[exim-cvs] Use C99 initialisations for iterators

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Exim Git Commits Mailing List
Dátum:  
Címzett: exim-cvs
Tárgy: [exim-cvs] Use C99 initialisations for iterators
Gitweb: https://git.exim.org/exim.git/commitdiff/d7978c0f8af20ff4c3f770589b1bb81568aecff3
Commit:     d7978c0f8af20ff4c3f770589b1bb81568aecff3
Parent:     40ed89b32412fdab2ca147c27fdb856a5623e382
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Dec 16 22:24:00 2018 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sun Feb 10 23:22:50 2019 +0000


    Use C99 initialisations for iterators


    (cherry picked from commit db3f7b6972f3b003c0413b78afcfbe295ffe0b97)
---
 src/src/acl.c                        |   77 ++-
 src/src/auths/auth-spa.c             | 1088 +++++++++++++++++-----------------
 src/src/auths/call_pam.c             |    3 +-
 src/src/auths/check_serv_cond.c      |    5 +-
 src/src/auths/cram_md5.c             |    3 +-
 src/src/auths/cyrus_sasl.c           |    6 +-
 src/src/auths/dovecot.c              |   83 +--
 src/src/auths/gsasl_exim.c           |  790 ++++++++++++------------
 src/src/auths/heimdal_gssapi.c       |  805 +++++++++++++------------
 src/src/auths/md5.c                  |    9 +-
 src/src/auths/plaintext.c            |    4 +-
 src/src/base64.c                     |    4 +-
 src/src/daemon.c                     |   45 +-
 src/src/dane-openssl.c               |   35 +-
 src/src/debug.c                      |    9 +-
 src/src/deliver.c                    |   76 +--
 src/src/dkim.c                       |   16 +-
 src/src/dmarc.c                      |    3 +-
 src/src/dns.c                        |   26 +-
 src/src/drtables.c                   |    9 +-
 src/src/environment.c                |    5 +-
 src/src/exim.c                       |   86 +--
 src/src/exim_dbmbuild.c              |   32 +-
 src/src/exim_dbutil.c                |  572 +++++++++---------
 src/src/expand.c                     |  103 ++--
 src/src/hash.c                       |   16 +-
 src/src/header.c                     |   21 +-
 src/src/host.c                       |  311 +++++-----
 src/src/imap_utf7.c                  |    4 +-
 src/src/ip.c                         |   10 +-
 src/src/log.c                        |   12 +-
 src/src/lookups/cdb.c                |   16 +-
 src/src/lookups/dnsdb.c              |    6 +-
 src/src/lookups/ibase.c              |   16 +-
 src/src/lookups/ldap.c               |   19 +-
 src/src/lookups/lf_check_file.c      |    5 +-
 src/src/lookups/lf_quote.c           |    3 +-
 src/src/lookups/mysql.c              |    4 +-
 src/src/lookups/nisplus.c            |    6 +-
 src/src/lookups/oracle.c             |    8 +-
 src/src/lookups/pgsql.c              |   10 +-
 src/src/lookups/redis.c              |    9 +-
 src/src/lookups/sqlite.c             |    3 +-
 src/src/macro_predef.c               |    3 +-
 src/src/malware.c                    |   16 +-
 src/src/match.c                      |   13 +-
 src/src/mime.c                       |   14 +-
 src/src/moan.c                       |   27 +-
 src/src/os.c                         |    6 +-
 src/src/pdkim/pdkim.c                |   78 +--
 src/src/queue.c                      |   60 +-
 src/src/rda.c                        |   35 +-
 src/src/readconf.c                   |   75 +--
 src/src/receive.c                    |   65 +-
 src/src/regex.c                      |   11 +-
 src/src/retry.c                      |    6 +-
 src/src/rewrite.c                    |   20 +-
 src/src/rfc2047.c                    |    5 +-
 src/src/route.c                      |   32 +-
 src/src/routers/manualroute.c        |    9 +-
 src/src/routers/queryprogram.c       |    4 +-
 src/src/routers/rf_change_domain.c   |    5 +-
 src/src/routers/rf_get_transport.c   |    5 +-
 src/src/routers/rf_lookup_hostlist.c |   16 +-
 src/src/search.c                     |    9 +-
 src/src/setenv.c                     |    3 +-
 src/src/sieve.c                      |  136 ++---
 src/src/smtp_in.c                    |   91 ++-
 src/src/spam.c                       |    6 +-
 src/src/spool_in.c                   |    5 +-
 src/src/spool_mbox.c                 |    7 +-
 src/src/spool_out.c                  |    6 +-
 src/src/srs.c                        |  259 ++++----
 src/src/store.c                      |    4 +-
 src/src/string.c                     |   10 +-
 src/src/tls-gnu.c                    |   26 +-
 src/src/tls-openssl.c                |   61 +-
 src/src/tls.c                        |    3 +-
 src/src/tlscert-gnu.c                |   20 +-
 src/src/tlscert-openssl.c            |   14 +-
 src/src/transport.c                  |   69 +--
 src/src/transports/appendfile.c      |   34 +-
 src/src/transports/autoreply.c       |   10 +-
 src/src/transports/lmtp.c            |   11 +-
 src/src/transports/pipe.c            |   10 +-
 src/src/transports/queuefile.c       |    3 +-
 src/src/transports/smtp.c            |   76 ++-
 src/src/transports/smtp_socks.c      |    9 +-
 src/src/utf8.c                       |    6 +-
 src/src/verify.c                     |  126 ++--
 90 files changed, 2695 insertions(+), 3197 deletions(-)


diff --git a/src/src/acl.c b/src/src/acl.c
index f3b860e..ac2d39c 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -643,8 +643,7 @@ Returns:    index of a control entry, or -1 if not found
 static int
 find_control(const uschar * name, control_def * ol, int last)
 {
-int first = 0;
-while (last > first)
+for (int first = 0; last > first; )
   {
   int middle = (first + last)/2;
   uschar * s =  ol[middle].name;
@@ -675,8 +674,7 @@ Returns:      offset in list, or -1 if not found
 static int
 acl_checkcondition(uschar * name, condition_def * list, int end)
 {
-int start = 0;
-while (start < end)
+for (int start = 0; start < end; )
   {
   int mid = (start + end)/2;
   int c = Ustrcmp(name, list[mid].name);
@@ -705,9 +703,7 @@ Returns:      offset in list, or -1 if not found
 static int
 acl_checkname(uschar *name, uschar **list, int end)
 {
-int start = 0;
-
-while (start < end)
+for (int start = 0; start < end; )
   {
   int mid = (start + end)/2;
   int c = Ustrcmp(name, list[mid]);
@@ -745,7 +741,7 @@ acl_block **lastp = &yield;
 acl_block *this = NULL;
 acl_condition_block *cond;
 acl_condition_block **condp = NULL;
-uschar *s;
+uschar * s;


*error = NULL;

@@ -1057,9 +1053,8 @@ uschar *
fn_hdrs_added(void)
{
gstring * g = NULL;
-header_line * h;

-for (h = acl_added_headers; h; h = h->next)
+for (header_line * h = acl_added_headers; h; h = h->next)
{
int i = h->slen;
if (h->text[i-1] == '\n') i--;
@@ -1134,10 +1129,10 @@ if (log_message != NULL && log_message != user_message)
/* Search previously logged warnings. They are kept in malloc
store so they can be freed at the start of a new message. */

-  for (logged = acl_warn_logged; logged != NULL; logged = logged->next)
+  for (logged = acl_warn_logged; logged; logged = logged->next)
     if (Ustrcmp(logged->text, text) == 0) break;


-  if (logged == NULL)
+  if (!logged)
     {
     int length = Ustrlen(text) + 1;
     log_write(0, LOG_MAIN, "%s", text);
@@ -1151,7 +1146,7 @@ if (log_message != NULL && log_message != user_message)


/* If there's no user message, we are done. */

-if (user_message == NULL) return;
+if (!user_message) return;

/* If this isn't a message ACL, we can't do anything with a user message.
Log an error. */
@@ -1216,11 +1211,10 @@ HDEBUG(D_acl)

 if ((rc = host_name_lookup()) != OK)
   {
-  *log_msgptr = (rc == DEFER)?
-    US"host lookup deferred for reverse lookup check"
-    :
-    string_sprintf("host lookup failed for reverse lookup check%s",
-      host_lookup_msg);
+  *log_msgptr = rc == DEFER
+    ? US"host lookup deferred for reverse lookup check"
+    : string_sprintf("host lookup failed for reverse lookup check%s",
+    host_lookup_msg);
   return rc;    /* DEFER or FAIL */
   }


@@ -1258,13 +1252,10 @@ static int
 acl_verify_csa_address(dns_answer *dnsa, dns_scan *dnss, int reset,
                        uschar *target)
 {
-dns_record *rr;
-dns_address *da;
-
-BOOL target_found = FALSE;
+int rc = CSA_FAIL_NOADDR;


-for (rr = dns_next_rr(dnsa, dnss, reset);
-     rr != NULL;
+for (dns_record * rr = dns_next_rr(dnsa, dnss, reset);
+     rr;
      rr = dns_next_rr(dnsa, dnss, RESET_NEXT))
   {
   /* Check this is an address RR for the target hostname. */
@@ -1277,12 +1268,12 @@ for (rr = dns_next_rr(dnsa, dnss, reset);


if (strcmpic(target, rr->name) != 0) continue;

- target_found = TRUE;
+ rc = CSA_FAIL_MISMATCH;

/* Turn the target address RR into a list of textual IP addresses and scan
the list. There may be more than one if it is an A6 RR. */

-  for (da = dns_address_from_rr(dnsa, rr); da != NULL; da = da->next)
+  for (dns_address * da = dns_address_from_rr(dnsa, rr); da; da = da->next)
     {
     /* If the client IP address matches the target IP address, it's good! */


@@ -1296,8 +1287,7 @@ for (rr = dns_next_rr(dnsa, dnss, reset);
using an unauthorized IP address, otherwise the target has no authorized IP
addresses. */

-if (target_found) return CSA_FAIL_MISMATCH;
-else return CSA_FAIL_NOADDR;
+return rc;
}


@@ -1456,7 +1446,7 @@ for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);

/* If we didn't break the loop then no appropriate records were found. */

-if (rr == NULL) return t->data.val = CSA_UNKNOWN;
+if (!rr) return t->data.val = CSA_UNKNOWN;

/* Do not check addresses if the target is ".", in accordance with RFC 2782.
A target of "." indicates there are no valid addresses, so the client cannot
@@ -1629,7 +1619,7 @@ if (!ss) goto BAD_VERIFY;

/* Handle name/address consistency verification in a separate function. */

-for (vp= verify_type_list;
+for (vp = verify_type_list;
      CS vp < CS verify_type_list + sizeof(verify_type_list);
      vp++
     )
@@ -1775,8 +1765,7 @@ switch(vp->value)
 /* Remaining items are optional; they apply to sender and recipient
 verification, including "header sender" verification. */


-while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))
-      != NULL)
+while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
   {
   if (strcmpic(ss, US"defer_ok") == 0) defer_ok = TRUE;
   else if (strcmpic(ss, US"no_details") == 0) no_details = TRUE;
@@ -1809,10 +1798,10 @@ while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))
         {
     const uschar * sublist = ss;
         int optsep = ',';
-        uschar *opt;
         uschar buffer[256];
-        while (isspace(*sublist)) sublist++;
+    uschar * opt;


+        while (isspace(*sublist)) sublist++;
         while ((opt = string_nextinlist(&sublist, &optsep, buffer, sizeof(buffer))))
           {
       callout_opt_t * op;
@@ -3144,7 +3133,7 @@ for (; cb; cb = cb->next)
     if (*p == '/')
       {
       const uschar *pp = p + 1;
-      while (*pp != 0) pp++;
+      while (*pp) pp++;
       fake_response_text = expand_string(string_copyn(p+1, pp-p-1));
       p = pp;
       }
@@ -3196,7 +3185,7 @@ for (; cb; cb = cb->next)
       else if (Ustrncmp(p, "/domain=", 8) == 0)
         {
         const uschar *pp = p + 8;
-        while (*pp != 0 && *pp != '/') pp++;
+        while (*pp && *pp != '/') pp++;
         submission_domain = string_copyn(p+8, pp-p-8);
         p = pp;
         }
@@ -3205,7 +3194,7 @@ for (; cb; cb = cb->next)
       else if (Ustrncmp(p, "/name=", 6) == 0)
         {
         const uschar *pp = p + 6;
-        while (*pp != 0) pp++;
+        while (*pp) pp++;
         submission_name = string_copy(parse_fix_phrase(p+6, pp-p-6,
           big_buffer, big_buffer_size));
         p = pp;
@@ -3521,7 +3510,7 @@ for (; cb; cb = cb->next)
       int logbits = 0;
       int sep = 0;
       const uschar *s = arg;
-      uschar *ss;
+      uschar * ss;
       while ((ss = string_nextinlist(&s, &sep, big_buffer, big_buffer_size)))
         {
         if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
@@ -3575,8 +3564,8 @@ for (; cb; cb = cb->next)
       {
       /* Separate the regular expression and any optional parameters. */
       const uschar * list = arg;
-      uschar *ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size);
-      uschar *opt;
+      uschar * ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size);
+      uschar * opt;
       BOOL defer_ok = FALSE;
       int timeout = 0;


@@ -3851,7 +3840,7 @@ for(;;)
   if (*acl_text == 0) return NULL;         /* No more data */
   yield = acl_text;                        /* Potential data line */


- while (*acl_text != 0 && *acl_text != '\n') acl_text++;
+ while (*acl_text && *acl_text != '\n') acl_text++;

/* If we hit the end before a newline, we have the whole logical line. If
it's a comment, there's no more data to be given. Otherwise, yield it. */
@@ -4046,13 +4035,13 @@ if (Ustrchr(ss, ' ') == NULL)
in the ACL tree, having read it into the POOL_PERM store pool so that it
persists between multiple messages. */

-if (acl == NULL)
+if (!acl)
   {
   int old_pool = store_pool;
   if (fd >= 0) store_pool = POOL_PERM;
   acl = acl_read(acl_getline, log_msgptr);
   store_pool = old_pool;
-  if (acl == NULL && *log_msgptr != NULL) return ERROR;
+  if (!acl && *log_msgptr) return ERROR;
   if (fd >= 0)
     {
     tree_node *t = store_get_perm(sizeof(tree_node) + Ustrlen(ss));
@@ -4064,7 +4053,7 @@ if (acl == NULL)


/* Now we have an ACL to use. It's possible it may be NULL. */

-while (acl != NULL)
+while (acl)
{
int cond;
int basic_errno = 0;
diff --git a/src/src/auths/auth-spa.c b/src/src/auths/auth-spa.c
index d2c95c3..b396e38 100644
--- a/src/src/auths/auth-spa.c
+++ b/src/src/auths/auth-spa.c
@@ -245,10 +245,10 @@ extern int DEBUGLEVEL;
/* macros for reading / writing arrays */

# define SMBMACRO(macro,buf,pos,val,len,size) \
-{ int l; for (l = 0; l < (len); l++) (val)[l] = macro((buf), (pos) + (size)*l); }
+{ for (int l = 0; l < (len); l++) (val)[l] = macro((buf), (pos) + (size)*l); }

# define SSMBMACRO(macro,buf,pos,val,len,size) \
-{ int l; for (l = 0; l < (len); l++) macro((buf), (pos) + (size)*l, (val)[l]); }
+{ for (int l = 0; l < (len); l++) macro((buf), (pos) + (size)*l, (val)[l]); }

 /* reads multiple data from an SMB buffer */
 # define PCVAL(buf,pos,val,len) SMBMACRO(CVAL,buf,pos,val,len,1)
@@ -297,7 +297,7 @@ extern int DEBUGLEVEL;
        DEBUG_X(5,("%s%04x %s: ", \
              tab_depth(depth), base,string)); \
     if (charmode) print_asc(5, US (outbuf), (len)); else \
-       { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%02x ", (outbuf)[idx])); } } \
+       for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%02x ", (outbuf)[idx])); } \
        DEBUG_X(5,("\n")); }


 # define DBG_RW_PSVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
@@ -305,7 +305,7 @@ extern int DEBUGLEVEL;
        DEBUG_X(5,("%s%04x %s: ", \
              tab_depth(depth), base,string)); \
     if (charmode) print_asc(5, US (outbuf), 2*(len)); else \
-       { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%04x ", (outbuf)[idx])); } } \
+       for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%04x ", (outbuf)[idx])); } \
        DEBUG_X(5,("\n")); }


 # define DBG_RW_PIVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
@@ -313,7 +313,7 @@ extern int DEBUGLEVEL;
        DEBUG_X(5,("%s%04x %s: ", \
              tab_depth(depth), base,string)); \
     if (charmode) print_asc(5, US (outbuf), 4*(len)); else \
-       { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%08x ", (outbuf)[idx])); } } \
+       for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%08x ", (outbuf)[idx])); } \
        DEBUG_X(5,("\n")); }


 # define DBG_RW_CVAL(string,depth,base,read,inbuf,outbuf) \
@@ -562,196 +562,187 @@ static uschar sbox[8][4][16] = {
 static void
 permute (char *out, char *in, uschar * p, int n)
 {
-  int i;
-  for (i = 0; i < n; i++)
-    out[i] = in[p[i] - 1];
+for (int i = 0; i < n; i++)
+  out[i] = in[p[i] - 1];
 }


 static void
 lshift (char *d, int count, int n)
 {
-  char out[64];
-  int i;
-  for (i = 0; i < n; i++)
-    out[i] = d[(i + count) % n];
-  for (i = 0; i < n; i++)
-    d[i] = out[i];
+char out[64];
+for (int i = 0; i < n; i++)
+  out[i] = d[(i + count) % n];
+for (int i = 0; i < n; i++)
+  d[i] = out[i];
 }


 static void
 concat (char *out, char *in1, char *in2, int l1, int l2)
 {
-  while (l1--)
-    *out++ = *in1++;
-  while (l2--)
-    *out++ = *in2++;
+while (l1--)
+  *out++ = *in1++;
+while (l2--)
+  *out++ = *in2++;
 }


 static void
 xor (char *out, char *in1, char *in2, int n)
 {
-  int i;
-  for (i = 0; i < n; i++)
-    out[i] = in1[i] ^ in2[i];
+for (int i = 0; i < n; i++)
+  out[i] = in1[i] ^ in2[i];
 }


 static void
 dohash (char *out, char *in, char *key, int forw)
 {
-  int i, j, k;
-  char pk1[56];
-  char c[28];
-  char d[28];
-  char cd[56];
-  char ki[16][48];
-  char pd1[64];
-  char l[32], r[32];
-  char rl[64];
-
-  permute (pk1, key, perm1, 56);
-
-  for (i = 0; i < 28; i++)
-    c[i] = pk1[i];
-  for (i = 0; i < 28; i++)
-    d[i] = pk1[i + 28];
-
-  for (i = 0; i < 16; i++)
-    {
-      lshift (c, sc[i], 28);
-      lshift (d, sc[i], 28);
-
-      concat (cd, c, d, 28, 28);
-      permute (ki[i], cd, perm2, 48);
-    }
+int i, j, k;
+char pk1[56];
+char c[28];
+char d[28];
+char cd[56];
+char ki[16][48];
+char pd1[64];
+char l[32], r[32];
+char rl[64];
+
+permute (pk1, key, perm1, 56);
+
+for (i = 0; i < 28; i++)
+  c[i] = pk1[i];
+for (i = 0; i < 28; i++)
+  d[i] = pk1[i + 28];
+
+for (i = 0; i < 16; i++)
+  {
+  lshift (c, sc[i], 28);
+  lshift (d, sc[i], 28);
+
+  concat (cd, c, d, 28, 28);
+  permute (ki[i], cd, perm2, 48);
+  }


- permute (pd1, in, perm3, 64);
+permute (pd1, in, perm3, 64);

-  for (j = 0; j < 32; j++)
-    {
-      l[j] = pd1[j];
-      r[j] = pd1[j + 32];
-    }
+for (j = 0; j < 32; j++)
+  {
+  l[j] = pd1[j];
+  r[j] = pd1[j + 32];
+  }


-  for (i = 0; i < 16; i++)
-    {
-      char er[48];
-      char erk[48];
-      char b[8][6];
-      char cb[32];
-      char pcb[32];
-      char r2[32];
+for (i = 0; i < 16; i++)
+  {
+  char er[48];
+  char erk[48];
+  char b[8][6];
+  char cb[32];
+  char pcb[32];
+  char r2[32];


-      permute (er, r, perm4, 48);
+  permute (er, r, perm4, 48);


-      xor (erk, er, ki[forw ? i : 15 - i], 48);
+  xor (erk, er, ki[forw ? i : 15 - i], 48);


-      for (j = 0; j < 8; j++)
-       for (k = 0; k < 6; k++)
-         b[j][k] = erk[j * 6 + k];
+  for (j = 0; j < 8; j++)
+   for (k = 0; k < 6; k++)
+     b[j][k] = erk[j * 6 + k];


-      for (j = 0; j < 8; j++)
-       {
-         int m, n;
-         m = (b[j][0] << 1) | b[j][5];
+  for (j = 0; j < 8; j++)
+   {
+   int m, n;
+   m = (b[j][0] << 1) | b[j][5];


-         n = (b[j][1] << 3) | (b[j][2] << 2) | (b[j][3] << 1) | b[j][4];
+   n = (b[j][1] << 3) | (b[j][2] << 2) | (b[j][3] << 1) | b[j][4];


-         for (k = 0; k < 4; k++)
-           b[j][k] = (sbox[j][m][n] & (1 << (3 - k))) ? 1 : 0;
-       }
+   for (k = 0; k < 4; k++)
+     b[j][k] = (sbox[j][m][n] & (1 << (3 - k))) ? 1 : 0;
+   }


-      for (j = 0; j < 8; j++)
-       for (k = 0; k < 4; k++)
-         cb[j * 4 + k] = b[j][k];
-      permute (pcb, cb, perm5, 32);
+  for (j = 0; j < 8; j++)
+   for (k = 0; k < 4; k++)
+     cb[j * 4 + k] = b[j][k];
+  permute (pcb, cb, perm5, 32);


-      xor (r2, l, pcb, 32);
+  xor (r2, l, pcb, 32);


-      for (j = 0; j < 32; j++)
-       l[j] = r[j];
+  for (j = 0; j < 32; j++)
+   l[j] = r[j];


-      for (j = 0; j < 32; j++)
-       r[j] = r2[j];
-    }
+  for (j = 0; j < 32; j++)
+   r[j] = r2[j];
+  }


- concat (rl, r, l, 32, 32);
+concat (rl, r, l, 32, 32);

- permute (out, rl, perm6, 64);
+permute (out, rl, perm6, 64);
}

 static void
 str_to_key (uschar *str, uschar *key)
 {
-  int i;
-
-  key[0] = str[0] >> 1;
-  key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
-  key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
-  key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
-  key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
-  key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
-  key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
-  key[7] = str[6] & 0x7F;
-  for (i = 0; i < 8; i++)
-    {
-      key[i] = (key[i] << 1);
-    }
+int i;
+
+key[0] = str[0] >> 1;
+key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
+key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
+key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
+key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
+key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
+key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
+key[7] = str[6] & 0x7F;
+for (i = 0; i < 8; i++)
+    key[i] = (key[i] << 1);
 }



 static void
 smbhash (uschar *out, uschar *in, uschar *key, int forw)
 {
-  int i;
-  char outb[64];
-  char inb[64];
-  char keyb[64];
-  uschar key2[8];
-
-  str_to_key (key, key2);
-
-  for (i = 0; i < 64; i++)
-    {
-      inb[i] = (in[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
-      keyb[i] = (key2[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
-      outb[i] = 0;
-    }
+int i;
+char outb[64];
+char inb[64];
+char keyb[64];
+uschar key2[8];
+
+str_to_key (key, key2);
+
+for (i = 0; i < 64; i++)
+  {
+  inb[i] = (in[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
+  keyb[i] = (key2[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
+  outb[i] = 0;
+  }


- dohash (outb, inb, keyb, forw);
+dohash (outb, inb, keyb, forw);

-  for (i = 0; i < 8; i++)
-    {
-      out[i] = 0;
-    }
+for (i = 0; i < 8; i++)
+  out[i] = 0;


-  for (i = 0; i < 64; i++)
-    {
-      if (outb[i])
-       out[i / 8] |= (1 << (7 - (i % 8)));
-    }
+for (i = 0; i < 64; i++)
+  if (outb[i])
+   out[i / 8] |= (1 << (7 - (i % 8)));
 }


void
E_P16 (uschar *p14, uschar *p16)
{
- uschar sp8[8] = { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
- smbhash (p16, sp8, p14, 1);
- smbhash (p16 + 8, sp8, p14 + 7, 1);
+uschar sp8[8] = { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
+smbhash (p16, sp8, p14, 1);
+smbhash (p16 + 8, sp8, p14 + 7, 1);
}

void
E_P24 (uschar *p21, uschar *c8, uschar *p24)
{
- smbhash (p24, c8, p21, 1);
- smbhash (p24 + 8, c8, p21 + 7, 1);
- smbhash (p24 + 16, c8, p21 + 14, 1);
+smbhash (p24, c8, p21, 1);
+smbhash (p24 + 8, c8, p21 + 7, 1);
+smbhash (p24 + 16, c8, p21 + 14, 1);
}

void
D_P16 (uschar *p14, uschar *in, uschar *out)
{
- smbhash (out, in, p14, 0);
- smbhash (out + 8, in + 8, p14 + 7, 0);
+smbhash (out, in, p14, 0);
+smbhash (out + 8, in + 8, p14 + 7, 0);
}

 /****************************************************************************
@@ -762,27 +753,27 @@ D_P16 (uschar *p14, uschar *in, uschar *out)
 char *
 StrnCpy (char *dest, const char *src, size_t n)
 {
-  char *d = dest;
-  if (!dest)
-    return (NULL);
-  if (!src)
-    {
-      *dest = 0;
-      return (dest);
-    }
-  while (n-- && (*d++ = *src++));
-  *d = 0;
+char *d = dest;
+if (!dest)
+  return (NULL);
+if (!src)
+  {
+  *dest = 0;
   return (dest);
+  }
+while (n-- && (*d++ = *src++));
+*d = 0;
+return (dest);
 }


 size_t
 skip_multibyte_char (char c)
 {
-  /* bogus if to get rid of unused compiler warning */
-  if (c)
-    return 0;
-  else
-    return 0;
+/* bogus if to get rid of unused compiler warning */
+if (c)
+  return 0;
+else
+  return 0;
 }



@@ -794,52 +785,50 @@ include the terminating zero.
char *
safe_strcpy (char *dest, const char *src, size_t maxlength)
{
- size_t len;
+size_t len;

-  if (!dest)
-    {
-      DEBUG_X (0, ("ERROR: NULL dest in safe_strcpy\n"));
-      return NULL;
-    }
+if (!dest)
+  {
+  DEBUG_X (0, ("ERROR: NULL dest in safe_strcpy\n"));
+  return NULL;
+  }


-  if (!src)
-    {
-      *dest = 0;
-      return dest;
-    }
+if (!src)
+  {
+  *dest = 0;
+  return dest;
+  }


- len = strlen (src);
+len = strlen (src);

-  if (len > maxlength)
-    {
-      DEBUG_X (0, ("ERROR: string overflow by %d in safe_strcpy [%.50s]\n",
-                (int) (len - maxlength), src));
-      len = maxlength;
-    }
+if (len > maxlength)
+  {
+  DEBUG_X (0, ("ERROR: string overflow by %d in safe_strcpy [%.50s]\n",
+        (int) (len - maxlength), src));
+  len = maxlength;
+  }


- memcpy (dest, src, len);
- dest[len] = 0;
- return dest;
+memcpy (dest, src, len);
+dest[len] = 0;
+return dest;
}


 void
 strupper (char *s)
 {
-  while (*s)
-    {
-      {
-       size_t skip = skip_multibyte_char (*s);
-       if (skip != 0)
-         s += skip;
-       else
-         {
-           if (islower ((uschar)(*s)))
-             *s = toupper (*s);
-           s++;
-         }
-      }
-    }
+while (*s)
+  {
+   size_t skip = skip_multibyte_char (*s);
+   if (skip != 0)
+     s += skip;
+   else
+     {
+       if (islower ((uschar)(*s)))
+     *s = toupper (*s);
+       s++;
+     }
+  }
 }



@@ -852,22 +841,22 @@ strupper (char *s)
void
spa_smb_encrypt (uschar * passwd, uschar * c8, uschar * p24)
{
- uschar p14[15], p21[21];
+uschar p14[15], p21[21];

- memset (p21, '\0', 21);
- memset (p14, '\0', 14);
- StrnCpy (CS p14, CS passwd, 14);
+memset (p21, '\0', 21);
+memset (p14, '\0', 14);
+StrnCpy (CS p14, CS passwd, 14);

- strupper (CS p14);
- E_P16 (p14, p21);
+strupper (CS p14);
+E_P16 (p14, p21);

- SMBOWFencrypt (p21, c8, p24);
+SMBOWFencrypt (p21, c8, p24);

#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("spa_smb_encrypt: lm#, challenge, response\n"));
- dump_data (100, CS p21, 16);
- dump_data (100, CS c8, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("spa_smb_encrypt: lm#, challenge, response\n"));
+dump_data (100, CS p21, 16);
+dump_data (100, CS c8, 8);
+dump_data (100, CS p24, 24);
#endif
}

@@ -875,10 +864,10 @@ spa_smb_encrypt (uschar * passwd, uschar * c8, uschar * p24)
 static int
 _my_wcslen (int16x * str)
 {
-  int len = 0;
-  while (*str++ != 0)
-    len++;
-  return len;
+int len = 0;
+while (*str++ != 0)
+  len++;
+return len;
 }


 /*
@@ -891,19 +880,19 @@ _my_wcslen (int16x * str)
 static int
 _my_mbstowcs (int16x * dst, uschar * src, int len)
 {
-  int i;
-  int16x val;
-
-  for (i = 0; i < len; i++)
-    {
-      val = *src;
-      SSVAL (dst, 0, val);
-      dst++;
-      src++;
-      if (val == 0)
-       break;
-    }
-  return i;
+int i;
+int16x val;
+
+for (i = 0; i < len; i++)
+  {
+  val = *src;
+  SSVAL (dst, 0, val);
+  dst++;
+  src++;
+  if (val == 0)
+   break;
+  }
+return i;
 }


 /*
@@ -913,87 +902,87 @@ _my_mbstowcs (int16x * dst, uschar * src, int len)
 void
 E_md4hash (uschar * passwd, uschar * p16)
 {
-  int len;
-  int16x wpwd[129];
-
-  /* Password cannot be longer than 128 characters */
-  len = strlen (CS  passwd);
-  if (len > 128)
-    len = 128;
-  /* Password must be converted to NT unicode */
-  _my_mbstowcs (wpwd, passwd, len);
-  wpwd[len] = 0;               /* Ensure string is null terminated */
-  /* Calculate length in bytes */
-  len = _my_wcslen (wpwd) * sizeof (int16x);
-
-  mdfour (p16, US wpwd, len);
+int len;
+int16x wpwd[129];
+
+/* Password cannot be longer than 128 characters */
+len = strlen (CS  passwd);
+if (len > 128)
+  len = 128;
+/* Password must be converted to NT unicode */
+_my_mbstowcs (wpwd, passwd, len);
+wpwd[len] = 0;               /* Ensure string is null terminated */
+/* Calculate length in bytes */
+len = _my_wcslen (wpwd) * sizeof (int16x);
+
+mdfour (p16, US wpwd, len);
 }


/* Does both the NT and LM owfs of a user's password */
void
nt_lm_owf_gen (char *pwd, uschar nt_p16[16], uschar p16[16])
{
- char passwd[130];
+char passwd[130];

- memset (passwd, '\0', 130);
- safe_strcpy (passwd, pwd, sizeof (passwd) - 1);
+memset (passwd, '\0', 130);
+safe_strcpy (passwd, pwd, sizeof (passwd) - 1);

- /* Calculate the MD4 hash (NT compatible) of the password */
- memset (nt_p16, '\0', 16);
- E_md4hash (US passwd, nt_p16);
+/* Calculate the MD4 hash (NT compatible) of the password */
+memset (nt_p16, '\0', 16);
+E_md4hash (US passwd, nt_p16);

#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("nt_lm_owf_gen: pwd, nt#\n"));
- dump_data (120, passwd, strlen (passwd));
- dump_data (100, CS nt_p16, 16);
+DEBUG_X (100, ("nt_lm_owf_gen: pwd, nt#\n"));
+dump_data (120, passwd, strlen (passwd));
+dump_data (100, CS nt_p16, 16);
#endif

- /* Mangle the passwords into Lanman format */
- passwd[14] = '\0';
- strupper (passwd);
+/* Mangle the passwords into Lanman format */
+passwd[14] = '\0';
+strupper (passwd);

- /* Calculate the SMB (lanman) hash functions of the password */
+/* Calculate the SMB (lanman) hash functions of the password */

- memset (p16, '\0', 16);
- E_P16 (US passwd, US p16);
+memset (p16, '\0', 16);
+E_P16 (US passwd, US p16);

#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("nt_lm_owf_gen: pwd, lm#\n"));
- dump_data (120, passwd, strlen (passwd));
- dump_data (100, CS p16, 16);
+DEBUG_X (100, ("nt_lm_owf_gen: pwd, lm#\n"));
+dump_data (120, passwd, strlen (passwd));
+dump_data (100, CS p16, 16);
#endif
- /* clear out local copy of user's password (just being paranoid). */
- memset (passwd, '\0', sizeof (passwd));
+/* clear out local copy of user's password (just being paranoid). */
+memset (passwd, '\0', sizeof (passwd));
}

/* Does the des encryption from the NT or LM MD4 hash. */
void
SMBOWFencrypt (uschar passwd[16], uschar * c8, uschar p24[24])
{
- uschar p21[21];
+uschar p21[21];

- memset (p21, '\0', 21);
+memset (p21, '\0', 21);

- memcpy (p21, passwd, 16);
- E_P24 (p21, c8, p24);
+memcpy (p21, passwd, 16);
+E_P24 (p21, c8, p24);
}

/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
void
NTLMSSPOWFencrypt (uschar passwd[8], uschar * ntlmchalresp, uschar p24[24])
{
- uschar p21[21];
+uschar p21[21];

- memset (p21, '\0', 21);
- memcpy (p21, passwd, 8);
- memset (p21 + 8, 0xbd, 8);
+memset (p21, '\0', 21);
+memcpy (p21, passwd, 8);
+memset (p21 + 8, 0xbd, 8);

- E_P24 (p21, ntlmchalresp, p24);
+E_P24 (p21, ntlmchalresp, p24);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("NTLMSSPOWFencrypt: p21, c8, p24\n"));
- dump_data (100, CS p21, 21);
- dump_data (100, CS ntlmchalresp, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("NTLMSSPOWFencrypt: p21, c8, p24\n"));
+dump_data (100, CS p21, 21);
+dump_data (100, CS ntlmchalresp, 8);
+dump_data (100, CS p24, 24);
#endif
}

@@ -1003,18 +992,18 @@ NTLMSSPOWFencrypt (uschar passwd[8], uschar * ntlmchalresp, uschar p24[24])
void
spa_smb_nt_encrypt (uschar * passwd, uschar * c8, uschar * p24)
{
- uschar p21[21];
+uschar p21[21];

- memset (p21, '\0', 21);
+memset (p21, '\0', 21);

- E_md4hash (passwd, p21);
- SMBOWFencrypt (p21, c8, p24);
+E_md4hash (passwd, p21);
+SMBOWFencrypt (p21, c8, p24);

#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("spa_smb_nt_encrypt: nt#, challenge, response\n"));
- dump_data (100, CS p21, 16);
- dump_data (100, CS c8, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("spa_smb_nt_encrypt: nt#, challenge, response\n"));
+dump_data (100, CS p21, 16);
+dump_data (100, CS c8, 8);
+dump_data (100, CS p24, 24);
#endif
}

@@ -1023,26 +1012,26 @@ static uint32x A, B, C, D;
static uint32x
F (uint32x X, uint32x Y, uint32x Z)
{
- return (X & Y) | ((~X) & Z);
+return (X & Y) | ((~X) & Z);
}

static uint32x
G (uint32x X, uint32x Y, uint32x Z)
{
- return (X & Y) | (X & Z) | (Y & Z);
+return (X & Y) | (X & Z) | (Y & Z);
}

static uint32x
H (uint32x X, uint32x Y, uint32x Z)
{
- return X ^ Y ^ Z;
+return X ^ Y ^ Z;
}

static uint32x
lshift_a (uint32x x, int s)
{
- x &= 0xFFFFFFFF;
- return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
+x &= 0xFFFFFFFF;
+return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
}

 #define ROUND1(a,b,c,d,k,s) a = lshift_a(a + F(b,c,d) + X[k], s)
@@ -1053,154 +1042,154 @@ lshift_a (uint32x x, int s)
 static void
 spa_mdfour64 (uint32x * M)
 {
-  int j;
-  uint32x AA, BB, CC, DD;
-  uint32x X[16];
-
-  for (j = 0; j < 16; j++)
-    X[j] = M[j];
-
-  AA = A;
-  BB = B;
-  CC = C;
-  DD = D;
-
-  ROUND1 (A, B, C, D, 0, 3);
-  ROUND1 (D, A, B, C, 1, 7);
-  ROUND1 (C, D, A, B, 2, 11);
-  ROUND1 (B, C, D, A, 3, 19);
-  ROUND1 (A, B, C, D, 4, 3);
-  ROUND1 (D, A, B, C, 5, 7);
-  ROUND1 (C, D, A, B, 6, 11);
-  ROUND1 (B, C, D, A, 7, 19);
-  ROUND1 (A, B, C, D, 8, 3);
-  ROUND1 (D, A, B, C, 9, 7);
-  ROUND1 (C, D, A, B, 10, 11);
-  ROUND1 (B, C, D, A, 11, 19);
-  ROUND1 (A, B, C, D, 12, 3);
-  ROUND1 (D, A, B, C, 13, 7);
-  ROUND1 (C, D, A, B, 14, 11);
-  ROUND1 (B, C, D, A, 15, 19);
-
-  ROUND2 (A, B, C, D, 0, 3);
-  ROUND2 (D, A, B, C, 4, 5);
-  ROUND2 (C, D, A, B, 8, 9);
-  ROUND2 (B, C, D, A, 12, 13);
-  ROUND2 (A, B, C, D, 1, 3);
-  ROUND2 (D, A, B, C, 5, 5);
-  ROUND2 (C, D, A, B, 9, 9);
-  ROUND2 (B, C, D, A, 13, 13);
-  ROUND2 (A, B, C, D, 2, 3);
-  ROUND2 (D, A, B, C, 6, 5);
-  ROUND2 (C, D, A, B, 10, 9);
-  ROUND2 (B, C, D, A, 14, 13);
-  ROUND2 (A, B, C, D, 3, 3);
-  ROUND2 (D, A, B, C, 7, 5);
-  ROUND2 (C, D, A, B, 11, 9);
-  ROUND2 (B, C, D, A, 15, 13);
-
-  ROUND3 (A, B, C, D, 0, 3);
-  ROUND3 (D, A, B, C, 8, 9);
-  ROUND3 (C, D, A, B, 4, 11);
-  ROUND3 (B, C, D, A, 12, 15);
-  ROUND3 (A, B, C, D, 2, 3);
-  ROUND3 (D, A, B, C, 10, 9);
-  ROUND3 (C, D, A, B, 6, 11);
-  ROUND3 (B, C, D, A, 14, 15);
-  ROUND3 (A, B, C, D, 1, 3);
-  ROUND3 (D, A, B, C, 9, 9);
-  ROUND3 (C, D, A, B, 5, 11);
-  ROUND3 (B, C, D, A, 13, 15);
-  ROUND3 (A, B, C, D, 3, 3);
-  ROUND3 (D, A, B, C, 11, 9);
-  ROUND3 (C, D, A, B, 7, 11);
-  ROUND3 (B, C, D, A, 15, 15);
-
-  A += AA;
-  B += BB;
-  C += CC;
-  D += DD;
-
-  A &= 0xFFFFFFFF;
-  B &= 0xFFFFFFFF;
-  C &= 0xFFFFFFFF;
-  D &= 0xFFFFFFFF;
-
-  for (j = 0; j < 16; j++)
-    X[j] = 0;
+int j;
+uint32x AA, BB, CC, DD;
+uint32x X[16];
+
+for (j = 0; j < 16; j++)
+  X[j] = M[j];
+
+AA = A;
+BB = B;
+CC = C;
+DD = D;
+
+ROUND1 (A, B, C, D, 0, 3);
+ROUND1 (D, A, B, C, 1, 7);
+ROUND1 (C, D, A, B, 2, 11);
+ROUND1 (B, C, D, A, 3, 19);
+ROUND1 (A, B, C, D, 4, 3);
+ROUND1 (D, A, B, C, 5, 7);
+ROUND1 (C, D, A, B, 6, 11);
+ROUND1 (B, C, D, A, 7, 19);
+ROUND1 (A, B, C, D, 8, 3);
+ROUND1 (D, A, B, C, 9, 7);
+ROUND1 (C, D, A, B, 10, 11);
+ROUND1 (B, C, D, A, 11, 19);
+ROUND1 (A, B, C, D, 12, 3);
+ROUND1 (D, A, B, C, 13, 7);
+ROUND1 (C, D, A, B, 14, 11);
+ROUND1 (B, C, D, A, 15, 19);
+
+ROUND2 (A, B, C, D, 0, 3);
+ROUND2 (D, A, B, C, 4, 5);
+ROUND2 (C, D, A, B, 8, 9);
+ROUND2 (B, C, D, A, 12, 13);
+ROUND2 (A, B, C, D, 1, 3);
+ROUND2 (D, A, B, C, 5, 5);
+ROUND2 (C, D, A, B, 9, 9);
+ROUND2 (B, C, D, A, 13, 13);
+ROUND2 (A, B, C, D, 2, 3);
+ROUND2 (D, A, B, C, 6, 5);
+ROUND2 (C, D, A, B, 10, 9);
+ROUND2 (B, C, D, A, 14, 13);
+ROUND2 (A, B, C, D, 3, 3);
+ROUND2 (D, A, B, C, 7, 5);
+ROUND2 (C, D, A, B, 11, 9);
+ROUND2 (B, C, D, A, 15, 13);
+
+ROUND3 (A, B, C, D, 0, 3);
+ROUND3 (D, A, B, C, 8, 9);
+ROUND3 (C, D, A, B, 4, 11);
+ROUND3 (B, C, D, A, 12, 15);
+ROUND3 (A, B, C, D, 2, 3);
+ROUND3 (D, A, B, C, 10, 9);
+ROUND3 (C, D, A, B, 6, 11);
+ROUND3 (B, C, D, A, 14, 15);
+ROUND3 (A, B, C, D, 1, 3);
+ROUND3 (D, A, B, C, 9, 9);
+ROUND3 (C, D, A, B, 5, 11);
+ROUND3 (B, C, D, A, 13, 15);
+ROUND3 (A, B, C, D, 3, 3);
+ROUND3 (D, A, B, C, 11, 9);
+ROUND3 (C, D, A, B, 7, 11);
+ROUND3 (B, C, D, A, 15, 15);
+
+A += AA;
+B += BB;
+C += CC;
+D += DD;
+
+A &= 0xFFFFFFFF;
+B &= 0xFFFFFFFF;
+C &= 0xFFFFFFFF;
+D &= 0xFFFFFFFF;
+
+for (j = 0; j < 16; j++)
+  X[j] = 0;
 }


static void
copy64 (uint32x * M, uschar *in)
{
- int i;
+int i;

-  for (i = 0; i < 16; i++)
-    M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) |
-      (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);
+for (i = 0; i < 16; i++)
+  M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) |
+    (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);
 }


static void
copy4 (uschar *out, uint32x x)
{
- out[0] = x & 0xFF;
- out[1] = (x >> 8) & 0xFF;
- out[2] = (x >> 16) & 0xFF;
- out[3] = (x >> 24) & 0xFF;
+out[0] = x & 0xFF;
+out[1] = (x >> 8) & 0xFF;
+out[2] = (x >> 16) & 0xFF;
+out[3] = (x >> 24) & 0xFF;
}

 /* produce a md4 message digest from data of length n bytes */
 void
 mdfour (uschar *out, uschar *in, int n)
 {
-  uschar buf[128];
-  uint32x M[16];
-  uint32x b = n * 8;
-  int i;
-
-  A = 0x67452301;
-  B = 0xefcdab89;
-  C = 0x98badcfe;
-  D = 0x10325476;
-
-  while (n > 64)
-    {
-      copy64 (M, in);
-      spa_mdfour64 (M);
-      in += 64;
-      n -= 64;
-    }
-
-  for (i = 0; i < 128; i++)
-    buf[i] = 0;
-  memcpy (buf, in, n);
-  buf[n] = 0x80;
+uschar buf[128];
+uint32x M[16];
+uint32x b = n * 8;
+int i;
+
+A = 0x67452301;
+B = 0xefcdab89;
+C = 0x98badcfe;
+D = 0x10325476;
+
+while (n > 64)
+  {
+  copy64 (M, in);
+  spa_mdfour64 (M);
+  in += 64;
+  n -= 64;
+  }


-  if (n <= 55)
-    {
-      copy4 (buf + 56, b);
-      copy64 (M, buf);
-      spa_mdfour64 (M);
-    }
-  else
-    {
-      copy4 (buf + 120, b);
-      copy64 (M, buf);
-      spa_mdfour64 (M);
-      copy64 (M, buf + 64);
-      spa_mdfour64 (M);
-    }
+for (i = 0; i < 128; i++)
+  buf[i] = 0;
+memcpy (buf, in, n);
+buf[n] = 0x80;


-  for (i = 0; i < 128; i++)
-    buf[i] = 0;
+if (n <= 55)
+  {
+  copy4 (buf + 56, b);
   copy64 (M, buf);
+  spa_mdfour64 (M);
+  }
+else
+  {
+  copy4 (buf + 120, b);
+  copy64 (M, buf);
+  spa_mdfour64 (M);
+  copy64 (M, buf + 64);
+  spa_mdfour64 (M);
+  }


- copy4 (out, A);
- copy4 (out + 4, B);
- copy4 (out + 8, C);
- copy4 (out + 12, D);
+for (i = 0; i < 128; i++)
+ buf[i] = 0;
+copy64 (M, buf);

- A = B = C = D = 0;
+copy4 (out, A);
+copy4 (out + 4, B);
+copy4 (out + 8, C);
+copy4 (out + 12, D);
+
+A = B = C = D = 0;
}

char versionString[] = "libntlm version 0.21";
@@ -1272,12 +1261,12 @@ dumpRaw(fp,(US structPtr)+IVAL(&structPtr->header.offset,0),SVAL(&structPtr->hea
static void
dumpRaw (FILE * fp, uschar *buf, size_t len)
{
- int i;
+int i;

-  for (i = 0; i < len; ++i)
-    fprintf (fp, "%02x ", buf[i]);
+for (i = 0; i < len; ++i)
+  fprintf (fp, "%02x ", buf[i]);


- fprintf (fp, "\n");
+fprintf (fp, "\n");
}

#endif
@@ -1285,49 +1274,49 @@ dumpRaw (FILE * fp, uschar *buf, size_t len)
char *
unicodeToString (char *p, size_t len)
{
- int i;
- static char buf[1024];
+int i;
+static char buf[1024];

- assert (len + 1 < sizeof buf);
+assert (len + 1 < sizeof buf);

-  for (i = 0; i < len; ++i)
-    {
-      buf[i] = *p & 0x7f;
-      p += 2;
-    }
+for (i = 0; i < len; ++i)
+  {
+  buf[i] = *p & 0x7f;
+  p += 2;
+  }


- buf[i] = '\0';
- return buf;
+buf[i] = '\0';
+return buf;
}

static uschar *
strToUnicode (char *p)
{
- static uschar buf[1024];
- size_t l = strlen (p);
- int i = 0;
+static uschar buf[1024];
+size_t l = strlen (p);
+int i = 0;

- assert (l * 2 < sizeof buf);
+assert (l * 2 < sizeof buf);

-  while (l--)
-    {
-      buf[i++] = *p++;
-      buf[i++] = 0;
-    }
+while (l--)
+  {
+  buf[i++] = *p++;
+  buf[i++] = 0;
+  }


- return buf;
+return buf;
}

static uschar *
toString (char *p, size_t len)
{
- static uschar buf[1024];
+static uschar buf[1024];

- assert (len + 1 < sizeof buf);
+assert (len + 1 < sizeof buf);

- memcpy (buf, p, len);
- buf[len] = 0;
- return buf;
+memcpy (buf, p, len);
+buf[len] = 0;
+return buf;
}

 #ifdef notdef
@@ -1335,65 +1324,65 @@ toString (char *p, size_t len)
 void
 dumpSmbNtlmAuthRequest (FILE * fp, SPAAuthRequest * request)
 {
-  fprintf (fp, "NTLM Request:\n");
-  fprintf (fp, "      Ident = %s\n", request->ident);
-  fprintf (fp, "      mType = %d\n", IVAL (&request->msgType, 0));
-  fprintf (fp, "      Flags = %08x\n", IVAL (&request->flags, 0));
-  fprintf (fp, "       User = %s\n", GetString (request, user));
-  fprintf (fp, "     Domain = %s\n", GetString (request, domain));
+fprintf (fp, "NTLM Request:\n");
+fprintf (fp, "      Ident = %s\n", request->ident);
+fprintf (fp, "      mType = %d\n", IVAL (&request->msgType, 0));
+fprintf (fp, "      Flags = %08x\n", IVAL (&request->flags, 0));
+fprintf (fp, "       User = %s\n", GetString (request, user));
+fprintf (fp, "     Domain = %s\n", GetString (request, domain));
 }


 void
 dumpSmbNtlmAuthChallenge (FILE * fp, SPAAuthChallenge * challenge)
 {
-  fprintf (fp, "NTLM Challenge:\n");
-  fprintf (fp, "      Ident = %s\n", challenge->ident);
-  fprintf (fp, "      mType = %d\n", IVAL (&challenge->msgType, 0));
-  fprintf (fp, "     Domain = %s\n", GetUnicodeString (challenge, uDomain));
-  fprintf (fp, "      Flags = %08x\n", IVAL (&challenge->flags, 0));
-  fprintf (fp, "  Challenge = ");
-  dumpRaw (fp, challenge->challengeData, 8);
+fprintf (fp, "NTLM Challenge:\n");
+fprintf (fp, "      Ident = %s\n", challenge->ident);
+fprintf (fp, "      mType = %d\n", IVAL (&challenge->msgType, 0));
+fprintf (fp, "     Domain = %s\n", GetUnicodeString (challenge, uDomain));
+fprintf (fp, "      Flags = %08x\n", IVAL (&challenge->flags, 0));
+fprintf (fp, "  Challenge = ");
+dumpRaw (fp, challenge->challengeData, 8);
 }


 void
 dumpSmbNtlmAuthResponse (FILE * fp, SPAAuthResponse * response)
 {
-  fprintf (fp, "NTLM Response:\n");
-  fprintf (fp, "      Ident = %s\n", response->ident);
-  fprintf (fp, "      mType = %d\n", IVAL (&response->msgType, 0));
-  fprintf (fp, "     LmResp = ");
-  DumpBuffer (fp, response, lmResponse);
-  fprintf (fp, "     NTResp = ");
-  DumpBuffer (fp, response, ntResponse);
-  fprintf (fp, "     Domain = %s\n", GetUnicodeString (response, uDomain));
-  fprintf (fp, "       User = %s\n", GetUnicodeString (response, uUser));
-  fprintf (fp, "        Wks = %s\n", GetUnicodeString (response, uWks));
-  fprintf (fp, "       sKey = ");
-  DumpBuffer (fp, response, sessionKey);
-  fprintf (fp, "      Flags = %08x\n", IVAL (&response->flags, 0));
+fprintf (fp, "NTLM Response:\n");
+fprintf (fp, "      Ident = %s\n", response->ident);
+fprintf (fp, "      mType = %d\n", IVAL (&response->msgType, 0));
+fprintf (fp, "     LmResp = ");
+DumpBuffer (fp, response, lmResponse);
+fprintf (fp, "     NTResp = ");
+DumpBuffer (fp, response, ntResponse);
+fprintf (fp, "     Domain = %s\n", GetUnicodeString (response, uDomain));
+fprintf (fp, "       User = %s\n", GetUnicodeString (response, uUser));
+fprintf (fp, "        Wks = %s\n", GetUnicodeString (response, uWks));
+fprintf (fp, "       sKey = ");
+DumpBuffer (fp, response, sessionKey);
+fprintf (fp, "      Flags = %08x\n", IVAL (&response->flags, 0));
 }
 #endif


 void
 spa_build_auth_request (SPAAuthRequest * request, char *user, char *domain)
 {
-  char *u = strdup (user);
-  char *p = strchr (u, '@');
-
-  if (p)
-    {
-      if (!domain)
-       domain = p + 1;
-      *p = '\0';
-    }
+char *u = strdup (user);
+char *p = strchr (u, '@');
+
+if (p)
+  {
+  if (!domain)
+   domain = p + 1;
+  *p = '\0';
+  }


-  request->bufIndex = 0;
-  memcpy (request->ident, "NTLMSSP\0\0\0", 8);
-  SIVAL (&request->msgType, 0, 1);
-  SIVAL (&request->flags, 0, 0x0000b207);      /* have to figure out what these mean */
-  spa_string_add (request, user, u);
-  spa_string_add (request, domain, domain);
-  free (u);
+request->bufIndex = 0;
+memcpy (request->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&request->msgType, 0, 1);
+SIVAL (&request->flags, 0, 0x0000b207);      /* have to figure out what these mean */
+spa_string_add (request, user, u);
+spa_string_add (request, domain, domain);
+free (u);
 }



@@ -1401,34 +1390,35 @@ spa_build_auth_request (SPAAuthRequest * request, char *user, char *domain)
void
spa_build_auth_challenge (SPAAuthRequest * request, SPAAuthChallenge * challenge)
{
- char chalstr[8];
- int i;
- int p = (int)getpid();
- int random_seed = (int)time(NULL) ^ ((p << 16) | p);
+char chalstr[8];
+int i;
+int p = (int)getpid();
+int random_seed = (int)time(NULL) ^ ((p << 16) | p);

- request = request; /* Added by PH to stop compilers whinging */
+request = request; /* Added by PH to stop compilers whinging */

- /* Ensure challenge data is cleared, in case it isn't all used. This
- patch added by PH on suggestion of Russell King */
+/* Ensure challenge data is cleared, in case it isn't all used. This
+patch added by PH on suggestion of Russell King */

- memset(challenge, 0, sizeof(SPAAuthChallenge));
+memset(challenge, 0, sizeof(SPAAuthChallenge));

- challenge->bufIndex = 0;
- memcpy (challenge->ident, "NTLMSSP\0", 8);
- SIVAL (&challenge->msgType, 0, 2);
- SIVAL (&challenge->flags, 0, 0x00008201);
- SIVAL (&challenge->uDomain.len, 0, 0x0000);
- SIVAL (&challenge->uDomain.maxlen, 0, 0x0000);
- SIVAL (&challenge->uDomain.offset, 0, 0x00002800);
+challenge->bufIndex = 0;
+memcpy (challenge->ident, "NTLMSSP\0", 8);
+SIVAL (&challenge->msgType, 0, 2);
+SIVAL (&challenge->flags, 0, 0x00008201);
+SIVAL (&challenge->uDomain.len, 0, 0x0000);
+SIVAL (&challenge->uDomain.maxlen, 0, 0x0000);
+SIVAL (&challenge->uDomain.offset, 0, 0x00002800);

- /* generate eight pseudo random bytes (method ripped from host.c) */
+/* generate eight pseudo random bytes (method ripped from host.c) */

-  for(i=0;i<8;i++) {
-    chalstr[i] = (uschar)(random_seed >> 16) % 256;
-    random_seed = (1103515245 - (chalstr[i])) * random_seed + 12345;
-  };
+for(i=0;i<8;i++)
+  {
+  chalstr[i] = (uschar)(random_seed >> 16) % 256;
+  random_seed = (1103515245 - (chalstr[i])) * random_seed + 12345;
+  }


- memcpy(challenge->challengeData,chalstr,8);
+memcpy(challenge->challengeData,chalstr,8);
}


@@ -1446,37 +1436,37 @@ spa_build_auth_response (SPAAuthChallenge * challenge,
                         SPAAuthResponse * response, char *user,
                         char *password)
 {
-  uint8x lmRespData[24];
-  uint8x ntRespData[24];
-  char *d = strdup (GetUnicodeString (challenge, uDomain));
-  char *domain = d;
-  char *u = strdup (user);
-  char *p = strchr (u, '@');
-
-  if (p)
-    {
-      domain = p + 1;
-      *p = '\0';
-    }
+uint8x lmRespData[24];
+uint8x ntRespData[24];
+char *d = strdup (GetUnicodeString (challenge, uDomain));
+char *domain = d;
+char *u = strdup (user);
+char *p = strchr (u, '@');
+
+if (p)
+  {
+  domain = p + 1;
+  *p = '\0';
+  }


- spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
- spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
+spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
+spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);

- response->bufIndex = 0;
- memcpy (response->ident, "NTLMSSP\0\0\0", 8);
- SIVAL (&response->msgType, 0, 3);
+response->bufIndex = 0;
+memcpy (response->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&response->msgType, 0, 3);

- spa_bytes_add (response, lmResponse, lmRespData, 24);
- spa_bytes_add (response, ntResponse, ntRespData, 24);
- spa_unicode_add_string (response, uDomain, domain);
- spa_unicode_add_string (response, uUser, u);
- spa_unicode_add_string (response, uWks, u);
- spa_string_add (response, sessionKey, NULL);
+spa_bytes_add (response, lmResponse, lmRespData, 24);
+spa_bytes_add (response, ntResponse, ntRespData, 24);
+spa_unicode_add_string (response, uDomain, domain);
+spa_unicode_add_string (response, uUser, u);
+spa_unicode_add_string (response, uWks, u);
+spa_string_add (response, sessionKey, NULL);

- response->flags = challenge->flags;
+response->flags = challenge->flags;

- free (d);
- free (u);
+free (d);
+free (u);
}
#endif

@@ -1488,47 +1478,47 @@ spa_build_auth_response (SPAAuthChallenge * challenge,
                         SPAAuthResponse * response, char *user,
                         char *password)
 {
-  uint8x lmRespData[24];
-  uint8x ntRespData[24];
-  uint32x cf = IVAL(&challenge->flags, 0);
-  char *u = strdup (user);
-  char *p = strchr (u, '@');
-  char *d = NULL;
-  char *domain;
-
-  if (p)
-    {
-    domain = p + 1;
-    *p = '\0';
-    }
+uint8x lmRespData[24];
+uint8x ntRespData[24];
+uint32x cf = IVAL(&challenge->flags, 0);
+char *u = strdup (user);
+char *p = strchr (u, '@');
+char *d = NULL;
+char *domain;
+
+if (p)
+  {
+  domain = p + 1;
+  *p = '\0';
+  }


-  else domain = d = strdup((cf & 0x1)?
-    CCS GetUnicodeString(challenge, uDomain) :
-    CCS GetString(challenge, uDomain));
+else domain = d = strdup((cf & 0x1)?
+  CCS GetUnicodeString(challenge, uDomain) :
+  CCS GetString(challenge, uDomain));


- spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
- spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
+spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
+spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);

- response->bufIndex = 0;
- memcpy (response->ident, "NTLMSSP\0\0\0", 8);
- SIVAL (&response->msgType, 0, 3);
+response->bufIndex = 0;
+memcpy (response->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&response->msgType, 0, 3);

- spa_bytes_add (response, lmResponse, lmRespData, (cf & 0x200) ? 24 : 0);
- spa_bytes_add (response, ntResponse, ntRespData, (cf & 0x8000) ? 24 : 0);
+spa_bytes_add (response, lmResponse, lmRespData, (cf & 0x200) ? 24 : 0);
+spa_bytes_add (response, ntResponse, ntRespData, (cf & 0x8000) ? 24 : 0);

-  if (cf & 0x1) {      /* Unicode Text */
-       spa_unicode_add_string (response, uDomain, domain);
-       spa_unicode_add_string (response, uUser, u);
-       spa_unicode_add_string (response, uWks, u);
-  } else {             /* OEM Text */
-       spa_string_add (response, uDomain, domain);
-       spa_string_add (response, uUser, u);
-       spa_string_add (response, uWks, u);
-  }
+if (cf & 0x1) {      /* Unicode Text */
+     spa_unicode_add_string (response, uDomain, domain);
+     spa_unicode_add_string (response, uUser, u);
+     spa_unicode_add_string (response, uWks, u);
+} else {             /* OEM Text */
+     spa_string_add (response, uDomain, domain);
+     spa_string_add (response, uUser, u);
+     spa_string_add (response, uWks, u);
+}


- spa_string_add (response, sessionKey, NULL);
- response->flags = challenge->flags;
+spa_string_add (response, sessionKey, NULL);
+response->flags = challenge->flags;

- if (d != NULL) free (d);
- free (u);
+if (d != NULL) free (d);
+free (u);
}
diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c
index f96348c..204f449 100644
--- a/src/src/auths/call_pam.c
+++ b/src/src/auths/call_pam.c
@@ -66,7 +66,6 @@ static int
pam_converse (int num_msg, PAM_CONVERSE_ARG2_TYPE **msg,
struct pam_response **resp, void *appdata_ptr)
{
-int i;
int sep = 0;
struct pam_response *reply;

@@ -76,7 +75,7 @@ reply = malloc(sizeof(struct pam_response) * num_msg);

if (reply == NULL) return PAM_CONV_ERR;

-for (i = 0; i < num_msg; i++)
+for (int i = 0; i < num_msg; i++)
{
uschar *arg;
switch (msg[i]->msg_style)
diff --git a/src/src/auths/check_serv_cond.c b/src/src/auths/check_serv_cond.c
index dc299f1..a698cdc 100644
--- a/src/src/auths/check_serv_cond.c
+++ b/src/src/auths/check_serv_cond.c
@@ -64,14 +64,13 @@ uschar *cond;

 HDEBUG(D_auth)
   {
-  int i;
   debug_printf("%s authenticator %s:\n", ablock->name, label);
-  for (i = 0; i < AUTH_VARS; i++)
+  for (int i = 0; i < AUTH_VARS; i++)
     {
     if (auth_vars[i] != NULL)
       debug_printf("  $auth%d = %s\n", i + 1, auth_vars[i]);
     }
-  for (i = 1; i <= expand_nmax; i++)
+  for (int i = 1; i <= expand_nmax; i++)
     debug_printf("  $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
   debug_print_string(ablock->server_debug_string);    /* customized debug */
   }
diff --git a/src/src/auths/cram_md5.c b/src/src/auths/cram_md5.c
index 8e4794c..188ac46 100644
--- a/src/src/auths/cram_md5.c
+++ b/src/src/auths/cram_md5.c
@@ -109,7 +109,6 @@ static void
 compute_cram_md5(uschar *secret, uschar *challenge, uschar *digestptr)
 {
 md5 base;
-int i;
 int len = Ustrlen(secret);
 uschar isecret[64];
 uschar osecret[64];
@@ -133,7 +132,7 @@ memcpy(isecret, secret, len);
 memset(isecret+len, 0, 64-len);
 memcpy(osecret, isecret, 64);


-for (i = 0; i < 64; i++)
+for (int i = 0; i < 64; i++)
{
isecret[i] ^= 0x36;
osecret[i] ^= 0x5c;
diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 546c20b..bce4202 100644
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -218,7 +218,7 @@ uschar *debug = NULL; /* Stops compiler complaining */
sasl_callback_t cbs[] = {{SASL_CB_LIST_END, NULL, NULL}};
sasl_conn_t *conn;
char * realm_expanded = NULL;
-int rc, i, firsttime = 1, clen, *negotiated_ssf_ptr = NULL, negotiated_ssf;
+int rc, firsttime = 1, clen, *negotiated_ssf_ptr = NULL, negotiated_ssf;
unsigned int inlen, outlen;

input = data;
@@ -288,7 +288,7 @@ inet_ntop which we wrap in our host_ntoa() function.
So the docs are too strict and we shouldn't worry about :: contractions. */

 /* Set properties for remote and local host-ip;port */
-for (i = 0; i < 2; ++i)
+for (int i = 0; i < 2; ++i)
   {
   struct sockaddr_storage ss;
   int (*query)(int, struct sockaddr *, socklen_t *);
@@ -513,7 +513,7 @@ auth_cyrus_sasl_client(
   auth_instance *ablock,                 /* authenticator block */
   void * sx,                  /* connexction */
   int timeout,                           /* command timeout */
-  uschar *buffer,                          /* for reading response */
+  uschar *buffer,                        /* for reading response */
   int buffsize)                          /* size of buffer */
 {
 /* We don't support clients (yet) in this implementation of cyrus_sasl */
diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c
index b1dde06..9c0c9b3 100644
--- a/src/src/auths/dovecot.c
+++ b/src/src/auths/dovecot.c
@@ -131,52 +131,55 @@ actual fields (so last valid offset into ptrs is one less).
 static int
 strcut(uschar *str, uschar **ptrs, int nptrs)
 {
-       uschar *last_sub_start = str;
-       int n;
-
-       for (n = 0; n < nptrs; n++)
-               ptrs[n] = NULL;
-       n = 1;
-
-       while (*str) {
-               if (*str == '\t') {
-                       if (n <= nptrs) {
-                               *ptrs++ = last_sub_start;
-                               last_sub_start = str + 1;
-                               *str = '\0';
-                       }
-                       n++;
-               }
-               str++;
-       }
-
-       /* It's acceptable for the string to end with a tab character.  We see
-       this in AUTH PLAIN without an initial response from the client, which
-       causing us to send "334 " and get the data from the client. */
-       if (n <= nptrs) {
-               *ptrs = last_sub_start;
-       } else {
-               HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
-               n = nptrs;
-       }
-
-       return n <= nptrs ? n : nptrs;
+uschar *last_sub_start = str;
+int n;
+
+for (n = 0; n < nptrs; n++)
+  ptrs[n] = NULL;
+n = 1;
+
+while (*str)
+  {
+  if (*str == '\t')
+    {
+    if (n <= nptrs)
+      {
+      *ptrs++ = last_sub_start;
+      last_sub_start = str + 1;
+      *str = '\0';
+      }
+      n++;
+    }
+    str++;
+  }
+
+/* It's acceptable for the string to end with a tab character.  We see
+this in AUTH PLAIN without an initial response from the client, which
+causing us to send "334 " and get the data from the client. */
+if (n <= nptrs)
+ *ptrs = last_sub_start;
+else
+ {
+ HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
+ n = nptrs;
+ }
+
+return n <= nptrs ? n : nptrs;
 }


 static void debug_strcut(uschar **ptrs, int nlen, int alen) ARG_UNUSED;
 static void
 debug_strcut(uschar **ptrs, int nlen, int alen)
 {
-        int i;
-        debug_printf("%d read but unreturned bytes; strcut() gave %d results: ",
-                        socket_buffer_left, nlen);
-        for (i = 0; i < nlen; i++) {
-                debug_printf(" {%s}", ptrs[i]);
-        }
-        if (nlen < alen)
-                debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US"<null>");
-        else
-                debug_printf(" (max for capacity)\n");
+int i;
+debug_printf("%d read but unreturned bytes; strcut() gave %d results: ",
+        socket_buffer_left, nlen);
+for (i = 0; i < nlen; i++)
+  debug_printf(" {%s}", ptrs[i]);
+if (nlen < alen)
+  debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US"<null>");
+else
+  debug_printf(" (max for capacity)\n");
 }


 #define CHECK_COMMAND(str, arg_min, arg_max) do { \
diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c
index da833d5..1c9c77d 100644
--- a/src/src/auths/gsasl_exim.c
+++ b/src/src/auths/gsasl_exim.c
@@ -125,70 +125,70 @@ to be set up. */
 void
 auth_gsasl_init(auth_instance *ablock)
 {
-  char *p;
-  int rc, supported;
-  auth_gsasl_options_block *ob =
-    (auth_gsasl_options_block *)(ablock->options_block);
-
-  /* As per existing Cyrus glue, use the authenticator's public name as
-  the default for the mechanism name; we don't handle multiple mechanisms
-  in one authenticator, but the same driver can be used multiple times. */
-
-  if (ob->server_mech == NULL)
-    ob->server_mech = string_copy(ablock->public_name);
-
-  /* Can get multiple session contexts from one library context, so just
-  initialise the once. */
-  if (gsasl_ctx == NULL) {
-    rc = gsasl_init(&gsasl_ctx);
-    if (rc != GSASL_OK) {
-      log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-                "couldn't initialise GNU SASL library: %s (%s)",
-                ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
-    }
-    gsasl_callback_set(gsasl_ctx, main_callback);
+char *p;
+int rc, supported;
+auth_gsasl_options_block *ob =
+  (auth_gsasl_options_block *)(ablock->options_block);
+
+/* As per existing Cyrus glue, use the authenticator's public name as
+the default for the mechanism name; we don't handle multiple mechanisms
+in one authenticator, but the same driver can be used multiple times. */
+
+if (ob->server_mech == NULL)
+  ob->server_mech = string_copy(ablock->public_name);
+
+/* Can get multiple session contexts from one library context, so just
+initialise the once. */
+if (gsasl_ctx == NULL) {
+  rc = gsasl_init(&gsasl_ctx);
+  if (rc != GSASL_OK) {
+    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+          "couldn't initialise GNU SASL library: %s (%s)",
+          ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
   }
+  gsasl_callback_set(gsasl_ctx, main_callback);
+}


-  /* We don't need this except to log it for debugging. */
-  rc = gsasl_server_mechlist(gsasl_ctx, &p);
-  if (rc != GSASL_OK)
-    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-              "failed to retrieve list of mechanisms: %s (%s)",
-              ablock->name,  gsasl_strerror_name(rc), gsasl_strerror(rc));
-  HDEBUG(D_auth) debug_printf("GNU SASL supports: %s\n", p);
+/* We don't need this except to log it for debugging. */
+rc = gsasl_server_mechlist(gsasl_ctx, &p);
+if (rc != GSASL_OK)
+  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+        "failed to retrieve list of mechanisms: %s (%s)",
+        ablock->name,  gsasl_strerror_name(rc), gsasl_strerror(rc));
+HDEBUG(D_auth) debug_printf("GNU SASL supports: %s\n", p);


-  supported = gsasl_client_support_p(gsasl_ctx, CCS ob->server_mech);
-  if (!supported)
-    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-              "GNU SASL does not support mechanism \"%s\"",
-              ablock->name, ob->server_mech);
-
-  if ((ablock->server_condition == NULL) &&
-      (streqic(ob->server_mech, US"EXTERNAL") ||
-       streqic(ob->server_mech, US"ANONYMOUS") ||
-       streqic(ob->server_mech, US"PLAIN") ||
-       streqic(ob->server_mech, US"LOGIN")))
-    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-              "Need server_condition for %s mechanism",
-              ablock->name, ob->server_mech);
+supported = gsasl_client_support_p(gsasl_ctx, CCS ob->server_mech);
+if (!supported)
+  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+        "GNU SASL does not support mechanism \"%s\"",
+        ablock->name, ob->server_mech);
+
+if ((ablock->server_condition == NULL) &&
+    (streqic(ob->server_mech, US"EXTERNAL") ||
+     streqic(ob->server_mech, US"ANONYMOUS") ||
+     streqic(ob->server_mech, US"PLAIN") ||
+     streqic(ob->server_mech, US"LOGIN")))
+  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+        "Need server_condition for %s mechanism",
+        ablock->name, ob->server_mech);


-  /* This does *not* scale to new SASL mechanisms.  Need a better way to ask
-  which properties will be needed. */
-  if ((ob->server_realm == NULL) &&
-      streqic(ob->server_mech, US"DIGEST-MD5"))
-    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-              "Need server_realm for %s mechanism",
-              ablock->name, ob->server_mech);
+/* This does *not* scale to new SASL mechanisms.  Need a better way to ask
+which properties will be needed. */
+if ((ob->server_realm == NULL) &&
+    streqic(ob->server_mech, US"DIGEST-MD5"))
+  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+        "Need server_realm for %s mechanism",
+        ablock->name, ob->server_mech);


- /* At present, for mechanisms we don't panic on absence of server_condition;
- need to figure out the most generically correct approach to deciding when
- it's critical and when it isn't. Eg, for simple validation (PLAIN mechanism,
- etc) it clearly is critical.
+/* At present, for mechanisms we don't panic on absence of server_condition;
+need to figure out the most generically correct approach to deciding when
+it's critical and when it isn't. Eg, for simple validation (PLAIN mechanism,
+etc) it clearly is critical.

- So don't activate without server_condition, this might be relaxed in the future.
- */
- if (ablock->server_condition != NULL) ablock->server = TRUE;
- ablock->client = FALSE;
+So don't activate without server_condition, this might be relaxed in the future.
+*/
+if (ablock->server_condition != NULL) ablock->server = TRUE;
+ablock->client = FALSE;
}


@@ -198,42 +198,43 @@ We dispatch to client and server functions instead. */
 static int
 main_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
 {
-  int rc = 0;
-  struct callback_exim_state *cb_state =
-    (struct callback_exim_state *)gsasl_session_hook_get(sctx);
-
-  HDEBUG(D_auth)
-    debug_printf("GNU SASL Callback entered, prop=%d (loop prop=%d)\n",
-        prop, callback_loop);
-
-  if (cb_state == NULL) {
-    HDEBUG(D_auth) debug_printf("  not from our server/client processing.\n");
-    return GSASL_NO_CALLBACK;
+int rc = 0;
+struct callback_exim_state *cb_state =
+  (struct callback_exim_state *)gsasl_session_hook_get(sctx);
+
+HDEBUG(D_auth)
+  debug_printf("GNU SASL Callback entered, prop=%d (loop prop=%d)\n",
+      prop, callback_loop);
+
+if (cb_state == NULL)
+  {
+  HDEBUG(D_auth) debug_printf("  not from our server/client processing.\n");
+  return GSASL_NO_CALLBACK;
   }


-  if (callback_loop > 0) {
-    /* Most likely is that we were asked for property foo, and to
-    expand the string we asked for property bar to put into an auth
-    variable, but property bar is not supplied for this mechanism. */
-    HDEBUG(D_auth)
-      debug_printf("Loop, asked for property %d while handling property %d\n",
-          prop, callback_loop);
-    return GSASL_NO_CALLBACK;
+if (callback_loop > 0)
+  {
+  /* Most likely is that we were asked for property foo, and to
+  expand the string we asked for property bar to put into an auth
+  variable, but property bar is not supplied for this mechanism. */
+  HDEBUG(D_auth)
+    debug_printf("Loop, asked for property %d while handling property %d\n",
+    prop, callback_loop);
+  return GSASL_NO_CALLBACK;
   }
-  callback_loop = prop;
+callback_loop = prop;


-  if (cb_state->currently == CURRENTLY_CLIENT)
-    rc = client_callback(ctx, sctx, prop, cb_state->ablock);
-  else if (cb_state->currently == CURRENTLY_SERVER)
-    rc = server_callback(ctx, sctx, prop, cb_state->ablock);
-  else {
-    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-        "unhandled callback state, bug in Exim", cb_state->ablock->name);
-    /* NOTREACHED */
-  }
+if (cb_state->currently == CURRENTLY_CLIENT)
+  rc = client_callback(ctx, sctx, prop, cb_state->ablock);
+else if (cb_state->currently == CURRENTLY_SERVER)
+  rc = server_callback(ctx, sctx, prop, cb_state->ablock);
+else
+  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+      "unhandled callback state, bug in Exim", cb_state->ablock->name);
+  /* NOTREACHED */


- callback_loop = 0;
- return rc;
+callback_loop = 0;
+return rc;
}


@@ -246,336 +247,351 @@ main_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
 int
 auth_gsasl_server(auth_instance *ablock, uschar *initial_data)
 {
-  char *tmps;
-  char *to_send, *received;
-  Gsasl_session *sctx = NULL;
-  auth_gsasl_options_block *ob =
-    (auth_gsasl_options_block *)(ablock->options_block);
-  struct callback_exim_state cb_state;
-  int rc, auth_result, exim_error, exim_error_override;
-
-  HDEBUG(D_auth)
-    debug_printf("GNU SASL: initialising session for %s, mechanism %s.\n",
-        ablock->name, ob->server_mech);
-
-  rc = gsasl_server_start(gsasl_ctx, CCS ob->server_mech, &sctx);
-  if (rc != GSASL_OK) {
-    auth_defer_msg = string_sprintf("GNU SASL: session start failure: %s (%s)",
-        gsasl_strerror_name(rc), gsasl_strerror(rc));
-    HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
-    return DEFER;
+char *tmps;
+char *to_send, *received;
+Gsasl_session *sctx = NULL;
+auth_gsasl_options_block *ob =
+  (auth_gsasl_options_block *)(ablock->options_block);
+struct callback_exim_state cb_state;
+int rc, auth_result, exim_error, exim_error_override;
+
+HDEBUG(D_auth)
+  debug_printf("GNU SASL: initialising session for %s, mechanism %s.\n",
+      ablock->name, ob->server_mech);
+
+rc = gsasl_server_start(gsasl_ctx, CCS ob->server_mech, &sctx);
+if (rc != GSASL_OK)
+  {
+  auth_defer_msg = string_sprintf("GNU SASL: session start failure: %s (%s)",
+      gsasl_strerror_name(rc), gsasl_strerror(rc));
+  HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
+  return DEFER;
   }
-  /* Hereafter: gsasl_finish(sctx) please */
-
-  gsasl_session_hook_set(sctx, (void *)ablock);
-  cb_state.ablock = ablock;
-  cb_state.currently = CURRENTLY_SERVER;
-  gsasl_session_hook_set(sctx, (void *)&cb_state);
-
-  tmps = CS expand_string(ob->server_service);
-  gsasl_property_set(sctx, GSASL_SERVICE, tmps);
-  tmps = CS expand_string(ob->server_hostname);
-  gsasl_property_set(sctx, GSASL_HOSTNAME, tmps);
-  if (ob->server_realm) {
-    tmps = CS expand_string(ob->server_realm);
-    if (tmps && *tmps) {
-      gsasl_property_set(sctx, GSASL_REALM, tmps);
-    }
+/* Hereafter: gsasl_finish(sctx) please */
+
+gsasl_session_hook_set(sctx, (void *)ablock);
+cb_state.ablock = ablock;
+cb_state.currently = CURRENTLY_SERVER;
+gsasl_session_hook_set(sctx, (void *)&cb_state);
+
+tmps = CS expand_string(ob->server_service);
+gsasl_property_set(sctx, GSASL_SERVICE, tmps);
+tmps = CS expand_string(ob->server_hostname);
+gsasl_property_set(sctx, GSASL_HOSTNAME, tmps);
+if (ob->server_realm)
+  {
+  tmps = CS expand_string(ob->server_realm);
+  if (tmps && *tmps)
+    gsasl_property_set(sctx, GSASL_REALM, tmps);
   }
-  /* We don't support protection layers. */
-  gsasl_property_set(sctx, GSASL_QOPS, "qop-auth");
+/* We don't support protection layers. */
+gsasl_property_set(sctx, GSASL_QOPS, "qop-auth");
 #ifdef SUPPORT_TLS
-  if (tls_channelbinding_b64) {
-    /* Some auth mechanisms can ensure that both sides are talking within the
-    same security context; for TLS, this means that even if a bad certificate
-    has been accepted, they remain MitM-proof because both sides must be within
-    the same negotiated session; if someone is terminating one session and
-    proxying data on within a second, authentication will fail.
-
-    We might not have this available, depending upon TLS implementation,
-    ciphersuite, phase of moon ...
-
-    If we do, it results in extra SASL mechanisms being available; here,
-    Exim's one-mechanism-per-authenticator potentially causes problems.
-    It depends upon how GNU SASL will implement the PLUS variants of GS2
-    and whether it automatically mandates a switch to the bound PLUS
-    if the data is available.  Since default-on, despite being more secure,
-    would then result in mechanism name changes on a library update, we
-    have little choice but to default it off and let the admin choose to
-    enable it.  *sigh*
-    */
-    if (ob->server_channelbinding) {
-      HDEBUG(D_auth) debug_printf("Auth %s: Enabling channel-binding\n",
-          ablock->name);
-      gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE,
-          CCS  tls_channelbinding_b64);
-    } else {
-      HDEBUG(D_auth)
-        debug_printf("Auth %s: Not enabling channel-binding (data available)\n",
-            ablock->name);
+if (tls_channelbinding_b64)
+  {
+  /* Some auth mechanisms can ensure that both sides are talking withing the
+  same security context; for TLS, this means that even if a bad certificate
+  has been accepted, they remain MitM-proof because both sides must be within
+  the same negotiated session; if someone is terminating one session and
+  proxying data on within a second, authentication will fail.
+
+  We might not have this available, depending upon TLS implementation,
+  ciphersuite, phase of moon ...
+
+  If we do, it results in extra SASL mechanisms being available; here,
+  Exim's one-mechanism-per-authenticator potentially causes problems.
+  It depends upon how GNU SASL will implement the PLUS variants of GS2
+  and whether it automatically mandates a switch to the bound PLUS
+  if the data is available.  Since default-on, despite being more secure,
+  would then result in mechanism name changes on a library update, we
+  have little choice but to default it off and let the admin choose to
+  enable it.  *sigh*
+  */
+  if (ob->server_channelbinding)
+    {
+    HDEBUG(D_auth) debug_printf("Auth %s: Enabling channel-binding\n",
+    ablock->name);
+    gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE,
+    CCS  tls_channelbinding_b64);
     }
-  } else {
+  else
+    {
     HDEBUG(D_auth)
-      debug_printf("Auth %s: no channel-binding data available\n",
-          ablock->name);
+      debug_printf("Auth %s: Not enabling channel-binding (data available)\n",
+      ablock->name);
+    }
   }
+else
+  HDEBUG(D_auth)
+    debug_printf("Auth %s: no channel-binding data available\n",
+    ablock->name);
 #endif


-  checked_server_condition = FALSE;
-
-  received = CS initial_data;
-  to_send = NULL;
-  exim_error = exim_error_override = OK;
-
-  do {
-    rc = gsasl_step64(sctx, received, &to_send);
-
-    switch (rc) {
-      case GSASL_OK:
-        if (!to_send)
-          goto STOP_INTERACTION;
-        break;
-
-      case GSASL_NEEDS_MORE:
-        break;
-
-      case GSASL_AUTHENTICATION_ERROR:
-      case GSASL_INTEGRITY_ERROR:
-      case GSASL_NO_AUTHID:
-      case GSASL_NO_ANONYMOUS_TOKEN:
-      case GSASL_NO_AUTHZID:
-      case GSASL_NO_PASSWORD:
-      case GSASL_NO_PASSCODE:
-      case GSASL_NO_PIN:
-      case GSASL_BASE64_ERROR:
-        HDEBUG(D_auth) debug_printf("GNU SASL permanent error: %s (%s)\n",
-            gsasl_strerror_name(rc), gsasl_strerror(rc));
-        log_write(0, LOG_REJECT, "%s authenticator (%s):\n  "
-            "GNU SASL permanent failure: %s (%s)",
-            ablock->name, ob->server_mech,
-            gsasl_strerror_name(rc), gsasl_strerror(rc));
-        if (rc == GSASL_BASE64_ERROR)
-          exim_error_override = BAD64;
-        goto STOP_INTERACTION;
-
-      default:
-        auth_defer_msg = string_sprintf("GNU SASL temporary error: %s (%s)",
-            gsasl_strerror_name(rc), gsasl_strerror(rc));
-        HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
-        exim_error_override = DEFER;
-        goto STOP_INTERACTION;
+checked_server_condition = FALSE;
+
+received = CS initial_data;
+to_send = NULL;
+exim_error = exim_error_override = OK;
+
+do {
+  rc = gsasl_step64(sctx, received, &to_send);
+
+  switch (rc)
+    {
+    case GSASL_OK:
+      if (!to_send)
+    goto STOP_INTERACTION;
+      break;
+
+    case GSASL_NEEDS_MORE:
+      break;
+
+    case GSASL_AUTHENTICATION_ERROR:
+    case GSASL_INTEGRITY_ERROR:
+    case GSASL_NO_AUTHID:
+    case GSASL_NO_ANONYMOUS_TOKEN:
+    case GSASL_NO_AUTHZID:
+    case GSASL_NO_PASSWORD:
+    case GSASL_NO_PASSCODE:
+    case GSASL_NO_PIN:
+    case GSASL_BASE64_ERROR:
+      HDEBUG(D_auth) debug_printf("GNU SASL permanent error: %s (%s)\n",
+      gsasl_strerror_name(rc), gsasl_strerror(rc));
+      log_write(0, LOG_REJECT, "%s authenticator (%s):\n  "
+      "GNU SASL permanent failure: %s (%s)",
+      ablock->name, ob->server_mech,
+      gsasl_strerror_name(rc), gsasl_strerror(rc));
+      if (rc == GSASL_BASE64_ERROR)
+    exim_error_override = BAD64;
+      goto STOP_INTERACTION;
+
+    default:
+      auth_defer_msg = string_sprintf("GNU SASL temporary error: %s (%s)",
+      gsasl_strerror_name(rc), gsasl_strerror(rc));
+      HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
+      exim_error_override = DEFER;
+      goto STOP_INTERACTION;
     }


-    if ((rc == GSASL_NEEDS_MORE) ||
-        (to_send && *to_send))
-      exim_error =
-        auth_get_no64_data((uschar **)&received, US to_send);
+  if ((rc == GSASL_NEEDS_MORE) ||
+      (to_send && *to_send))
+    exim_error =
+      auth_get_no64_data((uschar **)&received, US to_send);


-    if (to_send) {
-      free(to_send);
-      to_send = NULL;
+  if (to_send)
+    {
+    free(to_send);
+    to_send = NULL;
     }


-    if (exim_error)
-      break; /* handles * cancelled check */
+  if (exim_error)
+    break; /* handles * cancelled check */


} while (rc == GSASL_NEEDS_MORE);

STOP_INTERACTION:
- auth_result = rc;
+auth_result = rc;

- gsasl_finish(sctx);
+gsasl_finish(sctx);

- /* Can return: OK DEFER FAIL CANCELLED BAD64 UNEXPECTED */
+/* Can return: OK DEFER FAIL CANCELLED BAD64 UNEXPECTED */

-  if (exim_error != OK)
-    return exim_error;
+if (exim_error != OK)
+  return exim_error;


-  if (auth_result != GSASL_OK) {
-    HDEBUG(D_auth) debug_printf("authentication returned %s (%s)\n",
-        gsasl_strerror_name(auth_result), gsasl_strerror(auth_result));
-    if (exim_error_override != OK)
-      return exim_error_override; /* might be DEFER */
-    if (sasl_error_should_defer) /* overriding auth failure SASL error */
-      return DEFER;
-    return FAIL;
+if (auth_result != GSASL_OK)
+  {
+  HDEBUG(D_auth) debug_printf("authentication returned %s (%s)\n",
+      gsasl_strerror_name(auth_result), gsasl_strerror(auth_result));
+  if (exim_error_override != OK)
+    return exim_error_override; /* might be DEFER */
+  if (sasl_error_should_defer) /* overriding auth failure SASL error */
+    return DEFER;
+  return FAIL;
   }


- /* Auth succeeded, check server_condition unless already done in callback */
- return checked_server_condition ? OK : auth_check_serv_cond(ablock);
+/* Auth succeeded, check server_condition unless already done in callback */
+return checked_server_condition ? OK : auth_check_serv_cond(ablock);
}

+
/* returns the GSASL status of expanding the Exim string given */
static int
condition_check(auth_instance *ablock, uschar *label, uschar *condition_string)
{
- int exim_rc;
+int exim_rc;

- exim_rc = auth_check_some_cond(ablock, label, condition_string, FAIL);
+exim_rc = auth_check_some_cond(ablock, label, condition_string, FAIL);

-  if (exim_rc == OK) {
-    return GSASL_OK;
-  } else if (exim_rc == DEFER) {
-    sasl_error_should_defer = TRUE;
-    return GSASL_AUTHENTICATION_ERROR;
-  } else if (exim_rc == FAIL) {
-    return GSASL_AUTHENTICATION_ERROR;
+if (exim_rc == OK)
+  return GSASL_OK;
+else if (exim_rc == DEFER)
+  {
+  sasl_error_should_defer = TRUE;
+  return GSASL_AUTHENTICATION_ERROR;
   }
-
-  log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
-            "Unhandled return from checking %s: %d",
-            ablock->name, label, exim_rc);
-  /* NOTREACHED */
+else if (exim_rc == FAIL)
   return GSASL_AUTHENTICATION_ERROR;
+
+log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
+      "Unhandled return from checking %s: %d",
+      ablock->name, label, exim_rc);
+/* NOTREACHED */
+return GSASL_AUTHENTICATION_ERROR;
 }


 static int
 server_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop, auth_instance *ablock)
 {
-  char *tmps;
-  uschar *propval;
-  int cbrc = GSASL_NO_CALLBACK;
-  int i;
-  auth_gsasl_options_block *ob =
-    (auth_gsasl_options_block *)(ablock->options_block);
-
-  HDEBUG(D_auth)
-    debug_printf("GNU SASL callback %d for %s/%s as server\n",
-        prop, ablock->name, ablock->public_name);
-
-  for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
-  expand_nmax = 0;
-
-  switch (prop) {
-    case GSASL_VALIDATE_SIMPLE:
-      /* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHID);
-      auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
-      auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
-      propval = US  gsasl_property_fast(sctx, GSASL_PASSWORD);
-      auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
-      expand_nmax = 3;
-      for (i = 1; i <= 3; ++i)
-        expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
-      cbrc = condition_check(ablock, US"server_condition", ablock->server_condition);
-      checked_server_condition = TRUE;
+char *tmps;
+uschar *propval;
+int cbrc = GSASL_NO_CALLBACK;
+auth_gsasl_options_block *ob =
+  (auth_gsasl_options_block *)(ablock->options_block);
+
+HDEBUG(D_auth)
+  debug_printf("GNU SASL callback %d for %s/%s as server\n",
+      prop, ablock->name, ablock->public_name);
+
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+expand_nmax = 0;
+
+switch (prop)
+  {
+  case GSASL_VALIDATE_SIMPLE:
+    /* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHID);
+    auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
+    auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+    propval = US  gsasl_property_fast(sctx, GSASL_PASSWORD);
+    auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+    expand_nmax = 3;
+    for (int i = 1; i <= 3; ++i)
+      expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+    cbrc = condition_check(ablock, US"server_condition", ablock->server_condition);
+    checked_server_condition = TRUE;
+    break;
+
+  case GSASL_VALIDATE_EXTERNAL:
+    if (ablock->server_condition == NULL)
+      {
+      HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate EXTERNAL.\n");
+      cbrc = GSASL_AUTHENTICATION_ERROR;
       break;
-
-    case GSASL_VALIDATE_EXTERNAL:
-      if (ablock->server_condition == NULL) {
-        HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate EXTERNAL.\n");
-        cbrc = GSASL_AUTHENTICATION_ERROR;
-        break;
       }
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
-      /* We always set $auth1, even if only to empty string. */
-      auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
-      expand_nlength[1] = Ustrlen(expand_nstring[1]);
-      expand_nmax = 1;
-
-      cbrc = condition_check(ablock,
-          US"server_condition (EXTERNAL)", ablock->server_condition);
-      checked_server_condition = TRUE;
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
+    /* We always set $auth1, even if only to empty string. */
+    auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+    expand_nlength[1] = Ustrlen(expand_nstring[1]);
+    expand_nmax = 1;
+
+    cbrc = condition_check(ablock,
+    US"server_condition (EXTERNAL)", ablock->server_condition);
+    checked_server_condition = TRUE;
+    break;
+
+  case GSASL_VALIDATE_ANONYMOUS:
+    if (ablock->server_condition == NULL)
+      {
+      HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate ANONYMOUS.\n");
+      cbrc = GSASL_AUTHENTICATION_ERROR;
       break;
-
-    case GSASL_VALIDATE_ANONYMOUS:
-      if (ablock->server_condition == NULL) {
-        HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate ANONYMOUS.\n");
-        cbrc = GSASL_AUTHENTICATION_ERROR;
-        break;
       }
-      propval = US  gsasl_property_fast(sctx, GSASL_ANONYMOUS_TOKEN);
-      /* We always set $auth1, even if only to empty string. */
-      auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
-      expand_nlength[1] = Ustrlen(expand_nstring[1]);
-      expand_nmax = 1;
-
-      cbrc = condition_check(ablock,
-          US"server_condition (ANONYMOUS)", ablock->server_condition);
-      checked_server_condition = TRUE;
-      break;
-
-    case GSASL_VALIDATE_GSSAPI:
-      /* GSASL_AUTHZID and GSASL_GSSAPI_DISPLAY_NAME
-      The display-name is authenticated as part of GSS, the authzid is claimed
-      by the SASL integration after authentication; protected against tampering
-      (if the SASL mechanism supports that, which Kerberos does) but is
-      unverified, same as normal for other mechanisms.
-
-      First coding, we had these values swapped, but for consistency and prior
-      to the first release of Exim with this authenticator, they've been
-      switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
-      propval = US  gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
-      auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
-      auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
-      expand_nmax = 2;
-      for (i = 1; i <= 2; ++i)
-        expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
-      /* In this one case, it perhaps makes sense to default back open?
-      But for consistency, let's just mandate server_condition here too. */
-      cbrc = condition_check(ablock,
-          US"server_condition (GSSAPI family)", ablock->server_condition);
-      checked_server_condition = TRUE;
-      break;
-
-    case GSASL_PASSWORD:
-      /* DIGEST-MD5: GSASL_AUTHID, GSASL_AUTHZID and GSASL_REALM
-         CRAM-MD5: GSASL_AUTHID
-         PLAIN: GSASL_AUTHID and GSASL_AUTHZID
-         LOGIN: GSASL_AUTHID
-       */
-      if (ob->server_scram_iter) {
-        tmps = CS expand_string(ob->server_scram_iter);
-        gsasl_property_set(sctx, GSASL_SCRAM_ITER, tmps);
+    propval = US  gsasl_property_fast(sctx, GSASL_ANONYMOUS_TOKEN);
+    /* We always set $auth1, even if only to empty string. */
+    auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+    expand_nlength[1] = Ustrlen(expand_nstring[1]);
+    expand_nmax = 1;
+
+    cbrc = condition_check(ablock,
+    US"server_condition (ANONYMOUS)", ablock->server_condition);
+    checked_server_condition = TRUE;
+    break;
+
+  case GSASL_VALIDATE_GSSAPI:
+    /* GSASL_AUTHZID and GSASL_GSSAPI_DISPLAY_NAME
+    The display-name is authenticated as part of GSS, the authzid is claimed
+    by the SASL integration after authentication; protected against tampering
+    (if the SASL mechanism supports that, which Kerberos does) but is
+    unverified, same as normal for other mechanisms.
+
+    First coding, we had these values swapped, but for consistency and prior
+    to the first release of Exim with this authenticator, they've been
+    switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
+    propval = US  gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
+    auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
+    auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+    expand_nmax = 2;
+    for (int i = 1; i <= 2; ++i)
+      expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+    /* In this one case, it perhaps makes sense to default back open?
+    But for consistency, let's just mandate server_condition here too. */
+    cbrc = condition_check(ablock,
+    US"server_condition (GSSAPI family)", ablock->server_condition);
+    checked_server_condition = TRUE;
+    break;
+
+  case GSASL_PASSWORD:
+    /* DIGEST-MD5: GSASL_AUTHID, GSASL_AUTHZID and GSASL_REALM
+       CRAM-MD5: GSASL_AUTHID
+       PLAIN: GSASL_AUTHID and GSASL_AUTHZID
+       LOGIN: GSASL_AUTHID
+     */
+    if (ob->server_scram_iter)
+      {
+      tmps = CS expand_string(ob->server_scram_iter);
+      gsasl_property_set(sctx, GSASL_SCRAM_ITER, tmps);
       }
-      if (ob->server_scram_salt) {
-        tmps = CS expand_string(ob->server_scram_salt);
-        gsasl_property_set(sctx, GSASL_SCRAM_SALT, tmps);
+    if (ob->server_scram_salt)
+      {
+      tmps = CS expand_string(ob->server_scram_salt);
+      gsasl_property_set(sctx, GSASL_SCRAM_SALT, tmps);
       }
-      /* Asking for GSASL_AUTHZID calls back into us if we use
-      gsasl_property_get(), thus the use of gsasl_property_fast().
-      Do we really want to hardcode limits per mechanism?  What happens when
-      a new mechanism is added to the library.  It *shouldn't* result in us
-      needing to add more glue, since avoiding that is a large part of the
-      point of SASL. */
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHID);
-      auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
-      propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
-      auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
-      propval = US  gsasl_property_fast(sctx, GSASL_REALM);
-      auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
-      expand_nmax = 3;
-      for (i = 1; i <= 3; ++i)
-        expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
-      tmps = CS expand_string(ob->server_password);
-      if (tmps == NULL) {
-        sasl_error_should_defer = f.expand_string_forcedfail ? FALSE : TRUE;
-        HDEBUG(D_auth) debug_printf("server_password expansion failed, so "
-            "can't tell GNU SASL library the password for %s\n", auth_vars[0]);
-        return GSASL_AUTHENTICATION_ERROR;
+    /* Asking for GSASL_AUTHZID calls back into us if we use
+    gsasl_property_get(), thus the use of gsasl_property_fast().
+    Do we really want to hardcode limits per mechanism?  What happens when
+    a new mechanism is added to the library.  It *shouldn't* result in us
+    needing to add more glue, since avoiding that is a large part of the
+    point of SASL. */
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHID);
+    auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+    propval = US  gsasl_property_fast(sctx, GSASL_AUTHZID);
+    auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+    propval = US  gsasl_property_fast(sctx, GSASL_REALM);
+    auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+    expand_nmax = 3;
+    for (int i = 1; i <= 3; ++i)
+      expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+    tmps = CS expand_string(ob->server_password);
+    if (tmps == NULL)
+      {
+      sasl_error_should_defer = f.expand_string_forcedfail ? FALSE : TRUE;
+      HDEBUG(D_auth) debug_printf("server_password expansion failed, so "
+      "can't tell GNU SASL library the password for %s\n", auth_vars[0]);
+      return GSASL_AUTHENTICATION_ERROR;
       }
-      gsasl_property_set(sctx, GSASL_PASSWORD, tmps);
-      /* This is inadequate; don't think Exim's store stacks are geared
-      for memory wiping, so expanding strings will leave stuff laying around.
-      But no need to compound the problem, so get rid of the one we can. */
-      memset(tmps, '\0', strlen(tmps));
-      cbrc = GSASL_OK;
-      break;
-
-    default:
-      HDEBUG(D_auth) debug_printf("Unrecognised callback: %d\n", prop);
-      cbrc = GSASL_NO_CALLBACK;
+    gsasl_property_set(sctx, GSASL_PASSWORD, tmps);
+    /* This is inadequate; don't think Exim's store stacks are geared
+    for memory wiping, so expanding strings will leave stuff laying around.
+    But no need to compound the problem, so get rid of the one we can. */
+    memset(tmps, '\0', strlen(tmps));
+    cbrc = GSASL_OK;
+    break;
+
+  default:
+    HDEBUG(D_auth) debug_printf("Unrecognised callback: %d\n", prop);
+    cbrc = GSASL_NO_CALLBACK;
   }


-  HDEBUG(D_auth) debug_printf("Returning %s (%s)\n",
-      gsasl_strerror_name(cbrc), gsasl_strerror(cbrc));
+HDEBUG(D_auth) debug_printf("Returning %s (%s)\n",
+    gsasl_strerror_name(cbrc), gsasl_strerror(cbrc));


- return cbrc;
+return cbrc;
}


@@ -593,24 +609,24 @@ auth_gsasl_client(
   uschar *buffer,            /* buffer for reading response */
   int buffsize)                /* size of buffer */
 {
-  HDEBUG(D_auth)
-    debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
-  /* NOT IMPLEMENTED */
-  return FAIL;
+HDEBUG(D_auth)
+  debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+/* NOT IMPLEMENTED */
+return FAIL;
 }


 static int
 client_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop, auth_instance *ablock)
 {
-  int cbrc = GSASL_NO_CALLBACK;
-  HDEBUG(D_auth)
-    debug_printf("GNU SASL callback %d for %s/%s as client\n",
-        prop, ablock->name, ablock->public_name);
+int cbrc = GSASL_NO_CALLBACK;
+HDEBUG(D_auth)
+  debug_printf("GNU SASL callback %d for %s/%s as client\n",
+      prop, ablock->name, ablock->public_name);


-  HDEBUG(D_auth)
-    debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+HDEBUG(D_auth)
+  debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");


- return cbrc;
+return cbrc;
}

 /*************************************************
@@ -620,11 +636,11 @@ client_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop, auth_insta
 void
 auth_gsasl_version_report(FILE *f)
 {
-  const char *runtime;
-  runtime = gsasl_check_version(NULL);
-  fprintf(f, "Library version: GNU SASL: Compile: %s\n"
-             "                           Runtime: %s\n",
-          GSASL_VERSION, runtime);
+const char *runtime;
+runtime = gsasl_check_version(NULL);
+fprintf(f, "Library version: GNU SASL: Compile: %s\n"
+       "                           Runtime: %s\n",
+    GSASL_VERSION, runtime);
 }


 #endif   /*!MACRO_PREDEF*/
diff --git a/src/src/auths/heimdal_gssapi.c b/src/src/auths/heimdal_gssapi.c
index 11a7d39..a70bc8a 100644
--- a/src/src/auths/heimdal_gssapi.c
+++ b/src/src/auths/heimdal_gssapi.c
@@ -117,89 +117,100 @@ the keytab contents, for -D+auth debugging. */
 void
 auth_heimdal_gssapi_init(auth_instance *ablock)
 {
-  krb5_context context;
-  krb5_keytab keytab;
-  krb5_kt_cursor cursor;
-  krb5_keytab_entry entry;
-  krb5_error_code krc;
-  char *principal, *enctype_s;
-  const char *k_keytab_typed_name = NULL;
-  auth_heimdal_gssapi_options_block *ob =
-    (auth_heimdal_gssapi_options_block *)(ablock->options_block);
-
-  ablock->server = FALSE;
-  ablock->client = FALSE;
-
-  if (!ob->server_service || !*ob->server_service) {
-    HDEBUG(D_auth) debug_printf("heimdal: missing server_service\n");
-    return;
-  }
+krb5_context context;
+krb5_keytab keytab;
+krb5_kt_cursor cursor;
+krb5_keytab_entry entry;
+krb5_error_code krc;
+char *principal, *enctype_s;
+const char *k_keytab_typed_name = NULL;
+auth_heimdal_gssapi_options_block *ob =
+  (auth_heimdal_gssapi_options_block *)(ablock->options_block);
+
+ablock->server = FALSE;
+ablock->client = FALSE;
+
+if (!ob->server_service || !*ob->server_service)
+  {
+  HDEBUG(D_auth) debug_printf("heimdal: missing server_service\n");
+  return;
+}


-  krc = krb5_init_context(&context);
-  if (krc != 0) {
-    int kerr = errno;
-    HDEBUG(D_auth) debug_printf("heimdal: failed to initialise krb5 context: %s\n",
-        strerror(kerr));
-    return;
+krc = krb5_init_context(&context);
+if (krc != 0)
+  {
+  int kerr = errno;
+  HDEBUG(D_auth) debug_printf("heimdal: failed to initialise krb5 context: %s\n",
+      strerror(kerr));
+  return;
   }


-  if (ob->server_keytab) {
-    k_keytab_typed_name = CCS string_sprintf("file:%s", expand_string(ob->server_keytab));
-    HDEBUG(D_auth) debug_printf("heimdal: using keytab %s\n", k_keytab_typed_name);
-    krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab);
-    if (krc) {
-      HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_resolve", context, krc);
-      return;
+if (ob->server_keytab)
+  {
+  k_keytab_typed_name = CCS string_sprintf("file:%s", expand_string(ob->server_keytab));
+  HDEBUG(D_auth) debug_printf("heimdal: using keytab %s\n", k_keytab_typed_name);
+  krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab);
+  if (krc)
+    {
+    HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_resolve", context, krc);
+    return;
     }
-  } else {
-    HDEBUG(D_auth) debug_printf("heimdal: using system default keytab\n");
-    krc = krb5_kt_default(context, &keytab);
-    if (krc) {
-      HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_default", context, krc);
-      return;
+  }
+else
+ {
+  HDEBUG(D_auth) debug_printf("heimdal: using system default keytab\n");
+  krc = krb5_kt_default(context, &keytab);
+  if (krc)
+    {
+    HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_default", context, krc);
+    return;
     }
   }


-  HDEBUG(D_auth) {
-    /* http://www.h5l.org/manual/HEAD/krb5/krb5_keytab_intro.html */
-    krc = krb5_kt_start_seq_get(context, keytab, &cursor);
-    if (krc)
-      exim_heimdal_error_debug("krb5_kt_start_seq_get", context, krc);
-    else {
-      while ((krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {
-        principal = enctype_s = NULL;
-        krb5_unparse_name(context, entry.principal, &principal);
-        krb5_enctype_to_string(context, entry.keyblock.keytype, &enctype_s);
-        debug_printf("heimdal: keytab principal: %s  vno=%d  type=%s\n",
-            principal ? principal : "??",
-            entry.vno,
-            enctype_s ? enctype_s : "??");
-        free(principal);
-        free(enctype_s);
-        krb5_kt_free_entry(context, &entry);
+HDEBUG(D_auth)
+  {
+  /* http://www.h5l.org/manual/HEAD/krb5/krb5_keytab_intro.html */
+  krc = krb5_kt_start_seq_get(context, keytab, &cursor);
+  if (krc)
+    exim_heimdal_error_debug("krb5_kt_start_seq_get", context, krc);
+  else
+    {
+    while ((krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0)
+      {
+      principal = enctype_s = NULL;
+      krb5_unparse_name(context, entry.principal, &principal);
+      krb5_enctype_to_string(context, entry.keyblock.keytype, &enctype_s);
+      debug_printf("heimdal: keytab principal: %s  vno=%d  type=%s\n",
+      principal ? principal : "??",
+      entry.vno,
+      enctype_s ? enctype_s : "??");
+      free(principal);
+      free(enctype_s);
+      krb5_kt_free_entry(context, &entry);
       }
-      krc = krb5_kt_end_seq_get(context, keytab, &cursor);
-      if (krc)
-        exim_heimdal_error_debug("krb5_kt_end_seq_get", context, krc);
+    krc = krb5_kt_end_seq_get(context, keytab, &cursor);
+    if (krc)
+      exim_heimdal_error_debug("krb5_kt_end_seq_get", context, krc);
     }
   }


-  krc = krb5_kt_close(context, keytab);
-  if (krc)
-    HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_close", context, krc);
+krc = krb5_kt_close(context, keytab);
+if (krc)
+  HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_close", context, krc);


- krb5_free_context(context);
+krb5_free_context(context);

-  /* RFC 4121 section 5.2, SHOULD support 64K input buffers */
-  if (big_buffer_size < (64 * 1024)) {
-    uschar *newbuf;
-    big_buffer_size = 64 * 1024;
-    newbuf = store_malloc(big_buffer_size);
-    store_free(big_buffer);
-    big_buffer = newbuf;
+/* RFC 4121 section 5.2, SHOULD support 64K input buffers */
+if (big_buffer_size < (64 * 1024))
+  {
+  uschar *newbuf;
+  big_buffer_size = 64 * 1024;
+  newbuf = store_malloc(big_buffer_size);
+  store_free(big_buffer);
+  big_buffer = newbuf;
   }


- ablock->server = TRUE;
+ablock->server = TRUE;
}


@@ -207,10 +218,10 @@ static void
 exim_heimdal_error_debug(const char *label,
     krb5_context context, krb5_error_code err)
 {
-  const char *kerrsc;
-  kerrsc = krb5_get_error_message(context, err);
-  debug_printf("heimdal %s: %s\n", label, kerrsc ? kerrsc : "unknown error");
-  krb5_free_error_message(context, kerrsc);
+const char *kerrsc;
+kerrsc = krb5_get_error_message(context, err);
+debug_printf("heimdal %s: %s\n", label, kerrsc ? kerrsc : "unknown error");
+krb5_free_error_message(context, kerrsc);
 }


 /*************************************************
@@ -229,302 +240,320 @@ gss_buffer_desc / *gss_buffer_t: hold/point-to size_t .length & void *value
 int
 auth_heimdal_gssapi_server(auth_instance *ablock, uschar *initial_data)
 {
-  gss_name_t gclient = GSS_C_NO_NAME;
-  gss_name_t gserver = GSS_C_NO_NAME;
-  gss_cred_id_t gcred = GSS_C_NO_CREDENTIAL;
-  gss_ctx_id_t gcontext = GSS_C_NO_CONTEXT;
-  uschar *ex_server_str;
-  gss_buffer_desc gbufdesc = GSS_C_EMPTY_BUFFER;
-  gss_buffer_desc gbufdesc_in = GSS_C_EMPTY_BUFFER;
-  gss_buffer_desc gbufdesc_out = GSS_C_EMPTY_BUFFER;
-  gss_OID mech_type;
-  OM_uint32 maj_stat, min_stat;
-  int step, error_out, i;
-  uschar *tmp1, *tmp2, *from_client;
-  auth_heimdal_gssapi_options_block *ob =
-    (auth_heimdal_gssapi_options_block *)(ablock->options_block);
-  BOOL handled_empty_ir;
-  uschar *store_reset_point;
-  uschar *keytab;
-  uschar sasl_config[4];
-  uschar requested_qop;
-
-  store_reset_point = store_get(0);
-
-  HDEBUG(D_auth)
-    debug_printf("heimdal: initialising auth context for %s\n", ablock->name);
-
-  /* Construct our gss_name_t gserver describing ourselves */
-  tmp1 = expand_string(ob->server_service);
-  tmp2 = expand_string(ob->server_hostname);
-  ex_server_str = string_sprintf("%s@%s", tmp1, tmp2);
-  gbufdesc.value = (void *) ex_server_str;
-  gbufdesc.length = Ustrlen(ex_server_str);
-  maj_stat = gss_import_name(&min_stat,
-      &gbufdesc, GSS_C_NT_HOSTBASED_SERVICE, &gserver);
+gss_name_t gclient = GSS_C_NO_NAME;
+gss_name_t gserver = GSS_C_NO_NAME;
+gss_cred_id_t gcred = GSS_C_NO_CREDENTIAL;
+gss_ctx_id_t gcontext = GSS_C_NO_CONTEXT;
+uschar *ex_server_str;
+gss_buffer_desc gbufdesc = GSS_C_EMPTY_BUFFER;
+gss_buffer_desc gbufdesc_in = GSS_C_EMPTY_BUFFER;
+gss_buffer_desc gbufdesc_out = GSS_C_EMPTY_BUFFER;
+gss_OID mech_type;
+OM_uint32 maj_stat, min_stat;
+int step, error_out;
+uschar *tmp1, *tmp2, *from_client;
+auth_heimdal_gssapi_options_block *ob =
+  (auth_heimdal_gssapi_options_block *)(ablock->options_block);
+BOOL handled_empty_ir;
+uschar *store_reset_point;
+uschar *keytab;
+uschar sasl_config[4];
+uschar requested_qop;
+
+store_reset_point = store_get(0);
+
+HDEBUG(D_auth)
+  debug_printf("heimdal: initialising auth context for %s\n", ablock->name);
+
+/* Construct our gss_name_t gserver describing ourselves */
+tmp1 = expand_string(ob->server_service);
+tmp2 = expand_string(ob->server_hostname);
+ex_server_str = string_sprintf("%s@%s", tmp1, tmp2);
+gbufdesc.value = (void *) ex_server_str;
+gbufdesc.length = Ustrlen(ex_server_str);
+maj_stat = gss_import_name(&min_stat,
+    &gbufdesc, GSS_C_NT_HOSTBASED_SERVICE, &gserver);
+if (GSS_ERROR(maj_stat))
+  return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
+      "gss_import_name(%s)", CS gbufdesc.value);
+
+/* Use a specific keytab, if specified */
+if (ob->server_keytab) 
+  {
+  keytab = expand_string(ob->server_keytab);
+  maj_stat = gsskrb5_register_acceptor_identity(CCS keytab);
   if (GSS_ERROR(maj_stat))
     return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
-        "gss_import_name(%s)", CS gbufdesc.value);
-
-  /* Use a specific keytab, if specified */
-  if (ob->server_keytab) {
-    keytab = expand_string(ob->server_keytab);
-    maj_stat = gsskrb5_register_acceptor_identity(CCS keytab);
-    if (GSS_ERROR(maj_stat))
-      return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
-          "registering keytab \"%s\"", keytab);
-    HDEBUG(D_auth)
-      debug_printf("heimdal: using keytab \"%s\"\n", keytab);
+    "registering keytab \"%s\"", keytab);
+  HDEBUG(D_auth)
+    debug_printf("heimdal: using keytab \"%s\"\n", keytab);
   }


