 @@ -524,3661 +524,3714 @@ get_option_string(struct dhcpcd_ctx *ctx
+{
 	size_t len;
 	const uint8_t *p;
 	char *s;
 	p = get_option(ctx, bootp, bootp_len, option, &len);
 	if (!p || len == 0 || *p == '\0')
 		return NULL;
 	s = malloc(sizeof(char) * (len + 1));
 	if (s) {
 		memcpy(s, p, len);
 		s[len] = '\0';
+	}
 	return s;
+}
 /* This calculates the netmask that we should use for static routes.
  * This IS different from the calculation used to calculate the netmask
  * for an interface address. */
 static uint32_t
 route_netmask(uint32_t ip_in)
+{
 	/* used to be unsigned long - check if error */
 	uint32_t p = ntohl(ip_in);
 	uint32_t t;
 	if (IN_CLASSA(p))
 		t = ~IN_CLASSA_NET;
 	else {
 		if (IN_CLASSB(p))
 			t = ~IN_CLASSB_NET;
 		else {
 			if (IN_CLASSC(p))
 				t = ~IN_CLASSC_NET;
 			else
 				t = 0;
+		}
+	}
 	while (t & p)
 		t >>= 1;
 	return (htonl(~t));
+}
 /* We need to obey routing options.
  * If we have a CSR then we only use that.
  * Otherwise we add static routes and then routers. */
 static int
 get_option_routes(rb_tree_t *routes, struct interface *ifp,
     const struct bootp *bootp, size_t bootp_len)
+{
 	struct if_options *ifo = ifp->options;
 	const uint8_t *p;
 	const uint8_t *e;
 	struct rt *rt = NULL;
 	struct in_addr dest, netmask, gateway;
 	size_t len;
 	const char *csr = "";
 	int n;
 	/* If we have CSR's then we MUST use these only */
 	if (!has_option_mask(ifo->nomask, DHO_CSR))
 		p = get_option(ifp->ctx, bootp, bootp_len, DHO_CSR, &len);
 	else
 		p = NULL;
 	/* Check for crappy MS option */
 	if (!p && !has_option_mask(ifo->nomask, DHO_MSCSR)) {
 		p = get_option(ifp->ctx, bootp, bootp_len, DHO_MSCSR, &len);
 		if (p)
 			csr = "MS ";
+	}
 	if (p && (n = decode_rfc3442_rt(routes, ifp, p, len, bootp)) != -1) {
 		const struct dhcp_state *state;
 		state = D_CSTATE(ifp);
 		if (!(ifo->options & DHCPCD_CSR_WARNED) &&
 		    !(state->added & STATE_FAKE))
+		{
 			logdebugx("%s: using %sClassless Static Routes",
 			    ifp->name, csr);
 			ifo->options |= DHCPCD_CSR_WARNED;
+		}
 		return n;
+	}
 	n = 0;
 	/* OK, get our static routes first. */
 	if (!has_option_mask(ifo->nomask, DHO_STATICROUTE))
 		p = get_option(ifp->ctx, bootp, bootp_len,
 		    DHO_STATICROUTE, &len);
 	else
 		p = NULL;
 	/* RFC 2131 Section 5.8 states length MUST be in multiples of 8 */
 	if (p && len % 8 == 0) {
 		e = p + len;
 		while (p < e) {
 			memcpy(&dest.s_addr, p, sizeof(dest.s_addr));
 			p += 4;
 			memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr));
 			p += 4;
 			/* RFC 2131 Section 5.8 states default route is
 			 * illegal */
 			if (gateway.s_addr == INADDR_ANY)
 				continue;
 			if ((rt = rt_new(ifp)) == NULL)
 				return -1;
 			/* A on-link host route is normally set by having the
 			 * gateway match the destination or assigned address */
 			if (gateway.s_addr == dest.s_addr ||
 			     (gateway.s_addr == bootp->yiaddr ||
 			      gateway.s_addr == bootp->ciaddr))
+			{
 				gateway.s_addr = INADDR_ANY;
 				netmask.s_addr = INADDR_BROADCAST;
 			} else
 				netmask.s_addr = route_netmask(dest.s_addr);
 			if (netmask.s_addr == INADDR_BROADCAST)
 				rt->rt_flags = RTF_HOST;
 			sa_in_init(&rt->rt_dest, &dest);
