crl_file is an inline CRL.

  */

 static void

 tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file,

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel SSL/Data channel negotiation module

+ * @file

+ * Control Channel SSL/Data channel negotiation module

  */

 #ifndef OPENVPN_SSL_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel SSL library backend module

+ * @file

+ * Control Channel SSL library backend module

  */

@@ -252,7 +253,7 @@ int tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file,

  * context.

  *

  * @param ctx                   TLS context to use

- * @param crypto_api_cert       String representing the certificate to load.

+ * @param cryptoapi_cert       String representing the certificate to load.

  */

 #ifdef ENABLE_CRYPTOAPI

 void tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert);

@@ -506,7 +507,6 @@ int key_state_write_ciphertext(struct key_state_ssl *ks_ssl,

  * @param ks_ssl       - The security parameter state for this %key

  *                       session.

  * @param buf          - A buffer in which to store the plaintext.

- * @param maxlen       - The maximum number of bytes to extract.

  *

  * @return The return value indicates whether the data was successfully

  *     processed:

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Common Data Structures

+ * @file

+ * Control Channel Common Data Structures

  */

 #ifndef SSL_COMMON_H_

@@ -24,7 +24,8 @@

  */

 /**

- * @file Control Channel mbed TLS Backend

+ * @file

+ * Control Channel mbed TLS Backend

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel mbed TLS Backend

+ * @file

+ * Control Channel mbed TLS Backend

  */

 #ifndef SSL_MBEDTLS_H_

@@ -67,9 +68,9 @@ typedef struct {

  *

  * @param sign_ctx  The context for the signing function.

  * @param src       The data to be signed,

- * @param src_len   The length of src, in bytes.

+ * @param src_size  The length of src, in bytes.

  * @param dst       The destination buffer for the signature.

- * @param dst_len   The length of the destination buffer.

+ * @param dst_size  The length of the destination buffer.

  *

  * @return true if signing succeeded, false otherwise.

  */

@@ -24,7 +24,8 @@

  */

 /**

- * @file Control Channel SSL/Data dynamic negotiation Module

+ * @file

+ * Control Channel SSL/Data dynamic negotiation Module

  * This file is split from ssl.c to be able to unit test it.

  */

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel SSL/Data dynamic negotiation Module

+ * @file

+ * Control Channel SSL/Data dynamic negotiation Module

  * This file is split from ssl.h to be able to unit test it.

  */

@@ -90,7 +91,7 @@ tls_peer_ncp_list(const char *peer_info, struct gc_arena *gc);

  * Check whether the ciphers in the supplied list are supported.

  *

  * @param list          Colon-separated list of ciphers

- * @parms gc            gc_arena to allocate the returned string

+ * @param gc            gc_arena to allocate the returned string

  *

  * @returns             colon separated string of normalised (via

  *                      translate_cipher_name_from_openvpn) and

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel OpenSSL Backend

+ * @file

+ * Control Channel OpenSSL Backend

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel OpenSSL Backend

+ * @file

+ * Control Channel OpenSSL Backend

  */

 #ifndef SSL_OPENSSL_H_

@@ -22,9 +22,10 @@

  */

 /**

- * @file SSL control channel wrap/unwrap and decode functions. This file

- *        (and its .c file) is designed to to be included in units/etc without

- *        pulling in a lot of dependencies

+ * @file

+ * SSL control channel wrap/unwrap and decode functions.

+ * This file (and its .c file) is designed to to be included in units/etc without

+ * pulling in a lot of dependencies.

  */

 #ifndef SSL_PKT_H

@@ -182,7 +183,7 @@ calculate_session_id_hmac(struct session_id client_sid,

 /**

  * Checks if a control packet has a correct HMAC server session id

  *

- * @param client_sid    session id of the client

+ * @param state         session information

  * @param from          link_socket from the client

  * @param hmac          the hmac context to use for the calculation

  * @param handwindow    the quantisation of the current time

@@ -22,8 +22,10 @@

  */

 /**

- * @file SSL utility function. This file (and its .c file) is designed to

- *       to be included in units/etc without pulling in a lot of dependencies

+ * @file

+ * SSL utility functions.

+ * This file (and its .c file) is designed to to be included in units/etc

+ * without pulling in a lot of dependencies.

  */

 #ifndef SSL_UTIL_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module

+ * @file

+ * Control Channel Verification Module

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module

+ * @file

+ * Control Channel Verification Module

  */

 #ifndef SSL_VERIFY_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module library-specific backend interface

+ * @file

+ * Control Channel Verification Module library-specific backend interface

  */

 #ifndef SSL_VERIFY_BACKEND_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module mbed TLS backend

+ * @file

+ * Control Channel Verification Module mbed TLS backend

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module mbed TLS backend

+ * @file

+ * Control Channel Verification Module mbed TLS backend

  */

 #ifndef SSL_VERIFY_MBEDTLS_H_

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module OpenSSL implementation

+ * @file

+ * Control Channel Verification Module OpenSSL implementation

  */

 #ifdef HAVE_CONFIG_H

@@ -23,7 +23,8 @@

  */

 /**

- * @file Control Channel Verification Module OpenSSL backend

+ * @file

+ * Control Channel Verification Module OpenSSL backend

  */

@@ -167,8 +167,8 @@ bool tls_crypt_unwrap(const struct buffer *src, struct buffer *dst,

 /**

  * Initialize a tls-crypt-v2 server key (used to encrypt/decrypt client keys).

  *

- * @param key           Key structure to be initialized.  Must be non-NULL.

- * @parem encrypt       If true, initialize the key structure for encryption,

+ * @param key_ctx       Key structure to be initialized.  Must be non-NULL.

+ * @param encrypt       If true, initialize the key structure for encryption,

  *                      otherwise for decryption.

  * @param key_file      File path of the key file to load or the key itself if

  *                      key_inline is true.

@@ -1104,7 +1104,7 @@ create_arbitrary_remote( struct tuntap *tt )

  *

  * @param tt        the tuntap interface context

  * @param ifname    the human readable interface name

- * @param mtu       the MTU value to set the interface to

+ * @param tun_mtu   the MTU value to set the interface to

  * @param es        the environment to be used when executing the commands

  * @param ctx       the networking API opaque context

  */

@@ -1303,7 +1303,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu,

  *

  * @param tt        the tuntap interface context

  * @param ifname    the human readable interface name

- * @param mtu       the MTU value to set the interface to

+ * @param tun_mtu   the MTU value to set the interface to

  * @param es        the environment to be used when executing the commands

  * @param ctx       the networking API opaque context

  */

@@ -330,7 +330,7 @@ void do_ifconfig_setenv(const struct tuntap *tt,

  *

  * @param tt        the tuntap interface context

  * @param ifname    the human readable interface name

- * @param mtu       the MTU value to set the interface to

+ * @param tun_mtu   the MTU value to set the interface to