-  /* Acquire our credentials */
-  maj_stat = gss_acquire_cred(&min_stat,
-      gserver,             /* desired name */
-      0,                   /* time */
-      GSS_C_NULL_OID_SET,  /* desired mechs */
-      GSS_C_ACCEPT,        /* cred usage */
-      &gcred,              /* handle */
-      NULL                 /* actual mechs */,
-      NULL                 /* time rec */);
-  if (GSS_ERROR(maj_stat))
-    return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
-        "gss_acquire_cred(%s)", ex_server_str);
-
-  maj_stat = gss_release_name(&min_stat, &gserver);
-
-  HDEBUG(D_auth) debug_printf("heimdal: have server credentials.\n");
-
-  /* Loop talking to client */
-  step = 0;
-  from_client = initial_data;
-  handled_empty_ir = FALSE;
-  error_out = OK;
-
-  /* buffer sizes: auth_get_data() uses big_buffer, which we grow per
-  GSSAPI RFC in _init, if needed, to meet the SHOULD size of 64KB.
-  (big_buffer starts life at the MUST size of 16KB). */
-
-  /* step values
-  0: getting initial data from client to feed into GSSAPI
-  1: iterating for as long as GSS_S_CONTINUE_NEEDED
-  2: GSS_S_COMPLETE, SASL wrapping for authz and qop to send to client
-  3: unpick final auth message from client
-  4: break/finish (non-step)
-  */
-  while (step < 4) {
-    switch (step) {
-      case 0:
-        if (!from_client || *from_client == '\0') {
-          if (handled_empty_ir) {
-            HDEBUG(D_auth) debug_printf("gssapi: repeated empty input, grr.\n");
-            error_out = BAD64;
-            goto ERROR_OUT;
-          } else {
-            HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
-            error_out = auth_get_data(&from_client, US"", 0);
-            if (error_out != OK)
-              goto ERROR_OUT;
-            handled_empty_ir = TRUE;
-            continue;
-          }
-        }
-        /* We should now have the opening data from the client, base64-encoded. */
-        step += 1;
-        HDEBUG(D_auth) debug_printf("heimdal: have initial client data\n");
-        break;
-
-      case 1:
-        gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
-        if (gclient) {
-          maj_stat = gss_release_name(&min_stat, &gclient);
-          gclient = GSS_C_NO_NAME;
-        }
-        maj_stat = gss_accept_sec_context(&min_stat,
-            &gcontext,          /* context handle */
-            gcred,              /* acceptor cred handle */
-            &gbufdesc_in,       /* input from client */
-            GSS_C_NO_CHANNEL_BINDINGS,  /* XXX fixme: use the channel bindings from GnuTLS */
-            &gclient,           /* client identifier */
-            &mech_type,         /* mechanism in use */
-            &gbufdesc_out,      /* output to send to client */
-            NULL,               /* return flags */
-            NULL,               /* time rec */
-            NULL                /* delegated cred_handle */
-            );
-        if (GSS_ERROR(maj_stat)) {
-          exim_gssapi_error_defer(NULL, maj_stat, min_stat,
-              "gss_accept_sec_context()");
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-        if (gbufdesc_out.length != 0) {
-          error_out = auth_get_data(&from_client,
-              gbufdesc_out.value, gbufdesc_out.length);
-          if (error_out != OK)
-            goto ERROR_OUT;
-
-          gss_release_buffer(&min_stat, &gbufdesc_out);
-          EmptyBuf(gbufdesc_out);
-        }
-        if (maj_stat == GSS_S_COMPLETE) {
-          step += 1;
-          HDEBUG(D_auth) debug_printf("heimdal: GSS complete\n");
-        } else {
-          HDEBUG(D_auth) debug_printf("heimdal: need more data\n");
-        }
-        break;
-
-      case 2:
-        memset(sasl_config, 0xFF, 4);
-        /* draft-ietf-sasl-gssapi-06.txt defines bitmasks for first octet
-        0x01 No security layer
-        0x02 Integrity protection
-        0x04 Confidentiality protection
-
-        The remaining three octets are the maximum buffer size for wrapped
-        content. */
-        sasl_config[0] = 0x01;  /* Exim does not wrap/unwrap SASL layers after auth */
-        gbufdesc.value = (void *) sasl_config;
-        gbufdesc.length = 4;
-        maj_stat = gss_wrap(&min_stat,
-            gcontext,
-            0,                    /* conf_req_flag: integrity only */
-            GSS_C_QOP_DEFAULT,    /* qop requested */
-            &gbufdesc,            /* message to protect */
-            NULL,                 /* conf_state: no confidentiality applied */
-            &gbufdesc_out         /* output buffer */
-            );
-        if (GSS_ERROR(maj_stat)) {
-          exim_gssapi_error_defer(NULL, maj_stat, min_stat,
-              "gss_wrap(SASL state after auth)");
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-
-        HDEBUG(D_auth) debug_printf("heimdal SASL: requesting QOP with no security layers\n");
-
-        error_out = auth_get_data(&from_client,
-            gbufdesc_out.value, gbufdesc_out.length);
-        if (error_out != OK)
-          goto ERROR_OUT;
-
-        gss_release_buffer(&min_stat, &gbufdesc_out);
-        EmptyBuf(gbufdesc_out);
-        step += 1;
-        break;
-
-      case 3:
-        gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
-        maj_stat = gss_unwrap(&min_stat,
-            gcontext,
-            &gbufdesc_in,       /* data from client */
-            &gbufdesc_out,      /* results */
-            NULL,               /* conf state */
-            NULL                /* qop state */
-            );
-        if (GSS_ERROR(maj_stat)) {
-          exim_gssapi_error_defer(NULL, maj_stat, min_stat,
-              "gss_unwrap(final SASL message from client)");
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-        if (gbufdesc_out.length < 4) {
-          HDEBUG(D_auth)
-            debug_printf("gssapi: final message too short; "
-                "need flags, buf sizes and optional authzid\n");
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-
-        requested_qop = (CS gbufdesc_out.value)[0];
-        if ((requested_qop & 0x01) == 0) {
-          HDEBUG(D_auth)
-            debug_printf("gssapi: client requested security layers (%x)\n",
-                (unsigned int) requested_qop);
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-
-        for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
-        expand_nmax = 0;
-
-        /* Identifiers:
-        The SASL provided identifier is an unverified authzid.
-        GSSAPI provides us with a verified identifier, but it might be empty
-        for some clients.
-        */
-
-        /* $auth2 is authzid requested at SASL layer */
-        if (gbufdesc_out.length > 4) {
-          expand_nlength[2] = gbufdesc_out.length - 4;
-          auth_vars[1] = expand_nstring[2] =
-            string_copyn((US gbufdesc_out.value) + 4, expand_nlength[2]);
-          expand_nmax = 2;
-        }
-
-        gss_release_buffer(&min_stat, &gbufdesc_out);
-        EmptyBuf(gbufdesc_out);
-
-        /* $auth1 is GSSAPI display name */
-        maj_stat = gss_display_name(&min_stat,
-            gclient,
-            &gbufdesc_out,
-            &mech_type);
-        if (GSS_ERROR(maj_stat)) {
-          auth_vars[1] = expand_nstring[2] = NULL;
-          expand_nmax = 0;
-          exim_gssapi_error_defer(NULL, maj_stat, min_stat,
-              "gss_display_name(client identifier)");
-          error_out = FAIL;
-          goto ERROR_OUT;
-        }
-
-        expand_nlength[1] = gbufdesc_out.length;
-        auth_vars[0] = expand_nstring[1] =
-          string_copyn(gbufdesc_out.value, gbufdesc_out.length);
-
-        if (expand_nmax == 0) { /* should be: authzid was empty */
-          expand_nmax = 2;
-          expand_nlength[2] = expand_nlength[1];
-          auth_vars[1] = expand_nstring[2] = string_copyn(expand_nstring[1], expand_nlength[1]);
-          HDEBUG(D_auth)
-            debug_printf("heimdal SASL: empty authzid, set to dup of GSSAPI display name\n");
-        }
-
-        HDEBUG(D_auth)
-          debug_printf("heimdal SASL: happy with client request\n"
-             "  auth1 (verified GSSAPI display-name): \"%s\"\n"
-             "  auth2 (unverified SASL requested authzid): \"%s\"\n",
-             auth_vars[0], auth_vars[1]);
-
-        step += 1;
-        break;
+/* Acquire our credentials */
+maj_stat = gss_acquire_cred(&min_stat,
+    gserver,             /* desired name */
+    0,                   /* time */
+    GSS_C_NULL_OID_SET,  /* desired mechs */
+    GSS_C_ACCEPT,        /* cred usage */
+    &gcred,              /* handle */
+    NULL                 /* actual mechs */,
+    NULL                 /* time rec */);
+if (GSS_ERROR(maj_stat))
+  return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
+      "gss_acquire_cred(%s)", ex_server_str);
+
+maj_stat = gss_release_name(&min_stat, &gserver);
+
+HDEBUG(D_auth) debug_printf("heimdal: have server credentials.\n");
+
+/* Loop talking to client */
+step = 0;
+from_client = initial_data;
+handled_empty_ir = FALSE;
+error_out = OK;
+
+/* buffer sizes: auth_get_data() uses big_buffer, which we grow per
+GSSAPI RFC in _init, if needed, to meet the SHOULD size of 64KB.
+(big_buffer starts life at the MUST size of 16KB). */
+
+/* step values
+0: getting initial data from client to feed into GSSAPI
+1: iterating for as long as GSS_S_CONTINUE_NEEDED
+2: GSS_S_COMPLETE, SASL wrapping for authz and qop to send to client
+3: unpick final auth message from client
+4: break/finish (non-step)
+*/
+while (step < 4)
+  switch (step)
+    {
+    case 0:
+      if (!from_client || *from_client == '\0')
+        {
+    if (handled_empty_ir)
+      {
+      HDEBUG(D_auth) debug_printf("gssapi: repeated empty input, grr.\n");
+      error_out = BAD64;
+      goto ERROR_OUT;
+      }
+    else
+      {
+      HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
+      error_out = auth_get_data(&from_client, US"", 0);
+      if (error_out != OK)
+        goto ERROR_OUT;
+      handled_empty_ir = TRUE;
+      continue;
+      }
+    }
+      /* We should now have the opening data from the client, base64-encoded. */
+      step += 1;
+      HDEBUG(D_auth) debug_printf("heimdal: have initial client data\n");
+      break;
+
+    case 1:
+      gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
+      if (gclient)
+        {
+    maj_stat = gss_release_name(&min_stat, &gclient);
+    gclient = GSS_C_NO_NAME;
+    }
+      maj_stat = gss_accept_sec_context(&min_stat,
+      &gcontext,          /* context handle */
+      gcred,              /* acceptor cred handle */
+      &gbufdesc_in,       /* input from client */
+      GSS_C_NO_CHANNEL_BINDINGS,  /* XXX fixme: use the channel bindings from GnuTLS */
+      &gclient,           /* client identifier */
+      &mech_type,         /* mechanism in use */
+      &gbufdesc_out,      /* output to send to client */
+      NULL,               /* return flags */
+      NULL,               /* time rec */
+      NULL                /* delegated cred_handle */
+      );
+      if (GSS_ERROR(maj_stat))
+        {
+    exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+        "gss_accept_sec_context()");
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+      if (gbufdesc_out.length != 0)
+        {
+    error_out = auth_get_data(&from_client,
+        gbufdesc_out.value, gbufdesc_out.length);
+    if (error_out != OK)
+      goto ERROR_OUT;
+
+    gss_release_buffer(&min_stat, &gbufdesc_out);
+    EmptyBuf(gbufdesc_out);
+    }
+      if (maj_stat == GSS_S_COMPLETE)
+        {
+    step += 1;
+    HDEBUG(D_auth) debug_printf("heimdal: GSS complete\n");
+    }
+      else
+    HDEBUG(D_auth) debug_printf("heimdal: need more data\n");
+      break;
+
+    case 2:
+      memset(sasl_config, 0xFF, 4);
+      /* draft-ietf-sasl-gssapi-06.txt defines bitmasks for first octet
+      0x01 No security layer
+      0x02 Integrity protection
+      0x04 Confidentiality protection
+
+      The remaining three octets are the maximum buffer size for wrapped
+      content. */
+      sasl_config[0] = 0x01;  /* Exim does not wrap/unwrap SASL layers after auth */
+      gbufdesc.value = (void *) sasl_config;
+      gbufdesc.length = 4;
+      maj_stat = gss_wrap(&min_stat,
+      gcontext,
+      0,                    /* conf_req_flag: integrity only */
+      GSS_C_QOP_DEFAULT,    /* qop requested */
+      &gbufdesc,            /* message to protect */
+      NULL,                 /* conf_state: no confidentiality applied */
+      &gbufdesc_out         /* output buffer */
+      );
+      if (GSS_ERROR(maj_stat)
+        {
+    exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+        "gss_wrap(SASL state after auth)");
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+
+      HDEBUG(D_auth) debug_printf("heimdal SASL: requesting QOP with no security layers\n");
+
+      error_out = auth_get_data(&from_client,
+      gbufdesc_out.value, gbufdesc_out.length);
+      if (error_out != OK)
+    goto ERROR_OUT;
+
+      gss_release_buffer(&min_stat, &gbufdesc_out);
+      EmptyBuf(gbufdesc_out);
+      step += 1;
+      break;
+
+    case 3:
+      gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
+      maj_stat = gss_unwrap(&min_stat,
+      gcontext,
+      &gbufdesc_in,       /* data from client */
+      &gbufdesc_out,      /* results */
+      NULL,               /* conf state */
+      NULL                /* qop state */
+      );
+      if (GSS_ERROR(maj_stat))
+        {
+    exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+        "gss_unwrap(final SASL message from client)");
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+      if (gbufdesc_out.length < 4)
+        {
+    HDEBUG(D_auth)
+      debug_printf("gssapi: final message too short; "
+          "need flags, buf sizes and optional authzid\n");
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+
+      requested_qop = (CS gbufdesc_out.value)[0];
+      if ((requested_qop & 0x01) == 0)
+        {
+    HDEBUG(D_auth)
+      debug_printf("gssapi: client requested security layers (%x)\n",
+          (unsigned int) requested_qop);
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+
+      for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+      expand_nmax = 0;
+
+      /* Identifiers:
+      The SASL provided identifier is an unverified authzid.
+      GSSAPI provides us with a verified identifier, but it might be empty
+      for some clients.
+      */
+
+      /* $auth2 is authzid requested at SASL layer */
+      if (gbufdesc_out.length > 4)
+        {
+    expand_nlength[2] = gbufdesc_out.length - 4;
+    auth_vars[1] = expand_nstring[2] =
+      string_copyn((US gbufdesc_out.value) + 4, expand_nlength[2]);
+    expand_nmax = 2;
+    }
+
+      gss_release_buffer(&min_stat, &gbufdesc_out);
+      EmptyBuf(gbufdesc_out);
+
+      /* $auth1 is GSSAPI display name */
+      maj_stat = gss_display_name(&min_stat,
+      gclient,
+      &gbufdesc_out,
+      &mech_type);
+      if (GSS_ERROR(maj_stat))
+        {
+    auth_vars[1] = expand_nstring[2] = NULL;
+    expand_nmax = 0;
+    exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+        "gss_display_name(client identifier)");
+    error_out = FAIL;
+    goto ERROR_OUT;
+    }
+
+      expand_nlength[1] = gbufdesc_out.length;
+      auth_vars[0] = expand_nstring[1] =
+    string_copyn(gbufdesc_out.value, gbufdesc_out.length);
+
+      if (expand_nmax == 0)    /* should be: authzid was empty */
+    {
+    expand_nmax = 2;
+    expand_nlength[2] = expand_nlength[1];
+    auth_vars[1] = expand_nstring[2] = string_copyn(expand_nstring[1], expand_nlength[1]);
+    HDEBUG(D_auth)
+      debug_printf("heimdal SASL: empty authzid, set to dup of GSSAPI display name\n");
+    }
+
+      HDEBUG(D_auth)
+    debug_printf("heimdal SASL: happy with client request\n"
+       "  auth1 (verified GSSAPI display-name): \"%s\"\n"
+       "  auth2 (unverified SASL requested authzid): \"%s\"\n",
+       auth_vars[0], auth_vars[1]);
+
+      step += 1;
+      break;


     } /* switch */
-  } /* while step */
+  /* while step */



 ERROR_OUT:
-  maj_stat = gss_release_cred(&min_stat, &gcred);
-  if (gclient) {
-    gss_release_name(&min_stat, &gclient);
-    gclient = GSS_C_NO_NAME;
-  }
-  if (gbufdesc_out.length) {
-    gss_release_buffer(&min_stat, &gbufdesc_out);
-    EmptyBuf(gbufdesc_out);
+maj_stat = gss_release_cred(&min_stat, &gcred);
+if (gclient)
+  {
+  gss_release_name(&min_stat, &gclient);
+  gclient = GSS_C_NO_NAME;
   }
-  if (gcontext != GSS_C_NO_CONTEXT) {
-    gss_delete_sec_context(&min_stat, &gcontext, GSS_C_NO_BUFFER);
+if (gbufdesc_out.length)
+  {
+  gss_release_buffer(&min_stat, &gbufdesc_out);
+  EmptyBuf(gbufdesc_out);
   }
+if (gcontext != GSS_C_NO_CONTEXT)
+  gss_delete_sec_context(&min_stat, &gcontext, GSS_C_NO_BUFFER);


- store_reset(store_reset_point);
+store_reset(store_reset_point);

-  if (error_out != OK)
-    return error_out;
+if (error_out != OK)
+  return error_out;


- /* Auth succeeded, check server_condition */
- return auth_check_serv_cond(ablock);
+/* Auth succeeded, check server_condition */
+return auth_check_serv_cond(ablock);
}


@@ -533,38 +562,38 @@ exim_gssapi_error_defer(uschar *store_reset_point,
     OM_uint32 major, OM_uint32 minor,
     const char *format, ...)
 {
-  va_list ap;
-  OM_uint32 maj_stat, min_stat;
-  OM_uint32 msgcontext = 0;
-  gss_buffer_desc status_string;
-  gstring * g;
-
-  HDEBUG(D_auth)
-    {
-    va_start(ap, format);
-    g = string_vformat(NULL, TRUE, format, ap);
-    va_end(ap);
-    }
+va_list ap;
+OM_uint32 maj_stat, min_stat;
+OM_uint32 msgcontext = 0;
+gss_buffer_desc status_string;
+gstring * g;
+
+HDEBUG(D_auth)
+  {
+  va_start(ap, format);
+  g = string_vformat(NULL, TRUE, format, ap);
+  va_end(ap);
+  }


- auth_defer_msg = NULL;
+auth_defer_msg = NULL;

-  do {
-    maj_stat = gss_display_status(&min_stat,
-        major, GSS_C_GSS_CODE, GSS_C_NO_OID, &msgcontext, &status_string);
+do {
+  maj_stat = gss_display_status(&min_stat,
+      major, GSS_C_GSS_CODE, GSS_C_NO_OID, &msgcontext, &status_string);


-    if (!auth_defer_msg)
-      auth_defer_msg = string_copy(US status_string.value);
+  if (!auth_defer_msg)
+    auth_defer_msg = string_copy(US status_string.value);


-    HDEBUG(D_auth) debug_printf("heimdal %s: %.*s\n",
-        string_from_gstring(g), (int)status_string.length,
-    CS status_string.value);
-    gss_release_buffer(&min_stat, &status_string);
+  HDEBUG(D_auth) debug_printf("heimdal %s: %.*s\n",
+      string_from_gstring(g), (int)status_string.length,
+      CS status_string.value);
+  gss_release_buffer(&min_stat, &status_string);


} while (msgcontext != 0);

-  if (store_reset_point)
-    store_reset(store_reset_point);
-  return DEFER;
+if (store_reset_point)
+  store_reset(store_reset_point);
+return DEFER;
 }



@@ -582,10 +611,10 @@ auth_heimdal_gssapi_client(
   uschar *buffer,                        /* buffer for reading response */
   int buffsize)                          /* size of buffer */
 {
-  HDEBUG(D_auth)
-    debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
-  /* NOT IMPLEMENTED */
-  return FAIL;
+HDEBUG(D_auth)
+  debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+/* NOT IMPLEMENTED */
+return FAIL;
 }


 /*************************************************
@@ -595,11 +624,11 @@ auth_heimdal_gssapi_client(
 void
 auth_heimdal_gssapi_version_report(FILE *f)
 {
-  /* No build-time constants available unless we link against libraries at
-  build-time and export the result as a string into a header ourselves. */
-  fprintf(f, "Library version: Heimdal: Runtime: %s\n"
-             " Build Info: %s\n",
-          heimdal_version, heimdal_long_version);
+/* No build-time constants available unless we link against libraries at
+build-time and export the result as a string into a header ourselves. */
+fprintf(f, "Library version: Heimdal: Runtime: %s\n"
+       " Build Info: %s\n",
+    heimdal_version, heimdal_long_version);
 }


#endif /*!MACRO_PREDEF*/
diff --git a/src/src/auths/md5.c b/src/src/auths/md5.c
index 8accdb9..0536fee 100644
--- a/src/src/auths/md5.c
+++ b/src/src/auths/md5.c
@@ -65,14 +65,13 @@ register unsigned int a = base->abcd[0];
register unsigned int b = base->abcd[1];
register unsigned int c = base->abcd[2];
register unsigned int d = base->abcd[3];
-int i;
unsigned int X[16];
base->length += 64;

/* Load the 64 bytes into a set of working integers, treating them as 32-bit
numbers in little-endian order. */

-for (i = 0; i < 16; i++)
+for (int i = 0; i < 16; i++)
   {
   X[i] = (unsigned int)(text[0]) |
          ((unsigned int)(text[1]) << 8) |
@@ -231,7 +230,6 @@ Returns:    nothing
 void
 md5_end(md5 *base, const uschar *text, int length, uschar *digest)
 {
-int i;
 uschar work[64];


/* Process in chunks of 64 until we have less than 64 bytes left. */
@@ -284,7 +282,7 @@ md5_mid(base, work);

/* Pass back the result, low-order byte first in each word. */

-for (i = 0; i < 4; i++)
+for (int i = 0; i < 4; i++)
   {
   register int x = base->abcd[i];
   *digest++ =  x        & 0xff;
@@ -341,12 +339,11 @@ printf("Checking md5: %s-endian\n", (ctest[0] == 0x04)? "little" : "big");


for (i = 0; i < sizeof(tests)/sizeof(uschar *); i += 2)
{
- int j;
uschar s[33];
printf("%s\nShould be: %s\n", tests[i], tests[i+1]);
md5_start(&base);
md5_end(&base, tests[i], strlen(tests[i]), digest);
- for (j = 0; j < 16; j++) sprintf(s+2*j, "%02x", digest[j]);
+ for (int j = 0; j < 16; j++) sprintf(s+2*j, "%02x", digest[j]);
printf("Computed: %s\n", s);
if (strcmp(s, tests[i+1]) != 0) printf("*** No match ***\n");
printf("\n");
diff --git a/src/src/auths/plaintext.c b/src/src/auths/plaintext.c
index 7a0f788..cbafd3a 100644
--- a/src/src/auths/plaintext.c
+++ b/src/src/auths/plaintext.c
@@ -186,7 +186,7 @@ sent in response to subsequent prompts. Each is expanded before being sent. */

while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size)))
{
- int i, len, clear_len;
+ int len, clear_len;
uschar *ss = expand_string(s);
uschar *clear;

@@ -218,7 +218,7 @@ while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size)))
/* The character ^ is used as an escape for a binary zero character, which is
needed for the PLAIN mechanism. It must be doubled if really needed. */

-  for (i = 0; i < len; i++)
+  for (int i = 0; i < len; i++)
     if (ss[i] == '^')
       if (ss[i+1] != '^')
     ss[i] = 0;
diff --git a/src/src/base64.c b/src/src/base64.c
index e63522e..f3c4584 100644
--- a/src/src/base64.c
+++ b/src/src/base64.c
@@ -38,7 +38,7 @@ ssize_t
 mime_decode_base64(FILE * in, FILE * out, uschar * boundary)
 {
 uschar ibuf[MIME_MAX_LINE_LENGTH], obuf[MIME_MAX_LINE_LENGTH];
-uschar *ipos, *opos;
+uschar *opos;
 ssize_t len, size = 0;
 int bytestate = 0;


@@ -52,7 +52,7 @@ while (Ufgets(ibuf, MIME_MAX_LINE_LENGTH, in) != NULL)
      )
     break;


-  for (ipos = ibuf ; *ipos != '\r' && *ipos != '\n' && *ipos != 0; ++ipos)
+  for (uschar * ipos = ibuf ; *ipos != '\r' && *ipos != '\n' && *ipos; ++ipos)
     if (*ipos == '=')            /* skip padding */
       ++bytestate;


diff --git a/src/src/daemon.c b/src/src/daemon.c
index a852192..288d95c 100644
--- a/src/src/daemon.c
+++ b/src/src/daemon.c
@@ -282,11 +282,10 @@ count of *other* connections, not including this one. */
 if ((max_for_this_host > 0) &&
     (smtp_accept_count >= max_for_this_host))
   {
-  int i;
   int host_accept_count = 0;
   int other_host_count = 0;    /* keep a count of non matches to optimise */


-  for (i = 0; i < smtp_accept_max; ++i)
+  for (int i = 0; i < smtp_accept_max; ++i)
     if (smtp_slots[i].host_address)
       {
       if (Ustrcmp(sender_host_address, smtp_slots[i].host_address) == 0)
@@ -518,13 +517,13 @@ if (pid == 0)
       {
       if (smtp_out)
     {
-    int i, fd = fileno(smtp_in);
+    int fd = fileno(smtp_in);
     uschar buf[128];


     mac_smtp_fflush();
     /* drain socket, for clean TCP FINs */
     if (fcntl(fd, F_SETFL, O_NONBLOCK) == 0)
-      for(i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--;
+      for(int i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--;
     }
       cancel_cutthrough_connection(TRUE, US"message setup dropped");
       search_tidyup();
@@ -540,13 +539,12 @@ if (pid == 0)


     DEBUG(D_receive)
       {
-      int i;
       if (sender_address)
         debug_printf("Sender: %s\n", sender_address);
       if (recipients_list)
         {
         debug_printf("Recipients:\n");
-        for (i = 0; i < recipients_count; i++)
+        for (int i = 0; i < recipients_count; i++)
           debug_printf("  %s\n", recipients_list[i].address);
         }
       }
@@ -694,8 +692,7 @@ if (pid < 0)
   never_error(US"daemon: accept process fork failed", US"Fork failed", errno);
 else
   {
-  int i;
-  for (i = 0; i < smtp_accept_max; ++i)
+  for (int i = 0; i < smtp_accept_max; ++i)
     if (smtp_slots[i].pid <= 0)
       {
       smtp_slots[i].pid = pid;
@@ -1187,8 +1184,6 @@ if (f.daemon_listen && !f.inetd_wait_mode)


   for (ipa = addresses; ipa; ipa = ipa->next)
     {
-    int i;
-
     if (Ustrcmp(ipa->address, "0.0.0.0") == 0)
       ipa->address[0] = 0;
     else if (Ustrcmp(ipa->address, "::0") == 0)
@@ -1206,7 +1201,7 @@ if (f.daemon_listen && !f.inetd_wait_mode)
         ipa->address[1] == 0 ? US"\"all IPv6\"" : ipa->address);


     ipa->port = default_smtp_port[0];
-    for (i = 1; default_smtp_port[i] > 0; i++)
+    for (int i = 1; default_smtp_port[i] > 0; i++)
       {
       ip_address_item *new = store_get(sizeof(ip_address_item));


@@ -1289,9 +1284,8 @@ if (f.daemon_listen)

   if (smtp_accept_max > 0)
     {
-    int i;
     smtp_slots = store_get(smtp_accept_max * sizeof(smtp_slot));
-    for (i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot;
+    for (int i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot;
     }
   }


@@ -1586,9 +1580,8 @@ of them (and also if we are doing queue runs). */

if (queue_interval > 0 && local_queue_run_max > 0)
{
- int i;
queue_pid_slots = store_get(local_queue_run_max * sizeof(pid_t));
- for (i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0;
+ for (int i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0;
}

/* Set up the handler for termination of child processes. */
@@ -1624,7 +1617,6 @@ if (f.inetd_wait_mode)

else if (f.daemon_listen)
{
- int i, j;
int smtp_ports = 0;
int smtps_ports = 0;
ip_address_item * ipa, * i2;
@@ -1640,8 +1632,9 @@ else if (f.daemon_listen)
deprecated protocol that starts TLS without using STARTTLS), and others
listening for standard SMTP. Keep their listings separate. */

-  for (j = 0; j < 2; j++)
+  for (int j = 0; j < 2; j++)
     {
+    int i;
     for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next)
       {
       /* First time round, look for SMTP ports; second time round, look for
@@ -1816,8 +1809,6 @@ for (;;)
         {
         if ((pid = fork()) == 0)
           {
-          int sk;
-
           DEBUG(D_any) debug_printf("Starting queue-runner: pid %d\n",
             (int)getpid());


@@ -1829,7 +1820,7 @@ for (;;)

           /* Close any open listening sockets in the child */


-          for (sk = 0; sk < listen_socket_count; sk++)
+          for (int sk = 0; sk < listen_socket_count; sk++)
             (void)close(listen_sockets[sk]);


           /* Reset SIGHUP and SIGCHLD in the child in both cases. */
@@ -1897,8 +1888,7 @@ for (;;)
           }
         else
           {
-          int i;
-          for (i = 0; i < local_queue_run_max; ++i)
+          for (int i = 0; i < local_queue_run_max; ++i)
             if (queue_pid_slots[i] <= 0)
               {
               queue_pid_slots[i] = pid;
@@ -1906,7 +1896,7 @@ for (;;)
               break;
               }
           DEBUG(D_any) debug_printf("%d queue-runner process%s running\n",
-            queue_run_count, (queue_run_count == 1)? "" : "es");
+            queue_run_count, queue_run_count == 1 ? "" : "es");
           }
         }


@@ -1930,13 +1920,13 @@ for (;;)

   if (f.daemon_listen)
     {
-    int sk, lcount, select_errno;
+    int lcount, select_errno;
     int max_socket = 0;
     BOOL select_failed = FALSE;
     fd_set select_listen;


     FD_ZERO(&select_listen);
-    for (sk = 0; sk < listen_socket_count; sk++)
+    for (int sk = 0; sk < listen_socket_count; sk++)
       {
       FD_SET(listen_sockets[sk], &select_listen);
       if (listen_sockets[sk] > max_socket) max_socket = listen_sockets[sk];
@@ -1986,7 +1976,7 @@ for (;;)
       int accept_socket = -1;


       if (!select_failed)
-        for (sk = 0; sk < listen_socket_count; sk++)
+        for (int sk = 0; sk < listen_socket_count; sk++)
           if (FD_ISSET(listen_sockets[sk], &select_listen))
             {
             len = sizeof(accepted);
@@ -2095,10 +2085,9 @@ for (;;)


   if (sighup_seen)
     {
-    int sk;
     log_write(0, LOG_MAIN, "pid %d: SIGHUP received: re-exec daemon",
       getpid());
-    for (sk = 0; sk < listen_socket_count; sk++)
+    for (int sk = 0; sk < listen_socket_count; sk++)
       (void)close(listen_sockets[sk]);
     ALARM_CLR(0);
     signal(SIGHUP, SIG_IGN);
diff --git a/src/src/dane-openssl.c b/src/src/dane-openssl.c
index f7ccbd7..a6792d1 100644
--- a/src/src/dane-openssl.c
+++ b/src/src/dane-openssl.c
@@ -240,7 +240,6 @@ int matched;
  */
 for (matched = 0; !matched && slist; slist = slist->next)
   {
-  dane_mtype_list m;
   unsigned char mdbuf[EVP_MAX_MD_SIZE];
   unsigned char *buf = NULL;
   unsigned char *buf2;
@@ -273,9 +272,8 @@ for (matched = 0; !matched && slist; slist = slist->next)
   /*
    * Loop over each mtype and data element
    */
-  for (m = slist->value->mtype; !matched && m; m = m->next)
+  for (dane_mtype_list m = slist->value->mtype; !matched && m; m = m->next)
     {
-    dane_data_list d;
     unsigned char *cmpbuf = buf;
     unsigned int cmplen = len;


@@ -289,7 +287,7 @@ for (matched = 0; !matched && slist; slist = slist->next)
       if (!EVP_Digest(buf, len, cmpbuf, &cmplen, m->value->md, 0))
       matched = -1;
       }
-    for (d = m->value->data; !matched && d; d = d->next)
+    for (dane_data_list d = m->value->data; !matched && d; d = d->next)
     if (  cmplen == d->value->datalen
        && memcmp(cmpbuf, d->value->data, cmplen) == 0)
         matched = slist->value->selector + 1;
@@ -394,10 +392,9 @@ akid_issuer_name(AUTHORITY_KEYID *akid)
 {
 if (akid && akid->issuer)
   {
-  int     i;
   GENERAL_NAMES *gens = akid->issuer;


-  for (i = 0; i < sk_GENERAL_NAME_num(gens); ++i)
+  for (int i = 0; i < sk_GENERAL_NAME_num(gens); ++i)
     {
     GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i);


@@ -545,8 +542,6 @@ return 0;
static int
ta_signed(ssl_dane *dane, X509 *cert, int depth)
{
-dane_cert_list x;
-dane_pkey_list k;
EVP_PKEY *pk;
int done = 0;

@@ -557,7 +552,7 @@ int done = 0;
  * first (name comparisons), before we bother with signature checks
  * (public key operations).
  */
-for (x = dane->certs; !done && x; x = x->next)
+for (dane_cert_list x = dane->certs; !done && x; x = x->next)
   {
   if (X509_check_issued(x->value, cert) == X509_V_OK)
     {
@@ -597,7 +592,7 @@ for (x = dane->certs; !done && x; x = x->next)
  * This may push errors onto the stack when the certificate signature is
  * not of the right type or length, throw these away,
  */
-for (k = dane->pkeys; !done && k; k = k->next)
+for (dane_pkey_list k = dane->pkeys; !done && k; k = k->next)
   if (X509_verify(cert, k->value) > 0)
     done = wrap_issuer(dane, k->value, cert, depth, WRAP_MID) ? 1 : -1;
   else
@@ -610,8 +605,6 @@ static int
 set_trust_anchor(X509_STORE_CTX *ctx, ssl_dane *dane, X509 *cert)
 {
 int matched = 0;
-int n;
-int i;
 int depth = 0;
 EVP_PKEY *takey;
 X509 *ca;
@@ -647,8 +640,9 @@ if (!(in = sk_X509_dup(in)))
  *
  * Caller ensures that the initial certificate is not self-signed.
  */
-for (n = sk_X509_num(in); n > 0; --n, ++depth)
+for (int n = sk_X509_num(in); n > 0; --n, ++depth)
   {
+  int i;
   for (i = 0; i < n; ++i)
     if (X509_check_issued(sk_X509_value(in, i), cert) == X509_V_OK)
       break;
@@ -749,9 +743,8 @@ static int
 match_name(const char *certid, ssl_dane *dane)
 {
 int multi = dane->multi;
-dane_host_list hosts;


-for (hosts = dane->hosts; hosts; hosts = hosts->next)
+for (dane_host_list hosts = dane->hosts; hosts; hosts = hosts->next)
{
int match_subdomain = 0;
const char *domain = hosts->value;
@@ -867,9 +860,8 @@ gens = X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0);
if (gens)
{
int n = sk_GENERAL_NAME_num(gens);
- int i;

-  for (i = 0; i < n; ++i)
+  for (int i = 0; i < n; ++i)
     {
     const GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i);
     const char *certid;
@@ -1157,10 +1149,9 @@ return l;
 static void
 list_free(void *list, void (*f)(void *))
 {
-dane_list head;
 dane_list next;


-for (head = (dane_list) list; head; head = next)
+for (dane_list head = (dane_list) list; head; head = next)
{
next = head->next;
if (f && head->value)
@@ -1209,7 +1200,6 @@ void
DANESSL_cleanup(SSL *ssl)
{
ssl_dane *dane;
-int u;

DEBUG(D_tls) debug_printf("Dane lib-cleanup\n");

@@ -1220,7 +1210,7 @@ if (dane_idx < 0 || !(dane = SSL_get_ex_data(ssl, dane_idx)))
 dane_reset(dane);
 if (dane->hosts)
   list_free(dane->hosts, ossl_free);
-for (u = 0; u <= DANESSL_USAGE_LAST; ++u)
+for (int u = 0; u <= DANESSL_USAGE_LAST; ++u)
   if (dane->selectors[u])
     list_free(dane->selectors[u], dane_selector_free);
 if (dane->pkeys)
@@ -1536,7 +1526,6 @@ int
 DANESSL_init(SSL *ssl, const char *sni_domain, const char **hostnames)
 {
 ssl_dane *dane;
-int i;


 DEBUG(D_tls) debug_printf("Dane ssl_init\n");
 if (dane_idx < 0)
@@ -1575,7 +1564,7 @@ dane->multi = 0;            /* Future SSL control interface */
 dane->count = 0;
 dane->hosts = 0;


-for (i = 0; i <= DANESSL_USAGE_LAST; ++i)
+for (int i = 0; i <= DANESSL_USAGE_LAST; ++i)
dane->selectors[i] = 0;

 if (hostnames && (dane->hosts = host_list_init(hostnames)) == 0)
diff --git a/src/src/debug.c b/src/src/debug.c
index 2423a33..2ddf229 100644
--- a/src/src/debug.c
+++ b/src/src/debug.c
@@ -39,9 +39,8 @@ Returns:     nothing
 static void
 tree_printsub(tree_node *p, int pos, int barswitch)
 {
-int i;
 if (p->right) tree_printsub(p->right, pos+2, 1);
-for (i = 0; i <= pos-1; i++) debug_printf("%c", tree_printline[i]);
+for (int i = 0; i <= pos-1; i++) debug_printf("%c", tree_printline[i]);
 debug_printf("-->%s [%d]\n", p->name, p->balance);
 tree_printline[pos] = barswitch? '|' : ' ';
 if (p->left)
@@ -56,8 +55,7 @@ if (p->left)
 void
 debug_print_tree(tree_node *p)
 {
-int i;
-for (i = 0; i < tree_printlinesize; i++) tree_printline[i] = ' ';
+for (int i = 0; i < tree_printlinesize; i++) tree_printline[i] = ' ';
 if (!p) debug_printf("Empty Tree\n"); else tree_printsub(p, 0, 0);
 debug_printf("---- End of tree ----\n");
 }
@@ -210,8 +208,7 @@ if (debug_ptr == debug_buffer)


 if (indent > 0)
   {
-  int i;
-  for (i = indent >> 2; i > 0; i--)
+  for (int i = indent >> 2; i > 0; i--)
     DEBUG(D_noutf8)
       {
       Ustrcpy(debug_ptr, "   !");
diff --git a/src/src/deliver.c b/src/src/deliver.c
index 664d004..1baf7d3 100644
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -284,13 +284,12 @@ to the same pipe or file. */


 else
   {
-  address_item *addr2;
   if (testflag(addr, af_pfr))
     {
     if (testflag(addr, af_file))     address_file = addr->local_part;
     else if (addr->local_part[0] == '|') address_pipe = addr->local_part;
     }
-  for (addr2 = addr->next; addr2; addr2 = addr2->next)
+  for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
     {
     if (deliver_domain && Ustrcmp(deliver_domain, addr2->domain) != 0)
       deliver_domain = NULL;
@@ -329,11 +328,9 @@ Returns:    a file descriptor, or -1 (with errno set)
 static int
 open_msglog_file(uschar *filename, int mode, uschar **error)
 {
-int fd, i;
-
-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
   {
-  fd = Uopen(filename,
+  int fd = Uopen(filename,
 #ifdef O_CLOEXEC
     O_CLOEXEC |
 #endif
@@ -422,8 +419,7 @@ Returns:     nothing
 static void
 replicate_status(address_item *addr)
 {
-address_item *addr2;
-for (addr2 = addr->next; addr2; addr2 = addr2->next)
+for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
   {
   addr2->transport =        addr->transport;
   addr2->transport_return = addr->transport_return;
@@ -657,8 +653,6 @@ Returns:      nothing
 static void
 address_done(address_item *addr, uschar *now)
 {
-address_item *dup;
-
 update_spool = TRUE;        /* Ensure spool gets updated */


/* Top-level address */
@@ -685,7 +679,7 @@ else tree_add_nonrecipient(addr->unique);
/* Check the list of duplicate addresses and ensure they are now marked
done as well. */

-for (dup = addr_duplicate; dup; dup = dup->next)
+for (address_item * dup = addr_duplicate; dup; dup = dup->next)
   if (Ustrcmp(addr->unique, dup->unique) == 0)
     {
     tree_add_nonrecipient(dup->unique);
@@ -716,9 +710,10 @@ Returns:    nothing
 static void
 child_done(address_item *addr, uschar *now)
 {
-address_item *aa;
 while (addr->parent)
   {
+  address_item *aa;
+
   addr = addr->parent;
   if (--addr->child_count > 0) return;   /* Incomplete parent */
   address_done(addr, now);
@@ -1061,8 +1056,7 @@ if (  (all_parents || testflag(addr, af_pfr))
    && addr->parent != topaddr)
   {
   uschar *s = US" (";
-  address_item *addr2;
-  for (addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent)
+  for (address_item * addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent)
     {
     g = string_catn(g, s, 2);
     g = string_cat (g, addr2->address);
@@ -1271,12 +1265,11 @@ if (  LOGGING(smtp_confirmation)
    && (addr->host_used || Ustrcmp(addr->transport->driver_name, "lmtp") == 0)
    )
   {
-  unsigned i;
   unsigned lim = big_buffer_size < 1024 ? big_buffer_size : 1024;
   uschar *p = big_buffer;
   uschar *ss = addr->message;
   *p++ = '\"';
-  for (i = 0; i < lim && ss[i] != 0; i++)    /* limit logged amount */
+  for (int i = 0; i < lim && ss[i] != 0; i++)    /* limit logged amount */
     {
     if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\'; /* quote \ and " */
     *p++ = ss[i];
@@ -1782,7 +1775,6 @@ Returns:       nothing
 static void
 common_error(BOOL logit, address_item *addr, int code, uschar *format, ...)
 {
-address_item *addr2;
 addr->basic_errno = code;


if (format)
@@ -1796,7 +1788,7 @@ if (format)
addr->message = string_from_gstring(g);
}

-for (addr2 = addr->next; addr2; addr2 = addr2->next)
+for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
   {
   addr2->basic_errno = code;
   addr2->message = addr->message;
@@ -1826,9 +1818,8 @@ Returns:      TRUE if the uid is on the list
 static BOOL
 check_never_users(uid_t uid, uid_t *nusers)
 {
-int i;
 if (!nusers) return FALSE;
-for (i = 1; i <= (int)(nusers[0]); i++) if (nusers[i] == uid) return TRUE;
+for (int i = 1; i <= (int)(nusers[0]); i++) if (nusers[i] == uid) return TRUE;
 return FALSE;
 }


@@ -2373,9 +2364,8 @@ if ((pid = fork()) == 0)

   DEBUG(D_deliver)
     {
-    address_item *batched;
     debug_printf("  home=%s current=%s\n", deliver_home, working_directory);
-    for (batched = addr->next; batched; batched = batched->next)
+    for (address_item * batched = addr->next; batched; batched = batched->next)
       debug_printf("additional batched address: %s\n", batched->address);
     }


@@ -3285,9 +3275,8 @@ while ( *aptr

 DEBUG(D_deliver)
   {
-  address_item *addr;
   debug_printf("remote addresses after sorting:\n");
-  for (addr = addr_remote; addr; addr = addr->next)
+  for (address_item * addr = addr_remote; addr; addr = addr->next)
     debug_printf("  %s\n", addr->address);
   }
 }
@@ -3792,12 +3781,10 @@ static void
 remote_post_process(address_item *addr, int logflags, uschar *msg,
   BOOL fallback)
 {
-host_item *h;
-
 /* If any host addresses were found to be unusable, add them to the unusable
 tree so that subsequent deliveries don't try them. */


-for (h = addr->host_list; h; h = h->next)
+for (host_item * h = addr->host_list; h; h = h->next)
   if (h->address)
     if (h->status >= hstatus_unusable) tree_add_unusable(h);


@@ -4231,7 +4218,6 @@ static BOOL
do_remote_deliveries(BOOL fallback)
{
int parmax;
-int delivery_count;
int poffset;

 parcount = 0;    /* Number of executing subprocesses */
@@ -4255,7 +4241,7 @@ if (!parlist)


/* Now loop for each remote delivery */

-for (delivery_count = 0; addr_remote; delivery_count++)
+for (int delivery_count = 0; addr_remote; delivery_count++)
   {
   pid_t pid;
   uid_t uid;
@@ -4554,9 +4540,8 @@ for (delivery_count = 0; addr_remote; delivery_count++)
      && addr->host_list
      )
     {
-    host_item * h;
     ok = FALSE;
-    for (h = addr->host_list; h; h = h->next)
+    for (host_item * h = addr->host_list; h; h = h->next)
       if (Ustrcmp(h->name, continue_hostname) == 0)
   /*XXX should also check port here */
         { ok = TRUE; break; }
@@ -4608,12 +4593,9 @@ for (delivery_count = 0; addr_remote; delivery_count++)
     interface to the transport. */


     for (next = addr_remote; next && !f.continue_more; next = next->next)
-      {
-      host_item *h;
-      for (h = next->host_list; h; h = h->next)
+      for (host_item * h = next->host_list; h; h = h->next)
         if (Ustrcmp(h->name, continue_hostname) == 0)
           { f.continue_more = TRUE; break; }
-      }
     }


   /* The transports set up the process info themselves as they may connect
@@ -5262,15 +5244,12 @@ static int
 continue_closedown(void)
 {
 if (continue_transport)
-  {
-  transport_instance *t;
-  for (t = transports; t; t = t->next)
+  for (transport_instance * t = transports; t; t = t->next)
     if (Ustrcmp(t->name, continue_transport) == 0)
       {
       if (t->info->closedown) (t->info->closedown)(t);
       break;
       }
-  }
 return DELIVER_NOT_ATTEMPTED;
 }


@@ -6292,9 +6271,8 @@ if (process_recipients != RECIP_IGNORE)

 DEBUG(D_deliver)
   {
-  address_item *p;
   debug_printf("Delivery address list:\n");
-  for (p = addr_new; p; p = p->next)
+  for (address_item * p = addr_new; p; p = p->next)
     debug_printf("  %s %s\n", p->address,
       p->onetime_parent ? p->onetime_parent : US"");
   }
@@ -6938,22 +6916,21 @@ while (addr_new)           /* Loop until all addresses dealt with */


 DEBUG(D_deliver|D_retry|D_route)
   {
-  address_item *p;
   debug_printf(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
   debug_printf("After routing:\n  Local deliveries:\n");
-  for (p = addr_local; p; p = p->next)
+  for (address_item * p = addr_local; p; p = p->next)
     debug_printf("    %s\n", p->address);


   debug_printf("  Remote deliveries:\n");
-  for (p = addr_remote; p; p = p->next)
+  for (address_item * p = addr_remote; p; p = p->next)
     debug_printf("    %s\n", p->address);


   debug_printf("  Failed addresses:\n");
-  for (p = addr_failed; p; p = p->next)
+  for (address_item * p = addr_failed; p; p = p->next)
     debug_printf("    %s\n", p->address);


   debug_printf("  Deferred addresses:\n");
-  for (p = addr_defer; p; p = p->next)
+  for (address_item * p = addr_defer; p; p = p->next)
     debug_printf("    %s\n", p->address);
   }


@@ -7235,8 +7212,8 @@ if (mua_wrapper)
   {
   if (addr_defer)
     {
-    address_item *addr, *nextaddr;
-    for (addr = addr_defer; addr; addr = nextaddr)
+    address_item * nextaddr;
+    for (address_item * addr = addr_defer; addr; addr = nextaddr)
       {
       log_write(0, LOG_MAIN, "** %s mua_wrapper forced failure for deferred "
         "delivery", addr->address);
@@ -8063,14 +8040,13 @@ was set just to keep the message on the spool, so there is nothing to do here.


else if (addr_defer != (address_item *)(+1))
{
- address_item *addr;
uschar *recipients = US"";
BOOL want_warning_msg = FALSE;

   deliver_domain = testflag(addr_defer, af_pfr)
     ? addr_defer->parent->domain : addr_defer->domain;


-  for (addr = addr_defer; addr; addr = addr->next)
+  for (address_item * addr = addr_defer; addr; addr = addr->next)
     {
     address_item *otaddr;


diff --git a/src/src/dkim.c b/src/src/dkim.c
index 5209cd9..a0becd4 100644
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -45,7 +45,6 @@ dkim_exim_query_dns_txt(uschar * name)
{
dns_answer dnsa;
dns_scan dnss;
-dns_record *rr;
gstring * g = NULL;

lookup_dnssec_authenticated = NULL;
@@ -54,7 +53,7 @@ if (dns_lookup(&dnsa, name, T_TXT, NULL) != DNS_SUCCEED)

/* Search for TXT record */

-for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
      rr;
      rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
   if (rr->type == T_TXT)
@@ -280,15 +279,14 @@ return;
 void
 dkim_exim_verify_log_all(void)
 {
-pdkim_signature * sig;
-for (sig = dkim_signatures; sig; sig = sig->next) dkim_exim_verify_log_sig(sig);
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
+  dkim_exim_verify_log_sig(sig);
 }



void
dkim_exim_verify_finish(void)
{
-pdkim_signature * sig;
int rc;
gstring * g = NULL;
const uschar * errstr = NULL;
@@ -320,7 +318,7 @@ if (rc != PDKIM_OK && errstr)

/* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */

-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
if (sig->domain) g = string_append_listele(g, ':', sig->domain);
if (sig->identity) g = string_append_listele(g, ':', sig->identity);
@@ -372,7 +370,6 @@ int
dkim_exim_acl_run(uschar * id, gstring ** res_ptr,
uschar ** user_msgptr, uschar ** log_msgptr)
{
-pdkim_signature * sig;
uschar * cmp_val;
int rc = -1;

@@ -385,7 +382,7 @@ if (f.dkim_disable_verify || !id || !dkim_verify_ctx)

/* Find signatures to run ACL on */

-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
   if (  (cmp_val = Ustrchr(id, '@') != NULL ? US sig->identity : US sig->domain)
      && strcmpic(cmp_val, id) == 0
      )
@@ -799,12 +796,11 @@ expand_bad:
 gstring *
 authres_dkim(gstring * g)
 {
-pdkim_signature * sig;
 int start = 0;        /* compiler quietening */


DEBUG(D_acl) start = g->ptr;

-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
g = string_catn(g, US";\n\tdkim=", 8);

diff --git a/src/src/dmarc.c b/src/src/dmarc.c
index f29f7eb..c4edc91 100644
--- a/src/src/dmarc.c
+++ b/src/src/dmarc.c
@@ -157,7 +157,6 @@ return OK;
 static void
 dmarc_send_forensic_report(u_char **ruf)
 {
-int   c;
 uschar *recipient, *save_sender;
 BOOL  send_status = FALSE;
 error_block *eblock = NULL;
@@ -183,7 +182,7 @@ if (  dmarc_policy == DMARC_POLICY_REJECT     && action == DMARC_RESULT_REJECT
              da == DMARC_POLICY_DKIM_ALIGNMENT_PASS ? US"yes" : US"no");
     eblock = add_to_eblock(eblock, US"DMARC Results", dmarc_status_text);


-    for (c = 0; ruf[c]; c++)
+    for (int c = 0; ruf[c]; c++)
       {
       recipient = string_copylc(ruf[c]);
       if (Ustrncmp(recipient, "mailto:",7))
diff --git a/src/src/dns.c b/src/src/dns.c
index 0f0b435..dd929d4 100644
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -240,8 +240,7 @@ uschar *pp = buffer;
 if (Ustrchr(string, ':') == NULL)
 #endif
   {
-  int i;
-  for (i = 0; i < 4; i++)
+  for (int i = 0; i < 4; i++)
     {
     const uschar *ppp = p;
     while (ppp > string && ppp[-1] != '.') ppp--;
@@ -259,7 +258,6 @@ abbreviation in the textual form. */
 #if HAVE_IPV6
 else
   {
-  int i;
   int v6[4];
   (void)host_aton(string, v6);


@@ -267,12 +265,9 @@ else
nibble, and look in the ip6.int domain. The domain was subsequently
changed to ip6.arpa. */

-  for (i = 3; i >= 0; i--)
-    {
-    int j;
-    for (j = 0; j < 32; j += 4)
+  for (int i = 3; i >= 0; i--)
+    for (int j = 0; j < 32; j += 4)
       pp += sprintf(CS pp, "%x.", (v6[i] >> j) & 15);
-    }
   Ustrcpy(pp, "ip6.arpa.");


/* Another way of doing IPv6 reverse lookups was proposed in conjunction
@@ -287,7 +282,7 @@ else
Ustrcpy(pp, "\\[x");
pp += 3;

-  for (i = 0; i < 4; i++)
+  for (int i = 0; i < 4; i++)
     {
     sprintf(pp, "%08X", v6[i]);
     pp += 8;
@@ -467,11 +462,10 @@ static const uschar *
 dns_extract_auth_name(const dns_answer * dnsa)    /* FIXME: const dns_answer */
 {
 dns_scan dnss;
-dns_record * rr;
 const HEADER * h = (const HEADER *) dnsa->answer;


 if (h->nscount && h->aa)
-  for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
+  for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
        rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
     if (rr->type == (h->ancount ? T_NS : T_SOA))
       return string_copy(rr->name);
@@ -873,7 +867,6 @@ int
 dns_lookup(dns_answer *dnsa, const uschar *name, int type,
   const uschar **fully_qualified_name)
 {
-int i;
 const uschar *orig_name = name;
 BOOL secure_so_far = TRUE;


@@ -884,10 +877,10 @@ resolvers hiding behind a config variable. Loop to follow CNAME chains so far,
but no further... The testsuite tests the latter case, mostly assuming that the
former will work. */

-for (i = 0; i <= dns_cname_loops; i++)
+for (int i = 0; i <= dns_cname_loops; i++)
{
uschar * data;
- dns_record *rr, cname_rr, type_rr;
+ dns_record cname_rr, type_rr;
dns_scan dnss;
int rc;

@@ -903,7 +896,7 @@ for (i = 0; i <= dns_cname_loops; i++)
area in the dnsa block. */

   cname_rr.data = type_rr.data = NULL;
-  for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
+  for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
        rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
     if (rr->type == type)
       {
@@ -1217,8 +1210,7 @@ else
   if (rr->data + 16 <= dnsa_lim)
     {
     struct in6_addr in6;
-    int i;
-    for (i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
+    for (int i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
     yield = store_get(sizeof(dns_address) + 50);
     inet_ntop(AF_INET6, &in6, CS yield->address, 50);
     yield->next = NULL;
diff --git a/src/src/drtables.c b/src/src/drtables.c
index b1bd836..cd12dd1 100644
--- a/src/src/drtables.c
+++ b/src/src/drtables.c
@@ -177,9 +177,8 @@ auth_info auths_available[] = {
 void
 auth_show_supported(FILE * f)
 {
-auth_info * ai;
 fprintf(f, "Authenticators:");
-for (ai = auths_available; ai->driver_name[0]; ai++)
+for (auth_info * ai = auths_available; ai->driver_name[0]; ai++)
            fprintf(f, " %s", ai->driver_name);
 fprintf(f, "\n");
 }
@@ -346,9 +345,8 @@ router_info routers_available[] = {
 void
 route_show_supported(FILE * f)
 {
-router_info * rr;
 fprintf(f, "Routers:");
-for (rr = routers_available; rr->driver_name[0]; rr++)
+for (router_info * rr = routers_available; rr->driver_name[0]; rr++)
            fprintf(f, " %s", rr->driver_name);
 fprintf(f, "\n");
 }
@@ -766,10 +764,9 @@ init_lookup_list(void)
   /* now add all lookups to the real list */
   p = lookupmodules;
   while (p) {
-    int j;
     struct lookupmodulestr *pnext;


-    for (j = 0; j < p->info->lookupcount; j++)
+    for (int j = 0; j < p->info->lookupcount; j++)
       add_lookup_to_list(p->info->lookups[j]);


     pnext = p->next;
diff --git a/src/src/environment.c b/src/src/environment.c
index c394eb7..9d3d126 100644
--- a/src/src/environment.c
+++ b/src/src/environment.c
@@ -37,9 +37,7 @@ if (!keep_environment || *keep_environment == '\0')