 			sa_in_init(&rt->rt_netmask, &netmask);
 			sa_in_init(&rt->rt_gateway, &gateway);
 			if (rt_proto_add(routes, rt))
 				n++;
+		}
+	}
 	/* Now grab our routers */
 	if (!has_option_mask(ifo->nomask, DHO_ROUTER))
 		p = get_option(ifp->ctx, bootp, bootp_len, DHO_ROUTER, &len);
 	else
 		p = NULL;
 	if (p && len % 4 == 0) {
 		e = p + len;
 		dest.s_addr = INADDR_ANY;
 		netmask.s_addr = INADDR_ANY;
 		while (p < e) {
 			if ((rt = rt_new(ifp)) == NULL)
 				return -1;
 			memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr));
 			p += 4;
 			sa_in_init(&rt->rt_dest, &dest);
 			sa_in_init(&rt->rt_netmask, &netmask);
 			sa_in_init(&rt->rt_gateway, &gateway);
 			if (rt_proto_add(routes, rt))
 				n++;
+		}
+	}
 	return n;
+}
 uint16_t
 dhcp_get_mtu(const struct interface *ifp)
+{
 	const struct dhcp_state *state;
 	uint16_t mtu;
 	if (ifp->options->mtu)
 		return (uint16_t)ifp->options->mtu;
 	mtu = 0; /* bogus gcc warning */
 	if ((state = D_CSTATE(ifp)) == NULL ||
 	    has_option_mask(ifp->options->nomask, DHO_MTU) ||
 	    get_option_uint16(ifp->ctx, &mtu,
 			      state->new, state->new_len, DHO_MTU) == -1)
 		return 0;
 	return mtu;
+}
 /* Grab our routers from the DHCP message and apply any MTU value
  * the message contains */
 int
 dhcp_get_routes(rb_tree_t *routes, struct interface *ifp)
+{
 	const struct dhcp_state *state;
 	if ((state = D_CSTATE(ifp)) == NULL || !(state->added & STATE_ADDED))
 		return 0;
 	return get_option_routes(routes, ifp, state->new, state->new_len);
+}
 /* Assumes DHCP options */
 static int
 dhcp_message_add_addr(struct bootp *bootp,
     uint8_t type, struct in_addr addr)
+{
 	uint8_t *p;
 	size_t len;
 	p = bootp->vend;
 	while (*p != DHO_END) {
 		p++;
 		p += *p + 1;
+	}
 	len = (size_t)(p - bootp->vend);
 	if (len + 6 > sizeof(bootp->vend)) {
 		errno = ENOMEM;
 		return -1;
+	}
 	*p++ = type;
 	*p++ = 4;
 	memcpy(p, &addr.s_addr, 4);
 	p += 4;
 	*p = DHO_END;
 	return 0;
+}
 static ssize_t
 make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type)
+{
 	struct bootp *bootp;
 	uint8_t *lp, *p, *e;
 	uint8_t *n_params = NULL;
 	uint32_t ul;
 	uint16_t sz;
 	size_t len, i;
 	const struct dhcp_opt *opt;
 	struct if_options *ifo = ifp->options;
 	const struct dhcp_state *state = D_CSTATE(ifp);
 	const struct dhcp_lease *lease = &state->lease;
 	char hbuf[HOSTNAME_MAX_LEN + 1];
 	const char *hostname;
 	const struct vivco *vivco;
 	int mtu;
 #ifdef AUTH
 	uint8_t *auth, auth_len;
 #endif
 	if ((mtu = if_getmtu(ifp)) == -1)
 		logerr("%s: if_getmtu", ifp->name);
 	else if (mtu < MTU_MIN) {
 		if (if_setmtu(ifp, MTU_MIN) == -1)
 			logerr("%s: if_setmtu", ifp->name);
 		mtu = MTU_MIN;
+	}
 	if (ifo->options & DHCPCD_BOOTP)
 		bootp = calloc(1, sizeof (*bootp));
 	else
 		/* Make the maximal message we could send */
 		bootp = calloc(1, (size_t)(mtu - IP_UDP_SIZE));
 	if (bootp == NULL)
 		return -1;
 	*bootpm = bootp;
 	if (state->addr != NULL &&
 	    (type == DHCP_INFORM || type == DHCP_RELEASE ||
 	    (type == DHCP_REQUEST &&
 	    state->addr->mask.s_addr == lease->mask.s_addr &&
 	    (state->new == NULL || IS_DHCP(state->new)) &&
 	    !(state->added & (STATE_FAKE | STATE_EXPIRED)))))
