Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h
index 517cd5b..11f256c 100644
--- a/include/polarssl/asn1.h
+++ b/include/polarssl/asn1.h
@@ -39,15 +39,15 @@
 
 #include <string.h>
 
-/** 
+/**
  * \addtogroup asn1_module
- * \{ 
+ * \{
  */
- 
+
 /**
  * \name ASN1 Error codes
  * These error codes are OR'ed to X509 error codes for
- * higher error granularity. 
+ * higher error granularity.
  * ASN1 is a standard to specify data structures.
  * \{
  */
@@ -274,7 +274,7 @@
 int asn1_get_mpi( unsigned char **p,
                   const unsigned char *end,
                   mpi *X );
-#endif
+#endif /* POLARSSL_BIGNUM_C */
 
 /**
  * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence.
diff --git a/include/polarssl/asn1write.h b/include/polarssl/asn1write.h
index d7f7b52..9c36030 100644
--- a/include/polarssl/asn1write.h
+++ b/include/polarssl/asn1write.h
@@ -85,7 +85,7 @@
  * \return          the length written or a negative error code
  */
 int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X );
-#endif
+#endif /* POLARSSL_BIGNUM_C */
 
 /**
  * \brief           Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format
diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h
index bfd4ce0..2c3f4b4 100644
--- a/include/polarssl/bignum.h
+++ b/include/polarssl/bignum.h
@@ -51,7 +51,7 @@
 typedef UINT64 uint64_t;
 #else
 #include <inttypes.h>
-#endif
+#endif /* _MSC_VER && !EFIX64 && !EFI32 */
 
 #define POLARSSL_ERR_MPI_FILE_IO_ERROR                     -0x0002  /**< An error occurred while reading from or writing to a file. */
 #define POLARSSL_ERR_MPI_BAD_INPUT_DATA                    -0x0004  /**< Bad input parameters to function. */
@@ -644,7 +644,7 @@
 /**
  * \brief          Sliding-window exponentiation: X = A^E mod N
  *
- * \param X        Destination MPI 
+ * \param X        Destination MPI
  * \param A        Left-hand MPI
  * \param E        Exponent MPI
  * \param N        Modular MPI
diff --git a/include/polarssl/bn_mul.h b/include/polarssl/bn_mul.h
index 870be37..39dee41 100644
--- a/include/polarssl/bn_mul.h
+++ b/include/polarssl/bn_mul.h
@@ -329,7 +329,7 @@
     );
 
 
-#else
+#else /* __MACH__ && __APPLE__ */
 
 #define MULADDC_INIT                \
     asm(                            \
@@ -369,7 +369,7 @@
         : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
     );
 
-#endif
+#endif /* __MACH__ && __APPLE__ */
 
 #else /* PPC32 */
 
@@ -413,7 +413,7 @@
         : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
     );
 
-#else
+#else /* __MACH__ && __APPLE__ */
 
 #define MULADDC_INIT                \
     asm(                            \
@@ -453,7 +453,7 @@
         : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
     );
 