   }
 else if (Ustrcmp(keep_environment, "*") != 0)
-  {
-  uschar **p;
-  if (environ) for (p = USS environ; *p; /* see below */)
+  if (environ) for (uschar ** p = USS environ; *p; /* see below */)
     {
     /* It's considered broken if we do not find the '=', according to
     Florian Weimer. For now we ignore such strings. unsetenv() would complain,
@@ -58,7 +56,6 @@ else if (Ustrcmp(keep_environment, "*") != 0)
       store_reset(name);
       }
     }
-  }
 if (add_environment)
   {
     uschar * p;
diff --git a/src/src/exim.c b/src/src/exim.c
index f6f15f4..d693c9f 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -145,9 +145,8 @@ BOOL yield = n >= 0;
 if (n == 0) n = EXPAND_MAXN + 1;
 if (yield)
   {
-  int nn;
   expand_nmax = setup < 0 ? 0 : setup + 1;
-  for (nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
+  for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
     {
     expand_nstring[expand_nmax] = s + ovector[nn];
     expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
@@ -497,10 +496,9 @@ Returns:    Nothing
 void
 exim_nullstd(void)
 {
-int i;
 int devnull = -1;
 struct stat statbuf;
-for (i = 0; i <= 2; i++)
+for (int i = 0; i <= 2; i++)
   {
   if (fstat(i, &statbuf) < 0 && errno == EBADF)
     {
@@ -642,10 +640,7 @@ DEBUG(D_uid)
   save_errno = errno;
   debug_printf("  auxiliary group list:");
   if (group_count > 0)
-    {
-    int i;
-    for (i = 0; i < group_count; i++) debug_printf(" %d", (int)group_list[i]);
-    }
+    for (int i = 0; i < group_count; i++) debug_printf(" %d", (int)group_list[i]);
   else if (group_count < 0)
     debug_printf(" <error: %s>", strerror(save_errno));
   else debug_printf(" <none>");
@@ -807,8 +802,6 @@ Returns:    nothing
 static void
 show_whats_supported(FILE * fp)
 {
-auth_info * authi;
-
 DEBUG(D_any) {} else show_db_version(fp);


fprintf(fp, "Support for:");
@@ -1000,8 +993,6 @@ fprintf(fp, "Size of off_t: " SIZE_T_FMT "\n", sizeof(off_t));
Perhaps the tls_version_report should move into this too. */
DEBUG(D_any) do {

- int i;
-
/* clang defines __GNUC__ (at least, for me) so test for it first */
#if defined(__clang__)
fprintf(fp, "Compiler: CLang [%s]\n", __clang_version__);
@@ -1034,7 +1025,7 @@ show_db_version(fp);
utf8_version_report(fp);
#endif

-  for (authi = auths_available; *authi->driver_name != '\0'; ++authi)
+  for (auth_info * authi = auths_available; *authi->driver_name != '\0'; ++authi)
     if (authi->version_report)
       (*authi->version_report)(fp);


@@ -1055,7 +1046,7 @@ show_db_version(fp);
#undef EXPAND_AND_QUOTE

   init_lookup_list();
-  for (i = 0; i < lookup_list_count; i++)
+  for (int i = 0; i < lookup_list_count; i++)
     if (lookup_list[i]->version_report)
       lookup_list[i]->version_report(fp);


@@ -1081,8 +1072,6 @@ show_db_version(fp);
 static void
 show_exim_information(enum commandline_info request, FILE *stream)
 {
-const uschar **pp;
-
 switch(request)
   {
   case CMDINFO_NONE:
@@ -1099,7 +1088,7 @@ switch(request)
 );
     return;
   case CMDINFO_SIEVE:
-    for (pp = exim_sieve_extension_list; *pp; ++pp)
+    for (const uschar ** pp = exim_sieve_extension_list; *pp; ++pp)
       fprintf(stream, "%s\n", *pp);
     return;
   case CMDINFO_DSCP:
@@ -1126,9 +1115,8 @@ local_part_quote(uschar *lpart)
 {
 BOOL needs_quote = FALSE;
 gstring * g;
-uschar *t;


-for (t = lpart; !needs_quote && *t != 0; t++)
+for (uschar * t = lpart; !needs_quote && *t != 0; t++)
   {
   needs_quote = !isalnum(*t) && strchr("!#$%&'*+-/=?^_`{|}~", *t) == NULL &&
     (*t != '.' || t == lpart || t[1] == 0);
@@ -1225,12 +1213,11 @@ Returns:        pointer to dynamic memory, or NULL at end of file
 static uschar *
 get_stdinput(char *(*fn_readline)(const char *), void(*fn_addhist)(const char *))
 {
-int i;
 gstring * g = NULL;


if (!fn_readline) { printf("> "); fflush(stdout); }

-for (i = 0;; i++)
+for (int i = 0;; i++)
{
uschar buffer[1024];
uschar *p, *ss;
@@ -1330,8 +1317,7 @@ static BOOL
macros_trusted(BOOL opt_D_used)
{
#ifdef WHITELIST_D_MACROS
-macro_item *m;
-uschar *whitelisted, *end, *p, **whites, **w;
+uschar *whitelisted, *end, *p, **whites;
int white_count, i, n;
size_t len;
BOOL prev_char_item, found;
@@ -1396,10 +1382,10 @@ whites[i] = NULL;

 /* The list of commandline macros should be very short.
 Accept the N*M complexity. */
-for (m = macros_user; m; m = m->next) if (m->command_line)
+for (macro_item * m = macros_user; m; m = m->next) if (m->command_line)
   {
   found = FALSE;
-  for (w = whites; *w; ++w)
+  for (uschar ** w = whites; *w; ++w)
     if (Ustrcmp(*w, m->name) == 0)
       {
       found = TRUE;
@@ -2822,8 +2808,7 @@ for (i = 1; i < argc; i++)


     if (!one_msg_action)
       {
-      int j;
-      for (j = msg_action_arg; j < argc; j++) if (!mac_ismsgid(argv[j]))
+      for (int j = msg_action_arg; j < argc; j++) if (!mac_ismsgid(argv[j]))
         exim_fail("exim: malformed message id %s after %s option\n",
           argv[j], arg);
       goto END_ARG;   /* Remaining args are ids */
@@ -3219,9 +3204,7 @@ for (i = 1; i < argc; i++)
     argument. */


     if (*argrest != 0)
-      {
-      int i;
-      for (i = 0; i < nelem(rsopts); i++)
+      for (int i = 0; i < nelem(rsopts); i++)
         if (Ustrcmp(argrest, rsopts[i]) == 0)
           {
           if (i != 2) f.queue_run_force = TRUE;
@@ -3229,7 +3212,6 @@ for (i = 1; i < argc; i++)
           if (i == 1 || i == 4) f.deliver_force_thaw = TRUE;
           argrest += Ustrlen(rsopts[i]);
           }
-      }


     /* -R: Set string to match in addresses for forced queue run to
     pick out particular messages. */
@@ -3261,9 +3243,7 @@ for (i = 1; i < argc; i++)
     argument. */


     if (*argrest)
-      {
-      int i;
-      for (i = 0; i < nelem(rsopts); i++)
+      for (int i = 0; i < nelem(rsopts); i++)
         if (Ustrcmp(argrest, rsopts[i]) == 0)
           {
           if (i != 2) f.queue_run_force = TRUE;
@@ -3271,7 +3251,6 @@ for (i = 1; i < argc; i++)
           if (i == 1 || i == 4) f.deliver_force_thaw = TRUE;
           argrest += Ustrlen(rsopts[i]);
           }
-      }


     /* -S: Set string to match in addresses for forced queue run to
     pick out particular messages. */
@@ -3700,16 +3679,13 @@ for later interrogation. */
 if (real_uid == root_uid || real_uid == exim_uid || real_gid == exim_gid)
   f.admin_user = TRUE;
 else
-  {
-  int i, j;
-  for (i = 0; i < group_count && !f.admin_user; i++)
+  for (int i = 0; i < group_count && !f.admin_user; i++)
     if (group_list[i] == exim_gid)
       f.admin_user = TRUE;
     else if (admin_groups)
-      for (j = 1; j <= (int)admin_groups[0] && !f.admin_user; j++)
+      for (int j = 1; j <= (int)admin_groups[0] && !f.admin_user; j++)
         if (admin_groups[j] == group_list[i])
           f.admin_user = TRUE;
-  }


 /* Another group of privileged users are the trusted users. These are root,
 exim, and any caller matching trusted_users or trusted_groups. Trusted callers
@@ -3720,18 +3696,16 @@ if (real_uid == root_uid || real_uid == exim_uid)
   f.trusted_caller = TRUE;
 else
   {
-  int i, j;
-
   if (trusted_users)
-    for (i = 1; i <= (int)trusted_users[0] && !f.trusted_caller; i++)
+    for (int i = 1; i <= (int)trusted_users[0] && !f.trusted_caller; i++)
       if (trusted_users[i] == real_uid)
         f.trusted_caller = TRUE;


   if (trusted_groups)
-    for (i = 1; i <= (int)trusted_groups[0] && !f.trusted_caller; i++)
+    for (int i = 1; i <= (int)trusted_groups[0] && !f.trusted_caller; i++)
       if (trusted_groups[i] == real_gid)
         f.trusted_caller = TRUE;
-      else for (j = 0; j < group_count && !f.trusted_caller; j++)
+      else for (int j = 0; j < group_count && !f.trusted_caller; j++)
         if (trusted_groups[i] == group_list[j])
           f.trusted_caller = TRUE;
   }
@@ -3749,10 +3723,9 @@ decode_bits(log_selector, log_selector_size, log_notall,


 DEBUG(D_any)
   {
-  int i;
   debug_printf("configuration file is %s\n", config_main_filename);
   debug_printf("log selectors =");
-  for (i = 0; i < log_selector_size; i++)
+  for (int i = 0; i < log_selector_size; i++)
     debug_printf(" %08x", log_selector[i]);
   debug_printf("\n");
   }
@@ -3829,9 +3802,7 @@ EXIM_TMPDIR by the build scripts.
 */


 #ifdef EXIM_TMPDIR
-  {
-  uschar **p;
-  if (environ) for (p = USS environ; *p; p++)
+  if (environ) for (uschar ** p = USS environ; *p; p++)
     if (Ustrncmp(*p, "TMPDIR=", 7) == 0 && Ustrcmp(*p+7, EXIM_TMPDIR) != 0)
       {
       uschar * newp = store_malloc(Ustrlen(EXIM_TMPDIR) + 8);
@@ -3839,7 +3810,6 @@ EXIM_TMPDIR by the build scripts.
       *p = newp;
       DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", EXIM_TMPDIR);
       }
-  }
 #endif


 /* Timezone handling. If timezone_string is "utc", set a flag to cause all
@@ -3941,7 +3911,6 @@ verifying/testing addresses or expansions. */
 if (  (debug_selector & D_any  ||  LOGGING(arguments))
    && f.really_exim && !list_options && !checking)
   {
-  int i;
   uschar *p = big_buffer;
   Ustrcpy(p, "cwd= (failed)");


@@ -3958,7 +3927,7 @@ if ( (debug_selector & D_any || LOGGING(arguments))

   (void)string_format(p, big_buffer_size - (p - big_buffer), " %d args:", argc);
   while (*p) p++;
-  for (i = 0; i < argc; i++)
+  for (int i = 0; i < argc; i++)
     {
     int len = Ustrlen(argv[i]);
     const uschar *printing;
@@ -4376,7 +4345,6 @@ if (test_retry_arg >= 0)
     printf("No retry information found\n");
   else
     {
-    retry_rule *r;
     more_errno = yield->more_errno;
     printf("Retry rule: %s  ", yield->pattern);


@@ -4406,7 +4374,7 @@ if (test_retry_arg >= 0)
       printf("auth_failed  ");
     else printf("*  ");


-    for (r = yield->rules; r; r = r->next)
+    for (retry_rule * r = yield->rules; r; r = r->next)
       {
       printf("%c,%s", r->rule, readconf_printtime(r->timeout)); /* Do not */
       printf(",%s", readconf_printtime(r->p1));                 /* amalgamate */
@@ -5282,7 +5250,6 @@ while (more)


   else
     {
-    int i;
     int rcount = 0;
     int count = argc - recipients_arg;
     uschar **list = argv + recipients_arg;
@@ -5298,7 +5265,7 @@ while (more)


     /* Loop for each argument */


-    for (i = 0; i < count; i++)
+    for (int i = 0; i < count; i++)
       {
       int start, end, domain;
       uschar *errmess;
@@ -5380,12 +5347,11 @@ while (more)


     DEBUG(D_receive)
       {
-      int i;
       if (sender_address != NULL) debug_printf("Sender: %s\n", sender_address);
       if (recipients_list != NULL)
         {
         debug_printf("Recipients:\n");
-        for (i = 0; i < recipients_count; i++)
+        for (int i = 0; i < recipients_count; i++)
           debug_printf("  %s\n", recipients_list[i].address);
         }
       }
@@ -5644,7 +5610,7 @@ moreloop:
   callout_address = NULL;
   sending_ip_address = NULL;
   acl_var_m = NULL;
-  { int i; for(i=0; i<REGEX_VARS; i++) regex_vars[i] = NULL; }
+  for(int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;


   store_reset(reset_point);
   }
diff --git a/src/src/exim_dbmbuild.c b/src/src/exim_dbmbuild.c
index afd5095..3bb2266 100644
--- a/src/src/exim_dbmbuild.c
+++ b/src/src/exim_dbmbuild.c
@@ -304,22 +304,21 @@ while (Ufgets(line, max_insize, f) != NULL)
       switch(rc = EXIM_DBPUTB(d, key, content))
         {
         case EXIM_DBPUTB_OK:
-        count++;
-        break;
+      count++;
+      break;


         case EXIM_DBPUTB_DUP:
-        if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n",
-          keybuffer);
-        dupcount++;
-        if(duperr) yield = 1;
-        if (lastdup) EXIM_DBPUT(d, key, content);
-        break;
+      if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n", keybuffer);
+      dupcount++;
+      if(duperr) yield = 1;
+      if (lastdup) EXIM_DBPUT(d, key, content);
+      break;


         default:
-        fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc,
-          keybuffer, errno);
-        yield = 2;
-        goto TIDYUP;
+      fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc,
+        keybuffer, errno);
+      yield = 2;
+      goto TIDYUP;
         }


       bptr = buffer;
@@ -337,8 +336,9 @@ while (Ufgets(line, max_insize, f) != NULL)
       keystart = t;
       while (*s != 0 && *s != '\"')
         {
-        if (*s == '\\') *t++ = string_interpret_escape((const uschar **)&s);
-          else *t++ = *s;
+    *t++ = *s == '\\'
+    ? string_interpret_escape((const uschar **)&s)
+    : *s;
         s++;
         }
       if (*s != 0) s++;               /* Past terminating " */
@@ -360,15 +360,11 @@ while (Ufgets(line, max_insize, f) != NULL)
       }


     if (lowercase)
-      {
       for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++)
         keybuffer[i] = tolower(keystart[i]);
-      }
     else
-      {
       for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++)
         keybuffer[i] = keystart[i];
-      }


     keybuffer[i] = 0;
     started = 1;
diff --git a/src/src/exim_dbutil.c b/src/src/exim_dbutil.c
index 45bad20..a0514f0 100644
--- a/src/src/exim_dbutil.c
+++ b/src/src/exim_dbutil.c
@@ -190,7 +190,6 @@ return (value == ccache_accept)? US"accept" :
 static time_t
 read_time(uschar *s)
 {
-uschar *t = s;
 int field = 0;
 int value;
 time_t now = time(NULL);
@@ -199,7 +198,7 @@ struct tm *tm = localtime(&now);
 tm->tm_sec = 0;
 tm->tm_isdst = -1;


-for (t = s + Ustrlen(s) - 1; t >= s; t--)
+for (uschar * t = s + Ustrlen(s) - 1; t >= s; t--)
{
if (*t == ':') continue;
if (!isdigit((uschar)*t)) return -1;
@@ -520,7 +519,6 @@ open_db dbblock;
open_db *dbm;
EXIM_CURSOR *cursor;
uschar **argv = USS cargv;
-uschar *key;
uschar keybuffer[1024];

/* Check the arguments, and open the database */
@@ -534,7 +532,7 @@ if (!(dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE)))
that data is returned in a malloc'ed block, in order that it be
correctly aligned. */

-for (key = dbfn_scan(dbm, TRUE, &cursor);
+for (uschar * key = dbfn_scan(dbm, TRUE, &cursor);
      key;
      key = dbfn_scan(dbm, FALSE, &cursor))
   {
@@ -544,7 +542,7 @@ for (key = dbfn_scan(dbm, TRUE, &cursor);
   dbdata_ratelimit *ratelimit;
   dbdata_ratelimit_unique *rate_unique;
   int count_bad = 0;
-  int i, length;
+  int length;
   uschar *t;
   uschar name[MESSAGE_ID_LENGTH + 1];
   void *value;
@@ -571,111 +569,110 @@ for (key = dbfn_scan(dbm, TRUE, &cursor);
     switch(dbdata_type)
       {
       case type_retry:
-      retry = (dbdata_retry *)value;
-      printf("  %s %d %d %s\n%s  ", keybuffer, retry->basic_errno,
-        retry->more_errno, retry->text,
-        print_time(retry->first_failed));
-      printf("%s  ", print_time(retry->last_try));
-      printf("%s %s\n", print_time(retry->next_try),
-        (retry->expired)? "*" : "");
-      break;
+    retry = (dbdata_retry *)value;
+    printf("  %s %d %d %s\n%s  ", keybuffer, retry->basic_errno,
+      retry->more_errno, retry->text,
+      print_time(retry->first_failed));
+    printf("%s  ", print_time(retry->last_try));
+    printf("%s %s\n", print_time(retry->next_try),
+      (retry->expired)? "*" : "");
+    break;


       case type_wait:
-      wait = (dbdata_wait *)value;
-      printf("%s ", keybuffer);
-      t = wait->text;
-      name[MESSAGE_ID_LENGTH] = 0;
-
-      if (wait->count > WAIT_NAME_MAX)
-        {
-        fprintf(stderr,
-          "**** Data for %s corrupted\n  count=%d=0x%x max=%d\n",
-          CS keybuffer, wait->count, wait->count, WAIT_NAME_MAX);
-        wait->count = WAIT_NAME_MAX;
-        yield = count_bad = 1;
-        }
-      for (i = 1; i <= wait->count; i++)
-        {
-        Ustrncpy(name, t, MESSAGE_ID_LENGTH);
-        if (count_bad && name[0] == 0) break;
-        if (Ustrlen(name) != MESSAGE_ID_LENGTH ||
-            Ustrspn(name, "0123456789"
-                          "abcdefghijklmnopqrstuvwxyz"
-                          "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
-          {
-          int j;
-          fprintf(stderr,
-            "**** Data for %s corrupted: bad character in message id\n",
-            CS keybuffer);
-          for (j = 0; j < MESSAGE_ID_LENGTH; j++)
-            fprintf(stderr, "%02x ", name[j]);
-          fprintf(stderr, "\n");
-          yield = 1;
-          break;
-          }
-        printf("%s ", name);
-        t += MESSAGE_ID_LENGTH;
-        }
-      printf("\n");
-      break;
+    wait = (dbdata_wait *)value;
+    printf("%s ", keybuffer);
+    t = wait->text;
+    name[MESSAGE_ID_LENGTH] = 0;
+
+    if (wait->count > WAIT_NAME_MAX)
+      {
+      fprintf(stderr,
+        "**** Data for %s corrupted\n  count=%d=0x%x max=%d\n",
+        CS keybuffer, wait->count, wait->count, WAIT_NAME_MAX);
+      wait->count = WAIT_NAME_MAX;
+      yield = count_bad = 1;
+      }
+    for (int i = 1; i <= wait->count; i++)
+      {
+      Ustrncpy(name, t, MESSAGE_ID_LENGTH);
+      if (count_bad && name[0] == 0) break;
+      if (Ustrlen(name) != MESSAGE_ID_LENGTH ||
+          Ustrspn(name, "0123456789"
+                "abcdefghijklmnopqrstuvwxyz"
+                "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
+        {
+        fprintf(stderr,
+          "**** Data for %s corrupted: bad character in message id\n",
+          CS keybuffer);
+        for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
+          fprintf(stderr, "%02x ", name[j]);
+        fprintf(stderr, "\n");
+        yield = 1;
+        break;
+        }
+      printf("%s ", name);
+      t += MESSAGE_ID_LENGTH;
+      }
+    printf("\n");
+    break;


       case type_misc:
-      printf("%s %s\n", print_time(((dbdata_generic *)value)->time_stamp),
-        keybuffer);
-      break;
+    printf("%s %s\n", print_time(((dbdata_generic *)value)->time_stamp),
+      keybuffer);
+    break;


       case type_callout:
-      callout = (dbdata_callout_cache *)value;
-
-      /* New-style address record */
-
-      if (length == sizeof(dbdata_callout_cache_address))
-        {
-        printf("%s %s callout=%s\n",
-          print_time(((dbdata_generic *)value)->time_stamp),
-          keybuffer,
-          print_cache(callout->result));
-        }
-
-      /* New-style domain record */
-
-      else if (length == sizeof(dbdata_callout_cache))
-        {
-        printf("%s %s callout=%s postmaster=%s",
-          print_time(((dbdata_generic *)value)->time_stamp),
-          keybuffer,
-          print_cache(callout->result),
-          print_cache(callout->postmaster_result));
-        if (callout->postmaster_result != ccache_unknown)
-          printf(" (%s)", print_time(callout->postmaster_stamp));
-        printf(" random=%s", print_cache(callout->random_result));
-        if (callout->random_result != ccache_unknown)
-          printf(" (%s)", print_time(callout->random_stamp));
-        printf("\n");
-        }
-
-      break;
+    callout = (dbdata_callout_cache *)value;
+
+    /* New-style address record */
+
+    if (length == sizeof(dbdata_callout_cache_address))
+      {
+      printf("%s %s callout=%s\n",
+        print_time(((dbdata_generic *)value)->time_stamp),
+        keybuffer,
+        print_cache(callout->result));
+      }
+
+    /* New-style domain record */
+
+    else if (length == sizeof(dbdata_callout_cache))
+      {
+      printf("%s %s callout=%s postmaster=%s",
+        print_time(((dbdata_generic *)value)->time_stamp),
+        keybuffer,
+        print_cache(callout->result),
+        print_cache(callout->postmaster_result));
+      if (callout->postmaster_result != ccache_unknown)
+        printf(" (%s)", print_time(callout->postmaster_stamp));
+      printf(" random=%s", print_cache(callout->random_result));
+      if (callout->random_result != ccache_unknown)
+        printf(" (%s)", print_time(callout->random_stamp));
+      printf("\n");
+      }
+
+    break;


       case type_ratelimit:
-      if (Ustrstr(key, "/unique/") != NULL && length >= sizeof(*rate_unique))
-        {
-        ratelimit = (dbdata_ratelimit *)value;
-        rate_unique = (dbdata_ratelimit_unique *)value;
-        printf("%s.%06d rate: %10.3f epoch: %s size: %u key: %s\n",
-          print_time(ratelimit->time_stamp),
-          ratelimit->time_usec, ratelimit->rate,
-          print_time(rate_unique->bloom_epoch), rate_unique->bloom_size,
-          keybuffer);
-        }
-      else
-        {
-        ratelimit = (dbdata_ratelimit *)value;
-        printf("%s.%06d rate: %10.3f key: %s\n",
-          print_time(ratelimit->time_stamp),
-          ratelimit->time_usec, ratelimit->rate,
-          keybuffer);
-        }
-      break;
+    if (Ustrstr(key, "/unique/") != NULL && length >= sizeof(*rate_unique))
+      {
+      ratelimit = (dbdata_ratelimit *)value;
+      rate_unique = (dbdata_ratelimit_unique *)value;
+      printf("%s.%06d rate: %10.3f epoch: %s size: %u key: %s\n",
+        print_time(ratelimit->time_stamp),
+        ratelimit->time_usec, ratelimit->rate,
+        print_time(rate_unique->bloom_epoch), rate_unique->bloom_size,
+        keybuffer);
+      }
+    else
+      {
+      ratelimit = (dbdata_ratelimit *)value;
+      printf("%s.%06d rate: %10.3f key: %s\n",
+        print_time(ratelimit->time_stamp),
+        ratelimit->time_usec, ratelimit->rate,
+        keybuffer);
+      }
+    break;
       }
     store_reset(value);
     }
@@ -748,7 +745,7 @@ for(;;)
   dbdata_callout_cache *callout;
   dbdata_ratelimit *ratelimit;
   dbdata_ratelimit_unique *rate_unique;
-  int i, oldlength;
+  int oldlength;
   uschar *t;
   uschar field[256], value[256];


@@ -818,147 +815,116 @@ for(;;)
           switch(dbdata_type)
             {
             case type_retry:
-            retry = (dbdata_retry *)record;
-            /* length = sizeof(dbdata_retry) + Ustrlen(retry->text); */
-
-            switch(fieldno)
-              {
-              case 0:
-              retry->basic_errno = Uatoi(value);
-              break;
-
-              case 1:
-              retry->more_errno = Uatoi(value);
-              break;
-
-              case 2:
-              if ((tt = read_time(value)) > 0) retry->first_failed = tt;
-                else printf("bad time value\n");
-              break;
-
-              case 3:
-              if ((tt = read_time(value)) > 0) retry->last_try = tt;
-                else printf("bad time value\n");
-              break;
-
-              case 4:
-              if ((tt = read_time(value)) > 0) retry->next_try = tt;
-                else printf("bad time value\n");
-              break;
-
-              case 5:
-              if (Ustrcmp(value, "yes") == 0) retry->expired = TRUE;
-              else if (Ustrcmp(value, "no") == 0) retry->expired = FALSE;
-              else printf("\"yes\" or \"no\" expected=n");
-              break;
-
-              default:
-              printf("unknown field number\n");
-              verify = 0;
-              break;
-              }
-            break;
+          retry = (dbdata_retry *)record;
+          /* length = sizeof(dbdata_retry) + Ustrlen(retry->text); */
+
+          switch(fieldno)
+        {
+        case 0: retry->basic_errno = Uatoi(value);
+            break;
+        case 1: retry->more_errno = Uatoi(value);
+            break;
+        case 2: if ((tt = read_time(value)) > 0) retry->first_failed = tt;
+            else printf("bad time value\n");
+            break;
+        case 3: if ((tt = read_time(value)) > 0) retry->last_try = tt;
+            else printf("bad time value\n");
+            break;
+        case 4: if ((tt = read_time(value)) > 0) retry->next_try = tt;
+            else printf("bad time value\n");
+            break;
+        case 5: if (Ustrcmp(value, "yes") == 0) retry->expired = TRUE;
+            else if (Ustrcmp(value, "no") == 0) retry->expired = FALSE;
+            else printf("\"yes\" or \"no\" expected=n");
+            break;
+        default: printf("unknown field number\n");
+             verify = 0;
+             break;
+        }
+          break;


             case type_wait:
-            printf("Can't change contents of wait database record\n");
-            break;
+          printf("Can't change contents of wait database record\n");
+          break;


             case type_misc:
-            printf("Can't change contents of misc database record\n");
-            break;
+          printf("Can't change contents of misc database record\n");
+          break;


             case type_callout:
-            callout = (dbdata_callout_cache *)record;
-            /* length = sizeof(dbdata_callout_cache); */
-            switch(fieldno)
-              {
-              case 0:
-              callout->result = Uatoi(value);
-              break;
-
-              case 1:
-              callout->postmaster_result = Uatoi(value);
-              break;
-
-              case 2:
-              callout->random_result = Uatoi(value);
-              break;
-
-              default:
-              printf("unknown field number\n");
-              verify = 0;
-              break;
-              }
-            break;
+          callout = (dbdata_callout_cache *)record;
+          /* length = sizeof(dbdata_callout_cache); */
+          switch(fieldno)
+        {
+        case 0: callout->result = Uatoi(value);
+            break;
+        case 1: callout->postmaster_result = Uatoi(value);
+            break;
+        case 2: callout->random_result = Uatoi(value);
+            break;
+        default: printf("unknown field number\n");
+             verify = 0;
+             break;
+        }
+        break;


             case type_ratelimit:
-            ratelimit = (dbdata_ratelimit *)record;
-            switch(fieldno)
-              {
-              case 0:
-              if ((tt = read_time(value)) > 0) ratelimit->time_stamp = tt;
-                else printf("bad time value\n");
-              break;
-
-              case 1:
-              ratelimit->time_usec = Uatoi(value);
-              break;
-
-              case 2:
-              ratelimit->rate = Ustrtod(value, NULL);
-              break;
-
-              case 3:
-              if (Ustrstr(name, "/unique/") != NULL
-                && oldlength >= sizeof(dbdata_ratelimit_unique))
-                {
-                rate_unique = (dbdata_ratelimit_unique *)record;
-                if ((tt = read_time(value)) > 0) rate_unique->bloom_epoch = tt;
-                  else printf("bad time value\n");
-                break;
-                }
-              /* else fall through */
-
-              case 4:
-              case 5:
-              if (Ustrstr(name, "/unique/") != NULL
-                && oldlength >= sizeof(dbdata_ratelimit_unique))
-                {
-                /* see acl.c */
-                BOOL seen;
-                unsigned n, hash, hinc;
-                uschar md5sum[16];
-                md5 md5info;
-                md5_start(&md5info);
-                md5_end(&md5info, value, Ustrlen(value), md5sum);
-                hash = md5sum[0] <<  0 | md5sum[1] <<  8
-                     | md5sum[2] << 16 | md5sum[3] << 24;
-                hinc = md5sum[4] <<  0 | md5sum[5] <<  8
-                     | md5sum[6] << 16 | md5sum[7] << 24;
-                rate_unique = (dbdata_ratelimit_unique *)record;
-                seen = TRUE;
-                for (n = 0; n < 8; n++, hash += hinc)
-                  {
-                  int bit = 1 << (hash % 8);
-                  int byte = (hash / 8) % rate_unique->bloom_size;
-                  if ((rate_unique->bloom[byte] & bit) == 0)
-                    {
-                    seen = FALSE;
-                    if (fieldno == 5) rate_unique->bloom[byte] |= bit;
-                    }
-                  }
-                printf("%s %s\n",
-                  seen ? "seen" : fieldno == 5 ? "added" : "unseen", value);
-                break;
-                }
-              /* else fall through */
-
-              default:
-              printf("unknown field number\n");
-              verify = 0;
-              break;
-              }
-            break;
+          ratelimit = (dbdata_ratelimit *)record;
+          switch(fieldno)
+        {
+        case 0: if ((tt = read_time(value)) > 0) ratelimit->time_stamp = tt;
+            else printf("bad time value\n");
+            break;
+        case 1: ratelimit->time_usec = Uatoi(value);
+            break;
+        case 2: ratelimit->rate = Ustrtod(value, NULL);
+            break;
+        case 3: if (Ustrstr(name, "/unique/") != NULL
+                && oldlength >= sizeof(dbdata_ratelimit_unique))
+              {
+              rate_unique = (dbdata_ratelimit_unique *)record;
+              if ((tt = read_time(value)) > 0) rate_unique->bloom_epoch = tt;
+                else printf("bad time value\n");
+              break;
+              }
+            /* else fall through */
+        case 4:
+        case 5: if (Ustrstr(name, "/unique/") != NULL
+                && oldlength >= sizeof(dbdata_ratelimit_unique))
+              {
+              /* see acl.c */
+              BOOL seen;
+              unsigned hash, hinc;
+              uschar md5sum[16];
+              md5 md5info;
+              md5_start(&md5info);
+              md5_end(&md5info, value, Ustrlen(value), md5sum);
+              hash = md5sum[0] <<  0 | md5sum[1] <<  8
+                   | md5sum[2] << 16 | md5sum[3] << 24;
+              hinc = md5sum[4] <<  0 | md5sum[5] <<  8
+                   | md5sum[6] << 16 | md5sum[7] << 24;
+              rate_unique = (dbdata_ratelimit_unique *)record;
+              seen = TRUE;
+              for (unsigned n = 0; n < 8; n++, hash += hinc)
+                {
+                int bit = 1 << (hash % 8);
+                int byte = (hash / 8) % rate_unique->bloom_size;
+                if ((rate_unique->bloom[byte] & bit) == 0)
+                  {
+                  seen = FALSE;
+                  if (fieldno == 5) rate_unique->bloom[byte] |= bit;
+                  }
+                }
+              printf("%s %s\n",
+                seen ? "seen" : fieldno == 5 ? "added" : "unseen", value);
+              break;
+              }
+            /* else fall through */
+        default: printf("unknown field number\n");
+             verify = 0;
+             break;
+        }
+          break;
             }


           dbfn_write(dbm, name, record, oldlength);
@@ -998,79 +964,78 @@ for(;;)
     switch(dbdata_type)
       {
       case type_retry:
-      retry = (dbdata_retry *)record;
-      printf("0 error number: %d %s\n", retry->basic_errno, retry->text);
-      printf("1 extra data:   %d\n", retry->more_errno);
-      printf("2 first failed: %s\n", print_time(retry->first_failed));
-      printf("3 last try:     %s\n", print_time(retry->last_try));
-      printf("4 next try:     %s\n", print_time(retry->next_try));
-      printf("5 expired:      %s\n", (retry->expired)? "yes" : "no");
-      break;
+    retry = (dbdata_retry *)record;
+    printf("0 error number: %d %s\n", retry->basic_errno, retry->text);
+    printf("1 extra data:   %d\n", retry->more_errno);
+    printf("2 first failed: %s\n", print_time(retry->first_failed));
+    printf("3 last try:     %s\n", print_time(retry->last_try));
+    printf("4 next try:     %s\n", print_time(retry->next_try));
+    printf("5 expired:      %s\n", (retry->expired)? "yes" : "no");
+    break;


       case type_wait:
-      wait = (dbdata_wait *)record;
-      t = wait->text;
-      printf("Sequence: %d\n", wait->sequence);
-      if (wait->count > WAIT_NAME_MAX)
-        {
-        printf("**** Data corrupted: count=%d=0x%x max=%d ****\n", wait->count,
-          wait->count, WAIT_NAME_MAX);
-        wait->count = WAIT_NAME_MAX;
-        count_bad = 1;
-        }
-      for (i = 1; i <= wait->count; i++)
-        {
-        Ustrncpy(value, t, MESSAGE_ID_LENGTH);
-        value[MESSAGE_ID_LENGTH] = 0;
-        if (count_bad && value[0] == 0) break;
-        if (Ustrlen(value) != MESSAGE_ID_LENGTH ||
-            Ustrspn(value, "0123456789"
-                          "abcdefghijklmnopqrstuvwxyz"
-                          "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
-          {
-          int j;
-          printf("\n**** Data corrupted: bad character in message id ****\n");
-          for (j = 0; j < MESSAGE_ID_LENGTH; j++)
-            printf("%02x ", value[j]);
-          printf("\n");
-          break;
-          }
-        printf("%s ", value);
-        t += MESSAGE_ID_LENGTH;
-        }
-      printf("\n");
-      break;
+    wait = (dbdata_wait *)record;
+    t = wait->text;
+    printf("Sequence: %d\n", wait->sequence);
+    if (wait->count > WAIT_NAME_MAX)
+      {
+      printf("**** Data corrupted: count=%d=0x%x max=%d ****\n", wait->count,
+        wait->count, WAIT_NAME_MAX);
+      wait->count = WAIT_NAME_MAX;
+      count_bad = 1;
+      }
+    for (int i = 1; i <= wait->count; i++)
+      {
+      Ustrncpy(value, t, MESSAGE_ID_LENGTH);
+      value[MESSAGE_ID_LENGTH] = 0;
+      if (count_bad && value[0] == 0) break;
+      if (Ustrlen(value) != MESSAGE_ID_LENGTH ||
+          Ustrspn(value, "0123456789"
+                "abcdefghijklmnopqrstuvwxyz"
+                "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
+        {
+        printf("\n**** Data corrupted: bad character in message id ****\n");
+        for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
+          printf("%02x ", value[j]);
+        printf("\n");
+        break;
+        }
+      printf("%s ", value);
+      t += MESSAGE_ID_LENGTH;
+      }
+    printf("\n");
+    break;


       case type_misc:
-      break;
+    break;


       case type_callout:
-      callout = (dbdata_callout_cache *)record;
-      printf("0 callout:    %s (%d)\n", print_cache(callout->result),
-          callout->result);
-      if (oldlength > sizeof(dbdata_callout_cache_address))
-        {
-        printf("1 postmaster: %s (%d)\n", print_cache(callout->postmaster_result),
-            callout->postmaster_result);
-        printf("2 random:     %s (%d)\n", print_cache(callout->random_result),
-            callout->random_result);
-        }
-      break;
+    callout = (dbdata_callout_cache *)record;
+    printf("0 callout:    %s (%d)\n", print_cache(callout->result),
+        callout->result);
+    if (oldlength > sizeof(dbdata_callout_cache_address))
+      {
+      printf("1 postmaster: %s (%d)\n", print_cache(callout->postmaster_result),
+          callout->postmaster_result);
+      printf("2 random:     %s (%d)\n", print_cache(callout->random_result),
+          callout->random_result);
+      }
+    break;


       case type_ratelimit:
-      ratelimit = (dbdata_ratelimit *)record;
-      printf("0 time stamp:  %s\n", print_time(ratelimit->time_stamp));
-      printf("1 fract. time: .%06d\n", ratelimit->time_usec);
-      printf("2 sender rate: % .3f\n", ratelimit->rate);
-      if (Ustrstr(name, "/unique/") != NULL
-       && oldlength >= sizeof(dbdata_ratelimit_unique))
-       {
-       rate_unique = (dbdata_ratelimit_unique *)record;
-       printf("3 filter epoch: %s\n", print_time(rate_unique->bloom_epoch));
-       printf("4 test filter membership\n");
-       printf("5 add element to filter\n");
-       }
-      break;
+    ratelimit = (dbdata_ratelimit *)record;
+    printf("0 time stamp:  %s\n", print_time(ratelimit->time_stamp));
+    printf("1 fract. time: .%06d\n", ratelimit->time_usec);
+    printf("2 sender rate: % .3f\n", ratelimit->rate);
+    if (Ustrstr(name, "/unique/") != NULL
+     && oldlength >= sizeof(dbdata_ratelimit_unique))
+     {
+     rate_unique = (dbdata_ratelimit_unique *)record;
+     printf("3 filter epoch: %s\n", print_time(rate_unique->bloom_epoch));
+     printf("4 test filter membership\n");
+     printf("5 add element to filter\n");
+     }
+    break;
       }
     }


@@ -1245,10 +1210,9 @@ while (keychain)

     for (;;)
       {
-      int offset;
       int length = wait->count * MESSAGE_ID_LENGTH;


-      for (offset = length - MESSAGE_ID_LENGTH;
+      for (int offset = length - MESSAGE_ID_LENGTH;
            offset >= 0; offset -= MESSAGE_ID_LENGTH)
         {
         Ustrncpy(buffer+path_len, wait->text + offset, MESSAGE_ID_LENGTH);
@@ -1335,12 +1299,10 @@ while (keychain)
     if (*id++ != ':') continue;


     for (i = 0; i < MESSAGE_ID_LENGTH; i++)
-      {
       if (i == 6 || i == 13)
         { if (id[i] != '-') break; }
       else
         { if (!isalnum(id[i])) break; }
-      }
     if (i < MESSAGE_ID_LENGTH) continue;


     Ustrncpy(buffer + path_len, id, MESSAGE_ID_LENGTH);
diff --git a/src/src/expand.c b/src/src/expand.c
index b2a9217..ea10f99 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -1301,7 +1301,6 @@ static uschar *
 expand_getcertele(uschar * field, uschar * certvar)
 {
 var_entry * vp;
-certfield * cp;


if (!(vp = find_var_ent(certvar)))
{
@@ -1323,9 +1322,9 @@ if (!*(void **)vp->value)
if (*field >= '0' && *field <= '9')
return tls_cert_ext_by_oid(*(void **)vp->value, field, 0);

-for(cp = certfields;
-    cp < certfields + nelem(certfields);
-    cp++)
+for (certfield * cp = certfields;
+     cp < certfields + nelem(certfields);
+     cp++)
   if (Ustrncmp(cp->name, field, cp->namelen) == 0)
     {
     uschar * modifier = *(field += cp->namelen) == ','
@@ -1561,10 +1560,9 @@ find_header(uschar *name, int *newsize, unsigned flags, uschar *charset)
 BOOL found = !name;
 int len = name ? Ustrlen(name) : 0;
 BOOL comma = FALSE;
-header_line * h;
 gstring * g = NULL;


-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
   if (h->type != htype_old && h->text)  /* NULL => Received: placeholder */
     if (!name || (len <= h->slen && strncmpic(name, h->text, len) == 0))
       {
@@ -1705,11 +1703,10 @@ fn_recipients(void)
 {
 uschar * s;
 gstring * g = NULL;
-int i;


if (!f.enable_dollar_recipients) return NULL;

-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
{
s = recipients_list[i].address;
g = string_append2_listele_n(g, US", ", s, Ustrlen(s));
@@ -2028,11 +2025,10 @@ static int
read_subs(uschar **sub, int n, int m, const uschar **sptr, BOOL skipping,
BOOL check_end, uschar *name, BOOL *resetok)
{
-int i;
const uschar *s = *sptr;

 while (isspace(*s)) s++;
-for (i = 0; i < n; i++)
+for (int i = 0; i < n; i++)
   {
   if (*s != '{')
     {
@@ -2524,7 +2520,7 @@ switch(cond_type)
   case ECOND_STR_GE:
   case ECOND_STR_GEI:


-  for (i = 0; i < 2; i++)
+  for (int i = 0; i < 2; i++)
     {
     /* Sometimes, we don't expand substrings; too many insecure configurations
     created using match_address{}{} and friends, where the second param
@@ -2748,9 +2744,8 @@ switch(cond_type)
         }
       else if (sublen == 32)
         {
-        int i;
         uschar coded[36];
-        for (i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
+        for (int i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
         coded[32] = 0;
         DEBUG(D_auth) debug_printf("crypteq: using MD5+hex hashing\n"
           "  subject=%s\n  crypted=%s\n", coded, sub[1]+5);
@@ -2786,9 +2781,8 @@ switch(cond_type)
         }
       else if (sublen == 40)
         {
-        int i;
         uschar coded[44];
-        for (i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
+        for (int i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
         coded[40] = 0;
         DEBUG(D_auth) debug_printf("crypteq: using SHA1+hex hashing\n"
           "  subject=%s\n  crypted=%s\n", coded, sub[1]+6);
@@ -3145,8 +3139,7 @@ Returns:                the value of expand max to save
 static int
 save_expand_strings(uschar **save_expand_nstring, int *save_expand_nlength)
 {
-int i;
-for (i = 0; i <= expand_nmax; i++)
+for (int i = 0; i <= expand_nmax; i++)
   {
   save_expand_nstring[i] = expand_nstring[i];
   save_expand_nlength[i] = expand_nlength[i];
@@ -3174,9 +3167,8 @@ static void
 restore_expand_strings(int save_expand_nmax, uschar **save_expand_nstring,
   int *save_expand_nlength)
 {
-int i;
 expand_nmax = save_expand_nmax;
-for (i = 0; i <= expand_nmax; i++)
+for (int i = 0; i <= expand_nmax; i++)
   {
   expand_nstring[i] = save_expand_nstring[i];
   expand_nlength[i] = save_expand_nlength[i];
@@ -3465,7 +3457,6 @@ prvs_hmac_sha1(uschar *address, uschar *key, uschar *key_num, uschar *daystamp)
 {
 gstring * hash_source;
 uschar * p;
-int i;
 hctx h;
 uschar innerhash[20];
 uschar finalhash[20];
@@ -3490,7 +3481,7 @@ DEBUG(D_expand)
 memset(innerkey, 0x36, 64);
 memset(outerkey, 0x5c, 64);


-for (i = 0; i < Ustrlen(key); i++)
+for (int i = 0; i < Ustrlen(key); i++)
{
innerkey[i] ^= key[i];
outerkey[i] ^= key[i];
@@ -3505,7 +3496,7 @@ chash_mid(HMAC_SHA1, &h, outerkey);
chash_end(HMAC_SHA1, &h, innerhash, 20, finalhash);

p = finalhash_hex;
-for (i = 0; i < 3; i++)
+for (int i = 0; i < 3; i++)
{
*p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
*p++ = hex_digits[finalhash[i] & 0x0f];
@@ -3558,11 +3549,12 @@ static gstring *
cat_file_tls(void * tls_ctx, gstring * yield, uschar * eol)
{
int rc;
-uschar * s;
uschar buffer[1024];

+/*XXX could we read direct into a pre-grown string? */
+
 while ((rc = tls_read(tls_ctx, buffer, sizeof(buffer))) > 0)
-  for (s = buffer; rc--; s++)
+  for (uschar * s = buffer; rc--; s++)
     yield = eol && *s == '\n'
       ? string_cat(yield, eol) : string_catn(yield, s, 1);


@@ -5385,9 +5377,8 @@ while (*s != 0)
           }
         }


-      for (i = 0; i < 2; i++)
+      for (int i = 0; i < 2; i++) if (sub[i])
         {
-        if (sub[i] == NULL) continue;
         val[i] = (int)Ustrtol(sub[i], &ret, 10);
         if (*ret != 0 || (i != 0 && val[i] < 0))
           {
@@ -5425,7 +5416,7 @@ while (*s != 0)
       md5 md5_base;
       hctx sha1_ctx;
       void *use_base;
-      int type, i;
+      int type;
       int hashlen;      /* Number of octets for the hash algorithm's output */
       int hashblocklen; /* Number of octets the hash algorithm processes */
       uschar *keyptr, *p;
@@ -5487,7 +5478,7 @@ while (*s != 0)
     memset(innerkey, 0x36, hashblocklen);
     memset(outerkey, 0x5c, hashblocklen);


-    for (i = 0; i < keylen; i++)
+    for (int i = 0; i < keylen; i++)
       {
       innerkey[i] ^= keyptr[i];
       outerkey[i] ^= keyptr[i];
@@ -5506,7 +5497,7 @@ while (*s != 0)
     /* Encode the final hash as a hex string */


     p = finalhash_hex;
-    for (i = 0; i < hashlen; i++)
+    for (int i = 0; i < hashlen; i++)
       {
       *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
       *p++ = hex_digits[finalhash[i] & 0x0f];
@@ -5568,7 +5559,6 @@ while (*s != 0)
         int ovector[3*(EXPAND_MAXN+1)];
         int n = pcre_exec(re, NULL, CS subject, slen, moffset + moffsetextra,
           PCRE_EOPT | emptyopt, ovector, nelem(ovector));
-        int nn;
         uschar *insert;


         /* No match - if we previously set PCRE_NOTEMPTY after a null match, this
@@ -5594,7 +5584,7 @@ while (*s != 0)


         if (n == 0) n = EXPAND_MAXN + 1;
         expand_nmax = 0;
-        for (nn = 0; nn < n*2; nn += 2)
+        for (int nn = 0; nn < n*2; nn += 2)
           {
           expand_nstring[expand_nmax] = subject + ovector[nn];
           expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
@@ -5638,8 +5628,6 @@ while (*s != 0)


     case EITEM_EXTRACT:
       {
-      int i;
-      int j;
       int field_number = 1;
       BOOL field_number_set = FALSE;
       uschar *save_lookup_value = lookup_value;
@@ -5653,9 +5641,8 @@ while (*s != 0)
       /* Check for a format-variant specifier */


       if (*s != '{')                    /*}*/
-    {
-    if (Ustrncmp(s, "json", 4) == 0) {fmt = extract_json; s += 4;}
-    }
+    if (Ustrncmp(s, "json", 4) == 0)
+      {fmt = extract_json; s += 4;}


       /* While skipping we cannot rely on the data for expansions being
       available (eg. $item) hence cannot decide on numeric vs. keyed.
@@ -5663,7 +5650,7 @@ while (*s != 0)


       if (skipping)
     {
-        for (j = 5; j > 0 && *s == '{'; j--)            /*'}'*/
+        for (int j = 5; j > 0 && *s == '{'; j--)        /*'}'*/
       {
           if (!expand_string_internal(s+1, TRUE, &s, skipping, TRUE, &resetok))
         goto EXPAND_FAILED;                    /*'{'*/
@@ -5688,7 +5675,7 @@ while (*s != 0)
       }
     }


-      else for (i = 0, j = 2; i < j; i++) /* Read the proper number of arguments */
+      else for (int i = 0, j = 2; i < j; i++) /* Read the proper number of arguments */
         {
     while (isspace(*s)) s++;
         if (*s == '{')                         /*'}'*/
@@ -5858,7 +5845,6 @@ while (*s != 0)


     case EITEM_LISTEXTRACT:
       {
-      int i;
       int field_number = 1;
       uschar *save_lookup_value = lookup_value;
       uschar *sub[2];
@@ -5867,10 +5853,10 @@ while (*s != 0)


       /* Read the field & list arguments */


-      for (i = 0; i < 2; i++)
+      for (int i = 0; i < 2; i++)
         {
         while (isspace(*s)) s++;
-        if (*s != '{')                    /*}*/
+        if (*s != '{')                    /*'}'*/
       {
       expand_string_message = string_sprintf(
         "missing '{' for arg %d of listextract", i+1);
@@ -6444,8 +6430,7 @@ while (*s != 0)
       /* Look up the dynamically loaded object handle in the tree. If it isn't
       found, dlopen() the file and put the handle in the tree for next time. */


-      t = tree_search(dlobj_anchor, argv[0]);
-      if (t == NULL)
+      if (!(t = tree_search(dlobj_anchor, argv[0])))
         {
         void *handle = dlopen(CS argv[0], RTLD_LAZY);
         if (handle == NULL)
@@ -6736,10 +6721,9 @@ while (*s != 0)
       {
       md5 base;
       uschar digest[16];
-      int j;
       md5_start(&base);
       md5_end(&base, sub, Ustrlen(sub), digest);
-      for (j = 0; j < 16; j++)
+      for (int j = 0; j < 16; j++)
         yield = string_fmt_append(yield, "%02x", digest[j]);
       }
         continue;
@@ -6756,10 +6740,9 @@ while (*s != 0)
       {
       hctx h;
       uschar digest[20];
-      int j;
       sha1_start(&h);
       sha1_end(&h, sub, Ustrlen(sub), digest);
-      for (j = 0; j < 20; j++)
+      for (int j = 0; j < 20; j++)
         yield = string_fmt_append(yield, "%02X", digest[j]);
       }
         continue;
@@ -6830,7 +6813,7 @@ while (*s != 0)
         uschar *out = sub;
         uschar *enc;


-        for (enc = sub; *enc != 0; enc++)
+        for (enc = sub; *enc; enc++)
           {
           if (!isxdigit(*enc))
             {
@@ -6853,9 +6836,7 @@ while (*s != 0)
           if (isdigit(c)) c -= '0';
           else c = toupper(c) - 'A' + 10;
           if (b == -1)
-            {
             b = c << 4;
-            }
           else
             {
             *out++ = b | c;
@@ -7461,10 +7442,9 @@ while (*s != 0)


       case EOP_ESCAPE8BIT:
     {
-    const uschar * s = sub;
     uschar c;


-    for (s = sub; (c = *s); s++)
+    for (const uschar * s = sub; (c = *s); s++)
       yield = c < 127 && c != '\\'
         ? string_catn(yield, s, 1)
         : string_fmt_append(yield, "\\%03o", c);
@@ -7653,7 +7633,6 @@ while (*s != 0)
         {
         uschar smode[12];
         uschar **modetable[3];
-        int i;
         mode_t mode;
         struct stat st;


@@ -7684,7 +7663,7 @@ while (*s != 0)
         modetable[1] = ((mode & 02000) == 0)? mtable_normal : mtable_setid;
         modetable[2] = ((mode & 04000) == 0)? mtable_normal : mtable_setid;


-        for (i = 0; i < 3; i++)
+        for (int i = 0; i < 3; i++)
           {
           memcpy(CS(smode + 7 - i*3), CS(modetable[i][mode & 7]), 3);
           mode >>= 3;
@@ -8214,23 +8193,21 @@ assert_no_variables(void * ptr, int len, const char * filename, int linenumber)
 {
 err_ctx e = { .region_start = ptr, .region_end = US ptr + len,
           .var_name = NULL, .var_data = NULL };
-int i;
-var_entry * v;


/* check acl_ variables */
tree_walk(acl_var_c, assert_variable_notin, &e);
tree_walk(acl_var_m, assert_variable_notin, &e);

/* check auth<n> variables */
-for (i = 0; i < AUTH_VARS; i++) if (auth_vars[i])
+for (int i = 0; i < AUTH_VARS; i++) if (auth_vars[i])
assert_variable_notin(US"auth<n>", auth_vars[i], &e);

/* check regex<n> variables */
-for (i = 0; i < REGEX_VARS; i++) if (regex_vars[i])
+for (int i = 0; i < REGEX_VARS; i++) if (regex_vars[i])
assert_variable_notin(US"regex<n>", regex_vars[i], &e);

 /* check known-name variables */
-for (v = var_table; v < var_table + var_table_size; v++)
+for (var_entry * v = var_table; v < var_table + var_table_size; v++)
   if (v->type == vtype_stringptr)
     assert_variable_notin(US v->name, *(USS v->value), &e);


@@ -8267,9 +8244,8 @@ BOOL yield = n >= 0;
 if (n == 0) n = EXPAND_MAXN + 1;
 if (yield)
   {
-  int nn;
-  expand_nmax = (setup < 0)? 0 : setup + 1;
-  for (nn = (setup < 0)? 0 : 2; nn < n*2; nn += 2)
+  expand_nmax = setup < 0 ? 0 : setup + 1;
+  for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
     {
     expand_nstring[expand_nmax] = subject + ovector[nn];
     expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
@@ -8282,7 +8258,6 @@ return yield;


int main(int argc, uschar **argv)
{
-int i;
uschar buffer[1024];

debug_selector = D_v;
@@ -8290,7 +8265,7 @@ debug_file = stderr;
debug_fd = fileno(debug_file);
big_buffer = malloc(big_buffer_size);

-for (i = 1; i < argc; i++)
+for (int i = 1; i < argc; i++)
   {
   if (argv[i][0] == '+')
     {
diff --git a/src/src/hash.c b/src/src/hash.c
index 2ef64c8..eea2cb8 100644
--- a/src/src/hash.c
+++ b/src/src/hash.c
@@ -268,19 +268,18 @@ Returns:     nothing
 static void
 native_sha1_mid(sha1 *base, const uschar *text)
 {
-int i;
 uint A, B, C, D, E;
 uint W[80];


base->length += 64;

-for (i = 0; i < 16; i++)
+for (int i = 0; i < 16; i++)
{
W[i] = ((uint)text[0] << 24) | (text[1] << 16) | (text[2] << 8) | text[3];
text += 4;
}

-for (i = 16; i < 80; i++)
+for (int i = 16; i < 80; i++)
{
register unsigned int x = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
W[i] = (x << 1) | (x >> 31);
@@ -292,7 +291,7 @@ C = base->H[2];
D = base->H[3];
E = base->H[4];

-for (i = 0; i < 20; i++)
+for (int i = 0; i < 20; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + ((B & C) | ((~B) & D)) + E + W[i] + 0x5a827999;
@@ -303,7 +302,7 @@ for (i = 0; i < 20; i++)
A = T;
}

-for (i = 20; i < 40; i++)
+for (int i = 20; i < 40; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + (B ^ C ^ D) + E + W[i] + 0x6ed9eba1;
@@ -314,7 +313,7 @@ for (i = 20; i < 40; i++)
A = T;
}

-for (i = 40; i < 60; i++)
+for (int i = 40; i < 60; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + ((B & C) | (B & D) | (C & D)) + E + W[i] +
@@ -326,7 +325,7 @@ for (i = 40; i < 60; i++)
A = T;
}

-for (i = 60; i < 80; i++)
+for (int i = 60; i < 80; i++)
   {
   unsigned int T;
   T = ((A << 5) | (A >> 27)) + (B ^ C ^ D) + E + W[i] + 0xca62c1d6;
@@ -367,7 +366,6 @@ Returns:    nothing
 static void
 native_sha1_end(sha1 *base, const uschar *text, int length, uschar *digest)
 {
-int i;
 uschar work[64];


/* Process in chunks of 64 until we have less than 64 bytes left. */
@@ -420,7 +418,7 @@ native_sha1_mid(base, work);

/* Pass back the result, high-order byte first in each word. */

-for (i = 0; i < 5; i++)
+for (int i = 0; i < 5; i++)
   {
   register int x = base->H[i];
   *digest++ = (x >> 24) & 0xff;
diff --git a/src/src/header.c b/src/src/header.c
index 74df32c..dd82b2b 100644
--- a/src/src/header.c
+++ b/src/src/header.c
@@ -264,17 +264,14 @@ Returns:        nothing
 void
 header_remove(int occ, const uschar *name)
 {
-header_line *h;
 int hcount = 0;
 int len = Ustrlen(name);
-for (h = header_list; h != NULL; h = h->next)
-  {
+for (header_line * h = header_list; h; h = h->next)
   if (header_testname(h, name, len, TRUE) && (occ <= 0 || ++hcount == occ))
     {
     h->type = htype_old;
     if (occ > 0) return;
     }
-  }
 }



