trim all whitespace at EOL.

also, align comment blocks for better code readability.

Signed-off-by: António Meireles <antonio.meireles@reformi.st>

testssl.sh

@@ -66,27 +66,27 @@ readonly PROG_DIR=$(readlink "$BASH_SOURCE") 2>/dev/null
 
 OPENSSL=${OPENSSL:-/usr/bin/openssl}
 MAP_RFC_FNAME=""
-COLOR=${COLOR:-2}					# 2: Full color, 1: b/w+positioning, 0: no ESC at all
+COLOR=${COLOR:-2}				# 2: Full color, 1: b/w+positioning, 0: no ESC at all
 SHOW_LOC_CIPH=${SHOW_LOC_CIPH:-1} 		# will client side ciphers displayed before an individual test (makes no sense normally)
 SHOW_EACH_C=${SHOW_EACH_C:-0}			# where individual ciphers are tested show just the positively ones tested #FIXME: wrong value
-SNEAKY=${SNEAKY:-1}					# if zero: the referer and useragent we leave while checking the http header is just usual
+SNEAKY=${SNEAKY:-1}				# if zero: the referer and useragent we leave while checking the http header is just usual
 SSL_NATIVE=${SSL_NATIVE:-1}			# we do per default bash sockets where possible 0: switch back to native openssl
 ASSUMING_HTTP=${ASSUMING_HTTP:-1}		# in seldom cases (WAF, old servers/grumpy SSL) the service detection fails. Set to 0 for forcing HTTP
-DEBUG=${DEBUG:-0}					# if 1 the temp files won't be erased. 2: list more what's going on (formerly: eq VERBOSE=1), 
-								# 3: slight hexdumps + other info, 4: send bytes via sockets, 5: received, 6: whole 9 yards 
-								#FIXME: still to be filled with (more) sense or following to be included:
+DEBUG=${DEBUG:-0}				# if 1 the temp files won't be erased. 2: list more what's going on (formerly: eq VERBOSE=1),
+						# 3: slight hexdumps + other info, 4: send bytes via sockets, 5: received, 6: whole 9 yards
+						# FIXME: still to be filled with (more) sense or following to be included:
 VERBERR=${VERBERR:-1}				# 0 means to be more verbose (handshake errors to be displayed so that one can tell better
-								# whether handshake succeeded or not. While testing individual ciphers you also need to have SHOW_EACH_C=1
+						# whether handshake succeeded or not. While testing individual ciphers you also need to have SHOW_EACH_C=1
 WIDE=${WIDE:-1}					# whether to display for some options the cipher or the table with hexcode/KX,Enc,strength etc.
 
-HEADER_MAXSLEEP=${HEADER_MAXSLEEP:-5}	# we wait this long before killing the process to retrieve a service banner / http header
-readonly MAX_WAITSOCK=10				# waiting at max 10 seconds for socket reply 
+HEADER_MAXSLEEP=${HEADER_MAXSLEEP:-5}		# we wait this long before killing the process to retrieve a service banner / http header
+readonly MAX_WAITSOCK=10			# waiting at max 10 seconds for socket reply
 readonly CCS_MAX_WAITSOCK=5			# for the two CCS payload (each)
 readonly HEARTBLEED_MAX_WAITSOCK=8		# for the heartbleed payload
 USLEEP_SND=${USLEEP_SND:-0.1}			# sleep time for general socket send
-USLEEP_REC=${USLEEP_REC:-0.2} 		# sleep time for general socket receive
+USLEEP_REC=${USLEEP_REC:-0.2} 			# sleep time for general socket receive
 
-CAPATH="${CAPATH:-/etc/ssl/certs/}"	# Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d)
+CAPATH="${CAPATH:-/etc/ssl/certs/}"		# Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d)
 readonly HSTS_MIN=179				# >179 days is ok for HSTS
 readonly HPKP_MIN=30				# >=30 days should be ok for HPKP_MIN, practical hints?
 readonly CLIENT_MIN_PFS=5			# number of ciphers needed to run a test for PFS
@@ -95,8 +95,8 @@ readonly DAYS2WARN2=30				# days to warn before cert expires, threshold 2
 
 # more global vars, here just declared
 readonly ECHO="/usr/bin/printf --"		# works under Linux, BSD, MacOS.
-TERM_DWITH=${COLUMNS:-$(tput cols)} 	# for future costum line wrapping 
-TERM_CURRPOS=0						#   ^^^ we also need to find out the length or current pos in the line
+TERM_DWITH=${COLUMNS:-$(tput cols)} 		# for future custom line wrapping
+TERM_CURRPOS=0					# ^^^ we also need to find out the length or current pos in the line
 readonly SYSTEM=$(uname -s)			# OS
 if date --help >/dev/null 2>&1; then
 	readonly HAS_GNUDATE=true
@@ -122,19 +122,20 @@ LEN_STR=""
 SNI=""
 IP4=""
 IP6=""
-OSSL_VER=""			# openssl version, will be autodetermined
+OSSL_VER=""					# openssl version, will be autodetermined
 OSSL_VER_MAJOR=0
 OSSL_VER_MINOR=0
 OSSL_VER_APPENDIX="none"
 HAS_DH_BITS=true
 NODEIP=""
 VULN_COUNT=0
-readonly VULN_THRESHLD=1	# if bigger than this no we show a separate header in blue
+readonly VULN_THRESHLD=1			# if bigger than this no we show a separate header in blue
 IPS=""
-SERVICE=""			# is the server running an HTTP server, SMTP, POP or IMAP?
+SERVICE=""					# is the server running an HTTP server, SMTP, POP or IMAP?
 URI=""
 STARTTLS_PROTOCOL=""
-OPTIMAL_PROTO=""		# we need this for IIS6 (sigh) and OpenSSL 1.02, otherwise some handshakes will fail, see https://github.com/PeterMosmans/openssl/issues/19#issuecomment-100897892
+OPTIMAL_PROTO=""				# we need this for IIS6 (sigh) and OpenSSL 1.02, otherwise some handshakes
+						# will fail, see https://github.com/PeterMosmans/openssl/issues/19#issuecomment-100897892
 
 TLS_TIME=""
 TLS_NOW=""
@@ -157,8 +158,8 @@ readonly PS4='${LINENO}: ${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
 trap "cleanup" QUIT EXIT
 
 
-# The various hexdump commands we need to replace xxd (BSD compatability))
-HEXDUMPVIEW=(hexdump -C) 				# This is used in verbose mode to see what's going on
+						# The various hexdump commands we need to replace xxd (BSD compatability))
+HEXDUMPVIEW=(hexdump -C) 			# This is used in verbose mode to see what's going on
 HEXDUMP=(hexdump -ve '16/1 "%02x " " \n"') 	# This is used to analyse the reply
 HEXDUMPPLAIN=(hexdump -ve '1/1 "%.2x"') 	# Replaces both xxd -p and tr -cd '[:print:]'