-#endif
+#endif /* __MACH__ && __APPLE__ */
 
 #endif /* PPC32 */
 #endif /* PPC64 */
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index a768c61..9dbdb85 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -72,7 +72,7 @@
  * \param ctx      CAMELLIA context to be initialized
  * \param key      encryption key
  * \param keysize  must be 128, 192 or 256
- * 
+ *
  * \return         0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
  */
 int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
@@ -83,7 +83,7 @@
  * \param ctx      CAMELLIA context to be initialized
  * \param key      decryption key
  * \param keysize  must be 128, 192 or 256
- * 
+ *
  * \return         0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
  */
 int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
@@ -95,7 +95,7 @@
  * \param mode     CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
  * \param input    16-byte input block
  * \param output   16-byte output block
- * 
+ *
  * \return         0 if successful
  */
 int camellia_crypt_ecb( camellia_context *ctx,
@@ -115,7 +115,7 @@
  * \param iv       initialization vector (updated after use)
  * \param input    buffer holding the input data
  * \param output   buffer holding the output data
- * 
+ *
  * \return         0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
  */
 int camellia_crypt_cbc( camellia_context *ctx,
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index c8b8490..e034fac 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -1,6 +1,6 @@
 /**
  * \file cipher.h
- * 
+ *
  * \brief Generic cipher wrapper.
  *
  * \author Adriaan de Jong <dejong@fox-it.com>
diff --git a/include/polarssl/cipher_wrap.h b/include/polarssl/cipher_wrap.h
index 49d2661..46bc757 100644
--- a/include/polarssl/cipher_wrap.h
+++ b/include/polarssl/cipher_wrap.h
@@ -1,6 +1,6 @@
 /**
  * \file cipher_wrap.h
- * 
+ *
  * \brief Cipher wrappers.
  *
  * \author Adriaan de Jong <dejong@fox-it.com>
diff --git a/include/polarssl/compat-1.2.h b/include/polarssl/compat-1.2.h
index 7ebc9c1..15b5aa1 100644
--- a/include/polarssl/compat-1.2.h
+++ b/include/polarssl/compat-1.2.h
@@ -171,7 +171,7 @@
 #warning "rsa_pkcs1_verify() prototype changed. Manual change required if used"
 #warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used"
 #endif
-#endif
+#endif /* POLARSSL_RSA_C */
 
 #if defined(POLARSSL_DHM_C)
 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
diff --git a/include/polarssl/ctr_drbg.h b/include/polarssl/ctr_drbg.h
index 5673fad..a71b0ff 100644
--- a/include/polarssl/ctr_drbg.h
+++ b/include/polarssl/ctr_drbg.h
@@ -108,7 +108,7 @@
 
 /**
  * \brief               CTR_DRBG initialization
- * 
+ *
  * Note: Personalization data can be provided in addition to the more generic
  *       entropy source to make this instantiation as unique as possible.
  *
@@ -163,7 +163,7 @@
 
 /**
  * \brief               CTR_DRBG reseeding (extracts data from entropy source)
- * 
+ *
  * \param ctx           CTR_DRBG context
  * \param additional    Additional data to add to state (Can be NULL)
  * \param len           Length of additional data
@@ -245,7 +245,7 @@
  *                      POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG
  */
 int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
-#endif
+#endif /* POLARSSL_FS_IO */
 
 /**
  * \brief               Checkup routine
diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h
index 7b51cbb..0dd79d5 100644
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@@ -81,7 +81,7 @@
     debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
 #endif
 
-#else
+#else /* POLARSSL_DEBUG_C */
 
 #define SSL_DEBUG_MSG( level, args )            do { } while( 0 )
 #define SSL_DEBUG_RET( level, text, ret )       do { } while( 0 )
@@ -90,7 +90,7 @@
 #define SSL_DEBUG_ECP( level, text, X )         do { } while( 0 )
 #define SSL_DEBUG_CRT( level, text, crt )       do { } while( 0 )
 
-#endif
+#endif /* POLARSSL_DEBUG_C */
 
 #ifdef __cplusplus
 extern "C" {
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 4665ff9..628cd62 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -285,4 +285,4 @@
 }
 #endif
 
-#endif
+#endif /* dhm.h */
diff --git a/include/polarssl/ecdh.h b/include/polarssl/ecdh.h
index 3c4800b..9cd0d4f 100644
--- a/include/polarssl/ecdh.h
+++ b/include/polarssl/ecdh.h
@@ -212,4 +212,4 @@
 }
 #endif
 
-#endif
+#endif /* ecdh.h */
diff --git a/include/polarssl/ecdsa.h b/include/polarssl/ecdsa.h
index 4f06328..71e5a0c 100644
--- a/include/polarssl/ecdsa.h
+++ b/include/polarssl/ecdsa.h
@@ -90,7 +90,7 @@
 int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
                     const mpi *d, const unsigned char *buf, size_t blen,
                     md_type_t md_alg );
-#endif
+#endif /* POLARSSL_ECDSA_DETERMINISTIC */
 