@@ -358,7 +355,6 @@ static BOOL
one_pattern_match(uschar *name, int slen, BOOL has_addresses, uschar *pattern)
{
BOOL yield = FALSE;
-header_line *h;
const pcre *re = NULL;

/* If the pattern is a regex, compile it. Bomb out if compiling fails; these
@@ -368,7 +364,7 @@ if (*pattern == '^') re = regex_must_compile(pattern, TRUE, FALSE);

/* Scan for the required header(s) and scan each one */

-for (h = header_list; !yield && h != NULL; h = h->next)
+for (header_line * h = header_list; !yield && h; h = h->next)
   {
   if (h->type == htype_old || slen > h->slen ||
       strncmpic(name, h->text, slen) != 0)
@@ -381,7 +377,7 @@ for (h = header_list; !yield && h != NULL; h = h->next)
     {
     uschar *s = h->text + slen;


-    while (!yield && *s != 0)
+    while (!yield && *s)
       {
       uschar *error, *next;
       uschar *e = parse_find_address_end(s, FALSE);
@@ -438,17 +434,14 @@ header_match(uschar *name, BOOL has_addresses, BOOL cond, string_item *strings,
   int count, ...)
 {
 va_list ap;
-string_item *s;
-int i;
 int slen = Ustrlen(name);


-for (s = strings; s != NULL; s = s->next)
-  {
-  if (one_pattern_match(name, slen, has_addresses, s->text)) return cond;
-  }
+for (string_item * s = strings; s; s = s->next)
+  if (one_pattern_match(name, slen, has_addresses, s->text))
+    return cond;


 va_start(ap, count);
-for (i = 0; i < count; i++)
+for (int i = 0; i < count; i++)
   if (one_pattern_match(name, slen, has_addresses, va_arg(ap, uschar *)))
     {
     va_end(ap);
diff --git a/src/src/host.c b/src/src/host.c
index 29c977f..eda56d7 100644
--- a/src/src/host.c
+++ b/src/src/host.c
@@ -179,7 +179,6 @@ uschar **alist;
 struct hostent *yield;
 dns_answer dnsa;
 dns_scan dnss;
-dns_record *rr;


DEBUG(D_host_lookup)
debug_printf("using host_fake_gethostbyname for %s (%s)\n", name,
@@ -192,13 +191,11 @@ if (Ustrcmp(name, "localhost") == 0)

/* Handle a literal IP address */

-ipa = string_is_ip_address(lname, NULL);
-if (ipa != 0)
+if ((ipa = string_is_ip_address(lname, NULL)) != 0)
   {
   if ((ipa == 4 && af == AF_INET) ||
       (ipa == 6 && af == AF_INET6))
     {
-    int i, n;
     int x[4];
     yield = store_get(sizeof(struct hostent));
     alist = store_get(2 * sizeof(char *));
@@ -209,8 +206,7 @@ if (ipa != 0)
     yield->h_length = alen;
     yield->h_addr_list = CSS alist;
     *alist++ = adds;
-    n = host_aton(lname, x);
-    for (i = 0; i < n; i++)
+    for (int n = host_aton(lname, x), i = 0; i < n; i++)
       {
       int y = x[i];
       *adds++ = (y >> 24) & 255;
@@ -250,11 +246,10 @@ else
     case DNS_FAIL:    *error_num = NO_RECOVERY; return NULL;
     }


-  for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+  for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
        rr;
-       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
-    if (rr->type == type)
-      count++;
+       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
+    count++;


yield = store_get(sizeof(struct hostent));
alist = store_get((count + 1) * sizeof(char *));
@@ -266,18 +261,15 @@ else
yield->h_length = alen;
yield->h_addr_list = CSS alist;

-  for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+  for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
        rr;
-       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
     {
-    int i, n;
     int x[4];
     dns_address *da;
-    if (rr->type != type) continue;
     if (!(da = dns_address_from_rr(&dnsa, rr))) break;
     *alist++ = adds;
-    n = host_aton(da->address, x);
-    for (i = 0; i < n; i++)
+    for (int n = host_aton(da->address, x), i = 0; i < n; i++)
       {
       int y = x[i];
       *adds++ = (y >> 24) & 255;
@@ -805,7 +797,7 @@ static ip_address_item *
 add_unique_interface(ip_address_item *list, ip_address_item *ipa)
 {
 ip_address_item *ipa2;
-for (ipa2 = list; ipa2 != NULL; ipa2 = ipa2->next)
+for (ipa2 = list; ipa2; ipa2 = ipa2->next)
   if (Ustrcmp(ipa2->address, ipa->address) == 0) return list;
 ipa2 = store_get_perm(sizeof(ip_address_item));
 *ipa2 = *ipa;
@@ -830,27 +822,25 @@ if (local_interface_data == NULL)
     US"extra_local_interfaces");
   ip_address_item *ipa;


-  if (dlist == NULL) dlist = xlist; else
+  if (!dlist) dlist = xlist;
+  else
     {
-    for (ipa = dlist; ipa->next != NULL; ipa = ipa->next);
+    for (ipa = dlist; ipa->next; ipa = ipa->next) ;
     ipa->next = xlist;
     }


-  for (ipa = dlist; ipa != NULL; ipa = ipa->next)
+  for (ipa = dlist; ipa; ipa = ipa->next)
     {
     if (Ustrcmp(ipa->address, "0.0.0.0") == 0 ||
         Ustrcmp(ipa->address, "::0") == 0)
       {
-      ip_address_item *ipa2;
       BOOL ipv6 = ipa->address[0] == ':';
-      if (running_interfaces == NULL)
+      if (!running_interfaces)
         running_interfaces = os_find_running_interfaces();
-      for (ipa2 = running_interfaces; ipa2 != NULL; ipa2 = ipa2->next)
-        {
+      for (ip_address_item * ipa2 = running_interfaces; ipa2; ipa2 = ipa2->next)
         if ((Ustrchr(ipa2->address, ':') != NULL) == ipv6)
           local_interface_data = add_unique_interface(local_interface_data,
-          ipa2);
-        }
+                              ipa2);
       }
     else
       {
@@ -1088,9 +1078,8 @@ Returns:       nothing
 void
 host_mask(int count, int *binary, int mask)
 {
-int i;
 if (mask < 0) mask = 99999;
-for (i = 0; i < count; i++)
+for (int i = 0; i < count; i++)
   {
   int wordmask;
   if (mask == 0) wordmask = 0;
@@ -1137,17 +1126,17 @@ Returns:      the number of characters placed in buffer, not counting
 int
 host_nmtoa(int count, int *binary, int mask, uschar *buffer, int sep)
 {
-int i, j;
+int j;
 uschar *tt = buffer;


 if (count == 1)
   {
   j = binary[0];
-  for (i = 24; i >= 0; i -= 8)
+  for (int i = 24; i >= 0; i -= 8)
     tt += sprintf(CS tt, "%d.", (j >> i) & 255);
   }
 else
-  for (i = 0; i < 4; i++)
+  for (int i = 0; i < 4; i++)
     {
     j = binary[i];
     tt += sprintf(CS tt, "%04x%c%04x%c", (j >> 16) & 0xffff, sep, j & 0xffff, sep);
@@ -1277,7 +1266,6 @@ Returns:
 BOOL
 host_is_in_net(const uschar *host, const uschar *net, int maskoffset)
 {
-int i;
 int address[4];
 int incoming[4];
 int mlen;
@@ -1310,7 +1298,7 @@ if (insize != size) return FALSE;


/* Else do the masked comparison. */

-for (i = 0; i < size; i++)
+for (int i = 0; i < size; i++)
{
int mask;
if (mlen == 0) mask = 0;
@@ -1405,9 +1393,8 @@ for (h = host; h != last->next; h = h->next)

   if (h->address != NULL)
     {
-    ip_address_item *ip;
     if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL;
-    for (ip = local_interface_data; ip != NULL; ip = ip->next)
+    for (ip_address_item * ip = local_interface_data; ip; ip = ip->next)
       if (Ustrcmp(h->address, ip->address) == 0) goto FOUND_LOCAL;
     yield = HOST_FOUND;  /* At least one remote address has been found */
     }
@@ -1590,13 +1577,13 @@ while (*s != 0) *t++ = tolower(*s++);


/* If the host has aliases, build a copy of the alias list */

-if (hosts->h_aliases != NULL)
+if (hosts->h_aliases)
   {
   int count = 1;
-  uschar **aliases, **ptr;
-  for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++) count++;
+  uschar **ptr;
+  for (uschar ** aliases = USS hosts->h_aliases; *aliases; aliases++) count++;
   ptr = sender_host_aliases = store_get_perm(count * sizeof(uschar *));
-  for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++)
+  for (uschar ** aliases = USS hosts->h_aliases; *aliases; aliases++)
     {
     uschar *s = *aliases;
     int len = Ustrlen(s) + 1;
@@ -1655,12 +1642,11 @@ host_name_lookup(void)
 {
 int old_pool, rc;
 int sep = 0;
-uschar *hname, *save_hostname;
+uschar *save_hostname;
 uschar **aliases;
 uschar buffer[256];
 uschar *ordername;
 const uschar *list = host_lookup_order;
-dns_record *rr;
 dns_answer dnsa;
 dns_scan dnss;


@@ -1712,11 +1698,10 @@ while ((ordername = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))

       store_pool = POOL_PERM;        /* Save names in permanent storage */


-      for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+      for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
            rr;
-           rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
-        if (rr->type == T_PTR)
-      count++;
+           rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == T_PTR)
+    count++;


       /* Get store for the list of aliases. For compatibility with
       gethostbyaddr, we make an empty list if there are none. */
@@ -1725,13 +1710,11 @@ while ((ordername = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))


       /* Re-scan and extract the names */


-      for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+      for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
            rr;
-           rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+           rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == T_PTR)
         {
-        uschar *s = NULL;
-        if (rr->type != T_PTR) continue;
-        s = store_get(ssize);
+        uschar * s = store_get(ssize);


         /* If an overlong response was received, the data will have been
         truncated and dn_expand may fail. */
@@ -1826,7 +1809,7 @@ the names, and accepts only those that have the correct IP address. */


 save_hostname = sender_host_name;   /* Save for error messages */
 aliases = sender_host_aliases;
-for (hname = sender_host_name; hname; hname = *aliases++)
+for (uschar * hname = sender_host_name; hname; hname = *aliases++)
   {
   int rc;
   BOOL ok = FALSE;
@@ -1839,7 +1822,6 @@ for (hname = sender_host_name; hname; hname = *aliases++)
      || rc == HOST_FOUND_LOCAL
      )
     {
-    host_item *hh;
     HDEBUG(D_host_lookup) debug_printf("checking addresses for %s\n", hname);


     /* If the forward lookup was not secure we cancel the is-secure variable */
@@ -1848,7 +1830,7 @@ for (hname = sender_host_name; hname; hname = *aliases++)
       h.dnssec == DS_YES ? "DNSSEC verified (AD)" : "unverified");
     if (h.dnssec != DS_YES) sender_host_dnssec = FALSE;


-    for (hh = &h; hh; hh = hh->next)
+    for (host_item * hh = &h; hh; hh = hh->next)
       if (host_is_in_net(hh->address, sender_host_address, 0))
         {
         HDEBUG(D_host_lookup) debug_printf("  %s OK\n", hh->address);
@@ -1959,8 +1941,7 @@ int
 host_find_byname(host_item *host, const uschar *ignore_target_hosts, int flags,
   const uschar **fully_qualified_name, BOOL local_host_check)
 {
-int i, yield, times;
-uschar **addrlist;
+int yield, times;
 host_item *last = NULL;
 BOOL temp_error = FALSE;
 #if HAVE_IPV6
@@ -2007,7 +1988,7 @@ f.host_find_failed_syntax = FALSE;


/* Loop to look up both kinds of address in an IPv6 world */

-for (i = 1; i <= times;
+for (int i = 1; i <= times;
      #if HAVE_IPV6
        af = AF_INET,     /* If 2 passes, IPv4 on the second */
      #endif
@@ -2097,7 +2078,7 @@ for (i = 1; i <= times;


ipv4_addr = hostdata->h_length == sizeof(struct in_addr);

-  for (addrlist = USS hostdata->h_addr_list; *addrlist != NULL; addrlist++)
+  for (uschar ** addrlist = USS hostdata->h_addr_list; *addrlist; addrlist++)
     {
     uschar *text_address =
       host_ntoa(ipv4_addr? AF_INET:AF_INET6, *addrlist, NULL, NULL);
@@ -2177,8 +2158,7 @@ yield = local_host_check?


 HDEBUG(D_host_lookup)
   {
-  const host_item *h;
-  if (fully_qualified_name != NULL)
+  if (fully_qualified_name)
     debug_printf("fully qualified name = %s\n", *fully_qualified_name);
   debug_printf("%s looked up these IP addresses:\n",
     #if HAVE_IPV6
@@ -2191,9 +2171,9 @@ HDEBUG(D_host_lookup)
     "gethostbyname"
     #endif
     );
-  for (h = host; h != last->next; h = h->next)
+  for (const host_item * h = host; h != last->next; h = h->next)
     debug_printf("  name=%s address=%s\n", h->name,
-      (h->address == NULL)? US"<null>" : h->address);
+      h->address ? h->address : US"<null>");
   }


 /* Return the found status. */
@@ -2272,7 +2252,6 @@ set_address_from_dns(host_item *host, host_item **lastptr,
   const uschar **fully_qualified_name,
   BOOL dnssec_request, BOOL dnssec_require, int whichrrs)
 {
-dns_record *rr;
 host_item *thishostlast = NULL;    /* Indicates not yet filled in anything */
 BOOL v6_find_again = FALSE;
 BOOL dnssec_fail = FALSE;
@@ -2395,104 +2374,101 @@ for (; i >= 0; i--)


fully_qualified_name = NULL;

-  for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+  for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
        rr;
-       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+       rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
     {
-    if (rr->type == type)
-      {
-      dns_address *da = dns_address_from_rr(&dnsa, rr);
+    dns_address * da = dns_address_from_rr(&dnsa, rr);


-      DEBUG(D_host_lookup)
-        if (!da) debug_printf("no addresses extracted from A6 RR for %s\n",
-            host->name);
+    DEBUG(D_host_lookup)
+      if (!da) debug_printf("no addresses extracted from A6 RR for %s\n",
+      host->name);


-      /* This loop runs only once for A and AAAA records, but may run
-      several times for an A6 record that generated multiple addresses. */
+    /* This loop runs only once for A and AAAA records, but may run
+    several times for an A6 record that generated multiple addresses. */


-      for (; da; da = da->next)
-        {
-        #ifndef STAND_ALONE
-        if (ignore_target_hosts != NULL &&
-              verify_check_this_host(&ignore_target_hosts, NULL,
-                host->name, da->address, NULL) == OK)
-          {
-          DEBUG(D_host_lookup)
-            debug_printf("ignored host %s [%s]\n", host->name, da->address);
-          continue;
-          }
-        #endif
+    for (; da; da = da->next)
+      {
+      #ifndef STAND_ALONE
+      if (ignore_target_hosts != NULL &&
+        verify_check_this_host(&ignore_target_hosts, NULL,
+          host->name, da->address, NULL) == OK)
+    {
+    DEBUG(D_host_lookup)
+      debug_printf("ignored host %s [%s]\n", host->name, da->address);
+    continue;
+    }
+      #endif


-        /* If this is the first address, stick it in the given host block,
-        and change the name if the returned RR has a different name. */
+      /* If this is the first address, stick it in the given host block,
+      and change the name if the returned RR has a different name. */


-        if (thishostlast == NULL)
-          {
-          if (strcmpic(host->name, rr->name) != 0)
-            host->name = string_copy_dnsdomain(rr->name);
-          host->address = da->address;
-          host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
-          host->status = hstatus_unknown;
-          host->why = hwhy_unknown;
-          thishostlast = host;
-          }
+      if (thishostlast == NULL)
+    {
+    if (strcmpic(host->name, rr->name) != 0)
+      host->name = string_copy_dnsdomain(rr->name);
+    host->address = da->address;
+    host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
+    host->status = hstatus_unknown;
+    host->why = hwhy_unknown;
+    thishostlast = host;
+    }


-        /* Not the first address. Check for, and ignore, duplicates. Then
-        insert in the chain at a random point. */
+      /* Not the first address. Check for, and ignore, duplicates. Then
+      insert in the chain at a random point. */


-        else
-          {
-          int new_sort_key;
-          host_item *next;
-
-          /* End of our local chain is specified by "thishostlast". */
-
-          for (next = host;; next = next->next)
-            {
-            if (Ustrcmp(CS da->address, next->address) == 0) break;
-            if (next == thishostlast) { next = NULL; break; }
-            }
-          if (next != NULL) continue;  /* With loop for next address */
-
-          /* Not a duplicate */
-
-          new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
-          next = store_get(sizeof(host_item));
-
-          /* New address goes first: insert the new block after the first one
-          (so as not to disturb the original pointer) but put the new address
-          in the original block. */
-
-          if (new_sort_key < host->sort_key)
-            {
-            *next = *host;                                  /* Copies port */
-            host->next = next;
-            host->address = da->address;
-            host->sort_key = new_sort_key;
-            if (thishostlast == host) thishostlast = next;  /* Local last */
-            if (*lastptr == host) *lastptr = next;          /* Global last */
-            }
-
-          /* Otherwise scan down the addresses for this host to find the
-          one to insert after. */
-
-          else
-            {
-            host_item *h = host;
-            while (h != thishostlast)
-              {
-              if (new_sort_key < h->next->sort_key) break;
-              h = h->next;
-              }
-            *next = *h;                                 /* Copies port */
-            h->next = next;
-            next->address = da->address;
-            next->sort_key = new_sort_key;
-            if (h == thishostlast) thishostlast = next; /* Local last */
-            if (h == *lastptr) *lastptr = next;         /* Global last */
-            }
-          }
-        }
+      else
+    {
+    int new_sort_key;
+    host_item *next;
+
+    /* End of our local chain is specified by "thishostlast". */
+
+    for (next = host;; next = next->next)
+      {
+      if (Ustrcmp(CS da->address, next->address) == 0) break;
+      if (next == thishostlast) { next = NULL; break; }
+      }
+    if (next != NULL) continue;  /* With loop for next address */
+
+    /* Not a duplicate */
+
+    new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
+    next = store_get(sizeof(host_item));
+
+    /* New address goes first: insert the new block after the first one
+    (so as not to disturb the original pointer) but put the new address
+    in the original block. */
+
+    if (new_sort_key < host->sort_key)
+      {
+      *next = *host;                                  /* Copies port */
+      host->next = next;
+      host->address = da->address;
+      host->sort_key = new_sort_key;
+      if (thishostlast == host) thishostlast = next;  /* Local last */
+      if (*lastptr == host) *lastptr = next;          /* Global last */
+      }
+
+    /* Otherwise scan down the addresses for this host to find the
+    one to insert after. */
+
+    else
+      {
+      host_item *h = host;
+      while (h != thishostlast)
+        {
+        if (new_sort_key < h->next->sort_key) break;
+        h = h->next;
+        }
+      *next = *h;                                 /* Copies port */
+      h->next = next;
+      next->address = da->address;
+      next->sort_key = new_sort_key;
+      if (h == thishostlast) thishostlast = next; /* Local last */
+      if (h == *lastptr) *lastptr = next;         /* Global last */
+      }
+    }
       }
     }
   }
@@ -2561,7 +2537,6 @@ host_find_bydns(host_item *host, const uschar *ignore_target_hosts, int whichrrs
   const uschar **fully_qualified_name, BOOL *removed)
 {
 host_item *h, *last;
-dns_record *rr;
 int rc = DNS_FAIL;
 int ind_type = 0;
 int yield;
@@ -2743,18 +2718,15 @@ if (rc != DNS_SUCCEED)
     if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED;  /* No special action */


   DEBUG(D_host_lookup)
-    {
-    host_item *h;
-    if (host->address != NULL)
+    if (host->address)
       {
-      if (fully_qualified_name != NULL)
+      if (fully_qualified_name)
         debug_printf("fully qualified name = %s\n", *fully_qualified_name);
-      for (h = host; h != last->next; h = h->next)
+      for (host_item * h = host; h != last->next; h = h->next)
         debug_printf("%s %s mx=%d sort=%d %s\n", h->name,
-          (h->address == NULL)? US"<null>" : h->address, h->mx, h->sort_key,
-          (h->status >= hstatus_unusable)? US"*" : US"");
+          h->address ? h->address : US"<null>", h->mx, h->sort_key,
+          h->status >= hstatus_unusable ? US"*" : US"");
       }
-    }


yield = rc;
goto out;
@@ -2782,7 +2754,7 @@ host which is not the primary hostname. */

 last = NULL;    /* Indicates that not even the first item is filled yet */


-for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
      rr;
      rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == ind_type)
   {
@@ -2931,7 +2903,7 @@ remaining in the same priority group. */


if (ind_type == T_SRV)
{
- host_item **pptr;
+ host_item ** pptr;

   if (host == last && host->name[0] == 0)
     {
@@ -3154,14 +3126,14 @@ if (rc != HOST_FIND_FAILED) yield = rc;


 DEBUG(D_host_lookup)
   {
-  if (fully_qualified_name != NULL)
+  if (fully_qualified_name)
     debug_printf("fully qualified name = %s\n", *fully_qualified_name);
   debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n",
-    (yield == HOST_FOUND)? "HOST_FOUND" :
-    (yield == HOST_FOUND_LOCAL)? "HOST_FOUND_LOCAL" :
-    (yield == HOST_FIND_SECURITY)? "HOST_FIND_SECURITY" :
-    (yield == HOST_FIND_AGAIN)? "HOST_FIND_AGAIN" :
-    (yield == HOST_FIND_FAILED)? "HOST_FIND_FAILED" : "?",
+    yield == HOST_FOUND        ? "HOST_FOUND" :
+    yield == HOST_FOUND_LOCAL    ? "HOST_FOUND_LOCAL" :
+    yield == HOST_FIND_SECURITY    ? "HOST_FIND_SECURITY" :
+    yield == HOST_FIND_AGAIN    ? "HOST_FIND_AGAIN" :
+    yield == HOST_FIND_FAILED    ? "HOST_FIND_FAILED" : "?",
     yield);
   for (h = host; h != last->next; h = h->next)
     {
@@ -3307,7 +3279,6 @@ printf("Testing host_aton\n");
 printf("> ");
 while (Ufgets(buffer, 256, stdin) != NULL)
   {
-  int i;
   int x[4];
   int len = Ustrlen(buffer);


@@ -3318,7 +3289,7 @@ while (Ufgets(buffer, 256, stdin) != NULL)

   len = host_aton(buffer, x);
   printf("length = %d ", len);
-  for (i = 0; i < len; i++)
+  for (int i = 0; i < len; i++)
     {
     printf("%04x ", (x[i] >> 16) & 0xffff);
     printf("%04x ", x[i] & 0xffff);
diff --git a/src/src/imap_utf7.c b/src/src/imap_utf7.c
index 501ceaf..aac0fef 100644
--- a/src/src/imap_utf7.c
+++ b/src/src/imap_utf7.c
@@ -14,7 +14,7 @@ static uschar encode_base64[64] =
 size_t slen;
 uschar *sptr;
 gstring * yield = NULL;
-int i = 0, j;    /* compiler quietening */
+int i = 0;    /* compiler quietening */
 uschar c = 0;    /* compiler quietening */
 BOOL base64mode = FALSE;
 BOOL lastsep = FALSE;
@@ -106,7 +106,7 @@ while (slen > 0)
         i = 0;
         }


-      for (j = 0; j < 2; j++, s++) switch (i++)
+      for (int j = 0; j < 2; j++, s++) switch (i++)
     {
     case 0:
       /* Top 6 bits of the first octet */
diff --git a/src/src/ip.c b/src/src/ip.c
index 552f7dc..ff76b38 100644
--- a/src/src/ip.c
+++ b/src/src/ip.c
@@ -394,9 +394,8 @@ int
 ip_connectedsocket(int type, const uschar * hostname, int portlo, int porthi,
       int timeout, host_item * connhost, uschar ** errstr, const blob * fastopen_blob)
 {
-int namelen, port;
+int namelen;
 host_item shost;
-host_item *h;
 int af = 0, fd, fd4 = -1, fd6 = -1;


shost.next = NULL;
@@ -440,7 +439,7 @@ else

/* Try to connect to the server - test each IP till one works */

-for (h = &shost; h; h = h->next)
+for (host_item * h = &shost; h; h = h->next)
   {
   fd = Ustrchr(h->address, ':') != 0
     ? fd6 < 0 ? (fd6 = ip_socket(type, af = AF_INET6)) : fd6
@@ -452,7 +451,7 @@ for (h = &shost; h; h = h->next)
     goto bad;
     }


-  for(port = portlo; port <= porthi; port++)
+  for (int port = portlo; port <= porthi; port++)
     if (ip_connect(fd, af, h->address, port, timeout, fastopen_blob) == 0)
       {
       if (fd != fd6) close(fd6);
@@ -835,8 +834,7 @@ return FALSE;
 void
 dscp_list_to_stream(FILE *stream)
 {
-int i;
-for (i=0; i < dscp_table_size; ++i)
+for (int i = 0; i < dscp_table_size; ++i)
   fprintf(stream, "%s\n", dscp_table[i].name);
 }


diff --git a/src/src/log.c b/src/src/log.c
index d082000..4905b6d 100644
--- a/src/src/log.c
+++ b/src/src/log.c
@@ -142,7 +142,7 @@ Returns:         nothing
 static void
 write_syslog(int priority, const uschar *s)
 {
-int len, pass;
+int len;
 int linecount = 0;


if (!syslog_pid && LOGGING(pid))
@@ -171,12 +171,10 @@ if (!syslog_open && !f.running_in_test_harness)
/* First do a scan through the message in order to determine how many lines
it is going to end up as. Then rescan to output it. */

-for (pass = 0; pass < 2; pass++)
+for (int pass = 0; pass < 2; pass++)
   {
-  int i;
-  int tlen;
   const uschar * ss = s;
-  for (i = 1, tlen = len; tlen > 0; i++)
+  for (int i = 1, tlen = len; tlen > 0; i++)
     {
     int plen = tlen;
     uschar *nlptr = Ustrchr(ss, '\n');
@@ -1045,8 +1043,6 @@ headers. */


 if (flags & LOG_REJECT)
   {
-  header_line *h;
-
   if (header_list && LOGGING(rejected_header))
     {
     uschar * p = g->s + g->ptr;
@@ -1087,7 +1083,7 @@ if (flags & LOG_REJECT)


     /* A header with a NULL text is an unfilled in Received: header */


-    for (h = header_list; h; h = h->next) if (h->text)
+    for (header_line * h = header_list; h; h = h->next) if (h->text)
       {
       BOOL fitted = string_format(p, LOG_BUFFER_SIZE - g->ptr,
         "%c %s", h->type, h->text);
diff --git a/src/src/lookups/cdb.c b/src/src/lookups/cdb.c
index 153fcf2..7c738eb 100644
--- a/src/src/lookups/cdb.c
+++ b/src/src/lookups/cdb.c
@@ -293,7 +293,6 @@ hash_offset_entry,
 hash_offset,
 hash_offlen,
 hash_slotnm;
-int loop;


/* Keep picky compilers happy */
do_cache = do_cache;
@@ -335,7 +334,7 @@ if (cdbp->cdb_map != NULL)
uschar * cur_pos = cur_offset + cdbp->cdb_map;
uschar * end_pos = end_offset + cdbp->cdb_map;

-  for (loop = 0; (loop < hash_offlen); ++loop)
+  for (int loop = 0; (loop < hash_offlen); ++loop)
     {
     item_hash = cdb_unpack(cur_pos);
     cur_pos += 4;
@@ -386,7 +385,7 @@ if (cdbp->cdb_map != NULL)


#endif /* HAVE_MMAP */

-for (loop = 0; (loop < hash_offlen); ++loop)
+for (int loop = 0; (loop < hash_offlen); ++loop)
{
uschar packbuf[8];

@@ -462,14 +461,15 @@ cdb_close(void *handle)
struct cdb_state * cdbp = handle;

 #ifdef HAVE_MMAP
- if (cdbp->cdb_map) {
-   munmap(CS cdbp->cdb_map, cdbp->filelen);
-   if (cdbp->cdb_map == cdbp->cdb_offsets)
+if (cdbp->cdb_map)
+  {
+  munmap(CS cdbp->cdb_map, cdbp->filelen);
+  if (cdbp->cdb_map == cdbp->cdb_offsets)
      cdbp->cdb_offsets = NULL;
- }
+  }
 #endif /* HAVE_MMAP */


- (void)close(cdbp->fileno);
+(void)close(cdbp->fileno);
}


diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c
index e75bd1e..aea2eba 100644
--- a/src/src/lookups/dnsdb.c
+++ b/src/src/lookups/dnsdb.c
@@ -150,7 +150,6 @@ store as possible later, so we preallocate the result here */

gstring * yield = string_get(256);

-dns_record * rr;
dns_answer dnsa;
dns_scan dnss;

@@ -378,7 +377,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))

     /* Search the returned records */


-    for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
+    for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
          rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
       {
       if (*do_cache > rr->ttl)
@@ -386,8 +385,7 @@ while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))


       if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
         {
-        dns_address *da;
-        for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
+        for (dns_address * da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
           {
           if (yield->ptr) yield = string_catn(yield, outsep, 1);
           yield = string_cat(yield, da->address);
diff --git a/src/src/lookups/ibase.c b/src/src/lookups/ibase.c
index e52ca27..5ae9666 100644
--- a/src/src/lookups/ibase.c
+++ b/src/src/lookups/ibase.c
@@ -112,12 +112,12 @@ perform_ibase_search(uschar * query, uschar * server, uschar ** resultptr,
 isc_stmt_handle stmth = NULL;
 XSQLDA *out_sqlda;
 XSQLVAR *var;
+int i;


char buffer[256];
ISC_STATUS status[20], *statusp = status;

gstring * result;
-int i;
int yield = DEFER;
ibase_connection *cn;
uschar *server_copy = NULL;
@@ -128,7 +128,7 @@ database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */

-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '|');

@@ -189,7 +189,7 @@ else

 if (cn->dbh == NULL || cn->transh == NULL)
   {
-  char *dpb, *p;
+  char *dpb;
   short dpb_length;
   static char trans_options[] =
       { isc_tpb_version3, isc_tpb_read, isc_tpb_read_committed,
@@ -201,11 +201,11 @@ if (cn->dbh == NULL || cn->transh == NULL)
   *dpb++ = isc_dpb_version1;
   *dpb++ = isc_dpb_user_name;
   *dpb++ = strlen(sdata[1]);
-  for (p = sdata[1]; *p;)
+  for (char * p = sdata[1]; *p;)
       *dpb++ = *p++;
   *dpb++ = isc_dpb_password;
   *dpb++ = strlen(sdata[2]);
-  for (p = sdata[2]; *p;)
+  for (char * p = sdata[2]; *p;)
       *dpb++ = *p++;
   dpb_length = dpb - buffer;


@@ -373,7 +373,7 @@ while (isc_dsql_fetch(status, &stmth, out_sqlda->version, out_sqlda) != 100L)
     }


   else
-    for (i = 0; i < out_sqlda->sqld; i++)
+    for (int i = 0; i < out_sqlda->sqld; i++)
       {
       int len = fetch_field(buffer, sizeof(buffer), &out_sqlda->sqlvar[i]);


@@ -388,10 +388,8 @@ while (isc_dsql_fetch(status, &stmth, out_sqlda->version, out_sqlda) != 100L)

       else if (buffer[0] == 0 || Ustrchr(buffer, ' ') != NULL)
     {
-    int j;
-
     result = string_catn(result, US "\"", 1);
-    for (j = 0; j < len; j++)
+    for (int j = 0; j < len; j++)
       {
       if (buffer[j] == '\"' || buffer[j] == '\\')
           result = string_cat(result, US "\\", 1);
diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index 63c0edf..f773186 100644
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -143,8 +143,6 @@ LDAP_CONNECTION *lcp;
 struct timeval timeout;
 struct timeval *timeoutptr = NULL;


-uschar *attr;
-uschar **attrp;
gstring * data = NULL;
uschar *dn = NULL;
uschar *host;
@@ -245,7 +243,7 @@ if (host)

/* Count the attributes; we need this later to tell us how to format results */

-for (attrp = USS ludp->lud_attrs; attrp && *attrp; attrp++)
+for (uschar ** attrp = USS ludp->lud_attrs; attrp && *attrp; attrp++)
attrs_requested++;

 /* See if we can find a cached connection to this host. The port is not
@@ -730,7 +728,7 @@ while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) ==
     sequence of name=value pairs, separated by (space), with the value always in quotes.
     If there are multiple values, they are given within the quotes, comma separated. */


-    else for (attr = US ldap_first_attribute(lcp->ld, e, &ber);
+    else for (uschar * attr = US ldap_first_attribute(lcp->ld, e, &ber);
               attr; attr = US ldap_next_attribute(lcp->ld, e, ber))
       {
       DEBUG(D_lookup) debug_printf("LDAP attr loop\n");
@@ -776,9 +774,7 @@ while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) ==
             internal quotes, backslashes, newlines, and must double commas. */


             if (attrs_requested != 1)
-              {
-              int j;
-              for (j = 0; j < len; j++)
+              for (int j = 0; j < len; j++)
                 {
                 if (value[j] == '\n')
                   data = string_catn(data, US"\\n", 2);
@@ -791,19 +787,15 @@ while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) ==
                   data = string_catn(data, value+j, 1);
                   }
                 }
-              }


             /* For single attributes, just double commas */


         else
-          {
-          int j;
-          for (j = 0; j < len; j++)
+          for (int j = 0; j < len; j++)
             if (value[j] == ',')
               data = string_catn(data, US",,", 2);
             else
               data = string_catn(data, value+j, 1);
-          }



             /* Move on to the next value */
@@ -1205,9 +1197,8 @@ far too complicated. */


 if (user != NULL)
   {
-  uschar *s;
   uschar *t = user;
-  for (s = user; *s != 0; s++)
+  for (uschar * s = user; *s != 0; s++)
     {
     int c, d;
     if (*s == '%' && isxdigit(c=s[1]) && isxdigit(d=s[2]))
diff --git a/src/src/lookups/lf_check_file.c b/src/src/lookups/lf_check_file.c
index 43198a8..8b11408 100644
--- a/src/src/lookups/lf_check_file.c
+++ b/src/src/lookups/lf_check_file.c
@@ -41,7 +41,6 @@ int
 lf_check_file(int fd, uschar *filename, int s_type, int modemask, uid_t *owners,
   gid_t *owngroups, const char *type, uschar **errmsg)
 {
-int i;
 struct stat statbuf;


 if ((fd >= 0 && fstat(fd, &statbuf) != 0) ||
@@ -82,7 +81,7 @@ if ((statbuf.st_mode & modemask) != 0)
 if (owners != NULL)
   {
   BOOL uid_ok = FALSE;
-  for (i = 1; i <= (int)owners[0]; i++)
+  for (int i = 1; i <= (int)owners[0]; i++)
     if (owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
   if (!uid_ok)
     {
@@ -96,7 +95,7 @@ if (owners != NULL)
 if (owngroups != NULL)
   {
   BOOL gid_ok = FALSE;
-  for (i = 1; i <= (int)owngroups[0]; i++)
+  for (int i = 1; i <= (int)owngroups[0]; i++)
     if (owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
   if (!gid_ok)
     {
diff --git a/src/src/lookups/lf_quote.c b/src/src/lookups/lf_quote.c
index 8916fdc..6f4143d 100644
--- a/src/src/lookups/lf_quote.c
+++ b/src/src/lookups/lf_quote.c
@@ -45,9 +45,8 @@ character. */


 if (value[0] == 0 || Ustrpbrk(value, " \t\n\r") != NULL || value[0] == '\"')
   {
-  int j;
   result = string_catn(result, US"\"", 1);
-  for (j = 0; j < vlength; j++)
+  for (int j = 0; j < vlength; j++)
     {
     if (value[j] == '\"' || value[j] == '\\')
       result = string_catn(result, US"\\", 1);
diff --git a/src/src/lookups/mysql.c b/src/src/lookups/mysql.c
index 77027fc..ba8ecba 100644
--- a/src/src/lookups/mysql.c
+++ b/src/src/lookups/mysql.c
@@ -152,7 +152,7 @@ database, user, password. We can write to the string, since it is in a
 nextinlist temporary buffer. The copy of the string that is used for caching
 has the password removed. This copy is also used for debugging output. */


-for (i = 3; i > 0; i--)
+for (int i = 3; i > 0; i--)
   {
   uschar *pp = Ustrrchr(server, '/');
   if (pp == NULL)
@@ -315,7 +315,7 @@ while ((mysql_row_data = mysql_fetch_row(mysql_result)))
     result = string_catn(result, US"\n", 1);


   if (num_fields != 1)
-    for (i = 0; i < num_fields; i++)
+    for (int i = 0; i < num_fields; i++)
       result = lf_quote(US fields[i].name, US mysql_row_data[i], lengths[i],
             result);


diff --git a/src/src/lookups/nisplus.c b/src/src/lookups/nisplus.c
index e2115a5..61cc701 100644
--- a/src/src/lookups/nisplus.c
+++ b/src/src/lookups/nisplus.c
@@ -45,7 +45,6 @@ static int
nisplus_find(void *handle, uschar *filename, const uschar *query, int length,
uschar **result, uschar **errmsg, uint *do_cache)
{
-int i;
int error_error = FAIL;
const uschar * field_name = NULL;
nis_result *nrt = NULL;
@@ -138,7 +137,7 @@ was given, look for that field; otherwise concatenate all the fields
with their names. */

eo = &(eno->zo_data.objdata_u.en_data);
-for (i = 0; i < eo->en_cols.en_cols_len; i++)
+for (int i = 0; i < eo->en_cols.en_cols_len; i++)
{
table_col *tc = ta->ta_cols.ta_cols_val + i;
entry_col *ec = eo->en_cols.en_cols_val + i;
@@ -164,9 +163,8 @@ for (i = 0; i < eo->en_cols.en_cols_len; i++)

     if (value[0] == 0 || Ustrchr(value, ' ') != NULL)
       {
-      int j;
       yield = string_catn(yield, US"\"", 1);
-      for (j = 0; j < len; j++)
+      for (int j = 0; j < len; j++)
         {
         if (value[j] == '\"' || value[j] == '\\')
           yield = string_catn(yield, US"\\", 1);
diff --git a/src/src/lookups/oracle.c b/src/src/lookups/oracle.c
index 1b21e6a..d573145 100644
--- a/src/src/lookups/oracle.c
+++ b/src/src/lookups/oracle.c
@@ -254,7 +254,6 @@ Ora_Describe *desc = NULL;
 Ora_Define *def = NULL;
 void *hda = NULL;


-int i;
int yield = DEFER;
unsigned int num_fields = 0;
gstring * result = NULL;
@@ -267,7 +266,7 @@ database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */

-for (i = 3; i > 0; i--)
+for (int i = 3; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
@@ -404,7 +403,7 @@ while (cda->rc != NO_DATA_FOUND) /* Loop for each row */

/* Multiple fields - precede by file name, removing {lead,trail}ing WS */

-  else for (i = 0; i < num_fields; i++)
+  else for (int i = 0; i < num_fields; i++)
     {
     int slen;
     uschar *s = US desc[i].buf;
@@ -421,9 +420,8 @@ while (cda->rc != NO_DATA_FOUND)  /* Loop for each row */
     if (desc[i].dbtype != INT_TYPE && desc[i].dbtype != FLOAT_TYPE &&
        (def[i].buf[0] == 0 || strchr(def[i].buf, ' ') != NULL))
       {
-      int j;
       result = string_catn(result, "\"", 1);
-      for (j = 0; j < def[i].col_retlen; j++)
+      for (int j = 0; j < def[i].col_retlen; j++)
         {
         if (def[i].buf[j] == '\"' || def[i].buf[j] == '\\')
           result = string_catn(result, "\\", 1);
diff --git a/src/src/lookups/pgsql.c b/src/src/lookups/pgsql.c
index 697285a..cc12e40 100644
--- a/src/src/lookups/pgsql.c
+++ b/src/src/lookups/pgsql.c
@@ -124,7 +124,6 @@ perform_pgsql_search(const uschar *query, uschar *server, uschar **resultptr,
 PGconn *pg_conn = NULL;
 PGresult *pg_result = NULL;


-int i;
gstring * result = NULL;
int yield = DEFER;
unsigned int num_fields, num_tuples;
@@ -137,7 +136,7 @@ path, database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */

-for (i = 2; i >= 0; i--)
+for (int i = 2; i >= 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (!pp)
@@ -320,7 +319,7 @@ num_tuples = PQntuples(pg_result);
/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */

-for (i = 0; i < num_tuples; i++)
+for (int i = 0; i < num_tuples; i++)
   {
   if (result)
     result = string_catn(result, US"\n", 1);
@@ -329,14 +328,11 @@ for (i = 0; i < num_tuples; i++)
     result = string_catn(result,
     US PQgetvalue(pg_result, i, 0), PQgetlength(pg_result, i, 0));
   else
-    {
-    int j;
-    for (j = 0; j < num_fields; j++)
+    for (int j = 0; j < num_fields; j++)
       {
       uschar *tmp = US PQgetvalue(pg_result, i, j);
       result = lf_quote(US PQfname(pg_result, j), tmp, Ustrlen(tmp), result);
       }
-    }
   }


/* If result is NULL then no data has been found and so we return FAIL. */
diff --git a/src/src/lookups/redis.c b/src/src/lookups/redis.c
index a4b672a..e84f766 100644
--- a/src/src/lookups/redis.c
+++ b/src/src/lookups/redis.c
@@ -92,7 +92,7 @@ We can write to the string, since it is in a nextinlist temporary buffer.
This copy is also used for debugging output. */

memset(sdata, 0, sizeof(sdata)) /* Set all to NULL */;
-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');

@@ -205,9 +205,8 @@ if(sdata[1])
/* split string on whitespace into argv */
{
uschar * argv[32];
- int i;
const uschar * s = command;
- int siz, ptr;
+ int siz, ptr, i;
uschar c;

   while (isspace(*s)) s++;
@@ -281,7 +280,7 @@ switch (redis_reply->type)
     /* NOTE: For now support 1 nested array result. If needed a limitless
     result can be parsed */


-    for (i = 0; i < redis_reply->elements; i++)
+    for (int i = 0; i < redis_reply->elements; i++)
       {
       entry = redis_reply->element[i];


@@ -297,7 +296,7 @@ switch (redis_reply->type)
       result = string_catn(result, US entry->str, entry->len);
       break;
     case REDIS_REPLY_ARRAY:
-      for (j = 0; j < entry->elements; j++)
+      for (int j = 0; j < entry->elements; j++)
         {
         tentry = entry->element[j];


diff --git a/src/src/lookups/sqlite.c b/src/src/lookups/sqlite.c
index 1619429..4bf6160 100644
--- a/src/src/lookups/sqlite.c
+++ b/src/src/lookups/sqlite.c
@@ -45,7 +45,6 @@ static int
sqlite_callback(void *arg, int argc, char **argv, char **azColName)
{
gstring * res = *(gstring **)arg;
-int i;

/* For second and subsequent results, insert \n */

@@ -55,7 +54,7 @@ if (res)
 if (argc > 1)
   {
   /* For multiple fields, include the field name too */
-  for (i = 0; i < argc; i++)
+  for (int i = 0; i < argc; i++)
     {
     uschar *value = US((argv[i] != NULL)? argv[i]:"<NULL>");
     res = lf_quote(US azColName[i], value, Ustrlen(value), res);
diff --git a/src/src/macro_predef.c b/src/src/macro_predef.c
index fbc923c..84a3328 100644
--- a/src/src/macro_predef.c
+++ b/src/src/macro_predef.c
@@ -70,7 +70,6 @@ void
 options_from_list(optionlist * opts, unsigned nopt,
   const uschar * section, uschar * group)
 {
-int i;
 const uschar * s;
 uschar buf[64];


@@ -81,7 +80,7 @@ of the macros list is in reverse-alpha (we prepend them) - so longer
macros that have substrings are always discovered first during
expansion. */

-for (i = 0; i < nopt; i++)  if (*(s = US opts[i].name) && *s != '*')
+for (int i = 0; i < nopt; i++)  if (*(s = US opts[i].name) && *s != '*')
   {
   if (group)
     spf(buf, sizeof(buf), CUS"_OPT_%T_%T_%T", section, group, s);
diff --git a/src/src/malware.c b/src/src/malware.c
index 6adcf9b..2e783e3 100644
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -107,16 +107,16 @@ static struct scan
 void
 features_malware(void)
 {
-const struct scan * sc;
 const uschar * s;
 uschar * t;
 uschar buf[64];


spf(buf, sizeof(buf), US"_HAVE_MALWARE_");

-for (sc = m_scans; sc->scancode != -1; sc++)
+for (const struct scan * sc = m_scans; sc->scancode != -1; sc++)
   {
-  for(s = sc->name, t = buf+14; *s; s++) if (*s != '-') *t++ = toupper(*s);
+  for (s = sc->name, t = buf+14; *s; s++) if (*s != '-')
+    *t++ = toupper(*s);
   *t = '\0';
   builtin_macro_create(buf);
   }
@@ -898,7 +898,6 @@ badseek:  err = errno;
       /* "virus(es) found" if virus number is > 0 */
       if (drweb_vnum)
     {
-    int i;
     gstring * g = NULL;


     /* setup default virus name */
@@ -909,7 +908,7 @@ badseek:  err = errno;
       drweb_re = m_pcre_compile(drweb_re_str, &errstr);


     /* read and concatenate virus names into one string */
-    for (i = 0; i < drweb_vnum; i++)
+    for (int i = 0; i < drweb_vnum; i++)
       {
       int ovector[10*3];


@@ -1044,7 +1043,7 @@ badseek:  err = errno;
 #ifndef DISABLE_MAL_FSECURE
     case M_FSEC: /* "fsecure" scanner type ---------------------------------- */
       {
-      int i, j, bread = 0;
+      int i, bread = 0;
       uschar * file_name;
       uschar av_buffer[1024];
       static uschar *cmdopt[] = { US"CONFIGURE\tARCHIVE\t1\n",
@@ -1070,7 +1069,7 @@ badseek:  err = errno;
       return m_panic_defer_3(scanent, CUS callout_address,
         string_sprintf("unable to read answer %d (%s)", i, strerror(errno)),
         malware_daemon_ctx.sock);
-    for (j = 0; j < bread; j++)
+    for (int j = 0; j < bread; j++)
       if (av_buffer[j] == '\r' || av_buffer[j] == '\n')
         av_buffer[j] ='@';
     }
@@ -2282,9 +2281,8 @@ if (!fprot6d_re_virus)
 void
 malware_show_supported(FILE * f)
 {
-struct scan * sc;
 fprintf(f, "Malware:");
-for (sc = m_scans; sc->scancode != (scanner_t)-1; sc++) fprintf(f, " %s", sc->name);
+for (struct scan * sc = m_scans; sc->scancode != (scanner_t)-1; sc++) fprintf(f, " %s", sc->name);
 fprintf(f, "\n");
 }


diff --git a/src/src/match.c b/src/src/match.c
index 0c0f3e8..43f5912 100644
--- a/src/src/match.c
+++ b/src/src/match.c
@@ -175,10 +175,9 @@ if (cb->at_is_special && pattern[0] == '@')

   if (Ustrcmp(pattern, "@[]") == 0)
     {
-    ip_address_item *ip;
     int slen = Ustrlen(s);
     if (s[0] != '[' && s[slen-1] != ']') return FAIL;
-    for (ip = host_find_interfaces(); ip != NULL; ip = ip->next)
+    for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next)
       if (Ustrncmp(ip->address, s+1, slen - 2) == 0
             && ip->address[slen - 2] == 0)
         return OK;
@@ -696,8 +695,8 @@ while ((sss = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))
         if (valueptr)
           {
           const uschar *key = get_check_key(arg, type);
-          namedlist_cacheblock *p;
-          for (p = nb->cache_data; p; p = p->next)
+
+          for (namedlist_cacheblock * p = nb->cache_data; p; p = p->next)
             if (Ustrcmp(key, p->key) == 0)
               {
               *valueptr = p->data;
@@ -1065,7 +1064,6 @@ looked up to obtain a list of local parts. If the subject's local part is just
 if (pattern[0] == '@' && pattern[1] == '@')
   {
   int watchdog = 50;
-  const uschar *key;
   uschar *list, *ss;
   uschar buffer[1024];


@@ -1074,7 +1072,7 @@ if (pattern[0] == '@' && pattern[1] == '@')
/* Loop for handling chains. The last item in any list may be of the form
">name" in order to chain on to another list. */

-  for (key = sdomain + 1; key != NULL && watchdog-- > 0; )
+  for (const uschar * key = sdomain + 1; key && watchdog-- > 0; )
     {
     int sep = 0;


@@ -1277,7 +1275,6 @@ match_address_list(const uschar *address, BOOL caseless, BOOL expand,
const uschar **listptr, unsigned int *cache_bits, int expand_setup, int sep,
const uschar **valueptr)
{
-uschar *p;
check_address_block ab;
unsigned int *local_cache_bits = cache_bits;

@@ -1289,7 +1286,7 @@ the list can be used to restore a caseful copy of the local part from the
original address. */

sprintf(CS big_buffer, "%.*s", big_buffer_size - 1, address);
-for (p = big_buffer + Ustrlen(big_buffer) - 1; p >= big_buffer; p--)
+for (uschar * p = big_buffer + Ustrlen(big_buffer) - 1; p >= big_buffer; p--)
{
if (!caseless && *p == '@') break;
*p = tolower(*p);
diff --git a/src/src/mime.c b/src/src/mime.c
index 5dcbaa4..cf537d7 100644
--- a/src/src/mime.c
+++ b/src/src/mime.c
@@ -395,10 +395,7 @@ if ((num_copied > 0) && (header[num_copied-1] != ';'))
header[num_copied] = '\0';

/* return 0 for EOF or empty line */
-if ((c == EOF) || (num_copied == 1))
- return 0;
-else
- return 1;
+return c == EOF || num_copied == 1 ? 0 : 1;
}


@@ -557,11 +554,9 @@ while(1)

   /* parse headers, set up expansion variables */
   while (mime_get_header(f, header))
-    {
-    struct mime_header * mh;


     /* look for interesting headers */
-    for (mh = mime_header_list;
+    for (struct mime_header * mh = mime_header_list;
      mh < mime_header_list + mime_header_list_size;
      mh++) if (strncmpic(mh->name, header, mh->namelen) == 0)
       {
@@ -589,8 +584,6 @@ while(1)


     while (*p)
       {
-      mime_parameter * mp;
-
       DEBUG(D_acl) debug_printf_indent("MIME:   considering paramlist '%s'\n", p);


       if (  !mime_filename
@@ -661,7 +654,7 @@ while(1)


       else
         /* look for interesting parameters */
-        for (mp = mime_parameter_list;
+        for (mime_parameter * mp = mime_parameter_list;
          mp < mime_parameter_list + nelem(mime_parameter_list);
          mp++
         ) if (strncmpic(mp->name, p, mp->namelen) == 0)
@@ -701,7 +694,6 @@ while(1)
       }
     }
       }
-    }


/* set additional flag variables (easier access) */
if ( mime_content_type
diff --git a/src/src/moan.c b/src/src/moan.c
index 1dcc6c4..cdec745 100644
--- a/src/src/moan.c
+++ b/src/src/moan.c
@@ -527,16 +527,16 @@ va_start(ap, format);
vfprintf(f, format, ap);
va_end(ap);

-if (addr != NULL)
+if (addr)
   {
   fprintf(f, "\nThe following address(es) have yet to be delivered:\n");
-  for (; addr != NULL; addr = addr->next)
+  for (; addr; addr = addr->next)
     {
-    uschar *parent = (addr->parent == NULL)? NULL : addr->parent->address;
+    uschar * parent = addr->parent ? addr->parent->address : NULL;
     fprintf(f, "  %s", addr->address);
-    if (parent != NULL) fprintf(f, " <%s>", parent);
+    if (parent) fprintf(f, " <%s>", parent);
     if (addr->basic_errno > 0) fprintf(f, ": %s", strerror(addr->basic_errno));
-    if (addr->message != NULL) fprintf(f, ": %s", addr->message);
+    if (addr->message) fprintf(f, ": %s", addr->message);
     fprintf(f, "\n");
     }
   }
@@ -724,22 +724,18 @@ moan_skipped_syntax_errors(uschar *rname, error_block *eblock,
 int pid, fd;
 uschar *s, *t;
 FILE *f;
-error_block *e;


-for (e = eblock; e != NULL; e = e->next)
-  {
+for (error_block * e = eblock; e; e = e->next)
   if (e->text2 != NULL)
     log_write(0, LOG_MAIN, "%s router: skipped error: %s in \"%s\"",
       rname, e->text1, e->text2);
   else
     log_write(0, LOG_MAIN, "%s router: skipped error: %s", rname,
       e->text1);
-  }


-if (syntax_errors_to == NULL) return TRUE;
+if (!syntax_errors_to) return TRUE;

-s = expand_string(syntax_errors_to);
-if (s == NULL)
+if (!(s = expand_string(syntax_errors_to)))
   {
   log_write(0, LOG_MAIN, "%s router failed to expand %s: %s", rname,
     syntax_errors_to, expand_string_message);
@@ -764,10 +760,9 @@ moan_write_from(f);
 fprintf(f, "To: %s\n", s);
 fprintf(f, "Subject: error(s) in forwarding or filtering\n\n");


-if (custom != NULL)
+if (custom)
   {
-  t = expand_string(custom);
-  if (t == NULL)
+  if (!(t = expand_string(custom)))
     {
     log_write(0, LOG_MAIN, "%s router failed to expand %s: %s", rname,
       custom, expand_string_message);
@@ -779,7 +774,7 @@ if (custom != NULL)
 fprintf(f, "The %s router encountered the following error(s):\n\n",
   rname);


-for (e = eblock; e != NULL; e = e->next)
+for (error_block * e = eblock; e; e = e->next)
   {
   fprintf(f, "  %s", e->text1);
   if (e->text2 != NULL)
diff --git a/src/src/os.c b/src/src/os.c
index 5ce56b5..9c1281a 100644
--- a/src/src/os.c
+++ b/src/src/os.c
@@ -493,8 +493,7 @@ if (getifaddrs(&ifalist) != 0)
   log_write(0, LOG_PANIC_DIE, "Unable to call getifaddrs: %d %s",
     errno, strerror(errno));


-struct ifaddrs *ifa;
-for (ifa = ifalist; ifa != NULL; ifa = ifa->ifa_next)
+for (struct ifaddrs * ifa = ifalist; ifa; ifa = ifa->ifa_next)
{
if (ifa->ifa_addr->sa_family != AF_INET
#if HAVE_IPV6
@@ -617,7 +616,6 @@ int vs;
ip_address_item *yield = NULL;
ip_address_item *last = NULL;
ip_address_item *next;
-char *cp;
char buf[MAX_INTERFACES*sizeof(struct V_ifreq)];
struct sockaddr *addrp;
size_t len = 0;
@@ -683,7 +681,7 @@ buffer is not guaranteed to be aligned. Thus, we must first copy the basic
struct to some aligned memory before looking at the field in the fixed part to
find its length, and then recopy the correct length. */

-for (cp = buf; cp < buf + ifc.V_ifc_len; cp += len)
+for (char * cp = buf; cp < buf + ifc.V_ifc_len; cp += len)
{
memcpy(CS &ifreq, cp, sizeof(ifreq));

diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 594af03..d056402 100644
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -124,9 +124,8 @@ return string_sprintf("%s-%s",
 int
 pdkim_hashname_to_hashtype(const uschar * s, unsigned len)
 {
-int i;
 if (!len) len = Ustrlen(s);
-for (i = 0; i < nelem(pdkim_hashes); i++)
+for (int i = 0; i < nelem(pdkim_hashes); i++)
   if (Ustrncmp(s, pdkim_hashes[i].dkim_hashname, len) == 0)
     return i;
 return -1;
@@ -136,9 +135,8 @@ void
 pdkim_cstring_to_canons(const uschar * s, unsigned len,
   int * canon_head, int * canon_body)
 {
-int i;
 if (!len) len = Ustrlen(s);
-for (i = 0; pdkim_combined_canons[i].str; i++)
+for (int i = 0; pdkim_combined_canons[i].str; i++)
   if (  Ustrncmp(s, pdkim_combined_canons[i].str, len) == 0
      && len == Ustrlen(pdkim_combined_canons[i].str))
     {
@@ -205,8 +203,7 @@ switch(status)
 void
 pdkim_quoteprint(const uschar *data, int len)
 {
-int i;
-for (i = 0; i < len; i++)
+for (int i = 0; i < len; i++)
   {
   const int c = data[i];
   switch (c)
@@ -231,8 +228,7 @@ debug_printf("\n");
 void
 pdkim_hexprint(const uschar *data, int len)
 {
-int i;
-if (data) for (i = 0 ; i < len; i++) debug_printf("%02x", data[i]);
+if (data) for (int i = 0 ; i < len; i++) debug_printf("%02x", data[i]);
 else debug_printf("<NULL>");
 debug_printf("\n");
 }
@@ -332,11 +328,10 @@ pdkim_relax_header_n(const uschar * header, int len, BOOL append_crlf)
 {
 BOOL past_field_name = FALSE;
 BOOL seen_wsp = FALSE;
-const uschar * p;
 uschar * relaxed = store_get(len+3);
 uschar * q = relaxed;


-for (p = header; p - header < len; p++)
+for (const uschar * p = header; p - header < len; p++)
{
uschar c = *p;

@@ -463,13 +458,12 @@ static pdkim_signature *
pdkim_parse_sig_header(pdkim_ctx * ctx, uschar * raw_hdr)
{
pdkim_signature * sig;
-uschar *p, *q;
+uschar *q;
gstring * cur_tag = NULL;
gstring * cur_val = NULL;
BOOL past_hname = FALSE;
BOOL in_b_val = FALSE;
int where = PDKIM_HDR_LIMBO;
-int i;

sig = store_get(sizeof(pdkim_signature));
memset(sig, 0, sizeof(pdkim_signature));
@@ -482,7 +476,7 @@ sig->hashtype = -1;

q = sig->rawsig_no_b_val = store_get(Ustrlen(raw_hdr)+1);

-for (p = raw_hdr; ; p++)
+for (uschar * p = raw_hdr; ; p++)
{
char c = *p;

@@ -567,11 +561,11 @@ for (p = raw_hdr; ; p++)
         uschar * elem;


         if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
-          for(i = 0; i < nelem(pdkim_keytypes); i++)
+          for (int i = 0; i < nelem(pdkim_keytypes); i++)
         if (Ustrcmp(elem, pdkim_keytypes[i]) == 0)
           { sig->keytype = i; break; }
         if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
-          for (i = 0; i < nelem(pdkim_hashes); i++)
+          for (int i = 0; i < nelem(pdkim_hashes); i++)
         if (Ustrcmp(elem, pdkim_hashes[i].dkim_hashname) == 0)
           { sig->hashtype = i; break; }
         }
@@ -581,7 +575,7 @@ for (p = raw_hdr; ; p++)
                     &sig->canon_headers, &sig->canon_body);
         break;
       case 'q':                /* Query method (for pubkey)*/
-        for (i = 0; pdkim_querymethods[i]; i++)
+        for (int i = 0; pdkim_querymethods[i]; i++)
           if (Ustrcmp(cur_val->s, pdkim_querymethods[i]) == 0)
             {
         sig->querymethod = i;    /* we never actually use this */
@@ -730,7 +724,6 @@ if (b->canon_method == PDKIM_CANON_RELAXED)
   if (!relaxed_data)
     {
     BOOL seen_wsp = FALSE;
-    const uschar * p, * r;
     int q = 0;


     /* We want to be able to free this else we allocate
@@ -741,7 +734,7 @@ if (b->canon_method == PDKIM_CANON_RELAXED)
     relaxed_data = store_malloc(sizeof(blob) + orig_data->len+1);
     relaxed_data->data = US (relaxed_data+1);


-    for (p = orig_data->data, r = p + orig_data->len; p < r; p++)
+    for (const uschar * p = orig_data->data, * r = p + orig_data->len; p < r; p++)
       {
       char c = *p;
       if (c == '\r')
@@ -788,10 +781,7 @@ return relaxed_data;
 static void
 pdkim_finish_bodyhash(pdkim_ctx * ctx)
 {
-pdkim_bodyhash * b;
-pdkim_signature * sig;
-
-for (b = ctx->bodyhash; b; b = b->next)        /* Finish hashes */
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)     /* Finish hashes */
   {
   DEBUG(D_acl) debug_printf("PDKIM: finish bodyhash %d/%d/%ld len %ld\n",
         b->hashtype, b->canon_method, b->bodylength, b->signed_body_bytes);
@@ -799,9 +789,9 @@ for (b = ctx->bodyhash; b; b = b->next)        /* Finish hashes */
   }


/* Traverse all signatures */
-for (sig = ctx->sig; sig; sig = sig->next)
+for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)
{
- b = sig->calc_body_hash;
+ pdkim_bodyhash * b = sig->calc_body_hash;

   DEBUG(D_acl)
     {
@@ -849,15 +839,13 @@ for (sig = ctx->sig; sig; sig = sig->next)
 static void
 pdkim_body_complete(pdkim_ctx * ctx)
 {
-pdkim_bodyhash * b;
-
 /* In simple body mode, if any empty lines were buffered,
 replace with one. rfc 4871 3.4.3 */
 /*XXX checking the signed-body-bytes is a gross hack; I think
 it indicates that all linebreaks should be buffered, including
 the one terminating a text line */


-for (b = ctx->bodyhash; b; b = b->next)
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
   if (  b->canon_method == PDKIM_CANON_SIMPLE
      && b->signed_body_bytes == 0
      && b->num_buffered_blanklines > 0
@@ -878,7 +866,6 @@ static void
 pdkim_bodyline_complete(pdkim_ctx * ctx)
 {
 blob line = {.data = ctx->linebuf, .len = ctx->linebuf_offset};
-pdkim_bodyhash * b;
 blob * rnl = NULL;
 blob * rline = NULL;


@@ -902,12 +889,13 @@ if (ctx->flags & PDKIM_DOT_TERM)
 /* Empty lines need to be buffered until we find a non-empty line */
 if (memcmp(line.data, "\r\n", 2) == 0)
   {
-  for (b = ctx->bodyhash; b; b = b->next) b->num_buffered_blanklines++;
+  for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
+    b->num_buffered_blanklines++;
   goto all_skip;
   }


 /* Process line for each bodyhash separately */
-for (b = ctx->bodyhash; b; b = b->next)
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
   {
   if (b->canon_method == PDKIM_CANON_RELAXED)
     {
@@ -956,9 +944,6 @@ return;
 static int
 pdkim_header_complete(pdkim_ctx * ctx)
 {
-pdkim_signature * sig, * last_sig;
-
-/* Special case: The last header can have an extra \r appended */
 if ( (ctx->cur_header->ptr > 1) &&
      (ctx->cur_header->s[ctx->cur_header->ptr-1] == '\r') )
   --ctx->cur_header->ptr;
@@ -973,7 +958,7 @@ if (++ctx->num_headers > PDKIM_MAX_HEADERS) goto BAIL;


 /* SIGNING -------------------------------------------------------------- */
 if (ctx->flags & PDKIM_MODE_SIGN)
-  for (sig = ctx->sig; sig; sig = sig->next)            /* Traverse all signatures */
+  for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)  /* Traverse all signatures */


     /* Add header to the signed headers list (in reverse order) */
     sig->headers = pdkim_prepend_stringlist(sig->headers, ctx->cur_header->s);
@@ -993,6 +978,7 @@ else
           DKIM_SIGNATURE_HEADERNAME,
           Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0)
     {
+    pdkim_signature * sig, * last_sig;
     /* Create and chain new signature block.  We could error-check for all
     required tags here, but prefer to create the internal sig and expicitly
     fail verification of it later. */
@@ -1035,15 +1021,14 @@ return PDKIM_OK;
 DLLEXPORT int
 pdkim_feed(pdkim_ctx * ctx, uschar * data, int len)
 {
-int p, rc;
-
 /* Alternate EOD signal, used in non-dotstuffing mode */
 if (!data)
   pdkim_body_complete(ctx);


-else for (p = 0; p < len; p++)
+else for (int p = 0; p < len; p++)
{
uschar c = data[p];
+ int rc;

   if (ctx->flags & PDKIM_PAST_HDRS)
     {
@@ -1427,8 +1412,7 @@ instead.  Assume writing on the sig is ok in that case. */


 if (sig->keytype < 0)
   {
-  int i;
-  for(i = 0; i < nelem(pdkim_keytypes); i++)
+  for(int i = 0; i < nelem(pdkim_keytypes); i++)
     if (Ustrcmp(p->keytype, pdkim_keytypes[i]) == 0)
       { sig->keytype = i; goto k_ok; }
   DEBUG(D_acl) debug_printf("verify_init: unhandled keytype %s\n", p->keytype);
@@ -1462,8 +1446,6 @@ DLLEXPORT int
 pdkim_feed_finish(pdkim_ctx * ctx, pdkim_signature ** return_signatures,
   const uschar ** err)
 {
-pdkim_bodyhash * b;
-pdkim_signature * sig;
 BOOL verify_pass = FALSE;


 /* Check if we must still flush a (partial) header. If that is the
@@ -1477,7 +1459,7 @@ if (ctx->cur_header && ctx->cur_header->ptr > 0)
   if ((rc = pdkim_header_complete(ctx)) != PDKIM_OK)
     return rc;


-  for (b = ctx->bodyhash; b; b = b->next)
+  for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
     rnl = pdkim_update_ctx_bodyhash(b, &lineending, rnl);
   if (rnl) store_free(rnl);
   }
@@ -1497,7 +1479,7 @@ if (!ctx->sig)
   return PDKIM_OK;
   }


-for (sig = ctx->sig; sig; sig = sig->next)
+for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)
   {
   hctx hhash_ctx;
   uschar * sig_hdr = US"";
@@ -1561,7 +1543,6 @@ for (sig = ctx->sig; sig; sig = sig->next)
   if (ctx->flags & PDKIM_MODE_SIGN)
     {
     gstring * g = NULL;
-    pdkim_stringlist *p;
     const uschar * l;
     uschar * s;
     int sep = 0;
@@ -1577,8 +1558,8 @@ for (sig = ctx->sig; sig; sig = sig->next)
       }
     sig->keytype = sctx.keytype;


-    for (sig->headernames = NULL,        /* Collected signed header names */
-      p = sig->headers; p; p = p->next)
+    sig->headernames = NULL;            /* Collected signed header names */
+    for (pdkim_stringlist * p = sig->headers; p; p = p->next)
       {
       uschar * rh = p->value;


@@ -1625,12 +1606,11 @@ for (sig = ctx->sig; sig; sig = sig->next)
     {
     uschar * p = sig->headernames;
     uschar * q;
-    pdkim_stringlist * hdrs;


     if (p)
       {
       /* clear tags */
-      for (hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
+      for (pdkim_stringlist * hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
     hdrs->tag = 0;


       p = string_copy(p);
@@ -1640,7 +1620,7 @@ for (sig = ctx->sig; sig; sig = sig->next)
       *q = '\0';


   /*XXX walk the list of headers in same order as received. */
-    for (hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
+    for (pdkim_stringlist * hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
       if (  hdrs->tag == 0
          && strncasecmp(CCS hdrs->value, CCS p, Ustrlen(p)) == 0
          && (hdrs->value)[Ustrlen(p)] == ':'
diff --git a/src/src/queue.c b/src/src/queue.c
index 92109ef..617c267 100644
--- a/src/src/queue.c
+++ b/src/src/queue.c
@@ -277,9 +277,8 @@ for (; i <= *subcount; i++)


       else
         {
-        int j;
         next->next = NULL;
-        for (j = 0; j < LOG2_MAXNODES; j++)
+        for (int j = 0; j < LOG2_MAXNODES; j++)
           if (root[j])
             {
             next = merge_queue_lists(next, root[j]);
@@ -379,7 +378,6 @@ const pcre *selectstring_regex = NULL;
 const pcre *selectstring_regex_sender = NULL;
 uschar *log_detail = NULL;
 int subcount = 0;
-int i;
 uschar subdirs[64];


/* Cancel any specific queue domains. Turn off the flag that causes SMTP
@@ -455,11 +453,10 @@ subsequent iterations.
When the first argument of queue_get_spool_list() is -1 (for queue_run_in_
order), it scans all directories and makes a single message list. */

-for (i = queue_run_in_order ? -1 : 0;
+for (int i = queue_run_in_order ? -1 : 0;
      i <= (queue_run_in_order ? -1 : subcount);
      i++)
   {
-  queue_filename * fq;
   void *reset_point1 = store_get(0);


   DEBUG(D_queue_run)
@@ -472,9 +469,9 @@ for (i = queue_run_in_order ? -1 : 0;
       debug_printf("queue running subdirectory '%c'\n", subdirs[i]);
     }


-  for (fq = queue_get_spool_list(i, subdirs, &subcount, !queue_run_in_order);
-       fq;
-       fq = fq->next)
+  for (queue_filename * fq = queue_get_spool_list(i, subdirs, &subcount,
+                           !queue_run_in_order);
+       fq; fq = fq->next)
     {
     pid_t pid;
     int status;
@@ -704,9 +701,9 @@ for (i = queue_run_in_order ? -1 : 0;
   sub-directories have been found, randomize their order if necessary. */


   if (i == 0 && subcount > 1 && !queue_run_in_order)
-    {
-    int j, r;
-    for (j = 1; j <= subcount; j++)
+    for (int j = 1; j <= subcount; j++)
+      {
+      int r;
       if ((r = random_number(100)) >= 50)
         {
         int k = (r % subcount) + 1;
@@ -714,7 +711,7 @@ for (i = queue_run_in_order ? -1 : 0;
         subdirs[j] = subdirs[k];
         subdirs[k] = x;
         }
-    }
+      }
   }                                    /* End loop for multiple directories */


 /* If queue_2stage is true, we do it all again, with the 2stage flag
@@ -754,14 +751,14 @@ queue_count(void)
 {
 int subcount;
 int count = 0;
-queue_filename *f = NULL;
 uschar subdirs[64];
-f = queue_get_spool_list(
-        -1,             /* entire queue */
-        subdirs,        /* for holding sub list */
-        &subcount,      /* for subcount */
-        FALSE);         /* not random */
-for (; f != NULL; f = f->next) count++;
+
+for (queue_filename *f = queue_get_spool_list(
+                -1,             /* entire queue */
+                subdirs,        /* for holding sub list */
+                &subcount,      /* for subcount */
+                FALSE);         /* not random */
+    f; f = f->next) count++;
 fprintf(stdout, "%d\n", count);
 }


@@ -816,7 +813,6 @@ Returns:      nothing
 void
 queue_list(int option, uschar **list, int count)
 {
-int i;
 int subcount;
 int now = (int)time(NULL);
 void *reset_point;
@@ -828,7 +824,7 @@ uschar subdirs[64];
 if (count > 0)
   {
   queue_filename *last = NULL;
-  for (i = 0; i < count; i++)
+  for (int i = 0; i < count; i++)
     {
     queue_filename *next =
       store_get(sizeof(queue_filename) + Ustrlen(list[i]) + 2);
@@ -874,7 +870,7 @@ for (reset_point = store_get(0);


   if (env_read)
     {
-    int ptr;
+    int i, ptr;
     FILE *jread;
     struct stat statbuf;
     uschar * fname = spool_fname(US"input", message_subdir, qf->text, US"");
@@ -912,7 +908,7 @@ for (reset_point = store_get(0);
     }


fprintf(stdout, "%s ", string_format_size(size, big_buffer));
- for (i = 0; i < 16; i++) fputc(qf->text[i], stdout);
+ for (int i = 0; i < 16; i++) fputc(qf->text[i], stdout);

   if (env_read && sender_address)
     {
@@ -947,7 +943,7 @@ for (reset_point = store_get(0);


   if (recipients_list)
     {
-    for (i = 0; i < recipients_count; i++)
+    for (int i = 0; i < recipients_count; i++)
       {
       tree_node *delivered =
         tree_search(tree_nonrecipients, recipients_list[i].address);
@@ -986,7 +982,6 @@ Returns:          FALSE if there was any problem
 BOOL
 queue_action(uschar *id, int action, uschar **argv, int argc, int recipients_arg)
 {
-int i, j;
 BOOL yield = TRUE;
 BOOL removed = FALSE;
 struct passwd *pw;
@@ -1005,7 +1000,7 @@ done. Only admin users may read the spool files. */


if (action >= MSG_SHOW_BODY)
{
- int fd, i, rc;
+ int fd, rc;
uschar *subdirectory, *suffix;

   if (!f.admin_user)
@@ -1036,7 +1031,7 @@ if (action >= MSG_SHOW_BODY)
     suffix = US"";
     }


-  for (i = 0; i < 2; i++)
+  for (int i = 0; i < 2; i++)
     {
     message_subdir[0] = split_spool_directory == (i == 0) ? id[5] : 0;
     if ((fd = Uopen(spool_fname(subdirectory, message_subdir, id, suffix),
@@ -1203,7 +1198,7 @@ switch(action)
     suffix[2] = 0;
     message_subdir[0] = id[5];


-    for (j = 0; j < 2; message_subdir[0] = 0, j++)
+    for (int j = 0; j < 2; message_subdir[0] = 0, j++)
       {
       uschar * fname = spool_fname(US"msglog", message_subdir, id, US"");


@@ -1223,7 +1218,7 @@ switch(action)
     DEBUG(D_any) debug_printf(" (ok)\n");
     }


-      for (i = 0; i < 3; i++)
+      for (int i = 0; i < 3; i++)
     {
     uschar * fname;


@@ -1256,7 +1251,7 @@ switch(action)
     if (removed)
       {
 #ifndef DISABLE_EVENT
-      for (i = 0; i < recipients_count; i++)
+      for (int i = 0; i < recipients_count; i++)
     {
     tree_node *delivered =
       tree_search(tree_nonrecipients, recipients_list[i].address);
@@ -1295,13 +1290,13 @@ switch(action)



   case MSG_MARK_ALL_DELIVERED:
-  for (i = 0; i < recipients_count; i++)
+  for (int i = 0; i < recipients_count; i++)
     tree_add_nonrecipient(recipients_list[i].address);


   if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
     {
     printf("has been modified\n");
-    for (i = 0; i < recipients_count; i++)
+    for (int i = 0; i < recipients_count; i++)
       log_write(0, LOG_MAIN, "address <%s> marked delivered by %s",
         recipients_list[i].address, username);
     }
@@ -1372,6 +1367,7 @@ switch(action)
         }
       else if (action == MSG_MARK_DELIVERED)
         {
+    int i;
         for (i = 0; i < recipients_count; i++)
           if (Ustrcmp(recipients_list[i].address, recipient) == 0) break;
         if (i >= recipients_count)
diff --git a/src/src/rda.c b/src/src/rda.c
index 13f5709..228f574 100644
--- a/src/src/rda.c
+++ b/src/src/rda.c
@@ -42,14 +42,14 @@ static BOOL
 match_tag(const uschar *s, const uschar *tag)
 {
 for (; *tag != 0; s++, tag++)
-  {
   if (*tag == ' ')
     {
     while (*s == ' ' || *s == '\t') s++;
     s--;
     }
-  else if (tolower(*s) != tolower(*tag)) break;
-  }
+  else
+   if (tolower(*s) != tolower(*tag)) break;
+
 return (*tag == 0);
 }


@@ -250,11 +250,8 @@ if (!uid_ok)
   if (rdata->pw != NULL && statbuf.st_uid == rdata->pw->pw_uid)
     uid_ok = TRUE;
   else if (rdata->owners != NULL)
-    {
-    int i;
-    for (i = 1; i <= (int)(rdata->owners[0]); i++)
+    for (int i = 1; i <= (int)(rdata->owners[0]); i++)
       if (rdata->owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
-    }
   }


 if (!gid_ok)
@@ -262,11 +259,8 @@ if (!gid_ok)
   if (rdata->pw != NULL && statbuf.st_gid == rdata->pw->pw_gid)
     gid_ok = TRUE;
   else if (rdata->owngroups != NULL)
-    {
-    int i;
-    for (i = 1; i <= (int)(rdata->owngroups[0]); i++)
+    for (int i = 1; i <= (int)(rdata->owngroups[0]); i++)
       if (rdata->owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
-    }
   }


if (!uid_ok || !gid_ok)
@@ -656,10 +650,9 @@ if ((pid = fork()) == 0)

/* Pass back the contents of any syntax error blocks if we have a pointer */

-  if (eblockp != NULL)
+  if (eblockp)
     {
-    error_block *ep;
-    for (ep = *eblockp; ep != NULL; ep = ep->next)
+    for (error_block * ep = *eblockp; ep; ep = ep->next)
       if (  rda_write_string(fd, ep->text1) != 0
          || rda_write_string(fd, ep->text2) != 0
      )
@@ -675,8 +668,7 @@ if ((pid = fork()) == 0)
   if (f.system_filtering)
     {
     int i = 0;
-    header_line *h;
-    for (h = header_list; h != waslast->next; i++, h = h->next)
+    for (header_line * h = header_list; h != waslast->next; i++, h = h->next)
       if (  h->type == htype_old
          && write(fd, &i, sizeof(i)) != sizeof(i)
      )
@@ -714,8 +706,7 @@ if ((pid = fork()) == 0)
   if (yield == FF_DELIVERED || yield == FF_NOTDELIVERED ||
       yield == FF_FAIL || yield == FF_FREEZE)
     {
-    address_item *addr;
-    for (addr = *generated; addr; addr = addr->next)
+    for (address_item * addr = *generated; addr; addr = addr->next)
       {
       int reply_options = 0;
       int ig_err = addr->prop.ignore_error ? 1 : 0;
@@ -729,12 +720,9 @@ if ((pid = fork()) == 0)
     goto bad;


       if (addr->pipe_expandn)
-        {
-        uschar **pp;
-        for (pp = addr->pipe_expandn; *pp; pp++)
+        for (uschar ** pp = addr->pipe_expandn; *pp; pp++)
           if (rda_write_string(fd, *pp) != 0)
         goto bad;
-        }
       if (rda_write_string(fd, NULL) != 0)
         goto bad;


@@ -809,8 +797,7 @@ if (read(fd, filtertype, sizeof(int)) != sizeof(int) ||
 if (eblockp)
   {
   error_block *e;
-  error_block **p;
-  for (p = eblockp; ; p = &e->next)
+  for (error_block ** p = eblockp; ; p = &e->next)
     {
     uschar *s;
     if (!rda_read_string(fd, &s)) goto DISASTER;
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 5742d10..eb68442 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -403,12 +403,11 @@ options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN", NULL);
 void
 options_auths(void)
 {
-struct auth_info * ai;
 uschar buf[64];


options_from_list(optionlist_auths, optionlist_auths_size, US"AUTHENTICATORS", NULL);

-for (ai = auths_available; ai->driver_name[0]; ai++)
+for (struct auth_info * ai = auths_available; ai->driver_name[0]; ai++)
{
spf(buf, sizeof(buf), US"_DRIVER_AUTHENTICATOR_%T", ai->driver_name);
builtin_macro_create(buf);
@@ -419,10 +418,9 @@ for (ai = auths_available; ai->driver_name[0]; ai++)
void
options_logging(void)
{
-bit_table * bp;
uschar buf[64];

-for (bp = log_options; bp < log_options + log_options_count; bp++)
+for (bit_table * bp = log_options; bp < log_options + log_options_count; bp++)
   {
   spf(buf, sizeof(buf), US"_LOG_%T", bp->name);
   builtin_macro_create(buf);
@@ -578,17 +576,13 @@ Returns:     the option name, or an empty string
 uschar *
 readconf_find_option(void *p)
 {
-int i;
-router_instance *r;
-transport_instance *t;
-
-for (i = 0; i < nelem(optionlist_config); i++)
+for (int i = 0; i < nelem(optionlist_config); i++)
   if (p == optionlist_config[i].value) return US optionlist_config[i].name;


-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
   {
   router_info *ri = r->info;
-  for (i = 0; i < *ri->options_count; i++)
+  for (int i = 0; i < *ri->options_count; i++)
     {
     if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
     if (p == CS (r->options_block) + (long int)(ri->options[i].value))
@@ -596,10 +590,10 @@ for (r = routers; r; r = r->next)
     }
   }


-for (t = transports; t; t = t->next)
+for (transport_instance * t = transports; t; t = t->next)
   {
   transport_info *ti = t->info;
-  for (i = 0; i < *ti->options_count; i++)
+  for (int i = 0; i < *ti->options_count; i++)
     {
     optionlist * op = &ti->options[i];
     if ((op->type & opt_mask) != opt_stringptr) continue;
@@ -784,7 +778,6 @@ macros_expand(int len, int * newlen, BOOL * macro_found)
 {
 uschar * ss = big_buffer + len;
 uschar * s;
-macro_item * m;


/* Find the true start of the physical line - leading spaces are always
ignored. */
@@ -814,7 +807,7 @@ while (*s && !isupper(*s) && !(*s == '_' && isupper(s[1]))) s++;
replacing all occurrences of the macro. */

*macro_found = FALSE;
-if (*s) for (m = *s == '_' ? macros : macros_user; m; m = m->next)
+if (*s) for (macro_item * m = *s == '_' ? macros : macros_user; m; m = m->next)
{
uschar * p, *pp;
uschar * t;
@@ -1591,7 +1584,7 @@ readconf_handle_option(uschar *buffer, optionlist *oltop, int last,
{
int ptr = 0;
int offset = 0;
-int n, count, type, value;
+int count, type, value;
int issecure = 0;
uid_t uid;
gid_t gid;
@@ -1619,7 +1612,7 @@ if (!isalpha(*s))
it turns out that what we read was "hide", set the flag indicating that
this is a secure option, and loop to read the next word. */

-for (n = 0; n < 2; n++)
+for (int n = 0; n < 2; n++)
   {
   while (isalnum(*s) || *s == '_')
     {
@@ -2590,9 +2583,8 @@ switch(ol->type & opt_mask)
     if (!no_labels) printf("%s =", name);
     if (uidlist)
       {
-      int i;
       uschar sep = no_labels ? '\0' : ' ';
-      for (i = 1; i <= (int)(uidlist[0]); i++)
+      for (int i = 1; i <= (int)(uidlist[0]); i++)
     {
     uschar *name = NULL;
     if ((pw = getpwuid(uidlist[i]))) name = US pw->pw_name;
@@ -2610,9 +2602,8 @@ switch(ol->type & opt_mask)
     if (!no_labels) printf("%s =", name);
     if (gidlist)
       {
-      int i;
       uschar sep = no_labels ? '\0' : ' ';
-      for (i = 1; i <= (int)(gidlist[0]); i++)
+      for (int i = 1; i <= (int)(gidlist[0]); i++)
     {
     uschar *name = NULL;
     if ((gr = getgrgid(gidlist[i]))) name = US gr->gr_name;
@@ -2632,10 +2623,9 @@ switch(ol->type & opt_mask)


   case opt_timelist:
     {
-    int i;
     int *list = (int *)value;
     if (!no_labels) printf("%s = ", name);
-    for (i = 0; i < list[1]; i++)
+    for (int i = 0; i < list[1]; i++)
       printf("%s%s", i == 0 ? "" : ":", readconf_printtime(list[i+2]));
     printf("\n");
     }
@@ -2717,17 +2707,14 @@ BOOL
 readconf_print(uschar *name, uschar *type, BOOL no_labels)
 {
 BOOL names_only = FALSE;
-optionlist *ol;
 optionlist *ol2 = NULL;
 driver_instance *d = NULL;
-macro_item *m;
 int size = 0;


 if (!type)
   {
   if (*name == '+')
     {
-    int i;
     tree_node *t;
     BOOL found = FALSE;
     static uschar *types[] = { US"address", US"domain", US"host",
@@ -2735,7 +2722,7 @@ if (!type)
     static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
       &hostlist_anchor, &localpartlist_anchor };


-    for (i = 0; i < 4; i++)
+    for (int i = 0; i < 4; i++)
       if ((t = tree_search(*(anchors[i]), name+1)))
         {
         found = TRUE;
@@ -2762,7 +2749,7 @@ if (!type)


   if (Ustrcmp(name, "all") == 0)
     {
-    for (ol = optionlist_config;
+    for (optionlist * ol = optionlist_config;
          ol < optionlist_config + nelem(optionlist_config); ol++)
       if (!(ol->type & opt_hidden))
         (void) print_ol(ol, US ol->name, NULL,
@@ -2777,7 +2764,7 @@ if (!type)
     printf("local_scan() options are not supported\n");
     return FALSE;
 #else
-    for (ol = local_scan_options;
+    for (optionlist * ol = local_scan_options;
          ol < local_scan_options + local_scan_options_count; ol++)
       (void) print_ol(ol, US ol->name, NULL, local_scan_options,
           local_scan_options_count, no_labels);
@@ -2893,7 +2880,7 @@ else if (Ustrcmp(type, "macro") == 0)
     fprintf(stderr, "exim: permission denied\n");
     return FALSE;
     }
-  for (m = macros; m; m = m->next)
+  for (macro_item * m = macros; m; m = m->next)
     if (!name || Ustrcmp(name, m->name) == 0)
       {
       if (names_only)
@@ -2926,11 +2913,11 @@ for (; d; d = d->next)
     printf("\n%s %s:\n", d->name, type);
   else if (Ustrcmp(d->name, name) != 0) continue;


-  for (ol = ol2; ol < ol2 + size; ol++)
+  for (optionlist * ol = ol2; ol < ol2 + size; ol++)
     if (!(ol->type & opt_hidden))
       rc |= print_ol(ol, US ol->name, d, ol2, size, no_labels);


-  for (ol = d->info->options;
+  for (optionlist * ol = d->info->options;
        ol < d->info->options + *(d->info->options_count); ol++)
     if (!(ol->type & opt_hidden))
       rc |= print_ol(ol, US ol->name, d, d->info->options,
@@ -3683,23 +3670,18 @@ static driver_info *
 init_driver(driver_instance *d, driver_info *drivers_available,
   int size_of_info, uschar *class)
 {
-driver_info *dd;
-
-for (dd = drivers_available; dd->driver_name[0] != 0;
+for (driver_info * dd = drivers_available; dd->driver_name[0] != 0;
      dd = (driver_info *)((US dd) + size_of_info))
-  {
   if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
     {
-    int i;
     int len = dd->options_len;
     d->info = dd;
     d->options_block = store_get(len);
     memcpy(d->options_block, dd->options_block, len);
-    for (i = 0; i < *(dd->options_count); i++)
+    for (int i = 0; i < *(dd->options_count); i++)
       dd->options[i].type &= ~opt_set;
     return dd;
     }
-  }


log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
@@ -3786,8 +3768,6 @@ while ((buffer = get_config_line()) != NULL)

   if (*s++ == ':')
     {
-    int i;
-
     /* Finish off initializing the previous driver. */


     if (d)
@@ -3816,7 +3796,7 @@ while ((buffer = get_config_line()) != NULL)


     /* Clear out the "set" bits in the generic options */


-    for (i = 0; i < driver_optionlist_count; i++)
+    for (int i = 0; i < driver_optionlist_count; i++)
       driver_optionlist[i].type &= ~opt_set;


     /* Check nothing more on this line, then do the next loop iteration. */
@@ -3889,10 +3869,9 @@ BOOL
 readconf_depends(driver_instance *d, uschar *s)
 {
 int count = *(d->info->options_count);
-optionlist *ol;
 uschar *ss;


-for (ol = d->info->options; ol < d->info->options + count; ol++)
+for (optionlist * ol = d->info->options; ol < d->info->options + count; ol++)
   {
   void *options_block;
   uschar *value;
@@ -4210,7 +4189,6 @@ Returns:     nothing
 static void
 auths_init(void)
 {
-auth_instance *au, *bu;
 #ifdef EXPERIMENTAL_PIPE_CONNECT
 int nauths = 0;
 #endif
@@ -4224,13 +4202,13 @@ readconf_driver_init(US"authenticator",
   optionlist_auths,                  /* generic options */
   optionlist_auths_size);


-for (au = auths; au; au = au->next)
+for (auth_instance * au = auths; au; au = au->next)
   {
   if (!au->public_name)
     log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "no public name specified for "
       "the %s authenticator", au->name);


-  for (bu = au->next; bu; bu = bu->next)
+  for (auth_instance * bu = au->next; bu; bu = bu->next)
     if (strcmpic(au->public_name, bu->public_name) == 0)
       if ((au->client && bu->client) || (au->server && bu->server))
         log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "two %s authenticators "
@@ -4465,11 +4443,10 @@ hide the <hide> values unless we're the admin user */
 void
 print_config(BOOL admin, BOOL terse)
 {
-config_line_item *i;
 const int TS = terse ? 0 : 2;
 int indent = 0;


-for (i = config_lines; i; i = i->next)
+for (config_line_item * i = config_lines; i; i = i->next)
   {
   uschar *current;
   uschar *p;
diff --git a/src/src/receive.c b/src/src/receive.c
index a0467e8..76c2ef0 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -554,11 +554,9 @@ Returns:      TRUE if it did remove something; FALSE otherwise
 BOOL
 receive_remove_recipient(uschar *recipient)
 {
-int count;
 DEBUG(D_receive) debug_printf("receive_remove_recipient(\"%s\") called\n",
   recipient);
-for (count = 0; count < recipients_count; count++)
-  {
+for (int count = 0; count < recipients_count; count++)
   if (Ustrcmp(recipients_list[count].address, recipient) == 0)
     {
     if ((--recipients_count - count) > 0)
@@ -566,7 +564,6 @@ for (count = 0; count < recipients_count; count++)
         (recipients_count - count)*sizeof(recipient_item));
     return TRUE;
     }
-  }
 return FALSE;
 }


@@ -1174,7 +1171,6 @@ Returns:     nothing
 static void
 add_acl_headers(int where, uschar *acl_name)
 {
-header_line *h, *next;
 header_line *last_received = NULL;


switch(where)
@@ -1195,7 +1191,7 @@ if (acl_removed_headers)
{
DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers removed by %s ACL:\n", acl_name);

-  for (h = header_list; h; h = h->next) if (h->type != htype_old)
+  for (header_line * h = header_list; h; h = h->next) if (h->type != htype_old)
     {
     const uschar * list = acl_removed_headers;
     int sep = ':';         /* This is specified as a colon-separated list */
@@ -1216,7 +1212,7 @@ if (acl_removed_headers)
 if (!acl_added_headers) return;
 DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers added by %s ACL:\n", acl_name);


-for (h = acl_added_headers; h; h = next)
+for (header_line * h = acl_added_headers, * next; h; h = next)
{
next = h->next;

@@ -1360,7 +1356,6 @@ run_mime_acl(uschar *acl, BOOL *smtp_yield_ptr, uschar **smtp_reply_ptr,
FILE *mbox_file;
uschar * rfc822_file_path = NULL;
unsigned long mbox_size;
-header_line *my_headerlist;
uschar *user_msg, *log_msg;
int mime_part_count_buffer = -1;
uschar * mbox_filename;
@@ -1368,7 +1363,8 @@ int rc = OK;

/* check if it is a MIME message */

-for (my_headerlist = header_list; my_headerlist; my_headerlist = my_headerlist->next)
+for (header_line * my_headerlist = header_list; my_headerlist;
+     my_headerlist = my_headerlist->next)
   if (  my_headerlist->type != '*'            /* skip deleted headers */
      && strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0
      )
@@ -1666,7 +1662,7 @@ uschar *user_msg, *log_msg;


/* Working header pointers */

-header_line *h, *next;
+header_line *next;

/* Flags for noting the existence of certain headers (only one left) */

@@ -2133,7 +2129,8 @@ OVERSIZE:
     the line, stomp on them here. */


     if (had_zero > 0)
-      for (p = next->text; p < next->text + ptr; p++) if (*p == 0) *p = '?';
+      for (uschar * p = next->text; p < next->text + ptr; p++) if (*p == 0)
+           *p = '?';


     /* It is perfectly legal to have an empty continuation line
     at the end of a header, but it is confusing to humans
@@ -2235,7 +2232,7 @@ normal case). */
 DEBUG(D_receive)
   {
   debug_printf(">>Headers received:\n");
-  for (h = header_list->next; h; h = h->next)
+  for (header_line * h = header_list->next; h; h = h->next)
     debug_printf("%s", h->text);
   debug_printf("\n");
   }
@@ -2262,7 +2259,7 @@ if (filter_test != FTEST_NONE && header_list->next == NULL)
 /* Scan the headers to identify them. Some are merely marked for later
 processing; some are dealt with here. */


-for (h = header_list->next; h; h = h->next)
+for (header_line * h = header_list->next; h; h = h->next)
{
BOOL is_resent = strncmpic(h->text, US"resent-", 7) == 0;
if (is_resent) contains_resent_headers = TRUE;
@@ -2476,7 +2473,7 @@ if (extract_recip)

/* Now scan the headers */

-  for (h = header_list->next; h; h = h->next)
+  for (header_line * h = header_list->next; h; h = h->next)
     {
     if ((h->type == htype_to || h->type == htype_cc || h->type == htype_bcc) &&
         (!contains_resent_headers || strncmpic(h->text, US"resent-", 7) == 0))
@@ -2489,7 +2486,7 @@ if (extract_recip)
       while (*s != 0)
         {
         uschar *ss = parse_find_address_end(s, FALSE);
-        uschar *recipient, *errmess, *p, *pp;
+        uschar *recipient, *errmess, *pp;
         int start, end, domain;


         /* Check on maximum */
@@ -2505,7 +2502,7 @@ if (extract_recip)
         of the header. */


         pp = recipient = store_get(ss - s + 1);
-        for (p = s; p < ss; p++) if (*p != '\n') *pp++ = *p;
+        for (uschar * p = s; p < ss; p++) if (*p != '\n') *pp++ = *p;
         *pp = 0;


 #ifdef SUPPORT_I18N
@@ -2675,7 +2672,6 @@ any illegal characters therein. */
 if (  !msgid_header
    && ((!sender_host_address && !f.suppress_local_fixups) || f.submission_mode))
   {
-  uschar *p;
   uschar *id_text = US"";
   uschar *id_domain = primary_hostname;


@@ -2694,7 +2690,7 @@ if (  !msgid_header
     else if (*new_id_domain)
       {
       id_domain = new_id_domain;
-      for (p = id_domain; *p; p++)
+      for (uschar * p = id_domain; *p; p++)
         if (!isalnum(*p) && *p != '.') *p = '-';  /* No need to test '-' ! */
       }
     }
@@ -2715,7 +2711,7 @@ if (  !msgid_header
     else if (*new_id_text)
       {
       id_text = new_id_text;
-      for (p = id_text; *p; p++) if (mac_iscntrl_or_special(*p)) *p = '-';
+      for (uschar * p = id_text; *p; p++) if (mac_iscntrl_or_special(*p)) *p = '-';
       }
     }


@@ -2735,7 +2731,7 @@ function may mess with the real recipients. */
 if (LOGGING(received_recipients))
   {
   raw_recipients = store_get(recipients_count * sizeof(uschar *));
-  for (i = 0; i < recipients_count; i++)
+  for (int i = 0; i < recipients_count; i++)
     raw_recipients[i] = string_copy(recipients_list[i].address);
   raw_recipients_count = recipients_count;
   }
@@ -2744,7 +2740,7 @@ if (LOGGING(received_recipients))
 recipients will get here only if the conditions were right (allow_unqualified_
 recipient is TRUE). */


-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
   recipients_list[i].address =
     rewrite_address(recipients_list[i].address, TRUE, TRUE,
       global_rewrite_rules, rewrite_existflags);
@@ -2943,7 +2939,7 @@ We start at the second header, skipping our own Received:. This rewriting is
 documented as happening *after* recipient addresses are taken from the headers
 by the -t command line option. An added Sender: gets rewritten here. */


-for (h = header_list->next; h; h = h->next)
+for (header_line * h = header_list->next; h; h = h->next)
   {
   header_line *newh = rewrite_header(h, NULL, NULL, global_rewrite_rules,
     rewrite_existflags, TRUE);
@@ -2982,7 +2978,7 @@ new Received:) has not yet been set. */
 DEBUG(D_receive)
   {
   debug_printf(">>Headers after rewriting and local additions:\n");
-  for (h = header_list->next; h; h = h->next)
+  for (header_line * h = header_list->next; h; h = h->next)
     debug_printf("%c %s", h->type, h->text);
   debug_printf("\n");
   }
@@ -3249,9 +3245,8 @@ if (extract_recip && (bad_addresses || recipients_count == 0))
     if (recipients_count == 0) debug_printf("*** No recipients\n");
     if (bad_addresses)
       {
-      error_block * eblock;
       debug_printf("*** Bad address(es)\n");
-      for (eblock = bad_addresses; eblock; eblock = eblock->next)
+      for (error_block * eblock = bad_addresses; eblock; eblock = eblock->next)
         debug_printf("  %s: %s\n", eblock->text1, eblock->text2);
       }
     }
@@ -3470,13 +3465,12 @@ else
 #ifndef DISABLE_PRDR
     if (prdr_requested && recipients_count > 1 && acl_smtp_data_prdr)
       {
-      unsigned int c;
       int all_pass = OK;
       int all_fail = FAIL;


       smtp_printf("353 PRDR content analysis beginning\r\n", TRUE);
       /* Loop through recipients, responses must be in same order received */
-      for (c = 0; recipients_count > c; c++)
+      for (unsigned int c = 0; recipients_count > c; c++)
         {
     uschar * addr= recipients_list[c].address;
     uschar * msg= US"PRDR R=<%s> %s";
@@ -3742,18 +3736,15 @@ the spool file gets corrupted. Ensure that all recipients are qualified. */
 if (rc == LOCAL_SCAN_ACCEPT)
   {
   if (local_scan_data)
-    {
-    uschar *s;
-    for (s = local_scan_data; *s != 0; s++) if (*s == '\n') *s = ' ';
-    }
-  for (i = 0; i < recipients_count; i++)
+    for (uschar * s = local_scan_data; *s != 0; s++) if (*s == '\n') *s = ' ';
+  for (int i = 0; i < recipients_count; i++)
     {
     recipient_item *r = recipients_list + i;
     r->address = rewrite_address_qualify(r->address, TRUE);
-    if (r->errors_to != NULL)
+    if (r->errors_to)
       r->errors_to = rewrite_address_qualify(r->errors_to, TRUE);
     }
-  if (recipients_count == 0 && blackholed_by == NULL)
+  if (recipients_count == 0 && !blackholed_by)
     blackholed_by = US"local_scan";
   }


@@ -3872,10 +3863,9 @@ file fails, we have failed to accept this message. */

 if (host_checking || blackholed_by)
   {
-  header_line *h;
   Uunlink(spool_name);
   msg_size = 0;                                  /* Compute size for log line */
-  for (h = header_list; h; h = h->next)
+  for (header_line * h = header_list; h; h = h->next)
     if (h->type != '*') msg_size += h->slen;
   }


@@ -4038,7 +4028,6 @@ text. By expanding $h_subject: we make use of the MIME decoding. */

if (LOGGING(subject) && subject_header)
{
- int i;
uschar *p = big_buffer;
uschar *ss = expand_string(US"$h_subject:");

@@ -4046,7 +4035,7 @@ if (LOGGING(subject) && subject_header)
a C-like string, and turn any non-printers into escape sequences. */

   *p++ = '\"';
-  if (*ss != 0) for (i = 0; i < 100 && ss[i] != 0; i++)
+  if (*ss != 0) for (int i = 0; i < 100 && ss[i] != 0; i++)
     {
     if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\';
     *p++ = ss[i];
diff --git a/src/src/regex.c b/src/src/regex.c
index 6637296..87d03f3 100644
--- a/src/src/regex.c
+++ b/src/src/regex.c
@@ -65,22 +65,19 @@ return re_list_head;
 static int
 matcher(pcre_list * re_list_head, uschar * linebuffer, int len)
 {
-pcre_list * ri;
-
-for(ri = re_list_head; ri; ri = ri->next)
+for(pcre_list * ri = re_list_head; ri; ri = ri->next)
   {
   int ovec[3*(REGEX_VARS+1)];
-  int n, nn;
+  int n;


   /* try matcher on the line */
-  n = pcre_exec(ri->re, NULL, CS linebuffer, len, 0, 0, ovec, nelem(ovec));
-  if (n > 0)
+  if ((n = pcre_exec(ri->re, NULL, CS linebuffer, len, 0, 0, ovec, nelem(ovec))) > 0)
     {
     Ustrncpy(regex_match_string_buffer, ri->pcre_text,
           sizeof(regex_match_string_buffer)-1);
     regex_match_string = regex_match_string_buffer;


-    for (nn = 1; nn < n; nn++)
+    for (int nn = 1; nn < n; nn++)
       regex_vars[nn-1] =
     string_copyn(linebuffer + ovec[nn*2], ovec[nn*2+1] - ovec[nn*2]);


diff --git a/src/src/retry.c b/src/src/retry.c
index 2404b05..dc39813 100644
--- a/src/src/retry.c
+++ b/src/src/retry.c
@@ -523,7 +523,6 @@ retry_update(address_item **addr_defer, address_item **addr_failed,
open_db dbblock;
open_db *dbm_file = NULL;
time_t now = time(NULL);
-int i;

DEBUG(D_retry) debug_printf("Processing retry items\n");

@@ -531,7 +530,7 @@ DEBUG(D_retry) debug_printf("Processing retry items\n");
Deferred addresses must be handled after failed ones, because some may be moved
to the failed chain if they have timed out. */

-for (i = 0; i < 3; i++)
+for (int i = 0; i < 3; i++)
   {
   address_item *endaddr, *addr;
   address_item *last_first = NULL;
@@ -555,7 +554,6 @@ for (i = 0; i < 3; i++)
   while ((endaddr = *paddr))
     {
     BOOL timed_out = FALSE;
-    retry_item *rti;


     for (addr = endaddr; addr; addr = addr->parent)
       {
@@ -567,7 +565,7 @@ for (i = 0; i < 3; i++)


       /* Loop for each retry item. */


-      for (rti = addr->retries; rti; rti = rti->next)
+      for (retry_item * rti = addr->retries; rti; rti = rti->next)
         {
         uschar *message;
         int message_length, message_space, failing_interval, next_try;
diff --git a/src/src/rewrite.c b/src/src/rewrite.c
index 2196bfa..74342e1 100644
--- a/src/src/rewrite.c
+++ b/src/src/rewrite.c
@@ -100,7 +100,6 @@ uschar *
 rewrite_one(uschar *s, int flag, BOOL *whole, BOOL add_header, uschar *name,
   rewrite_rule *rewrite_rules)
 {
-rewrite_rule *rule;
 uschar *yield = s;
 uschar *subject = s;
 uschar *domain = NULL;
@@ -112,9 +111,7 @@ if (whole != NULL) *whole = FALSE;


/* Scan the rewriting rules */

-for (rule = rewrite_rules;
-     rule != NULL && !done;
-     rule_number++, rule = rule->next)
+for (rewrite_rule * rule = rewrite_rules; rule; rule_number++, rule = rule->next)
   {
   int start, end, pdomain;
   int count = 0;
@@ -252,17 +249,14 @@ for (rule = rewrite_rules;


   if (LOGGING(address_rewrite) || (debug_selector & D_rewrite) != 0)
     {
-    int i;
     const uschar *where = CUS"?";


-    for (i = 0; i < where_list_size; i++)
-      {
+    for (int i = 0; i < where_list_size; i++)
       if (flag == where_list[i].bit)
         {
         where = where_list[i].string;
         break;
         }
-      }
     log_write(L_address_rewrite,
            LOG_MAIN, "\"%s\" from %s rewritten as \"%s\" by rule %d",
            yield, where, new, rule_number);
@@ -474,7 +468,7 @@ any that don't actually get rewritten. We also play silly games for those that
 _are_ rewritten so as to avoid runaway store usage for these kinds of header.
 We want to avoid keeping store for any intermediate versions. */


-while (*s != 0)
+while (*s)
{
uschar *sprev;
uschar *ss = parse_find_address_end(s, FALSE);
@@ -498,7 +492,7 @@ while (*s != 0)
/* There isn't much we can do for syntactic disasters at this stage.
Pro tem (possibly for ever) ignore them. */

-  if (recipient == NULL)
+  if (!recipient)
     {
     store_reset(loop_reset_point);
     continue;
@@ -771,7 +765,7 @@ Returns:  nothing
 void rewrite_test(uschar *s)
 {
 uschar *recipient, *error;
-int i, start, end, domain;
+int start, end, domain;
 BOOL done_smtp = FALSE;


if (rewrite_existflags == 0)
@@ -808,14 +802,14 @@ if (parse_find_at(s) == NULL)

recipient = parse_extract_address(s, &error, &start, &end, &domain, FALSE);

-if (recipient == NULL)
+if (!recipient)
   {
   if (!done_smtp)
     printf("Syntax error in %s\n%c%s\n", s, toupper(error[0]), error+1);
   return;
   }


-for (i = 0; i < 8; i++)
+for (int i = 0; i < 8; i++)
   {
   BOOL whole = FALSE;
   int flag = 1 << i;
diff --git a/src/src/rfc2047.c b/src/src/rfc2047.c
index 8d77634..5d527d4 100644
--- a/src/src/rfc2047.c
+++ b/src/src/rfc2047.c
@@ -300,11 +300,8 @@ while (mimeword)
     /* Deal with zero values; convert them if requested. */


     if (zeroval != 0)
-      {
-      int i;
-      for (i = 0; i < tlen; i++)
+      for (int i = 0; i < tlen; i++)
         if (tptr[i] == 0) tptr[i] = zeroval;
-      }


     /* Add the new string onto the result */


diff --git a/src/src/route.c b/src/src/route.c
index d419d1c..ede1530 100644
--- a/src/src/route.c
+++ b/src/src/route.c
@@ -150,12 +150,11 @@ int optionlist_routers_size = nelem(optionlist_routers);
void
options_routers(void)
{
-struct router_info * ri;
uschar buf[64];

options_from_list(optionlist_routers, nelem(optionlist_routers), US"ROUTERS", NULL);

-for (ri = routers_available; ri->driver_name[0]; ri++)
+for (router_info * ri = routers_available; ri->driver_name[0]; ri++)
   {
   spf(buf, sizeof(buf), US"_DRIVER_ROUTER_%T", ri->driver_name);
   builtin_macro_create(buf);
@@ -222,8 +221,6 @@ function. */
 void
 route_init(void)
 {
-router_instance *r;
-
 readconf_driver_init(US"router",
   (driver_instance **)(&routers),     /* chain anchor */
   (driver_info *)routers_available,   /* available drivers */
@@ -233,7 +230,7 @@ readconf_driver_init(US"router",
   optionlist_routers,                 /* generic options */
   optionlist_routers_size);


-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
{
uschar *s = r->self;

@@ -317,8 +314,7 @@ is finished, via this function. */
void
route_tidyup(void)
{
-router_instance *r;
-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
if (r->info->tidyup) (r->info->tidyup)(r);
}

@@ -352,9 +348,8 @@ while ((prefix = string_nextinlist(&listptr, &sep, prebuf, sizeof(prebuf))))
   int plen = Ustrlen(prefix);
   if (prefix[0] == '*')
     {
-    const uschar *p;
     prefix++;
-    for (p = local_part + Ustrlen(local_part) - (--plen);
+    for (const uschar * p = local_part + Ustrlen(local_part) - (--plen);
          p >= local_part; p--)
       if (strncmpic(prefix, p, plen) == 0) return plen + p - local_part;
     }
@@ -396,9 +391,8 @@ while ((suffix = string_nextinlist(&listptr, &sep, sufbuf, sizeof(sufbuf))))
   int slen = Ustrlen(suffix);
   if (suffix[slen-1] == '*')
     {
-    const uschar *p, *pend;
-    pend = local_part + alen - (--slen) + 1;
-    for (p = local_part; p < pend; p++)
+    const uschar *pend = local_part + alen - (--slen) + 1;
+    for (const uschar * p = local_part; p < pend; p++)
       if (strncmpic(suffix, p, slen) == 0) return alen - (p - local_part);
     }
   else
@@ -1460,7 +1454,6 @@ for (r = addr->start_router ? addr->start_router : routers; r; r = nextr)
   uschar *error;
   struct passwd *pw = NULL;
   struct passwd pwcopy;
-  address_item *parent;
   BOOL loop_detected = FALSE;
   BOOL more;
   int loopcount = 0;
@@ -1494,7 +1487,7 @@ for (r = addr->start_router ? addr->start_router : routers; r; r = nextr)
   continually adding to an address, for example), put a long stop counter on
   the number of parents. */


-  for (parent = addr->parent; parent; parent = parent->parent)
+  for (address_item * parent = addr->parent; parent; parent = parent->parent)
     {
     if (parent->router == r)
       {
@@ -1820,8 +1813,7 @@ if (r->translate_ip_address)
   {
   int rc;
   int old_pool = store_pool;
-  host_item *h;
-  for (h = addr->host_list; h; h = h->next)
+  for (host_item * h = addr->host_list; h; h = h->next)
     {
     uschar *newaddress;
     uschar *oldaddress, *oldname;
@@ -1886,16 +1878,14 @@ HDEBUG(D_route) debug_printf("routed by %s router%s\n", r->name,


 DEBUG(D_route)
   {
-  host_item *h;
-
   debug_printf("  envelope to: %s\n", addr->address);
-  debug_printf("  transport: %s\n", (addr->transport == NULL)?
-    US"<none>" : addr->transport->name);
+  debug_printf("  transport: %s\n", addr->transport
+    ? addr->transport->name : US"<none>");


   if (addr->prop.errors_address)
     debug_printf("  errors to %s\n", addr->prop.errors_address);


-  for (h = addr->host_list; h; h = h->next)
+  for (host_item * h = addr->host_list; h; h = h->next)
     {
     debug_printf("  host %s", h->name);
     if (h->address) debug_printf(" [%s]", h->address);
diff --git a/src/src/routers/manualroute.c b/src/src/routers/manualroute.c
index 7389a99..f7cca3a 100644
--- a/src/src/routers/manualroute.c
+++ b/src/src/routers/manualroute.c
@@ -91,30 +91,25 @@ manualroute_router_init(router_instance *rblock)
 {
 manualroute_router_options_block *ob =
   (manualroute_router_options_block *)(rblock->options_block);
-int i;


/* Host_find_failed must be a recognized word */

-for (i = 0; i < hff_count; i++)
-  {
+for (int i = 0; i < hff_count; i++)
   if (Ustrcmp(ob->host_find_failed, hff_names[i]) == 0)
     {
     ob->hff_code = hff_codes[i];
     break;
     }
-  }
 if (ob->hff_code < 0)
   log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n  "
     "unrecognized setting for host_find_failed option", rblock->name);


-for (i = 1; i < hff_count; i++)   /* NB starts at 1 to skip "ignore" */
-  {
+for (int i = 1; i < hff_count; i++)   /* NB starts at 1 to skip "ignore" */
   if (Ustrcmp(ob->host_all_ignored, hff_names[i]) == 0)
     {
     ob->hai_code = hff_codes[i];
     break;
     }
-  }
 if (ob->hai_code < 0)
   log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n  "
     "unrecognized setting for host_all_ignored option", rblock->name);
diff --git a/src/src/routers/queryprogram.c b/src/src/routers/queryprogram.c
index 01191ef..b4d229c 100644
--- a/src/src/routers/queryprogram.c
+++ b/src/src/routers/queryprogram.c
@@ -489,9 +489,9 @@ lookup_value = NULL;
 if (*s != 0)
   {
   transport_instance *transport;
-  for (transport = transports; transport != NULL; transport = transport->next)
+  for (transport = transports; transport; transport = transport->next)
     if (Ustrcmp(transport->name, s) == 0) break;
-  if (transport == NULL)
+  if (!transport)
     {
     addr->message = string_sprintf("unknown transport name %s yielded by "
       "command", s);
diff --git a/src/src/routers/rf_change_domain.c b/src/src/routers/rf_change_domain.c
index 9f50957..71a6a10 100644
--- a/src/src/routers/rf_change_domain.c
+++ b/src/src/routers/rf_change_domain.c
@@ -66,14 +66,13 @@ addr->next = *addr_new;


 if (rewrite)
   {
-  header_line *h;
   DEBUG(D_route|D_rewrite) debug_printf("rewriting header lines\n");
-  for (h = header_list; h != NULL; h = h->next)
+  for (header_line * h = header_list; h != NULL; h = h->next)
     {
     header_line *newh =
       rewrite_header(h, parent->domain, domain,
         global_rewrite_rules, rewrite_existflags, TRUE);
-    if (newh != NULL)
+    if (newh)
       {
       h = newh;
       f.header_rewritten = TRUE;
diff --git a/src/src/routers/rf_get_transport.c b/src/src/routers/rf_get_transport.c
index ad5cda8..353c470 100644
--- a/src/src/routers/rf_get_transport.c
+++ b/src/src/routers/rf_get_transport.c
@@ -44,7 +44,6 @@ rf_get_transport(uschar *tpname, transport_instance **tpptr, address_item *addr,
 {
 uschar *ss;
 BOOL expandable;
-transport_instance *tp;


if (tpname == NULL)
{
@@ -71,15 +70,13 @@ if (expandable)
}
else ss = tpname;