 /**
  * \brief           Verify ECDSA signature of a previously hashed message
@@ -163,7 +163,7 @@
                                const unsigned char *hash, size_t hlen,
                                unsigned char *sig, size_t *slen,
                                md_type_t md_alg );
-#endif
+#endif /* POLARSSL_ECDSA_DETERMINISTIC */
 
 /**
  * \brief           Read and verify an ECDSA signature
@@ -233,4 +233,4 @@
 }
 #endif
 
-#endif
+#endif /* ecdsa.h */
diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index 2b56d27..333986d 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -648,4 +648,4 @@
 }
 #endif
 
-#endif
+#endif /* ecp.h */
diff --git a/include/polarssl/entropy.h b/include/polarssl/entropy.h
index 4f4f8f7..784be16 100644
--- a/include/polarssl/entropy.h
+++ b/include/polarssl/entropy.h
@@ -191,7 +191,7 @@
 /**
  * \brief           Add data to the accumulator manually
  *                  (Thread-safe if POLARSSL_THREADING_C is enabled)
- * 
+ *
  * \param ctx       Entropy context
  * \param data      Data to add
  * \param len       Length of data
@@ -227,7 +227,7 @@
  *                      POLARSSL_ERR_ENTROPY_SOURCE_FAILED
  */
 int entropy_update_seed_file( entropy_context *ctx, const char *path );
-#endif
+#endif /* POLARSSL_FS_IO */
 
 #ifdef __cplusplus
 }
diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h
index 709f25d..2d765d5 100644
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@@ -265,7 +265,7 @@
  *                      POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG
  */
 int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path );
-#endif
+#endif /* POLARSSL_FS_IO */
 
 
 #if defined(POLARSSL_SELF_TEST)
diff --git a/include/polarssl/md.h b/include/polarssl/md.h
index 2c772b1..796c0df 100644
--- a/include/polarssl/md.h
+++ b/include/polarssl/md.h
@@ -1,6 +1,6 @@
 /**
  * \file md.h
- * 
+ *
  * \brief Generic message digest wrapper
  *
  * \author Adriaan de Jong <dejong@fox-it.com>
diff --git a/include/polarssl/md_wrap.h b/include/polarssl/md_wrap.h
index 634bb7d..eb1db0f 100644
--- a/include/polarssl/md_wrap.h
+++ b/include/polarssl/md_wrap.h
@@ -1,6 +1,6 @@
 /**
  * \file md_wrap.h
- * 
+ *
  * \brief Message digest wrappers.
  *
  * \author Adriaan de Jong <dejong@fox-it.com>
diff --git a/include/polarssl/openssl.h b/include/polarssl/openssl.h
index 0e9de22..b77e7da 100644
--- a/include/polarssl/openssl.h
+++ b/include/polarssl/openssl.h
@@ -98,7 +98,7 @@
 
     memset( rsa, 0, sizeof( rsa_context ) );
 
-    if( ( len ==  94 && 
+    if( ( len ==  94 &&
           mpi_read_binary( &rsa->N, &buffer[ 25],  64 ) == 0 &&
           mpi_read_binary( &rsa->E, &buffer[ 91],   3 ) == 0 ) ||
         ( len == 162 &&
diff --git a/include/polarssl/pkcs11.h b/include/polarssl/pkcs11.h
index 1e4ed38..74859c0 100644
--- a/include/polarssl/pkcs11.h
+++ b/include/polarssl/pkcs11.h
@@ -148,7 +148,7 @@
                            output_max_len );
 }
 