-for (tp = transports; tp != NULL; tp = tp->next)
-  {
+for (transport_instance * tp = transports; tp; tp = tp->next)
   if (Ustrcmp(tp->name, ss) == 0)
     {
     DEBUG(D_route) debug_printf("set transport %s\n", ss);
     *tpptr = tp;
     return TRUE;
     }
-  }


addr->basic_errno = ERRNO_BADTRANSPORT;
addr->message = string_sprintf("transport \"%s\" not found in %s router", ss,
diff --git a/src/src/routers/rf_lookup_hostlist.c b/src/src/routers/rf_lookup_hostlist.c
index 0527566..8faef8d 100644
--- a/src/src/routers/rf_lookup_hostlist.c
+++ b/src/src/routers/rf_lookup_hostlist.c
@@ -53,7 +53,6 @@ rf_lookup_hostlist(router_instance *rblock, address_item *addr,
address_item **addr_new)
{
BOOL self_send = FALSE;
-host_item *h, *next_h, *prev;

/* Look up each host address. A lookup may add additional items into the chain
if there are multiple addresses. Hence the use of next_h to start each cycle of
@@ -62,7 +61,7 @@ host, omit it and any subsequent hosts - i.e. treat the list like an ordered
list of MX hosts. If the first host is the local host, act according to the
"self" option in the configuration. */

-for (prev = NULL, h = addr->host_list; h; h = next_h)
+for (host_item * prev = NULL, * h = addr->host_list, *next_h; h; h = next_h)
{
const uschar *canonical_name;
int rc, len, port, mx, sort_key;
@@ -210,20 +209,15 @@ for (prev = NULL, h = addr->host_list; h; h = next_h)
port, mx and sort_key. */

   if (port != PORT_NONE)
-    {
-    host_item *hh;
-    for (hh = h; hh != next_h; hh = hh->next) hh->port = port;
-    }
+    for (host_item * hh = h; hh != next_h; hh = hh->next)
+      hh->port = port;


   if (mx != MX_NONE)
-    {
-    host_item *hh;
-    for (hh = h; hh != next_h; hh = hh->next)
+    for (host_item * hh = h; hh != next_h; hh = hh->next)
       {
       hh->mx = mx;
       hh->sort_key = sort_key;
       }
-    }


   /* A local host gets chopped, with its successors, if there are previous
   hosts. Otherwise the self option is used. If it is set to "send", any
@@ -236,7 +230,7 @@ for (prev = NULL, h = addr->host_list; h; h = next_h)
       DEBUG(D_route)
         {
         debug_printf("Removed from host list:\n");
-        for (; h != NULL; h = h->next) debug_printf("  %s\n", h->name);
+        for (host_item * hh = next_h; h; h = h->next) debug_printf("  %s\n", h->name);
         }
       prev->next = NULL;
       setflag(addr, af_local_host_removed);
diff --git a/src/src/search.c b/src/src/search.c
index e5beaf3..11bfcd4 100644
--- a/src/src/search.c
+++ b/src/src/search.c
@@ -249,7 +249,6 @@ Returns:  nothing
 void
 search_tidyup(void)
 {
-int i;
 int old_pool = store_pool;


DEBUG(D_lookup) debug_printf("search_tidyup called\n");
@@ -257,7 +256,7 @@ DEBUG(D_lookup) debug_printf("search_tidyup called\n");
/* Close individually each cached open file. */

store_pool = POOL_SEARCH;
-if (search_tree != NULL)
+if (search_tree)
{
tidyup_subtree(search_tree);
search_tree = NULL;
@@ -267,10 +266,10 @@ open_filecount = 0;

/* Call the general tidyup entry for any drivers that have one. */

-for (i = 0; i < lookup_list_count; i++)
- if (lookup_list[i]->tidy != NULL) (lookup_list[i]->tidy)();
+for (int i = 0; i < lookup_list_count; i++) if (lookup_list[i]->tidy)
+ (lookup_list[i]->tidy)();

-if (search_reset_point != NULL) store_reset(search_reset_point);
+if (search_reset_point) store_reset(search_reset_point);
search_reset_point = NULL;
store_pool = old_pool;
}
diff --git a/src/src/setenv.c b/src/src/setenv.c
index ceeb8ef..9a05b64 100644
--- a/src/src/setenv.c
+++ b/src/src/setenv.c
@@ -26,7 +26,6 @@ unsetenv(const char *name)
{
size_t len;
const char * end;
-char ** e;
extern char ** environ;

if (!name)
@@ -44,7 +43,7 @@ len = end - name;
/* Find name in environment and move remaining variables down.
Do not early-out in case there are duplicate names. */

-for (e = environ; *e; e++)
+for (char ** e = environ; *e; e++)
   if (strncmp(*e, name, len) == 0 && (*e)[len] == '=')
     {
     char ** sp = e;
diff --git a/src/src/sieve.c b/src/src/sieve.c
index f5329da..2317f2e 100644
--- a/src/src/sieve.c
+++ b/src/src/sieve.c
@@ -228,10 +228,9 @@ Returns
   dst
 */


-static struct String *quoted_printable_encode(const struct String *src, struct String *dst)
+static struct String *
+quoted_printable_encode(const struct String *src, struct String *dst)
{
-int pass;
-const uschar *start,*end;
uschar *new = NULL;
uschar ch;
size_t line;
@@ -239,7 +238,7 @@ size_t line;
/* Two passes: one to count output allocation size, second
to do the encoding */

-for (pass=0; pass<=1; ++pass)
+for (int pass = 0; pass <= 1; pass++)
   {
   line=0;
   if (pass==0)
@@ -249,7 +248,8 @@ for (pass=0; pass<=1; ++pass)
     dst->character=store_get(dst->length+1); /* plus one for \0 */
     new=dst->character;
     }
-  for (start=src->character,end=start+src->length; start<end; ++start)
+  for (const uschar * start = src->character, * end = start + src->length;
+       start < end; ++start)
     {
     ch=*start;
     if (line>=73)    /* line length limit */
@@ -359,13 +359,13 @@ Returns
 */


#ifdef ENOTIFY
-static int uri_decode(struct String *str)
+static int
+uri_decode(struct String *str)
{
uschar *s,*t,*e;

 if (str->length==0) return 0;
 for (s=str->character,t=s,e=s+str->length; s<e; )
-  {
   if (*s=='%')
     {
     if (s+2<e && isxdigit(*(s+1)) && isxdigit(*(s+2)))
@@ -378,7 +378,7 @@ for (s=str->character,t=s,e=s+str->length; s<e; )
     }
   else
     *t++=*s++;
-  }
+
 *t='\0';
 str->length=t-str->character;
 return 0;
@@ -854,21 +854,15 @@ if ((filter_test != FTEST_NONE && debug_selector != 0) ||
 switch (mt)
   {
   case MATCH_IS:
-    {
     switch (co)
       {
       case COMP_OCTET:
-        {
         if (eq_octet(needle,haystack,0)) r=1;
         break;
-        }
       case COMP_EN_ASCII_CASEMAP:
-        {
         if (eq_asciicase(needle,haystack,0)) r=1;
         break;
-        }
       case COMP_ASCII_NUMERIC:
-        {
         if (!filter->require_iascii_numeric)
           {
           filter->errmsg=CUS "missing previous require \"comparator-i;ascii-numeric\";";
@@ -876,10 +870,9 @@ switch (mt)
           }
         if (eq_asciinumeric(needle,haystack,EQ)) r=1;
         break;
-        }
       }
     break;
-    }
+
   case MATCH_CONTAINS:
     {
     struct String h;
@@ -887,53 +880,42 @@ switch (mt)
     switch (co)
       {
       case COMP_OCTET:
-        {
-        for (h=*haystack; h.length; ++h.character,--h.length) if (eq_octet(needle,&h,1)) { r=1; break; }
+        for (h = *haystack; h.length; ++h.character,--h.length)
+     if (eq_octet(needle,&h,1)) { r=1; break; }
         break;
-        }
       case COMP_EN_ASCII_CASEMAP:
-        {
-        for (h=*haystack; h.length; ++h.character,--h.length) if (eq_asciicase(needle,&h,1)) { r=1; break; }
+        for (h = *haystack; h.length; ++h.character, --h.length)
+      if (eq_asciicase(needle,&h,1)) { r=1; break; }
         break;
-        }
       default:
-        {
         filter->errmsg=CUS "comparator does not offer specified matchtype";
         return -1;
-        }
       }
     break;
     }
+
   case MATCH_MATCHES:
-    {
     switch (co)
       {
       case COMP_OCTET:
-        {
         if ((r=eq_glob(needle,haystack,0,1))==-1)
           {
           filter->errmsg=CUS "syntactically invalid pattern";
           return -1;
           }
         break;
-        }
       case COMP_EN_ASCII_CASEMAP:
-        {
         if ((r=eq_glob(needle,haystack,1,1))==-1)
           {
           filter->errmsg=CUS "syntactically invalid pattern";
           return -1;
           }
         break;
-        }
       default:
-        {
         filter->errmsg=CUS "comparator does not offer specified matchtype";
         return -1;
-        }
       }
     break;
-    }
   }
 if ((filter_test != FTEST_NONE && debug_selector != 0) ||
   (debug_selector & D_filter) != 0)
@@ -1050,7 +1032,7 @@ add_addr(address_item **generated, uschar *addr, int file, int maxage, int maxme
 {
 address_item *new_addr;


-for (new_addr=*generated; new_addr; new_addr=new_addr->next)
+for (new_addr = *generated; new_addr; new_addr = new_addr->next)
   if (  Ustrcmp(new_addr->address,addr) == 0
      && (  !file
     || testflag(new_addr, af_pfr)
@@ -1270,7 +1252,9 @@ do
   {
   int x,d,n;


-  for (x=0,d=0; d<2 && src<end && isxdigit(n=tolower(*src)); x=(x<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')),++d,++src);
+  for (x = 0, d = 0;
+      d<2 && src<end && isxdigit(n=tolower(*src));
+      x=(x<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')) ,++d, ++src) ;
   if (d==0) return -1;
   if (dst) *dst++=x;
   ++decoded;
@@ -1312,7 +1296,8 @@ Returns:      >=0              number of decoded octets
               -2               semantic error (character range violation)
 */


-static int unicode_decode(uschar *src, uschar *end, uschar *dst)
+static int
+unicode_decode(uschar *src, uschar *end, uschar *dst)
{
int decoded=0;

@@ -1323,9 +1308,11 @@ do
int c,d,n;

   unicode_hex:
-  for (hex_seq=src; src<end && *src=='0'; ++src);
-  for (c=0,d=0; d<7 && src<end && isxdigit(n=tolower(*src)); c=(c<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')),++d,++src);
-  if (src==hex_seq) return -1;
+  for (hex_seq = src; src < end && *src=='0'; ) src++;
+  for (c = 0, d = 0;
+       d < 7 && src < end && isxdigit(n=tolower(*src));
+       c=(c<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')), ++d, ++src) ;
+  if (src == hex_seq) return -1;
   if (d==7 || (!((c>=0 && c<=0xd7ff) || (c>=0xe000 && c<=0x10ffff)))) return -2;
   if (c<128)
     {
@@ -2043,7 +2030,8 @@ Returns:      1                success
               -1               syntax or execution error
 */


-static int parse_test(struct Sieve *filter, int *cond, int exec)
+static int
+parse_test(struct Sieve *filter, int *cond, int exec)
{
if (parse_white(filter)==-1) return -1;
if (parse_identifier(filter,CUS "address"))
@@ -2058,7 +2046,7 @@ if (parse_identifier(filter,CUS "address"))
enum AddressPart addressPart=ADDRPART_ALL;
enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String *hdr,*h,*key,*k;
+ struct String *hdr,*key;
int m;
int ap=0,co=0,mt=0;

@@ -2110,7 +2098,7 @@ if (parse_identifier(filter,CUS "address"))
     return -1;
     }
   *cond=0;
-  for (h=hdr; h->length!=-1 && !*cond; ++h)
+  for (struct String * h = hdr; h->length!=-1 && !*cond; ++h)
     {
     uschar *header_value=(uschar*)0,*extracted_addr,*end_addr;


@@ -2166,12 +2154,10 @@ if (parse_identifier(filter,CUS "address"))
         *end_addr = saveend;
         if (part)
           {
-          for (k=key; k->length!=-1; ++k)
+          for (struct String * k = key; k->length !=- 1; ++k)
             {
-            struct String partStr;
+            struct String partStr = {.character = part, .length = Ustrlen(part)};


-            partStr.character=part;
-            partStr.length=Ustrlen(part);
             if (extracted_addr)
               {
               *cond=compare(filter,k,&partStr,comparator,matchType);
@@ -2225,7 +2211,7 @@ else if (parse_identifier(filter,CUS "exists"))
   exists-test = "exists" <header-names: string-list>
   */


- struct String *hdr,*h;
+ struct String *hdr;
int m;

   if (parse_white(filter)==-1) return -1;
@@ -2237,7 +2223,7 @@ else if (parse_identifier(filter,CUS "exists"))
   if (exec)
     {
     *cond=1;
-    for (h=hdr; h->length!=-1 && *cond; ++h)
+    for (struct String * h = hdr; h->length != -1 && *cond; ++h)
       {
       uschar *header_def;


@@ -2270,7 +2256,7 @@ else if (parse_identifier(filter,CUS "header"))

enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String *hdr,*h,*key,*k;
+ struct String *hdr,*key;
int m;
int co=0,mt=0;

@@ -2312,7 +2298,7 @@ else if (parse_identifier(filter,CUS "header"))
     return -1;
     }
   *cond=0;
-  for (h=hdr; h->length!=-1 && !*cond; ++h)
+  for (struct String * h = hdr; h->length != -1 && !*cond; ++h)
     {
     if (!is_header(h))
       {
@@ -2331,15 +2317,13 @@ else if (parse_identifier(filter,CUS "header"))
         filter->errmsg=CUS "header string expansion failed";
         return -1;
         }
-      for (k=key; k->length!=-1; ++k)
-        {
+      for (struct String * k = key; k->length != -1; ++k)
         if (Ustrcmp(header_def,"true")==0)
           {
           *cond=compare(filter,k,&header_value,comparator,matchType);
           if (*cond==-1) return -1;
           if (*cond) break;
           }
-        }
       }
     }
   return 1;
@@ -2397,7 +2381,7 @@ else if (parse_identifier(filter,CUS "envelope"))
   enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
   enum AddressPart addressPart=ADDRPART_ALL;
   enum MatchType matchType=MATCH_IS;
-  struct String *env,*e,*key,*k;
+  struct String *env,*key;
   int m;
   int co=0,ap=0,mt=0;


@@ -2454,7 +2438,7 @@ else if (parse_identifier(filter,CUS "envelope"))
     return -1;
     }
   *cond=0;
-  for (e=env; e->length!=-1 && !*cond; ++e)
+  for (struct String * e = env; e->length != -1 && !*cond; ++e)
     {
     const uschar *envelopeExpr=CUS 0;
     uschar *envelope=US 0;
@@ -2516,12 +2500,10 @@ else if (parse_identifier(filter,CUS "envelope"))
         filter->errmsg=CUS "header string expansion failed";
         return -1;
         }
-      for (k=key; k->length!=-1; ++k)
+      for (struct String * k = key; k->length != -1; ++k)
         {
-        struct String envelopeStr;
+        struct String envelopeStr = {.character = envelope, .length = Ustrlen(envelope)};


-        envelopeStr.character=envelope;
-        envelopeStr.length=Ustrlen(envelope);
         *cond=compare(filter,k,&envelopeStr,comparator,matchType);
         if (*cond==-1) return -1;
         if (*cond) break;
@@ -2538,7 +2520,7 @@ else if (parse_identifier(filter,CUS "valid_notify_method"))
                         <notification-uris: string-list>
   */


- struct String *uris,*u;
+ struct String *uris;
int m;

   if (!filter->require_enotify)
@@ -2555,7 +2537,7 @@ else if (parse_identifier(filter,CUS "valid_notify_method"))
   if (exec)
     {
     *cond=1;
-    for (u=uris; u->length!=-1 && *cond; ++u)
+    for (struct String * u = uris; u->length != -1 && *cond; ++u)
       {
         string_item *recipient;
         struct String header,subject,body;
@@ -2587,7 +2569,7 @@ else if (parse_identifier(filter,CUS "notify_method_capability"))


enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String uri,capa,*keys,*k;
+ struct String uri,capa,*keys;

   if (!filter->require_enotify)
     {
@@ -2650,15 +2632,13 @@ else if (parse_identifier(filter,CUS "notify_method_capability"))
       body.length=-1;
       body.character=(uschar*)0;
       if (parse_mailto_uri(filter,uri.character,&recipient,&header,&subject,&body)==1)
-        {
         if (eq_asciicase(&capa,&str_online,0)==1)
-          for (k=keys; k->length!=-1; ++k)
+          for (struct String * k = keys; k->length != -1; ++k)
             {
             *cond=compare(filter,k,&str_maybe,comparator,matchType);
             if (*cond==-1) return -1;
             if (*cond) break;
             }
-        }
       }
     return 1;
   }
@@ -3086,7 +3066,7 @@ while (*filter->pc)
               && (message.length==-1 || Ustrcmp(already->message.character,message.character)==0))
             break;
           }
-        if (already==(struct Notification*)0)
+        if (!already)
           /* New notification, process it */
           {
           struct Notification *sent;
@@ -3099,8 +3079,7 @@ while (*filter->pc)
   #ifndef COMPILE_SYNTAX_CHECKER
           if (filter_test == FTEST_NONE)
             {
-            string_item *p;
-            int pid,fd;
+            int pid, fd;


             if ((pid = child_open_exim2(&fd,envelope_from,envelope_from))>=1)
               {
@@ -3110,7 +3089,8 @@ while (*filter->pc)


               f = fdopen(fd, "wb");
               fprintf(f,"From: %s\n",from.length==-1 ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") : from.character);
-              for (p=recipient; p; p=p->next) fprintf(f,"To: %s\n",p->text);
+              for (string_item * p = recipient; p; p=p->next)
+               fprintf(f,"To: %s\n",p->text);
               fprintf(f,"Auto-Submitted: auto-notified; %s\n",filter->enotify_mailto_owner);
               if (header.length>0) fprintf(f,"%s",header.character);
               if (message.length==-1)
@@ -3232,19 +3212,16 @@ while (*filter->pc)
         }
       else if (parse_identifier(filter,CUS ":addresses")==1)
         {
-        struct String *a;
-
         if (parse_white(filter)==-1) return -1;
         if ((m=parse_stringlist(filter,&addresses))!=1)
           {
           if (m==0) filter->errmsg=CUS "addresses string list expected";
           return -1;
           }
-        for (a=addresses; a->length!=-1; ++a)
+        for (struct String * a = addresses; a->length != -1; ++a)
           {
-          string_item *new;
+          string_item * new = store_get(sizeof(string_item));


-          new=store_get(sizeof(string_item));
           new->text=store_get(a->length+1);
           if (a->length) memcpy(new->text,a->character,a->length);
           new->text[a->length]='\0';
@@ -3275,7 +3252,8 @@ while (*filter->pc)
       {
       uschar *s,*end;


-      for (s=reason.character,end=reason.character+reason.length; s<end && (*s&0x80)==0; ++s);
+      for (s = reason.character, end = reason.character + reason.length;
+      s<end && (*s&0x80)==0; ) s++;
       if (s<end)
         {
         filter->errmsg=CUS "MIME reason string contains 8bit text";
@@ -3292,7 +3270,6 @@ while (*filter->pc)
       md5 base;
       uschar digest[16];
       uschar hexdigest[33];
-      int i;
       gstring * once;


       if (filter_personal(aliases,TRUE))
@@ -3319,7 +3296,7 @@ while (*filter->pc)
         else
       md5_end(&base, handle.character, handle.length, digest);


-        for (i = 0; i < 16; i++) sprintf(CS (hexdigest+2*i), "%02X", digest[i]);
+        for (int i = 0; i < 16; i++) sprintf(CS (hexdigest+2*i), "%02X", digest[i]);


         if ((filter_test != FTEST_NONE && debug_selector != 0) || (debug_selector & D_filter) != 0)
           debug_printf("Sieve: mail was personal, vacation file basename: %s\n", hexdigest);
@@ -3386,8 +3363,7 @@ while (*filter->pc)
               (
               mime_body = reason.character, reason_end = reason.character + reason.length;
               mime_body < (reason_end-(sizeof(nlnl)-1)) && memcmp(mime_body, nlnl, (sizeof(nlnl)-1));
-              ++mime_body
-              );
+          ) mime_body++;


             addr->reply->headers = string_copyn(reason.character, mime_body-reason.character);


@@ -3502,7 +3478,7 @@ while (parse_identifier(filter,CUS "require"))
require-command = "require" <capabilities: string-list>
*/

- struct String *cap,*check;
+ struct String *cap;
int m;

   if (parse_white(filter)==-1) return -1;
@@ -3511,7 +3487,7 @@ while (parse_identifier(filter,CUS "require"))
     if (m==0) filter->errmsg=CUS "capability string list expected";
     return -1;
     }
-  for (check=cap; check->character; ++check)
+  for (struct String * check = cap; check->character; ++check)
     {
     if (eq_octet(check,&str_envelope,0)) filter->require_envelope=1;
     else if (eq_octet(check,&str_fileinto,0)) filter->require_fileinto=1;
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index 86f87ea..a238ae2 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -435,17 +435,16 @@ Returns:    nothing
 static void
 incomplete_transaction_log(uschar *what)
 {
-if (sender_address == NULL ||                 /* No transaction in progress */
-    !LOGGING(smtp_incomplete_transaction))
+if (!sender_address                /* No transaction in progress */
+   || !LOGGING(smtp_incomplete_transaction))
   return;


/* Build list of recipients for logging */

 if (recipients_count > 0)
   {
-  int i;
   raw_recipients = store_get(recipients_count * sizeof(uschar *));
-  for (i = 0; i < recipients_count; i++)
+  for (int i = 0; i < recipients_count; i++)
     raw_recipients[i] = recipients_list[i].address;
   raw_recipients_count = recipients_count;
   }
@@ -1581,7 +1580,6 @@ smtp_read_command(BOOL check_sync, unsigned buffer_lim)
 {
 int c;
 int ptr = 0;
-smtp_cmd_list *p;
 BOOL hadnull = FALSE;


had_command_timeout = 0;
@@ -1626,7 +1624,7 @@ if (hadnull) return BADCHAR_CMD;
to the start of the actual data characters. Check for SMTP synchronization
if required. */

-for (p = cmd_list; p < cmd_list_end; p++)
+for (smtp_cmd_list * p = cmd_list; p < cmd_list_end; p++)
   {
 #ifdef SUPPORT_PROXY
   /* Only allow QUIT command if Proxy Protocol parsing failed */
@@ -1824,7 +1822,6 @@ Returns:     nothing
 void
 smtp_log_no_mail(void)
 {
-int i;
 uschar * sep, * s;
 gstring * g = NULL;


@@ -1843,14 +1840,14 @@ g = s_tlslog(g);

sep = smtp_connection_had[SMTP_HBUFF_SIZE-1] != SCH_NONE ? US" C=..." : US" C=";

-for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
+for (int i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
   if (smtp_connection_had[i] != SCH_NONE)
     {
     g = string_append(g, 2, sep, smtp_names[smtp_connection_had[i]]);
     sep = US",";
     }


-for (i = 0; i < smtp_ch_index; i++)
+for (int i = 0; i < smtp_ch_index; i++)
{
g = string_append(g, 2, sep, smtp_names[smtp_connection_had[i]]);
sep = US",";
@@ -1869,15 +1866,14 @@ log_write(0, LOG_MAIN, "no MAIL in %sSMTP connection from %s D=%s%s",
uschar *
smtp_cmd_hist(void)
{
-int i;
gstring * list = NULL;
uschar * s;

-for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
+for (int i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
   if (smtp_connection_had[i] != SCH_NONE)
     list = string_append_listele(list, ',', smtp_names[smtp_connection_had[i]]);


-for (i = 0; i < smtp_ch_index; i++)
+for (int i = 0; i < smtp_ch_index; i++)
list = string_append_listele(list, ',', smtp_names[smtp_connection_had[i]]);

 s = string_from_gstring(list);
@@ -2649,7 +2645,7 @@ if (!f.sender_host_unknown)
       {
       uschar *p = big_buffer;
       uschar *pend = big_buffer + big_buffer_size;
-      uschar *opt, *adptr;
+      uschar *adptr;
       int optcount;
       struct in_addr addr;


@@ -2666,9 +2662,7 @@ if (!f.sender_host_unknown)
       Ustrcpy(p, "IP options on incoming call:");
       p += Ustrlen(p);


-      for (opt = optstart; opt != NULL &&
-           opt < US (ipopt) + optlen;)
-        {
+      for (uschar * opt = optstart; opt && opt < US (ipopt) + optlen; )
         switch (*opt)
           {
           case IPOPT_EOL:
@@ -2716,18 +2710,16 @@ if (!f.sender_host_unknown)


           default:
             {
-            int i;
             if (pend - p < 4 + 3*opt[1]) { opt = NULL; break; }
             Ustrcat(p, "[ ");
             p += 2;
-            for (i = 0; i < opt[1]; i++)
+            for (int i = 0; i < opt[1]; i++)
               p += sprintf(CS p, "%2.2x ", opt[i]);
             *p++ = ']';
             }
           opt += opt[1];
           break;
           }
-        }


       *p = 0;
       log_write(0, LOG_MAIN, "%s", big_buffer);
@@ -3628,33 +3620,25 @@ else
   if (!f.helo_verified)
     {
     int rc;
-    host_item h;
-    dnssec_domains d;
-    host_item *hh;
-
-    h.name = sender_helo_name;
-    h.address = NULL;
-    h.mx = MX_NONE;
-    h.next = NULL;
-    d.request = US"*";
-    d.require = US"";
+    host_item h =
+      {.name = sender_helo_name, .address = NULL, .mx = MX_NONE, .next = NULL};
+    dnssec_domains d =
+      {.request = US"*", .require = US""};


     HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
       sender_helo_name);
     rc = host_find_bydns(&h, NULL, HOST_FIND_BY_A | HOST_FIND_BY_AAAA,
               NULL, NULL, NULL, &d, NULL, NULL);
     if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
-      for (hh = &h; hh; hh = hh->next)
+      for (host_item * hh = &h; hh; hh = hh->next)
         if (Ustrcmp(hh->address, sender_host_address) == 0)
           {
           f.helo_verified = TRUE;
       if (h.dnssec == DS_YES) sender_helo_dnssec = TRUE;
           HDEBUG(D_receive)
-        {
             debug_printf("IP address for %s matches calling address\n"
           "Forward DNS security status: %sverified\n",
               sender_helo_name, sender_helo_dnssec ? "" : "un");
-        }
           break;
           }
     }
@@ -3697,7 +3681,7 @@ static int
 smtp_in_auth(auth_instance *au, uschar ** s, uschar ** ss)
 {
 const uschar *set_id = NULL;
-int rc, i;
+int rc;


/* Run the checking code, passing the remainder of the command line as
data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
@@ -3711,14 +3695,14 @@ userid. On success, require set_id to expand and exist, and put it in
authenticated_id. Save this in permanent store, as the working store gets
reset at HELO, RSET, etc. */

-for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
expand_nmax = 0;
expand_nlength[0] = 0; /* $0 contains nothing */

 rc = (au->info->servercode)(au, smtp_cmd_data);
 if (au->set_id) set_id = expand_string(au->set_id);
 expand_nmax = -1;        /* Reset numeric variables */
-for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;   /* Reset $auth<n> */
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;   /* Reset $auth<n> */


 /* The value of authenticated_id is stored in the spool file and printed in
 log lines. It must not contain binary zeros or newline characters. In
@@ -3948,7 +3932,6 @@ while (done <= 0)
   int start, end, sender_domain, recipient_domain;
   int rc;
   int c;
-  auth_instance *au;
   uschar *orcpt = NULL;
   int dsn_flags;
   gstring * g;
@@ -3963,7 +3946,7 @@ while (done <= 0)
     {
     cmd_list[CMD_LIST_TLS_AUTH].is_mail_cmd = FALSE;


-    for (au = auths; au; au = au->next)
+    for (auth_instance * au = auths; au; au = au->next)
       if (strcmpic(US"tls", au->driver_name) == 0)
     {
     if (  acl_smtp_auth
@@ -4075,23 +4058,26 @@ while (done <= 0)
       as a server and which has been advertised (unless, sigh, allow_auth_
       unadvertised is set). */


-      for (au = auths; au; au = au->next)
-    if (strcmpic(s, au->public_name) == 0 && au->server &&
-        (au->advertised || f.allow_auth_unadvertised))
-      break;
-
-      if (au)
     {
-    c = smtp_in_auth(au, &s, &ss);
+    auth_instance * au;
+    for (au = auths; au; au = au->next)
+      if (strcmpic(s, au->public_name) == 0 && au->server &&
+          (au->advertised || f.allow_auth_unadvertised))
+        break;


-    smtp_printf("%s\r\n", FALSE, s);
-    if (c != OK)
-      log_write(0, LOG_MAIN|LOG_REJECT, "%s authenticator failed for %s: %s",
-        au->name, host_and_ident(FALSE), ss);
+    if (au)
+      {
+      c = smtp_in_auth(au, &s, &ss);
+
+      smtp_printf("%s\r\n", FALSE, s);
+      if (c != OK)
+        log_write(0, LOG_MAIN|LOG_REJECT, "%s authenticator failed for %s: %s",
+          au->name, host_and_ident(FALSE), ss);
+      }
+    else
+      done = synprot_error(L_smtp_protocol_error, 504, NULL,
+        string_sprintf("%s authentication mechanism not supported", s));
     }
-      else
-    done = synprot_error(L_smtp_protocol_error, 504, NULL,
-      string_sprintf("%s authentication mechanism not supported", s));


       break;  /* AUTH_CMD */


@@ -4391,9 +4377,8 @@ while (done <= 0)
        && verify_check_host(&auth_advertise_hosts) == OK
        )
       {
-      auth_instance *au;
       BOOL first = TRUE;
-      for (au = auths; au; au = au->next)
+      for (auth_instance * au = auths; au; au = au->next)
         {
         au->advertised = FALSE;
         if (au->server)
diff --git a/src/src/spam.c b/src/src/spam.c
index 9384bfa..3ffc514 100644
--- a/src/src/spam.c
+++ b/src/src/spam.c
@@ -137,7 +137,7 @@ spamd_get_server(spamd_address_container ** spamds, int num_servers)
 {
 unsigned int i;
 spamd_address_container * sd;
-long rnd, weights;
+long weights;
 unsigned pri;
 static BOOL srandomed = FALSE;


@@ -170,7 +170,7 @@ for (weights = 0, i = 0; i < num_servers; i++)
 if (weights == 0)    /* all servers failed */
   return -1;


-for (rnd = random() % weights, i = 0; i < num_servers; i++)
+for (long rnd = random() % weights, i = 0; i < num_servers; i++)
   {
   sd = spamds[i];
   if (!sd->is_failed && sd->priority == pri)
@@ -380,7 +380,7 @@ if (sd->is_rspamd)
     "\r\nFrom: <", sender_address,
     ">\r\nRecipient-Number: ", string_sprintf("%d\r\n", recipients_count));


-  for (i = 0; i < recipients_count; i ++)
+  for (int i = 0; i < recipients_count; i++)
     req_str = string_append(req_str, 3,
       "Rcpt: <", recipients_list[i].address, ">\r\n");
   if ((s = expand_string(US"$sender_helo_name")) && *s)
diff --git a/src/src/spool_in.c b/src/src/spool_in.c
index 2d34977..c9f37ab 100644
--- a/src/src/spool_in.c
+++ b/src/src/spool_in.c
@@ -36,7 +36,6 @@ Side effect: message_subdir is set for the (possibly split) spool directory
 int
 spool_open_datafile(uschar *id)
 {
-int i;
 struct stat statbuf;
 flock_t lock_data;
 int fd;
@@ -48,7 +47,7 @@ spool_directory is not set, first look in the main input directory. If it is
 not found there, try the split sub-directory, in case it is left over from a
 splitting state. */


-for (i = 0; i < 2; i++)
+for (int i = 0; i < 2; i++)
{
uschar * fname;
int save_errno;
@@ -357,7 +356,7 @@ spool_clear_header_globals();
set, just look in the given directory. Otherwise, look in both the split
and unsplit directories, as for the data file above. */

-for (n = 0; n < 2; n++)
+for (int n = 0; n < 2; n++)
   {
   if (!subdir_set)
     message_subdir[0] = split_spool_directory == (n == 0) ? name[5] : 0;
diff --git a/src/src/spool_mbox.c b/src/src/spool_mbox.c
index 2447daf..188f405 100644
--- a/src/src/spool_mbox.c
+++ b/src/src/spool_mbox.c
@@ -36,9 +36,8 @@ uschar buffer[16384];
 uschar *temp_string;
 uschar *mbox_path;
 FILE *mbox_file = NULL, *l_data_file = NULL, *yield = NULL;
-header_line *my_headerlist;
 struct stat statbuf;
-int i, j;
+int j;
 void *reset_point;


mbox_path = string_sprintf("%s/scan/%s/%s.eml",
@@ -88,7 +87,7 @@ if (!spool_mbox_ok)

/* write all non-deleted header lines to mbox file */

-  for (my_headerlist = header_list; my_headerlist;
+  for (header_line * my_headerlist = header_list; my_headerlist;
       my_headerlist = my_headerlist->next)
     if (my_headerlist->type != '*')
       if (fwrite(my_headerlist->text, my_headerlist->slen, 1, mbox_file) != 1)
@@ -116,7 +115,7 @@ if (!spool_mbox_ok)
   else
     {
     message_subdir[1] = '\0';
-    for (i = 0; i < 2; i++)
+    for (int i = 0; i < 2; i++)
       {
       message_subdir[0] = split_spool_directory == (i == 0) ? message_id[5] : 0;
       temp_string = spool_fname(US"input", message_subdir, message_id, US"-D");
diff --git a/src/src/spool_out.c b/src/src/spool_out.c
index d558952..8b227de 100644
--- a/src/src/spool_out.c
+++ b/src/src/spool_out.c
@@ -128,10 +128,8 @@ int
 spool_write_header(uschar *id, int where, uschar **errmsg)
 {
 int fd;
-int i;
 int size_correction;
 FILE * fp;
-header_line *h;
 struct stat statbuf;
 uschar * tname;
 uschar * fname;
@@ -280,7 +278,7 @@ a space and its parent address number (pno). */


tree_write(tree_nonrecipients, fp);
fprintf(fp, "%d\n", recipients_count);
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
{
recipient_item *r = recipients_list + i;

@@ -324,7 +322,7 @@ various other headers, or an asterisk for old headers that have been rewritten.
These are saved as a record for debugging. Don't included them in the message's
size. */

-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
   {
   fprintf(fp, "%03d%c %s", h->slen, h->type, h->text);
   size_correction += 5;
diff --git a/src/src/srs.c b/src/src/srs.c
index 1ff391f..aed88bc 100644
--- a/src/src/srs.c
+++ b/src/src/srs.c
@@ -24,205 +24,208 @@ uschar   *srs_db_reverse        = NULL;
 /* srs_init just initialises libsrs and creates (if necessary)
    an srs object to use for all srs calls in this instance */


-int eximsrs_init()
+int
+eximsrs_init()
 {
-  const uschar *list = srs_config;
-  uschar secret_buf[SRS_MAX_SECRET_LENGTH];
-  uschar *secret = NULL;
-  uschar sbuf[4];
-  uschar *sbufp;
-
-  /* Check if this instance of Exim has not initialized SRS */
-  if(srs == NULL)
+const uschar *list = srs_config;
+uschar secret_buf[SRS_MAX_SECRET_LENGTH];
+uschar *secret = NULL;
+uschar sbuf[4];
+uschar *sbufp;
+
+/* Check if this instance of Exim has not initialized SRS */
+if (srs == NULL)
   {
-    int co = 0;
-    int hashlen, maxage;
-    BOOL usetimestamp, usehash;
-
-    /* Copy config vars */
-    hashlen = srs_hashlength;
-    maxage = srs_maxage;
-    usetimestamp = srs_usetimestamp;
-    usehash = srs_usehash;
-
-    /* Pass srs_config var (overrides new config vars) */
-    co = 0;
-    if(srs_config != NULL)
+  int co = 0;
+  int hashlen, maxage;
+  BOOL usetimestamp, usehash;
+
+  /* Copy config vars */
+  hashlen = srs_hashlength;
+  maxage = srs_maxage;
+  usetimestamp = srs_usetimestamp;
+  usehash = srs_usehash;
+
+  /* Pass srs_config var (overrides new config vars) */
+  co = 0;
+  if (srs_config != NULL)
     {
-      secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH);
+    secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH);


-      if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
-        maxage = atoi(sbuf);
+    if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+      maxage = atoi(sbuf);


-      if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
-        hashlen = atoi(sbuf);
+    if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+      hashlen = atoi(sbuf);


-      if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
-        usetimestamp = atoi(sbuf);
+    if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+      usetimestamp = atoi(sbuf);


-      if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
-        usehash = atoi(sbuf);
+    if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+      usehash = atoi(sbuf);
     }


-    if(srs_hashmin == -1)
-      srs_hashmin = hashlen;
+  if (srs_hashmin == -1)
+    srs_hashmin = hashlen;


-    /* First secret specified in secrets? */
-    co = 0;
-    list = srs_secrets;
-    if(secret == NULL || *secret == '\0')
-    {
-      if((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) == NULL)
+  /* First secret specified in secrets? */
+  co = 0;
+  list = srs_secrets;
+  if (secret == NULL || *secret == '\0')
+    if (!(secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)))
       {
-        log_write(0, LOG_MAIN | LOG_PANIC,
-            "SRS Configuration Error: No secret specified");
-        return DEFER;
+      log_write(0, LOG_MAIN | LOG_PANIC,
+      "SRS Configuration Error: No secret specified");
+      return DEFER;
       }
-    }


-    /* Check config */
-    if(maxage < 0 || maxage > 365)
+  /* Check config */
+  if (maxage < 0 || maxage > 365)
     {
-      log_write(0, LOG_MAIN | LOG_PANIC,
-          "SRS Configuration Error: Invalid maximum timestamp age");
-      return DEFER;
+    log_write(0, LOG_MAIN | LOG_PANIC,
+    "SRS Configuration Error: Invalid maximum timestamp age");
+    return DEFER;
     }
-    if(hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20)
+  if (hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20)
     {
-      log_write(0, LOG_MAIN | LOG_PANIC,
-          "SRS Configuration Error: Invalid hash length");
-      return DEFER;
+    log_write(0, LOG_MAIN | LOG_PANIC,
+    "SRS Configuration Error: Invalid hash length");
+    return DEFER;
     }


-    if((srs = srs_open(secret, Ustrlen(secret), maxage, hashlen, srs_hashmin)) == NULL)
+  if (!(srs = srs_open(secret, Ustrlen(secret), maxage, hashlen, srs_hashmin)))
     {
-      log_write(0, LOG_MAIN | LOG_PANIC,
-          "Failed to allocate SRS memory");
-      return DEFER;
+    log_write(0, LOG_MAIN | LOG_PANIC,
+    "Failed to allocate SRS memory");
+    return DEFER;
     }


-    srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp);
-    srs_set_option(srs, SRS_OPTION_USEHASH, usehash);
+  srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp);
+  srs_set_option(srs, SRS_OPTION_USEHASH, usehash);


-    /* Extra secrets? */
-    while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) != NULL)
-        srs_add_secret(srs, secret, (Ustrlen(secret) > SRS_MAX_SECRET_LENGTH) ? SRS_MAX_SECRET_LENGTH :  Ustrlen(secret));
+  /* Extra secrets? */
+  while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)))
+      srs_add_secret(srs, secret,
+           Ustrlen(secret) > SRS_MAX_SECRET_LENGTH ? SRS_MAX_SECRET_LENGTH :  Ustrlen(secret));


-    DEBUG(D_any)
-      debug_printf("SRS initialized\n");
+  DEBUG(D_any)
+    debug_printf("SRS initialized\n");
   }


- return OK;
+return OK;
}


-int eximsrs_done()
+int
+eximsrs_done()
 {
-  if(srs != NULL)
-    srs_close(srs);
-
-  srs = NULL;
-
-  return OK;
+if (srs) srs_close(srs);
+srs = NULL;
+return OK;
 }



-int eximsrs_forward(uschar **result, uschar *orig_sender, uschar *domain)
+int
+eximsrs_forward(uschar **result, uschar *orig_sender, uschar *domain)
{
- char res[512];
- int n;
+char res[512];
+int n;

-  if((n = srs_forward(srs, orig_sender, domain, res, sizeof(res))) & SRS_RESULT_FAIL)
+if ((n = srs_forward(srs, orig_sender, domain, res, sizeof(res))) & SRS_RESULT_FAIL)
   {
-    DEBUG(D_any)
-      debug_printf("srs_forward failed (%s, %s): %s\n", orig_sender, domain, srs_geterrormsg(n));
-    return DEFER;
+  DEBUG(D_any)
+    debug_printf("srs_forward failed (%s, %s): %s\n", orig_sender, domain, srs_geterrormsg(n));
+  return DEFER;
   }


- *result = string_copy(res);
- return OK;
+*result = string_copy(res);
+return OK;
}


-int eximsrs_reverse(uschar **result, uschar *address)
+int
+eximsrs_reverse(uschar **result, uschar *address)
{
- char res[512];
- int n;
+char res[512];
+int n;

-  if((n = srs_reverse(srs, address, res, sizeof(res))) & SRS_RESULT_FAIL)
+if ((n = srs_reverse(srs, address, res, sizeof(res))) & SRS_RESULT_FAIL)
   {
-    DEBUG(D_any)
-      debug_printf("srs_reverse failed (%s): %s\n", address, srs_geterrormsg(n));
-    if(n == SRS_RESULT_NOTSRS || n == SRS_RESULT_BADSRS)
-      return DECLINE;
-    if(n == SRS_RESULT_BADHASH || n == SRS_RESULT_BADTIMESTAMP || n == SRS_RESULT_TIMESTAMPEXPIRED)
-      return FAIL;
-    return DEFER;
+  DEBUG(D_any)
+    debug_printf("srs_reverse failed (%s): %s\n", address, srs_geterrormsg(n));
+  if (n == SRS_RESULT_NOTSRS || n == SRS_RESULT_BADSRS)
+    return DECLINE;
+  if (n == SRS_RESULT_BADHASH || n == SRS_RESULT_BADTIMESTAMP || n == SRS_RESULT_TIMESTAMPEXPIRED)
+    return FAIL;
+  return DEFER;
   }


- *result = string_copy(res);
- return OK;
+*result = string_copy(res);
+return OK;
}


-int eximsrs_db_set(BOOL reverse, uschar *srs_db)
+int
+eximsrs_db_set(BOOL reverse, uschar *srs_db)
 {
-  if(reverse)
-    srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db));
-  else
-    srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db));
+if (reverse)
+  srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db));
+else
+  srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db));


-  if(srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL),
-                               (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL)
-    return DEFER;
+if (srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL),
+                 (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL)
+  return DEFER;


- return OK;
+return OK;
}


-srs_result eximsrs_db_insert(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
+srs_result
+eximsrs_db_insert(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
{
- uschar *res;
- uschar buf[64];
+uschar *res;
+uschar buf[64];

-  if(srs_db_forward == NULL)
-    return SRS_RESULT_DBERROR;
+if (srs_db_forward == NULL)
+  return SRS_RESULT_DBERROR;


-  srs_db_address = string_copyn(data, data_len);
-  if(srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL)
-    return SRS_RESULT_DBERROR;
+srs_db_address = string_copyn(data, data_len);
+if (srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL)
+  return SRS_RESULT_DBERROR;


- srs_db_key = string_copyn(buf, 16);
+srs_db_key = string_copyn(buf, 16);

-  if((res = expand_string(srs_db_forward)) == NULL)
-    return SRS_RESULT_DBERROR;
+if ((res = expand_string(srs_db_forward)) == NULL)
+  return SRS_RESULT_DBERROR;


-  if(result_len < 17)
-    return SRS_RESULT_DBERROR;
+if (result_len < 17)
+  return SRS_RESULT_DBERROR;


- Ustrncpy(result, srs_db_key, result_len);
+Ustrncpy(result, srs_db_key, result_len);

- return SRS_RESULT_OK;
+return SRS_RESULT_OK;
}


-srs_result eximsrs_db_lookup(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
+srs_result
+eximsrs_db_lookup(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
{
- uschar *res;
+uschar *res;

-  if(srs_db_reverse == NULL)
-    return SRS_RESULT_DBERROR;
+if (srs_db_reverse == NULL)
+  return SRS_RESULT_DBERROR;


-  srs_db_key = string_copyn(data, data_len);
-  if((res = expand_string(srs_db_reverse)) == NULL)
-    return SRS_RESULT_DBERROR;
+srs_db_key = string_copyn(data, data_len);
+if ((res = expand_string(srs_db_reverse)) == NULL)
+  return SRS_RESULT_DBERROR;


-  if(Ustrlen(res) >= result_len)
-    return SRS_RESULT_ADDRESSTOOLONG;
+if (Ustrlen(res) >= result_len)
+  return SRS_RESULT_ADDRESSTOOLONG;


- strncpy(result, res, result_len);
+strncpy(result, res, result_len);

- return SRS_RESULT_OK;
+return SRS_RESULT_OK;
}


diff --git a/src/src/store.c b/src/src/store.c
index b527991..94becbb 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -442,11 +442,9 @@ Returns:      nothing
 static void
 store_release_3(void * block, const char * filename, int linenumber)
 {
-storeblock * b;
-
 /* It will never be the first block, so no need to check that. */


-for (b = chainbase[store_pool]; b; b = b->next)
+for (storeblock * b = chainbase[store_pool]; b; b = b->next)
   {
   storeblock * bb = b->next;
   if (bb && CS block == CS bb + ALIGNED_SIZEOF_STOREBLOCK)
diff --git a/src/src/string.c b/src/src/string.c
index 5e48b44..739e05f 100644
--- a/src/src/string.c
+++ b/src/src/string.c
@@ -37,7 +37,6 @@ Returns:    0 if the string is not a textual representation of an IP address
 int
 string_is_ip_address(const uschar *s, int *maskptr)
 {
-int i;
 int yield = 4;


/* If an optional mask is permitted, check for it. If found, pass back the
@@ -60,7 +59,6 @@ if (Ustrchr(s, ':') != NULL)
{
BOOL had_double_colon = FALSE;
BOOL v4end = FALSE;
- int count = 0;

yield = 6;

@@ -73,7 +71,7 @@ if (Ustrchr(s, ':') != NULL)
may be one and only one appearance of double colon, which implies any number
of binary zero bits. The number of preceding components is held in count. */

-  for (count = 0; count < 8; count++)
+  for (int count = 0; count < 8; count++)
     {
     /* If the end of the string is reached before reading 8 components, the
     address is valid provided a double colon has been read. This also applies
@@ -134,7 +132,7 @@ if (Ustrchr(s, ':') != NULL)


/* Test for IPv4 address, which may be the tail-end of an IPv6 address. */

-for (i = 0; i < 4; i++)
+for (int i = 0; i < 4; i++)
{
long n;
uschar * end;
@@ -955,7 +953,6 @@ if (buffer)

else
{
- const uschar *ss;
gstring * g = NULL;

/* We know that *s != 0 at this point. However, it might be pointing to a
@@ -978,7 +975,8 @@ else

   for (;;)
     {
-    for (ss = s + 1; *ss && *ss != sep; ss++) ;
+    const uschar * ss;
+    for (ss = s + 1; *ss && *ss != sep; ) ss++;
     g = string_catn(g, s, ss-s);
     s = ss;
     if (!*s || *++s != sep || sep_is_special) break;
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index c404dc2..823b897 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -1483,7 +1483,7 @@ gnutls_kx_algorithm_t kx;
 gnutls_mac_algorithm_t mac;
 gnutls_certificate_type_t ct;
 gnutls_x509_crt_t crt;
-uschar *p, *dn_buf;
+uschar *dn_buf;
 size_t sz;


 if (state->have_set_peerdn)
@@ -1507,7 +1507,7 @@ string_format(cipherbuf, sizeof(cipherbuf),
 /* I don't see a way that spaces could occur, in the current GnuTLS
 code base, but it was a concern in the old code and perhaps older GnuTLS
 releases did return "TLS 1.0"; play it safe, just in case. */
-for (p = cipherbuf; *p != '\0'; ++p)
+for (uschar * p = cipherbuf; *p != '\0'; ++p)
   if (isspace(*p))
     *p = '-';
 old_pool = store_pool;
@@ -2129,7 +2129,7 @@ if (rc != GNUTLS_E_SUCCESS)
     gnutls_certificate_free_credentials(state->x509_cred);
     millisleep(500);
     shutdown(state->fd_out, SHUT_WR);
-    for (rc = 1024; fgetc(smtp_in) != EOF && rc > 0; ) rc--;    /* drain skt */
+    for (int i = 1024; fgetc(smtp_in) != EOF && i > 0; ) i--;    /* drain skt */
     (void)fclose(smtp_out);
     (void)fclose(smtp_in);
     smtp_out = smtp_in = NULL;
@@ -2213,22 +2213,21 @@ after verification is done.*/
 static BOOL
 dane_tlsa_load(exim_gnutls_state_st * state, dns_answer * dnsa)
 {
-dns_record * rr;
 dns_scan dnss;
 int i;
 const char **    dane_data;
 int *        dane_data_len;


-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS), i = 1;
-     rr;
+i = 1;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
     ) if (rr->type == T_TLSA) i++;


dane_data = store_get(i * sizeof(uschar *));
dane_data_len = store_get(i * sizeof(int));

-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS), i = 0;
-     rr;
+i = 0;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
     ) if (rr->type == T_TLSA && rr->size > 3)
   {
@@ -2864,7 +2863,6 @@ vaguely_random_number(int max)
 {
 unsigned int r;
 int i, needed_len;
-uschar *p;
 uschar smallbuf[sizeof(r)];


if (max <= 1)
@@ -2872,7 +2870,8 @@ if (max <= 1)

needed_len = sizeof(r);
/* Don't take 8 times more entropy than needed if int is 8 octets and we were
- * asked for a number less than 10. */
+asked for a number less than 10. */
+
for (r = max, i = 0; r; ++i)
r >>= 1;
i = (i + 7) / 8;
@@ -2886,11 +2885,8 @@ if (i < 0)
return vaguely_random_number_fallback(max);
}
r = 0;
-for (p = smallbuf; needed_len; --needed_len, ++p)
- {
- r *= 256;
- r += *p;
- }
+for (uschar * p = smallbuf; needed_len; --needed_len, ++p)
+ r = r * 256 + *p;

/* We don't particularly care about weighted results; if someone wants
* smooth distribution and cares enough then they should submit a patch then. */
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 8f4cf4d..5cb1ac1 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -54,18 +54,17 @@ functions from the OpenSSL library. */
# define EXIM_HAVE_SHA256
#endif

-/*
- * X509_check_host provides sane certificate hostname checking, but was added
- * to OpenSSL late, after other projects forked off the code-base. So in
- * addition to guarding against the base version number, beware that LibreSSL
- * does not (at this time) support this function.
- *
- * If LibreSSL gains a different API, perhaps via libtls, then we'll probably
- * opt to disentangle and ask a LibreSSL user to provide glue for a third
- * crypto provider for libtls instead of continuing to tie the OpenSSL glue
- * into even twistier knots. If LibreSSL gains the same API, we can just
- * change this guard and punt the issue for a while longer.
- */
+/* X509_check_host provides sane certificate hostname checking, but was added
+to OpenSSL late, after other projects forked off the code-base. So in
+addition to guarding against the base version number, beware that LibreSSL
+does not (at this time) support this function.
+
+If LibreSSL gains a different API, perhaps via libtls, then we'll probably
+opt to disentangle and ask a LibreSSL user to provide glue for a third
+crypto provider for libtls instead of continuing to tie the OpenSSL glue
+into even twistier knots. If LibreSSL gains the same API, we can just
+change this guard and punt the issue for a while longer. */
+
#ifndef LIBRESSL_VERSION_NUMBER
# if OPENSSL_VERSION_NUMBER >= 0x010100000L
# define EXIM_HAVE_OPENSSL_CHECKHOST
@@ -220,10 +219,9 @@ static int exim_openssl_options_size = nelem(exim_openssl_options);
void
options_tls(void)
{
-struct exim_openssl_option * o;
uschar buf[64];

-for (o = exim_openssl_options;
+for (struct exim_openssl_option * o = exim_openssl_options;
      o < exim_openssl_options + nelem(exim_openssl_options); o++)
   {
   /* Trailing X is workaround for problem with _OPT_OPENSSL_NO_TLSV1
@@ -428,10 +426,9 @@ void
 x509_store_dump_cert_s_names(X509_STORE * store)
 {
 STACK_OF(X509_OBJECT) * roots= store->objs;
-int i;
 static uschar name[256];


-for(i= 0; i<sk_X509_OBJECT_num(roots); i++)
+for (int i= 0; i < sk_X509_OBJECT_num(roots); i++)
   {
   X509_OBJECT * tmp_obj= sk_X509_OBJECT_value(roots, i);
   if(tmp_obj->type == X509_LU_X509)
@@ -1141,8 +1138,7 @@ bad:
   if (f.running_in_test_harness)
     {
     extern char ** environ;
-    uschar ** p;
-    if (environ) for (p = USS environ; *p; p++)
+    if (environ) for (uschar ** p = USS environ; *p; p++)
       if (Ustrncmp(*p, "EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK", 42) == 0)
     {
     DEBUG(D_tls) debug_printf("Supplying known bad OCSP response\n");
@@ -2052,14 +2048,13 @@ if (expcerts && *expcerts)
       /* Load the list of CAs for which we will accept certs, for sending
       to the client.  This is only for the one-file tls_verify_certificates
       variant.
-      If a list isn't loaded into the server, but
-      some verify locations are set, the server end appears to make
-      a wildcard request for client certs.
+      If a list isn't loaded into the server, but some verify locations are set,
+      the server end appears to make a wildcard request for client certs.
       Meanwhile, the client library as default behaviour *ignores* the list
       we send over the wire - see man SSL_CTX_set_client_cert_cb.
       Because of this, and that the dir variant is likely only used for
-      the public-CA bundle (not for a private CA), not worth fixing.
-      */
+      the public-CA bundle (not for a private CA), not worth fixing.  */
+
       if (file)
     {
     STACK_OF(X509_NAME) * names = SSL_load_client_CA_file(CS file);
@@ -2375,7 +2370,6 @@ return OK;
 static int
 dane_tlsa_load(SSL * ssl, host_item * host, dns_answer * dnsa, uschar ** errstr)
 {
-dns_record * rr;
 dns_scan dnss;
 const char * hostnames[2] = { CS host->name, NULL };
 int found = 0;
@@ -2383,8 +2377,7 @@ int found = 0;
 if (DANESSL_init(ssl, NULL, hostnames) != 1)
   return tls_error(US"hostnames load", host, NULL, errstr);


-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
-     rr;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
      rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
     ) if (rr->type == T_TLSA && rr->size > 3)
   {
@@ -2907,7 +2900,7 @@ Used by both server-side and client-side TLS.
 int
 tls_write(void * ct_ctx, const uschar *buff, size_t len, BOOL more)
 {
-int outbytes, error, left;
+int outbytes, error;
 SSL * ssl = ct_ctx ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl;
 static gstring * corked = NULL;


@@ -2941,7 +2934,7 @@ if (!ct_ctx && (more || corked))
corked = NULL;
}

-for (left = len; left > 0;)
+for (int left = len; left > 0;)
{
DEBUG(D_tls) debug_printf("SSL_write(%p, %p, %d)\n", ssl, buff, left);
outbytes = SSL_write(ssl, CS buff, left);
@@ -3176,7 +3169,6 @@ unsigned int r;
int i, needed_len;
static pid_t pidlast = 0;
pid_t pidnow;
-uschar *p;
uschar smallbuf[sizeof(r)];

if (max <= 1)
@@ -3234,11 +3226,8 @@ if (i < 0)
}

r = 0;
-for (p = smallbuf; needed_len; --needed_len, ++p)
- {
- r *= 256;
- r += *p;
- }
+for (uschar * p = smallbuf; needed_len; --needed_len, ++p)
+ r = 256 * r + *p;

/* We don't particularly care about weighted results; if someone wants
smooth distribution and cares enough then they should submit a patch then. */
@@ -3305,7 +3294,7 @@ BOOL
tls_openssl_options_parse(uschar *option_spec, long *results)
{
long result, item;
-uschar *s, *end;
+uschar *end;
uschar keep_c;
BOOL adding, item_parsed;

@@ -3325,7 +3314,7 @@ if (!option_spec)
return TRUE;
}

-for (s=option_spec; *s != '\0'; /**/)
+for (uschar * s = option_spec; *s != '\0'; /**/)
   {
   while (isspace(*s)) ++s;
   if (*s == '\0')
diff --git a/src/src/tls.c b/src/src/tls.c
index f79bc31..23e9d41 100644
--- a/src/src/tls.c
+++ b/src/src/tls.c
@@ -244,8 +244,7 @@ inplace.
 static void
 dn_to_list(uschar * dn)
 {
-uschar * cp;
-for (cp = dn; *cp; cp++)
+for (uschar * cp = dn; *cp; cp++)
   if (cp[0] == '\\' && cp[1] == ',')
     *cp++ = ',';
 }
diff --git a/src/src/tlscert-gnu.c b/src/src/tlscert-gnu.c
index 9fe8c49..572f971 100644
--- a/src/src/tlscert-gnu.c
+++ b/src/src/tlscert-gnu.c
@@ -173,16 +173,15 @@ uschar *
 tls_cert_serial_number(void * cert, uschar * mod)
 {
 uschar bin[50], txt[150];
+uschar * sp = bin;
 size_t sz = sizeof(bin);
-uschar * sp;
-uschar * dp;
 int ret;


 if ((ret = gnutls_x509_crt_get_serial((gnutls_x509_crt_t)cert,
     bin, &sz)))
   return g_err("gs0", __FUNCTION__, ret);


-for(dp = txt, sp = bin; sz; sz--)
+for(uschar * dp = txt; sz; sz--)
   dp += sprintf(CS dp, "%.2x", *sp++);
 for(sp = txt; sp[0]=='0' && sp[1]; ) sp++;    /* leading zeroes */
 return string_copy(sp);
@@ -280,7 +279,6 @@ uschar *
 tls_cert_subject_altname(void * cert, uschar * mod)
 {
 gstring * list = NULL;
-int index;
 size_t siz;
 int ret;
 uschar sep = '\n';
@@ -300,7 +298,7 @@ while (mod)
     break;
   }


-for(index = 0;; index++)
+for (int index = 0;; index++)
{
siz = 0;
switch(ret = gnutls_x509_crt_get_subject_alt_name(
@@ -345,13 +343,12 @@ tls_cert_ocsp_uri(void * cert, uschar * mod)
gnutls_datum_t uri;
int ret;
uschar sep = '\n';
-int index;
gstring * list = NULL;

if (mod)
if (*mod == '>' && *++mod) sep = *mod++;

-for(index = 0;; index++)
+for (int index = 0;; index++)
   {
   ret = gnutls_x509_crt_get_authority_info_access((gnutls_x509_crt_t)cert,
       index, GNUTLS_IA_OCSP_URI, &uri, NULL);
@@ -379,18 +376,16 @@ uschar *
 tls_cert_crl_uri(void * cert, uschar * mod)
 {
 int ret;
-size_t siz;
 uschar sep = '\n';
-int index;
 gstring * list = NULL;
 uschar * ele;


if (mod)
if (*mod == '>' && *++mod) sep = *mod++;

-for(index = 0;; index++)
+for (int index = 0;; index++)
   {
-  siz = 0;
+  size_t siz = 0;
   switch(ret = gnutls_x509_crt_get_crl_dist_points(
     (gnutls_x509_crt_t)cert, index, NULL, &siz, NULL, NULL))
     {
@@ -445,7 +440,6 @@ int ret;
 size_t siz = 0;
 uschar * cp;
 uschar * cp2;
-uschar * cp3;


 if ((ret = gnutls_x509_crt_get_fingerprint(cert, algo, NULL, &siz))
     != GNUTLS_E_SHORT_MEMORY_BUFFER)
@@ -455,7 +449,7 @@ cp = store_get(siz*3+1);
 if ((ret = gnutls_x509_crt_get_fingerprint(cert, algo, cp, &siz)) < 0)
   return g_err("gf1", __FUNCTION__, ret);


-for (cp3 = cp2 = cp+siz; cp < cp2; cp++)
+for (uschar * cp3 = cp2 = cp+siz; cp < cp2; cp++)
cp3 += sprintf(CS cp3, "%02X", *cp);
return cp2;
}
diff --git a/src/src/tlscert-openssl.c b/src/src/tlscert-openssl.c
index 7e0128e..938b0ab 100644
--- a/src/src/tlscert-openssl.c
+++ b/src/src/tlscert-openssl.c
@@ -410,14 +410,13 @@ tls_cert_ocsp_uri(void * cert, uschar * mod)
STACK_OF(ACCESS_DESCRIPTION) * ads = (STACK_OF(ACCESS_DESCRIPTION) *)
X509_get_ext_d2i((X509 *)cert, NID_info_access, NULL, NULL);
int adsnum = sk_ACCESS_DESCRIPTION_num(ads);
-int i;
uschar sep = '\n';
gstring * list = NULL;

if (mod)
if (*mod == '>' && *++mod) sep = *mod++;

-for (i = 0; i < adsnum; i++)
+for (int i = 0; i < adsnum; i++)
{
ACCESS_DESCRIPTION * ad = sk_ACCESS_DESCRIPTION_value(ads, i);

@@ -437,23 +436,19 @@ STACK_OF(DIST_POINT) * dps = (STACK_OF(DIST_POINT) *)
   X509_get_ext_d2i((X509 *)cert,  NID_crl_distribution_points,
     NULL, NULL);
 DIST_POINT * dp;
-int dpsnum = sk_DIST_POINT_num(dps);
-int i;
 uschar sep = '\n';
 gstring * list = NULL;


if (mod)
if (*mod == '>' && *++mod) sep = *mod++;

-if (dps) for (i = 0; i < dpsnum; i++)
+if (dps) for (int i = 0, dpsnum = sk_DIST_POINT_num(dps); i < dpsnum; i++)
   if ((dp = sk_DIST_POINT_value(dps, i)))
     {
     STACK_OF(GENERAL_NAME) * names = dp->distpoint->name.fullname;
     GENERAL_NAME * np;
-    int nnum = sk_GENERAL_NAME_num(names);
-    int j;


-    for (j = 0; j < nnum; j++)
+    for (int j = 0, nnum = sk_GENERAL_NAME_num(names); j < nnum; j++)
       if (  (np = sk_GENERAL_NAME_value(names, j))
      && np->type == GEN_URI
      )
@@ -493,7 +488,6 @@ return cp;
 static uschar *
 fingerprint(X509 * cert, const EVP_MD * fdig)
 {
-int j;
 unsigned int n;
 uschar md[EVP_MAX_MD_SIZE];
 uschar * cp;
@@ -504,7 +498,7 @@ if (!X509_digest(cert,fdig,md,&n))
   return NULL;
   }
 cp = store_get(n*2+1);
-for (j = 0; j < (int)n; j++) sprintf(CS cp+2*j, "%02X", md[j]);
+for (int j = 0; j < (int)n; j++) sprintf(CS cp+2*j, "%02X", md[j]);
 return(cp);
 }


diff --git a/src/src/transport.c b/src/src/transport.c
index 8ccdd03..0fa90cb 100644
--- a/src/src/transport.c
+++ b/src/src/transport.c
@@ -95,12 +95,11 @@ int optionlist_transports_size = nelem(optionlist_transports);
void
options_transports(void)
{
-struct transport_info * ti;
uschar buf[64];

options_from_list(optionlist_transports, nelem(optionlist_transports), US"TRANSPORTS", NULL);

-for (ti = transports_available; ti->driver_name[0]; ti++)
+for (transport_info * ti = transports_available; ti->driver_name[0]; ti++)
   {
   spf(buf, sizeof(buf), US"_DRIVER_TRANSPORT_%T", ti->driver_name);
   builtin_macro_create(buf);
@@ -142,8 +141,6 @@ the work. */
 void
 transport_init(void)
 {
-transport_instance *t;
-
 readconf_driver_init(US"transport",
   (driver_instance **)(&transports),     /* chain anchor */
   (driver_info *)transports_available,   /* available drivers */
@@ -156,7 +153,7 @@ readconf_driver_init(US"transport",
 /* Now scan the configured transports and check inconsistencies. A shadow
 transport is permitted only for local transports. */


-for (t = transports; t; t = t->next)
+for (transport_instance * t = transports; t; t = t->next)
   {
   if (!t->info->local && t->shadow)
     log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
@@ -220,14 +217,14 @@ Returns:    TRUE on success, FALSE on failure (with errno preserved);
 static BOOL
 transport_write_block_fd(transport_ctx * tctx, uschar *block, int len, BOOL more)
 {
-int i, rc, save_errno;
+int rc, save_errno;
 int local_timeout = transport_write_timeout;
 int fd = tctx->u.fd;


/* This loop is for handling incomplete writes and other retries. In most
normal cases, it is only ever executed once. */

-for (i = 0; i < 100; i++)
+for (int i = 0; i < 100; i++)
   {
   DEBUG(D_transport)
     debug_printf("writing data block fd=%d size=%d timeout=%d%s\n",
@@ -427,7 +424,6 @@ write_chunk(transport_ctx * tctx, uschar *chunk, int len)
 {
 uschar *start = chunk;
 uschar *end = chunk + len;
-uschar *ptr;
 int mlen = DELIVER_OUT_BUFFER_SIZE - nl_escape_length - 2;


/* The assumption is made that the check string will never stretch over move
@@ -464,7 +460,7 @@ if (nl_partial_match >= 0)
for possible escaping. The code for the non-NL route should be as fast as
possible. */

-for (ptr = start; ptr < end; ptr++)
+for (uschar * ptr = start; ptr < end; ptr++)
{
int ch, len;

@@ -696,7 +692,6 @@ BOOL
transport_headers_send(transport_ctx * tctx,
BOOL (*sendfn)(transport_ctx * tctx, uschar * s, int len))
{
-header_line *h;
const uschar *list;
transport_instance * tblock = tctx ? tctx->tblock : NULL;
address_item * addr = tctx ? tctx->addr : NULL;
@@ -708,13 +703,12 @@ match any entries therein. It is a colon-sep list; expand the items
separately and squash any empty ones.
Then check addr->prop.remove_headers too, provided that addr is not NULL. */

-for (h = header_list; h; h = h->next) if (h->type != htype_old)
+for (header_line * h = header_list; h; h = h->next) if (h->type != htype_old)
{
- int i;
BOOL include_header = TRUE;

   list = tblock ? tblock->remove_headers : NULL;
-  for (i = 0; i < 2; i++)    /* For remove_headers && addr->prop.remove_headers */
+  for (int i = 0; i < 2; i++)    /* For remove_headers && addr->prop.remove_headers */
     {
     if (list)
       {
@@ -784,10 +778,9 @@ Headers added to an address by a router are guaranteed to end with a newline.


 if (addr)
   {
-  int i;
   header_line *hprev = addr->prop.extra_headers;
-  header_line *hnext;
-  for (i = 0; i < 2; i++)
+  header_line *hnext, * h;
+  for (int i = 0; i < 2; i++)
     for (h = hprev, hprev = NULL; h; h = hnext)
       {
       hnext = h->next;
@@ -954,7 +947,6 @@ if (!(tctx->options & topt_no_headers))
   if (tctx->options & topt_add_envelope_to)
     {
     BOOL first = TRUE;
-    address_item *p;
     struct aci *plist = NULL;
     struct aci *dlist = NULL;
     void *reset_point = store_get(0);
@@ -965,8 +957,9 @@ if (!(tctx->options & topt_no_headers))
     anchors for lists of addresses already handled; they have to be defined at
     this level because write_env_to() calls itself recursively. */


-    for (p = tctx->addr; p; p = p->next)
-      if (!write_env_to(p, &plist, &dlist, &first, tctx)) goto bad;
+    for (address_item * p = tctx->addr; p; p = p->next)
+      if (!write_env_to(p, &plist, &dlist, &first, tctx))
+    goto bad;


     /* Add a final newline and reset the store used for tracking duplicates */


@@ -1474,7 +1467,6 @@ void
transport_update_waiting(host_item *hostlist, uschar *tpname)
{
const uschar *prevname = US"";
-host_item *host;
open_db dbblock;
open_db *dbm_file;

@@ -1489,12 +1481,11 @@ if (!(dbm_file = dbfn_open(string_sprintf("wait-%.200s", tpname),
/* Scan the list of hosts for which this message is waiting, and ensure
that the message id is in each host record. */

-for (host = hostlist; host; host = host->next)
+for (host_item * host = hostlist; host; host = host->next)
{
BOOL already = FALSE;
dbdata_wait *host_record;
- uschar *s;
- int i, host_length;
+ int host_length;
uschar buffer[256];

/* Skip if this is the same host as we just processed; otherwise remember
@@ -1517,7 +1508,7 @@ for (host = hostlist; host; host = host->next)

/* Search the record to see if the current message is already in it. */

-  for (s = host_record->text; s < host_record->text + host_length;
+  for (uschar * s = host_record->text; s < host_record->text + host_length;
        s += MESSAGE_ID_LENGTH)
     if (Ustrncmp(s, message_id, MESSAGE_ID_LENGTH) == 0)
       { already = TRUE; break; }
@@ -1525,14 +1516,14 @@ for (host = hostlist; host; host = host->next)
   /* If we haven't found this message in the main record, search any
   continuation records that exist. */


-  for (i = host_record->sequence - 1; i >= 0 && !already; i--)
+  for (int i = host_record->sequence - 1; i >= 0 && !already; i--)
     {
     dbdata_wait *cont;
     sprintf(CS buffer, "%.200s:%d", host->name, i);
     if ((cont = dbfn_read(dbm_file, buffer)))
       {
       int clen = cont->count * MESSAGE_ID_LENGTH;
-      for (s = cont->text; s < cont->text + clen; s += MESSAGE_ID_LENGTH)
+      for (uschar * s = cont->text; s < cont->text + clen; s += MESSAGE_ID_LENGTH)
         if (Ustrncmp(s, message_id, MESSAGE_ID_LENGTH) == 0)
           { already = TRUE; break; }
       }
@@ -1778,13 +1769,12 @@ while (1)


   while (host_length <= 0)
     {
-    int i;
     dbdata_wait * newr = NULL;
     uschar buffer[256];


     /* Search for a continuation */


-    for (i = host_record->sequence - 1; i >= 0 && !newr; i--)
+    for (int i = host_record->sequence - 1; i >= 0 && !newr; i--)
       {
       sprintf(CS buffer, "%.200s:%d", hostname, i);
       newr = dbfn_read(dbm_file, buffer);
@@ -2015,19 +2005,18 @@ transport_set_up_command(const uschar ***argvptr, uschar *cmd,
   BOOL expand_arguments, int expand_failed, address_item *addr,
   uschar *etext, uschar **errptr)
 {
-address_item *ad;
 const uschar **argv;
 uschar *s, *ss;
 int address_count = 0;
 int argcount = 0;
-int i, max_args;
+int max_args;


/* Get store in which to build an argument list. Count the number of addresses
supplied, and allow for that many arguments, plus an additional 60, which
should be enough for anybody. Multiple addresses happen only when the local
delivery batch option is set. */

-for (ad = addr; ad != NULL; ad = ad->next) address_count++;
+for (address_item * ad = addr; ad; ad = ad->next) address_count++;
max_args = address_count + 60;
*argvptr = argv = store_get((max_args+1)*sizeof(uschar *));

@@ -2090,7 +2079,7 @@ $recipients. */
 DEBUG(D_transport)
   {
   debug_printf("direct command:\n");
-  for (i = 0; argv[i] != US 0; i++)
+  for (int i = 0; argv[i] != US 0; i++)
     debug_printf("  argv[%d] = %s\n", i, string_printing(argv[i]));
   }


@@ -2100,7 +2089,7 @@ if (expand_arguments)
     addr->parent != NULL &&
     Ustrcmp(addr->parent->address, "system-filter") == 0;


-  for (i = 0; argv[i] != US 0; i++)
+  for (int i = 0; argv[i] != US 0; i++)
     {


     /* Handle special fudge for passing an address list */
@@ -2124,10 +2113,11 @@ if (expand_arguments)
         memmove(argv + i + 1 + additional, argv + i + 1,
           (argcount - i)*sizeof(uschar *));


-      for (ad = addr; ad != NULL; ad = ad->next) {
-          argv[i++] = ad->address;
-          argcount++;
-      }
+      for (address_item * ad = addr; ad; ad = ad->next)
+        {
+    argv[i++] = ad->address;
+    argcount++;
+    }


       /* Subtract one since we replace $pipe_addresses */
       argcount--;
@@ -2140,7 +2130,6 @@ if (expand_arguments)
         (Ustrcmp(argv[i], "$address_pipe") == 0 ||
          Ustrcmp(argv[i], "${address_pipe}") == 0))
       {
-      int address_pipe_i;
       int address_pipe_argcount = 0;
       int address_pipe_max_args;
       uschar **address_pipe_argv;
@@ -2231,7 +2220,7 @@ if (expand_arguments)
       /* Now we fill in the slots we just moved argv out of
        * [argv 0][argv 1][argv 2=pipeargv[0]][argv 3=pipeargv[1]][old argv 3][0]
        */
-      for (address_pipe_i = 0;
+      for (int address_pipe_i = 0;
            address_pipe_argv[address_pipe_i] != US 0;
            address_pipe_i++)
         {
@@ -2273,7 +2262,7 @@ if (expand_arguments)
   DEBUG(D_transport)
     {
     debug_printf("direct command after expansion:\n");
-    for (i = 0; argv[i] != US 0; i++)
+    for (int i = 0; argv[i] != US 0; i++)
       debug_printf("  argv[%d] = %s\n", i, string_printing(argv[i]));
     }
   }
diff --git a/src/src/transports/appendfile.c b/src/src/transports/appendfile.c
index 522115d..1e92add 100644
--- a/src/src/transports/appendfile.c
+++ b/src/src/transports/appendfile.c
@@ -280,7 +280,6 @@ appendfile_transport_options_block *ob =
   (appendfile_transport_options_block *)(tblock->options_block);
 uschar *q = ob->quota;
 double default_value = 0.0;
-int i;


 addrlist = addrlist;    /* Keep picky compilers happy */
 dummy = dummy;
@@ -294,7 +293,7 @@ if (ob->expand_maildir_use_size_file)
 /* Loop for quota, quota_filecount, quota_warn_threshold, mailbox_size,
 mailbox_filecount */


-for (i = 0; i < 5; i++)
+for (int i = 0; i < 5; i++)
{
double d;
int no_check = 0;
@@ -614,7 +613,6 @@ notify_comsat(uschar *user, off_t offset)
{
struct servent *sp;
host_item host;
-host_item *h;
uschar buffer[256];

DEBUG(D_transport) debug_printf("notify_comsat called\n");
@@ -648,7 +646,7 @@ if (host_find_byname(&host, NULL, 0, NULL, FALSE) == HOST_FIND_FAILED)
host.address = US"127.0.0.1";


-for (h = &host; h; h = h->next)
+for (host_item * h = &host; h; h = h->next)
{
int sock, rc;
int host_af = Ustrchr(h->address, ':') != NULL ? AF_INET6 : AF_INET;
@@ -715,8 +713,7 @@ while ((s = string_nextinlist(&format,&sep,big_buffer,big_buffer_size)))

   if (match && tp)
     {
-    transport_instance *tt;
-    for (tt = transports; tt; tt = tt->next)
+    for (transport_instance * tt = transports; tt; tt = tt->next)
       if (Ustrcmp(tp, tt->name) == 0)
         {
         DEBUG(D_transport)
@@ -951,12 +948,11 @@ transport_ctx tctx = { .u={.fd = to_fd}, .options = topt_not_socket };


 if (saved_size == 0)
   {
-  int i;
   uschar *s;
   memset (deliver_out_buffer, '\0', MBX_HDRSIZE);
   sprintf(CS(s = deliver_out_buffer), "*mbx*\015\012%08lx00000000\015\012",
     (long int)time(NULL));
-  for (i = 0; i < MBX_NUSERFLAGS; i++)
+  for (int i = 0; i < MBX_NUSERFLAGS; i++)
     sprintf (CS(s += Ustrlen(s)), "\015\012");
   if (!transport_write_block (&tctx, deliver_out_buffer, MBX_HDRSIZE, FALSE))
     return DEFER;
@@ -1047,10 +1043,10 @@ if (deliver_home != NULL && create_file != create_anywhere)
   #ifndef NO_REALPATH
   if (yield && create_file == create_belowhome)
     {
-    uschar *slash, *next;
+    uschar *next;
     uschar *rp = NULL;
-    for (slash = Ustrrchr(file, '/');       /* There is known to be one */
-         rp == NULL && slash > file;        /* Stop if reached beginning */
+    for (uschar * slash = Ustrrchr(file, '/');  /* There is known to be one */
+         rp == NULL && slash > file;            /* Stop if reached beginning */
          slash = next)
       {
       *slash = 0;
@@ -1378,11 +1374,8 @@ if (path[0] != '/')
 to the true local part. */


 if (testflag(addr, af_file))
-  {
-  address_item *addr2;
-  for (addr2 = addr; addr2 != NULL; addr2 = addr2->next)
+  for (address_item * addr2 = addr; addr2 != NULL; addr2 = addr2->next)
     addr2->local_part = string_copy(path);
-  }


 /* The available mailbox formats depend on whether it is a directory or a file
 delivery. */
@@ -2568,7 +2561,7 @@ else
     checked at the end, to make sure we don't release this process until the
     clock has ticked. */


-    for (i = 1;; i++)
+    for (int i = 1;; i++)
       {
       uschar *basename;


@@ -2634,7 +2627,6 @@ else
   else
     {
     FILE *env_file;
-    address_item *taddr;
     mailstore_basename = string_sprintf("%s/%s-%s", path, message_id,
       string_base62((long int)getpid()));


@@ -2709,7 +2701,7 @@ else

     fprintf(env_file, "%s\n", sender_address);


-    for (taddr = addr; taddr!= NULL; taddr = taddr->next)
+    for (address_item * taddr = addr; taddr; taddr = taddr->next)
       fprintf(env_file, "%s@%s\n", taddr->local_part, taddr->domain);


     if (ob->mailstore_suffix != NULL)
@@ -2896,9 +2888,8 @@ if (yield == OK && ob->use_bsmtp)
     yield = DEFER;
   else
     {
-    address_item *a;
     transport_newlines++;
-    for (a = addr; a != NULL; a = a->next)
+    for (address_item * a = addr; a != NULL; a = a->next)
       {
       address_item *b = testflag(a, af_pfr) ? a->parent: a;
       if (!transport_write_string(fd, "RCPT TO:<%s>%s\n",
@@ -3239,11 +3230,10 @@ else


       if (newname == NULL)
         {
-        int i;
         uschar *renameleaf;
         uschar *old_renameleaf = US"";


-        for (i = 0; ; sleep(1), i++)
+        for (int i = 0; ; sleep(1), i++)
           {
           deliver_inode = statbuf.st_ino;
           renameleaf = expand_string(ob->dirfilename);
diff --git a/src/src/transports/autoreply.c b/src/src/transports/autoreply.c
index bc38168..9decfba 100644
--- a/src/src/transports/autoreply.c
+++ b/src/src/transports/autoreply.c
@@ -154,7 +154,6 @@ Returns:     expanded string if expansion succeeds;
 static uschar *
 checkexpand(uschar *s, address_item *addr, uschar *name, int type)
 {
-uschar *t;
 uschar *ss = expand_string(s);


if (ss == NULL)
@@ -165,7 +164,7 @@ if (ss == NULL)
return NULL;
}

-if (type != cke_text) for (t = ss; *t != 0; t++)
+if (type != cke_text) for (uschar * t = ss; *t != 0; t++)
{
int c = *t;
const uschar * sp;
@@ -427,7 +426,7 @@ if (oncelog && *oncelog != 0 && to)

   if (ob->once_file_size > 0)
     {
-    uschar * p, * nextp;
+    uschar * nextp;
     struct stat statbuf;
     cache_fd = Uopen(oncelog, O_CREAT|O_RDWR, ob->mode);


@@ -464,7 +463,7 @@ if (oncelog && *oncelog != 0 && to)
     zero. If we find a match, put the time into "then", and the place where it
     was found into "cache_time". Otherwise, "then" is left at zero. */


-    for (p = cache_buff; p < cache_buff + cache_size; p = nextp)
+    for (uschar * p = cache_buff; p < cache_buff + cache_size; p = nextp)
       {
       uschar *s = p + sizeof(time_t);
       nextp = s + Ustrlen(s) + 1;
@@ -624,7 +623,6 @@ if (h || message_id)
     uschar *s, *id, *error;
     uschar *referenced_ids[12];
     int reference_count = 0;
-    int i;


     s = Ustrchr(h->text, ':') + 1;
     f.parse_allow_group = FALSE;
@@ -638,7 +636,7 @@ if (h || message_id)
         }
       else referenced_ids[reference_count++] = id;
       }
-    for (i = 0; i < reference_count; ++i) fprintf(fp, " %s", referenced_ids[i]);
+    for (int i = 0; i < reference_count; ++i) fprintf(fp, " %s", referenced_ids[i]);
     }


   /* The message id will have a newline on the end of it. */
diff --git a/src/src/transports/lmtp.c b/src/src/transports/lmtp.c
index 240d78b..f007f4a 100644
--- a/src/src/transports/lmtp.c
+++ b/src/src/transports/lmtp.c
@@ -343,9 +343,8 @@ for (;;)
     {
     DEBUG(D_transport)
       {
-      int i;
       debug_printf("LMTP input line incomplete in one buffer:\n  ");
-      for (i = 0; i < count; i++)
+      for (int i = 0; i < count; i++)
         {
         int c = (ptr[i]);
         if (mac_isprint(c)) debug_printf("%c", c); else debug_printf("<%d>", c);
@@ -470,7 +469,6 @@ int fd_in = -1, fd_out = -1;
 int code, save_errno;
 BOOL send_data;
 BOOL yield = FALSE;
-address_item *addr;
 uschar *igquotstr = US"";
 uschar *sockname = NULL;
 const uschar **argv;
@@ -592,7 +590,7 @@ if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout))
 temporarily rejected; others may be accepted, for now. */


 send_data = FALSE;
-for (addr = addrlist; addr != NULL; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
   {
   if (!lmtp_write_command(fd_in, "RCPT TO:<%s>%s\r\n",
        transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr))
@@ -665,7 +663,7 @@ if (send_data)
   any that are accepted have been handed over, even if later responses crash -
   at least, that's how I read RFC 2033. */


-  for (addr = addrlist; addr != NULL; addr = addr->next)
+  for (address_item * addr = addrlist; addr; addr = addr->next)
     {
     if (addr->transport_return != PENDING_OK) continue;


@@ -684,12 +682,11 @@ if (send_data)

     else if (errno != 0 || buffer[0] == 0)
       {
-      address_item *a;
       save_errno = errno;
       check_response(&save_errno, addr->more_errno, buffer, &code,
         &(addr->message));
       addr->transport_return = (code == '5')? FAIL : DEFER;
-      for (a = addr->next; a != NULL; a = a->next)
+      for (address_item * a = addr->next; a; a = a->next)
         {
         if (a->transport_return != PENDING_OK) continue;
         a->basic_errno = addr->basic_errno;
diff --git a/src/src/transports/pipe.c b/src/src/transports/pipe.c
index b94c223..8e5c0c5 100644
--- a/src/src/transports/pipe.c
+++ b/src/src/transports/pipe.c
@@ -488,7 +488,6 @@ if (expand_arguments)
          (p > cmd && p[-1] == '$') ||
          (p > cmd + 1 && p[-2] == '$' && p[-1] == '{' && p[14] == '}')))
     {
-    address_item *ad;
     uschar *q = p + 14;


     if (p[-1] == '{') { q++; p--; }
@@ -496,7 +495,7 @@ if (expand_arguments)
     g = string_get(Ustrlen(cmd) + 64);
     g = string_catn(g, cmd, p - cmd - 1);


-    for (ad = addr; ad; ad = ad->next)
+    for (address_item * ad = addr; ad; ad = ad->next)
       {
       /*XXX string_append_listele() ? */
       if (ad != addr) g = string_catn(g, US" ", 1);
@@ -854,12 +853,10 @@ than one address available here, all must be included. Force SMTP dot-handling.


 if (ob->use_bsmtp)
   {
-  address_item *a;
-
   if (!transport_write_string(fd_in, "MAIL FROM:<%s>%s", return_path, eol))
     goto END_WRITE;


-  for (a = addr; a; a = a->next)
+  for (address_item * a = addr; a; a = a->next)
     if (!transport_write_string(fd_in,
         "RCPT TO:<%s>%s",
         transport_rcpt_address(a, tblock->rcpt_include_affixes),
@@ -1075,7 +1072,6 @@ if ((rc = child_close(pid, timeout)) != 0)
       {
       uschar *ss;
       gstring * g;
-      int i;


       /* If temp_errors is "*" all codes are temporary. Initialization checks
       that it's either "*" or a list of numbers. If not "*", scan the list of
@@ -1120,7 +1116,7 @@ if ((rc = child_close(pid, timeout)) != 0)


       g = string_catn(g, US" from command:", 14);


-      for (i = 0; i < sizeof(argv)/sizeof(int *) && argv[i] != NULL; i++)
+      for (int i = 0; i < sizeof(argv)/sizeof(int *) && argv[i] != NULL; i++)
         {
         BOOL quote = FALSE;
         g = string_catn(g, US" ", 1);
diff --git a/src/src/transports/queuefile.c b/src/src/transports/queuefile.c
index cde6e53..bb2b9b9 100644
--- a/src/src/transports/queuefile.c
+++ b/src/src/transports/queuefile.c
@@ -74,14 +74,13 @@ copy_spool_file(int dst, int src)
 {
 int i, j;
 uschar buffer[16384];
-uschar * s;


if (lseek(src, 0, SEEK_SET) != 0)
return FALSE;

 do
   if ((j = read(src, buffer, sizeof(buffer))) > 0)
-    for (s = buffer; (i = write(dst, s, j)) != j; s += i, j -= i)
+    for (uschar * s = buffer; (i = write(dst, s, j)) != j; s += i, j -= i)
       if (i < 0)
     return FALSE;
   else if (j < 0)
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index a351da8..98ab002 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -497,14 +497,13 @@ set_errno(address_item *addrlist, int errno_value, uschar *msg, int rc,
 #endif
   )
 {
-address_item *addr;
 int orvalue = 0;
 if (errno_value == ERRNO_CONNECTTIMEOUT)
   {
   errno_value = ETIMEDOUT;
   orvalue = RTEF_CTOUT;
   }
-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
   if (addr->transport_return >= PENDING)
     {
     addr->basic_errno = errno_value;
@@ -1455,7 +1454,7 @@ if (  sx->esmtp
     If one is found, attempt to authenticate by calling its client function.
     */


-    for (au = auths; !f.smtp_authenticated && au; au = au->next)
+    for (auth_instance * au = auths; !f.smtp_authenticated && au; au = au->next)
       {
       uschar *p = names;


@@ -1608,8 +1607,7 @@ switch (rc)
       DEBUG(D_transport)
     {
     dns_scan dnss;
-    dns_record * rr;
-    for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+    for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
          rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
       if (rr->type == T_TLSA && rr->size > 3)
         {
@@ -2511,7 +2509,7 @@ if (  smtp_peer_options & OPTION_TLS
     /* TLS session is set up */


     smtp_peer_options_wrap = smtp_peer_options;
-    for (addr = sx->addrlist; addr; addr = addr->next)
+    for (address_item * addr = sx->addrlist; addr; addr = addr->next)
       if (addr->transport_return == PENDING_DEFER)
         {
         addr->cipher = tls_out.cipher;
@@ -2941,8 +2939,8 @@ if (sx->send_quit)
   {
   shutdown(sx->cctx.sock, SHUT_WR);
   if (fcntl(sx->cctx.sock, F_SETFL, O_NONBLOCK) == 0)
-    for (rc = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && rc > 0;)
-      rc--;                /* drain socket */
+    for (int i = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && i > 0;)
+      i--;                /* drain socket */
   sx->send_quit = FALSE;
   }
 (void)close(sx->cctx.sock);
@@ -2995,7 +2993,7 @@ request that */


 sx->prdr_active = FALSE;
 if (sx->peer_offered & OPTION_PRDR)
-  for (addr = addrlist; addr; addr = addr->next)
+  for (address_item * addr = addrlist; addr; addr = addr->next)
     if (addr->transport_return == PENDING_DEFER)
       {
       for (addr = addr->next; addr; addr = addr->next)
@@ -3080,12 +3078,11 @@ if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop))
   {
   if (addr->dsn_flags & rf_dsnflags)
     {
-    int i;
     BOOL first = TRUE;


     Ustrcpy(p, " NOTIFY=");
     while (*p) p++;
-    for (i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
+    for (int i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
       {
       if (!first) *p++ = ',';
       first = FALSE;
@@ -3297,7 +3294,7 @@ smtp_proxy_tls(void * ct_ctx, uschar * buf, size_t bsize, int * pfd,
 {
 fd_set rfds, efds;
 int max_fd = MAX(pfd[0], tls_out.active.sock) + 1;
-int rc, i, fd_bits, nbytes;
+int rc, i;


close(pfd[1]);
if ((rc = fork()))
@@ -3312,7 +3309,7 @@ FD_ZERO(&rfds);
FD_SET(tls_out.active.sock, &rfds);
FD_SET(pfd[0], &rfds);

-for (fd_bits = 3; fd_bits; )
+for (int fd_bits = 3; fd_bits; )
   {
   time_t time_left = timeout;
   time_t time_start = time(NULL);
@@ -3355,7 +3352,7 @@ for (fd_bits = 3; fd_bits; )
       }
     else
       {
-      for (nbytes = 0; rc - nbytes > 0; nbytes += i)
+      for (int nbytes = 0; rc - nbytes > 0; nbytes += i)
     if ((i = write(pfd[0], buf + nbytes, rc - nbytes)) < 0) goto done;
       }
   else if (fd_bits & 1)
@@ -3371,7 +3368,7 @@ for (fd_bits = 3; fd_bits; )
       }
     else
       {
-      for (nbytes = 0; rc - nbytes > 0; nbytes += i)
+      for (int nbytes = 0; rc - nbytes > 0; nbytes += i)
     if ((i = tls_write(ct_ctx, buf + nbytes, rc - nbytes, FALSE)) < 0)
       goto done;
       }
@@ -3523,14 +3520,12 @@ always has a sequence number greater than one. */


if (continue_hostname && continue_sequence == 1)
{
- address_item * addr;
-
sx.peer_offered = smtp_peer_options;
sx.pending_MAIL = FALSE;
sx.ok = TRUE;
sx.next_addr = NULL;

-  for (addr = addrlist; addr; addr = addr->next)
+  for (address_item * addr = addrlist; addr; addr = addr->next)
     addr->transport_return = PENDING_OK;
   }
 else
@@ -3822,7 +3817,7 @@ else
     /* Process all transported addresses - for LMTP or PRDR, read a status for
     each one. */


-    for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+    for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
       {
       if (addr->transport_return != PENDING_OK) continue;


@@ -3937,7 +3932,7 @@ else
             errno = ERRNO_DATA4XX;
             addrlist->more_errno |= ((sx.buffer[1] - '0')*10 + sx.buffer[2] - '0') << 8;
             }
-      for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+      for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
             if (sx.buffer[0] == '5' || addr->transport_return == OK)
               addr->transport_return = PENDING_OK; /* allow set_errno action */
       goto RESPONSE_FAILED;
@@ -3947,11 +3942,11 @@ else
     and update the journal, or setup retry. */


     overall_message = string_printing(sx.buffer);
-        for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+        for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
       if (addr->transport_return == OK)
         addr->message = string_sprintf("%s\\n%s", addr->message, overall_message);


-        for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+        for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
       if (addr->transport_return == OK)
         {
         if (testflag(addr, af_homonym))
@@ -4360,8 +4355,8 @@ if (sx.send_quit)
   shutdown(sx.cctx.sock, SHUT_WR);
   millisleep(f.running_in_test_harness ? 200 : 20);
   if (fcntl(sx.cctx.sock, F_SETFL, O_NONBLOCK) == 0)
-    for (rc = 16; read(sx.cctx.sock, sx.inbuffer, sizeof(sx.inbuffer)) > 0 && rc > 0;)
-      rc--;                /* drain socket */
+    for (int i = 16; read(sx.cctx.sock, sx.inbuffer, sizeof(sx.inbuffer)) > 0 && i > 0;)
+      i--;                /* drain socket */
   }
 (void)close(sx.cctx.sock);


@@ -4450,8 +4445,7 @@ static address_item *
 prepare_addresses(address_item *addrlist, host_item *host)
 {
 address_item *first_addr = NULL;
-address_item *addr;
-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
   if (addr->transport_return == DEFER)
     {
     if (!first_addr) first_addr = addr;
@@ -4491,7 +4485,6 @@ smtp_transport_entry(
   transport_instance *tblock,      /* data for this instantiation */
   address_item *addrlist)          /* addresses we are working on */
 {
-int cutoff_retry;
 int defport;
 int hosts_defer = 0;
 int hosts_fail  = 0;
@@ -4512,12 +4505,12 @@ host_item *host;
 DEBUG(D_transport)
   {
   debug_printf("%s transport entered\n", tblock->name);
-  for (addr = addrlist; addr; addr = addr->next)
+  for (address_item * addr = addrlist; addr; addr = addr->next)
     debug_printf("  %s\n", addr->address);
   if (hostlist)
     {
     debug_printf("hostlist:\n");
-    for (host = hostlist; host; host = host->next)
+    for (host_item * host = hostlist; host; host = host->next)
       debug_printf("  '%s' IP %s port %d\n", host->name, host->address, host->port);
     }
   if (continue_hostname)
@@ -4699,7 +4692,7 @@ the current message. To cope with this, we have to go round the loop a second
 time. After that, set the status and error data for any addresses that haven't
 had it set already. */


-for (cutoff_retry = 0;
+for (int cutoff_retry = 0;
      expired && cutoff_retry < (ob->delay_after_cutoff ? 1 : 2);
      cutoff_retry++)
   {
@@ -4749,7 +4742,6 @@ retry_non_continued:
     if (!host->address)
       {
       int new_port, flags;
-      host_item *hh;


       if (host->status >= hstatus_unusable)
         {
@@ -4786,7 +4778,7 @@ retry_non_continued:
       /* Update the host (and any additional blocks, resulting from
       multihoming) with a host-specific port, if any. */


-      for (hh = host; hh != nexthost; hh = hh->next) hh->port = new_port;
+      for (host_item * hh = host; hh != nexthost; hh = hh->next) hh->port = new_port;


       /* Failure to find the host at this time (usually DNS temporary failure)
       is really a kind of routing failure rather than a transport failure.
@@ -4805,7 +4797,7 @@ retry_non_continued:
           "HOST_FIND_AGAIN" : "HOST_FIND_FAILED", host->name);
         host->status = hstatus_unusable;


-        for (addr = addrlist; addr; addr = addr->next)
+        for (address_item * addr = addrlist; addr; addr = addr->next)
           {
           if (addr->transport_return != DEFER) continue;
           addr->basic_errno = ERRNO_UNKNOWNHOST;
@@ -4824,7 +4816,7 @@ retry_non_continued:


       if (rc == HOST_FOUND_LOCAL && !ob->allow_localhost)
         {
-        for (addr = addrlist; addr; addr = addr->next)
+        for (address_item * addr = addrlist; addr; addr = addr->next)
           {
           addr->basic_errno = 0;
           addr->message = string_sprintf("%s transport found host %s to be "
@@ -4869,7 +4861,7 @@ retry_non_continued:
           &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK))
       {
       expired = FALSE;
-      for (addr = addrlist; addr; addr = addr->next)
+      for (address_item * addr = addrlist; addr; addr = addr->next)
         if (addr->transport_return == DEFER)
       addr->message = US"domain matches queue_smtp_domains, or -odqs set";
       continue;      /* With next host */
@@ -5029,9 +5021,8 @@ retry_non_continued:


     if (f.dont_deliver)
       {
-      host_item *host2;
       set_errno_nohost(addrlist, 0, NULL, OK, FALSE);
-      for (addr = addrlist; addr; addr = addr->next)
+      for (address_item * addr = addrlist; addr; addr = addr->next)
         {
         addr->host_used = host;
         addr->special_action = '*';
@@ -5041,7 +5032,7 @@ retry_non_continued:
         {
         debug_printf("*** delivery by %s transport bypassed by -N option\n"
                      "*** host and remaining hosts:\n", tblock->name);
-        for (host2 = host; host2; host2 = host2->next)
+        for (host_item * host2 = host; host2; host2 = host2->next)
           debug_printf("    %s [%s]\n", host2->name,
             host2->address ? host2->address : US"unset");
         }
@@ -5079,10 +5070,9 @@ retry_non_continued:


       if (!host_is_expired && ++unexpired_hosts_tried >= ob->hosts_max_try)
         {
-        host_item *h;
         DEBUG(D_transport)
           debug_printf("hosts_max_try limit reached with this host\n");
-        for (h = host; h; h = h->next) if (h->mx != host->mx)
+        for (host_item * h = host; h; h = h->next) if (h->mx != host->mx)
       {
       nexthost = h;
       unexpired_hosts_tried--;
@@ -5251,7 +5241,7 @@ retry_non_continued:
     case, see if any of them are deferred. */


     if (rc == OK)
-      for (addr = addrlist; addr; addr = addr->next)
+      for (address_item * addr = addrlist; addr; addr = addr->next)
         if (addr->transport_return == DEFER)
           {
           some_deferred = TRUE;
@@ -5370,7 +5360,7 @@ specific failures. Force the delivery status for all addresses to FAIL. */


 if (mua_wrapper)
   {
-  for (addr = addrlist; addr; addr = addr->next)
+  for (address_item * addr = addrlist; addr; addr = addr->next)
     addr->transport_return = FAIL;
   goto END_TRANSPORT;
   }
@@ -5387,7 +5377,7 @@ If queue_smtp is set, or this transport was called to send a subsequent message
 down an existing TCP/IP connection, and something caused the host not to be
 found, we end up here, but can detect these cases and handle them specially. */


-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
   {
   /* If host is not NULL, it means that we stopped processing the host list
   because of hosts_max_try or hosts_max_try_hardlimit. In the former case, this
diff --git a/src/src/transports/smtp_socks.c b/src/src/transports/smtp_socks.c
index 7d3a462..09273c7 100644
--- a/src/src/transports/smtp_socks.c
+++ b/src/src/transports/smtp_socks.c
@@ -119,9 +119,8 @@ switch(method)
     len = i + j + 3;
     HDEBUG(D_transport|D_acl|D_v)
       {
-      int i;
       debug_printf_indent("  SOCKS>>");
-      for (i = 0; i<len; i++) debug_printf(" %02x", s[i]);
+      for (int i = 0; i<len; i++) debug_printf(" %02x", s[i]);
       debug_printf("\n");
       }
     if (send(fd, s, len, 0) < 0)
@@ -359,9 +358,8 @@ if (  buf[0] != 5
 state = US"connect";
 HDEBUG(D_transport|D_acl|D_v)
   {
-  int i;
   debug_printf_indent("  SOCKS>>");
-  for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
+  for (int i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
   debug_printf("\n");
   }
 if (send(fd, buf, size, 0) < 0)
@@ -376,9 +374,8 @@ if (  !fd_ready(fd, tmo-time(NULL))
   goto rcv_err;
 HDEBUG(D_transport|D_acl|D_v)
   {
-  int i;
   debug_printf_indent("  SOCKS>>");
-  for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
+  for (int i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
   debug_printf("\n");
   }
 if (  buf[0] != 5
diff --git a/src/src/utf8.c b/src/src/utf8.c
index 16a5303..dec7228 100644
--- a/src/src/utf8.c
+++ b/src/src/utf8.c
@@ -208,15 +208,13 @@ Return NULL on error, with (optional) errstring pointer filled in
 uschar *
 string_address_utf8_to_alabel(const uschar * utf8, uschar ** err)
 {
-const uschar * s;
-uschar * l;
-uschar * d;
+uschar * l, * d;


if (!*utf8) return string_copy(utf8);

DEBUG(D_expand) debug_printf("addr from utf8 <%s>", utf8);

-for (s = utf8; *s; s++)
+for (const uschar * s = utf8; *s; s++)
   if (*s == '@')
     {
     l = string_copyn(utf8, s - utf8);
diff --git a/src/src/verify.c b/src/src/verify.c
index 236a87c..43caac5 100644
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -370,10 +370,9 @@ cutthrough_multi(address_item * addr, host_item * host_list,
   transport_feedback * tf, int * yield)
 {
 BOOL done = FALSE;
-host_item * host;


 if (addr->transport == cutthrough.addr.transport)
-  for (host = host_list; host; host = host->next)
+  for (host_item * host = host_list; host; host = host->next)
     if (Ustrcmp(host->address, cutthrough.host.address) == 0)
       {
       int host_af;
@@ -575,7 +574,6 @@ else
   {
   smtp_transport_options_block *ob =
     (smtp_transport_options_block *)addr->transport->options_block;
-  host_item * host;


/* The information wasn't available in the cache, so we have to do a real
callout and save the result in the cache for next time, unless no_cache is set,
@@ -623,7 +621,7 @@ coding means skipping this whole loop and doing the append separately. */
/* If we did not use a cached connection, make connections to the hosts
and do real callouts. The list of hosts is passed in as an argument. */

-  for (host = host_list; host && !done; host = host->next)
+  for (host_item * host = host_list; host && !done; host = host->next)
     {
     int host_af;
     int port = 25;
@@ -1068,8 +1066,6 @@ no_conn:
        && !sx.lmtp
        )
       {
-      address_item * parent, * caddr;
-
       HDEBUG(D_acl|D_v) debug_printf_indent("holding verify callout open for %s\n",
     cutthrough.delivery
     ? "cutthrough delivery" : "potential further verifies and delivery");
@@ -1097,7 +1093,7 @@ no_conn:
       cutthrough.addr =        *addr;
       cutthrough.addr.next =    NULL;
       cutthrough.addr.host_used = &cutthrough.host;
-      for (caddr = &cutthrough.addr, parent = addr->parent;
+      for (address_item * caddr = &cutthrough.addr, * parent = addr->parent;
        parent;
        caddr = caddr->parent, parent = parent->parent)
         *(caddr->parent = store_get(sizeof(address_item))) = *parent;
@@ -1476,7 +1472,6 @@ uschar *
 cutthrough_finaldot(void)
 {
 uschar res;
-address_item * addr;
 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent("  SMTP>> .\n");


/* Assume data finshed with new-line */
@@ -1488,7 +1483,7 @@ if( !cutthrough_puts(US".", 1)

 res = cutthrough_response(&cutthrough.cctx, '2', &cutthrough.addr.message,
     CUTTHROUGH_DATA_TIMEOUT);
-for (addr = &cutthrough.addr; addr; addr = addr->next)
+for (address_item * addr = &cutthrough.addr; addr; addr = addr->next)
   {
   addr->message = cutthrough.addr.message;
   switch(res)
@@ -1710,8 +1705,8 @@ if (global_rewrite_rules)
     global_rewrite_rules, rewrite_existflags);
   if (address != old)
     {
-    for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0;
-    for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0;
+    for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0;
+    for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0;
     if (fp && !expn) fprintf(fp, "Address rewritten as: %s\n", address);
     }
   }
@@ -1889,7 +1884,6 @@ while (addr_new)
           else
             {
             int flags;
-            host_item *host, *nexthost;
             host_build_hostlist(&host_list, s, tf.hosts_randomize);


             /* Just ignore failures to find a host address. If we don't manage
@@ -1902,7 +1896,7 @@ while (addr_new)
             if (tf.qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
             if (tf.search_parents) flags |= HOST_FIND_SEARCH_PARENTS;


-            for (host = host_list; host; host = nexthost)
+            for (host_item * host = host_list, * nexthost; host; host = nexthost)
               {
               nexthost = host->next;
               if (tf.gethostbyname ||
@@ -2136,7 +2130,6 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++)
   while (addr_list)
     {
     address_item *addr = addr_list;
-    address_item *p = addr->parent;
     transport_instance * tp = addr->transport;


     addr_list = addr->next;
@@ -2159,7 +2152,7 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++)


     /* Now show its parents */


-    for (p = addr->parent; p; p = p->parent)
+    for (address_item * p = addr->parent; p; p = p->parent)
       fprintf(fp, "\n    <-- %s", p->address);
     fprintf(fp, "\n  ");


@@ -2173,17 +2166,16 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++)

     if (addr->host_list && tp && !tp->overrides_hosts)
       {
-      host_item *h;
       int maxlen = 0;
       int maxaddlen = 0;
-      for (h = addr->host_list; h; h = h->next)
+      for (host_item * h = addr->host_list; h; h = h->next)
         {                /* get max lengths of host names, addrs */
         int len = Ustrlen(h->name);
         if (len > maxlen) maxlen = len;
         len = h->address ? Ustrlen(h->address) : 7;
         if (len > maxaddlen) maxaddlen = len;
         }
-      for (h = addr->host_list; h; h = h->next)
+      for (host_item * h = addr->host_list; h; h = h->next)
     {
     fprintf(fp, "  host %-*s ", maxlen, h->name);


@@ -2233,11 +2225,10 @@ Returns:     OK
 int
 verify_check_headers(uschar **msgptr)
 {
-header_line *h;
 uschar *colon, *s;
 int yield = OK;


-for (h = header_list; h && yield == OK; h = h->next)
+for (header_line * h = header_list; h && yield == OK; h = h->next)
   {
   if (h->type != htype_from &&
       h->type != htype_reply_to &&
@@ -2356,13 +2347,12 @@ Returns:     OK
 int
 verify_check_header_names_ascii(uschar **msgptr)
 {
-header_line *h;
-uschar *colon, *s;
+uschar *colon;


-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
   {
   colon = Ustrchr(h->text, ':');
-  for(s = h->text; s < colon; s++)
+  for(uschar * s = h->text; s < colon; s++)
     if ((*s < 33) || (*s > 126))
       {
       *msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
@@ -2394,14 +2384,12 @@ Returns:     OK    if there are no blind recipients
 int
 verify_check_notblind(void)
 {
-int i;
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
   {
-  header_line *h;
   BOOL found = FALSE;
   uschar *address = recipients_list[i].address;


-  for (h = header_list; !found && h != NULL; h = h->next)
+  for (header_line * h = header_list; !found && h; h = h->next)
     {
     uschar *colon, *s;


@@ -2416,7 +2404,7 @@ for (i = 0; i < recipients_count; i++)

     f.parse_allow_group = TRUE;


-    while (*s != 0)
+    while (*s)
       {
       uschar *ss = parse_find_address_end(s, FALSE);
       uschar *recipient,*errmess;
@@ -2478,10 +2466,9 @@ Returns:     pointer to an address item, or NULL
 address_item *
 verify_checked_sender(uschar *sender)
 {
-address_item *addr;
-for (addr = sender_verified_list; addr != NULL; addr = addr->next)
-  if (Ustrcmp(sender, addr->address) == 0) break;
-return addr;
+for (address_item * addr = sender_verified_list; addr; addr = addr->next)
+  if (Ustrcmp(sender, addr->address) == 0) return addr;
+return NULL;
 }



@@ -2535,12 +2522,9 @@ verify_check_header_address(uschar **user_msgptr, uschar **log_msgptr,
static int header_types[] = { htype_sender, htype_reply_to, htype_from };
BOOL done = FALSE;
int yield = FAIL;
-int i;

-for (i = 0; i < 3 && !done; i++)
-  {
-  header_line *h;
-  for (h = header_list; h != NULL && !done; h = h->next)
+for (int i = 0; i < 3 && !done; i++)
+  for (header_line * h = header_list; h != NULL && !done; h = h->next)
     {
     int terminator, new_ok;
     uschar *s, *ss, *endname;
@@ -2672,7 +2656,7 @@ for (i = 0; i < 3 && !done; i++)
     f.parse_allow_group = FALSE;
     f.parse_found_group = FALSE;
     }       /* Next header, unless done */
-  }         /* Next header type unless done */
+        /* Next header type unless done */


 if (yield == FAIL && *log_msgptr == NULL)
   *log_msgptr = US"there is no valid sender in any header line";
@@ -2912,8 +2896,7 @@ if (*ss == '@')
     }
   else if (Ustrcmp(ss, "@[]") == 0)
     {
-    ip_address_item *ip;
-    for (ip = host_find_interfaces(); ip != NULL; ip = ip->next)
+    for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next)
       if (Ustrcmp(ip->address, cb->host_address) == 0) return OK;
     return FAIL;
     }
@@ -2936,7 +2919,7 @@ only by digits and dots (a slash at the start indicates a file name and of
 course slashes may be present in lookups, but not preceded only by digits and
 dots). */


-for (t = ss; isdigit(*t) || *t == '.'; t++);
+for (t = ss; isdigit(*t) || *t == '.'; ) t++;
if (*t == 0 || (*t == '/' && t != ss))
{
*error = US"malformed IPv4 address or address mask";
@@ -2970,7 +2953,8 @@ if (Ustrncmp(ss, "net", 3) == 0 && semicolon != NULL)
if (mlen == 0 && t == ss+3) mlen = -1; /* No mask supplied */
iplookup = (*t++ == '-');
}
-else t = ss;
+else
+ t = ss;

/* Do the IP address lookup if that is indeed what we have */

@@ -3072,11 +3056,8 @@ if (*t == 0)
   rc = host_find_byname(&h, NULL, HOST_FIND_QUALIFY_SINGLE, NULL, FALSE);
   if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
     {
-    host_item *hh;
-    for (hh = &h; hh != NULL; hh = hh->next)
-      {
+    for (host_item * hh = &h; hh; hh = hh->next)
       if (host_is_in_net(hh->address, cb->host_address, 0)) return OK;
-      }
     return FAIL;
     }
   if (rc == HOST_FIND_AGAIN) return DEFER;
@@ -3305,9 +3286,8 @@ always 1. */


 if (host_aton(address, bin) == 1)
   {
-  int i;
   int x = bin[0];
-  for (i = 0; i < 4; i++)
+  for (int i = 0; i < 4; i++)
     {
     sprintf(CS bptr, "%d.", x & 255);
     while (*bptr) bptr++;
@@ -3321,19 +3301,16 @@ unknown. This is just a guess. */


 #if HAVE_IPV6
 else
-  {
-  int i, j;
-  for (j = 3; j >= 0; j--)
+  for (int j = 3; j >= 0; j--)
     {
     int x = bin[j];
-    for (i = 0; i < 8; i++)
+    for (int i = 0; i < 8; i++)
       {
       sprintf(CS bptr, "%x.", x & 15);
       while (*bptr) bptr++;
       x >>= 4;
       }
     }
-  }
 #endif


/* Remove trailing period -- this is needed so that both arbitrary
@@ -3452,10 +3429,8 @@ else

   if (cb->rc == DNS_SUCCEED)
     {
-    dns_record *rr;
-    dns_address **addrp = &(cb->rhs);
-    for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
-         rr;
+    dns_address ** addrp = &(cb->rhs);
+    for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
          rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
       if (rr->type == T_A)
         {
@@ -3608,21 +3583,17 @@ if (cb->rc == DNS_SUCCEED)
     {
     cb->text_set = TRUE;
     if (dns_basic_lookup(&dnsa, query, T_TXT) == DNS_SUCCEED)
-      {
-      dns_record *rr;
-      for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
-           rr;
+      for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
            rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
-        if (rr->type == T_TXT) break;
-      if (rr)
-        {
-        int len = (rr->data)[0];
-        if (len > 511) len = 127;
-        store_pool = POOL_PERM;
-        cb->text = string_sprintf("%.*s", len, CUS (rr->data+1));
-        store_pool = old_pool;
-        }
-      }
+        if (rr->type == T_TXT)
+      {
+      int len = (rr->data)[0];
+      if (len > 511) len = 127;
+      store_pool = POOL_PERM;
+      cb->text = string_sprintf("%.*s", len, CUS (rr->data+1));
+      store_pool = old_pool;
+      break;
+      }
     }


   dnslist_value = addlist;
@@ -3716,7 +3687,6 @@ int sep = 0;
 int defer_return = FAIL;
 const uschar *list = *listptr;
 uschar *domain;
-uschar *s;
 uschar buffer[1024];
 uschar revadd[128];        /* Long enough for IPv6 address */


@@ -3807,32 +3777,28 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL
actually causing an error here, because that would no doubt hold up incoming
mail. Instead, I'll just log it. */

-  for (s = domain; *s != 0; s++)
-    {
+  for (uschar * s = domain; *s; s++)
     if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_')
       {
       log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains "
         "strange characters - is this right?", domain);
       break;
       }
-    }


/* Check the alternate domain if present */

-  if (domain_txt != domain) for (s = domain_txt; *s != 0; s++)
-    {
+  if (domain_txt != domain) for (uschar * s = domain_txt; *s; s++)
     if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_')
       {
       log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains "
         "strange characters - is this right?", domain_txt);
       break;
       }
-    }


/* If there is no key string, construct the query by adding the domain name
onto the inverted host address, and perform a single DNS lookup. */

-  if (key == NULL)
+  if (!key)
     {
     if (where == ACL_WHERE_NOTSMTP_START || where == ACL_WHERE_NOTSMTP)
       {