-static inline int ssl_pkcs11_sign( void *ctx, 
+static inline int ssl_pkcs11_sign( void *ctx,
                      int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
                      int mode, md_type_t md_alg, unsigned int hashlen,
                      const unsigned char *hash, unsigned char *sig )
diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h
index fd9b80a..eae887a 100644
--- a/include/polarssl/platform.h
+++ b/include/polarssl/platform.h
@@ -86,10 +86,10 @@
  */
 int platform_set_malloc_free( void * (*malloc_func)( size_t ),
                               void (*free_func)( void * ) );
-#else
+#else /* POLARSSL_PLATFORM_ENTROPY */
 #define polarssl_malloc     malloc
 #define polarssl_free       free
-#endif
+#endif /* POLARSSL_PLATFORM_ENTROPY */
 
 /*
  * The function pointers for printf
@@ -105,9 +105,9 @@
  * \return              0
  */
 int platform_set_printf( int (*printf_func)( const char *, ... ) );
-#else
+#else /* POLARSSL_PLATFORM_PRINTF_ALT */
 #define polarssl_printf     printf
-#endif
+#endif /* POLARSSL_PLATFORM_PRINTF_ALT */
 
 /*
  * The function pointers for fprintf
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 401908a..9cbd512 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -168,10 +168,10 @@
 #else
 #if defined(POLARSSL_SSL_PROTO_TLS1_2)
 #define SSL_MIN_MINOR_VERSION           SSL_MINOR_VERSION_3
-#endif
-#endif
-#endif
-#endif
+#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
+#endif /* POLARSSL_SSL_PROTO_TLS1_1 */
+#endif /* POLARSSL_SSL_PROTO_TLS1   */
+#endif /* POLARSSL_SSL_PROTO_SSL3   */
 
 /* Determine maximum supported version */
 #define SSL_MAX_MAJOR_VERSION           SSL_MAJOR_VERSION_3
@@ -187,10 +187,10 @@
 #else
 #if defined(POLARSSL_SSL_PROTO_SSL3)
 #define SSL_MAX_MINOR_VERSION           SSL_MINOR_VERSION_0
-#endif
-#endif
-#endif
-#endif
+#endif /* POLARSSL_SSL_PROTO_SSL3   */
+#endif /* POLARSSL_SSL_PROTO_TLS1   */
+#endif /* POLARSSL_SSL_PROTO_TLS1_1 */
+#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
 
 /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
  * NONE must be zero so that memset()ing structure to zero works */
@@ -395,7 +395,7 @@
  */
 typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen,
                         const unsigned char *input, unsigned char *output,
-                        size_t output_max_len ); 
+                        size_t output_max_len );
 typedef int (*rsa_sign_func)( void *ctx,
                      int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
                      int mode, md_type_t md_alg, unsigned int hashlen,
@@ -545,7 +545,7 @@
 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
     ssl_key_cert *sni_key_cert;         /*!<  key/cert list from SNI  */
 #endif
-#endif
+#endif /* POLARSSL_X509_CRT_PARSE_C */
 
     /*
      * Checksum contexts
@@ -814,7 +814,7 @@
 extern int (*ssl_hw_record_write)(ssl_context *ssl);
 extern int (*ssl_hw_record_read)(ssl_context *ssl);
 extern int (*ssl_hw_record_finish)(ssl_context *ssl);
-#endif
+#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */
 
 /**
  * \brief Returns the list of ciphersuites supported by the SSL/TLS module.
@@ -1195,7 +1195,7 @@
  * \return         0 if successful
  */
 int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
-#endif
+#endif /* POLARSSL_DHM_C */
 
 #if defined(POLARSSL_SSL_SET_CURVES)
 /**
@@ -1217,7 +1217,7 @@
  *                 terminated by POLARSSL_ECP_DP_NONE.
  */
 void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves );
-#endif
+#endif /* POLARSSL_SSL_SET_CURVES */
 
 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
 /**
@@ -1395,7 +1395,7 @@
 /**
  * \brief          Prevent or allow legacy renegotiation.
  *                 (Default: SSL_LEGACY_NO_RENEGOTIATION)
- *                 
+ *
  *                 SSL_LEGACY_NO_RENEGOTIATION allows connections to
  *                 be established even if the peer does not support
  *                 secure renegotiation, but does not allow renegotiation