 		bootp->ciaddr = state->addr->addr.s_addr;
 	bootp->op = BOOTREQUEST;
 	bootp->htype = (uint8_t)ifp->hwtype;
 	if (ifp->hwlen != 0 && ifp->hwlen < sizeof(bootp->chaddr)) {
 		bootp->hlen = (uint8_t)ifp->hwlen;
 		memcpy(&bootp->chaddr, &ifp->hwaddr, ifp->hwlen);
+	}
 	if (ifo->options & DHCPCD_BROADCAST &&
 	    bootp->ciaddr == 0 &&
 	    type != DHCP_DECLINE &&
 	    type != DHCP_RELEASE)
 		bootp->flags = htons(BROADCAST_FLAG);
 	if (type != DHCP_DECLINE && type != DHCP_RELEASE) {
 		struct timespec tv;
 		unsigned long long secs;
 		clock_gettime(CLOCK_MONOTONIC, &tv);
 		secs = eloop_timespec_diff(&tv, &state->started, NULL);
 		if (secs > UINT16_MAX)
 			bootp->secs = htons((uint16_t)UINT16_MAX);
 		else
 			bootp->secs = htons((uint16_t)secs);
+	}
 	bootp->xid = htonl(state->xid);
 	if (ifo->options & DHCPCD_BOOTP)
 		return sizeof(*bootp);
 	p = bootp->vend;
 	e = (uint8_t *)bootp + (mtu - IP_UDP_SIZE) - 1; /* -1 for DHO_END */
 	ul = htonl(MAGIC_COOKIE);
 	memcpy(p, &ul, sizeof(ul));
 	p += sizeof(ul);
 #define AREA_LEFT	(size_t)(e - p)
 #define AREA_FIT(s)	if ((s) > AREA_LEFT) goto toobig
 #define AREA_CHECK(s)	if ((s) + 2UL > AREA_LEFT) goto toobig
 #define PUT_ADDR(o, a)	do {		\
 	AREA_CHECK(4);			\
 	*p++ = (o);			\
 	*p++ = 4;			\
 	memcpy(p, &(a)->s_addr, 4);	\
 	p += 4;				\
 } while (0 /* CONSTCOND */)
 	/* Options are listed in numerical order as per RFC 7844 Section 3.1
 	 * XXX: They should be randomised. */
 	bool putip = false;
 	if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) {
 		if (type == DHCP_DECLINE ||
 		    (type == DHCP_REQUEST &&
 		    (state->addr == NULL ||
 		    state->added & (STATE_FAKE | STATE_EXPIRED) ||
 		    lease->addr.s_addr != state->addr->addr.s_addr)))
+		{
 			putip = true;
 			PUT_ADDR(DHO_IPADDRESS, &lease->addr);
+		}
+	}
 	AREA_CHECK(3);
 	*p++ = DHO_MESSAGETYPE;
 	*p++ = 1;
 	*p++ = type;
 	if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) {
 		if (type == DHCP_RELEASE || putip) {
 			if (lease->server.s_addr)
 				PUT_ADDR(DHO_SERVERID, &lease->server);
+		}
+	}
 	if (type == DHCP_DECLINE) {
 		len = strlen(DAD);
 		if (len > AREA_LEFT) {
 			*p++ = DHO_MESSAGE;
 			*p++ = (uint8_t)len;
 			memcpy(p, DAD, len);
 			p += len;
+		}
+	}
 #define	DHCP_DIR(type) ((type) == DHCP_DISCOVER || (type) == DHCP_INFORM || \
     (type) == DHCP_REQUEST)
 	if (DHCP_DIR(type)) {
 		/* vendor is already encoded correctly, so just add it */
 		if (ifo->vendor[0]) {
 			AREA_CHECK(ifo->vendor[0]);
 			*p++ = DHO_VENDOR;
 			memcpy(p, ifo->vendor, (size_t)ifo->vendor[0] + 1);
 			p += ifo->vendor[0] + 1;
+		}
+	}
 	if (type == DHCP_DISCOVER && ifo->options & DHCPCD_REQUEST)
 		PUT_ADDR(DHO_IPADDRESS, &ifo->req_addr);
 	if (DHCP_DIR(type)) {
 		if (type != DHCP_INFORM) {
 			if (ifo->leasetime != 0) {
 				AREA_CHECK(4);
 				*p++ = DHO_LEASETIME;
 				*p++ = 4;
 				ul = htonl(ifo->leasetime);
 				memcpy(p, &ul, 4);
 				p += 4;
+			}
+		}
 		AREA_CHECK(0);
 		*p++ = DHO_PARAMETERREQUESTLIST;
 		n_params = p;
 		*p++ = 0;
 		for (i = 0, opt = ifp->ctx->dhcp_opts;
 		    i < ifp->ctx->dhcp_opts_len;
 		    i++, opt++)
+		{
 			if (!DHC_REQOPT(opt, ifo->requestmask, ifo->nomask))
 				continue;
 			if (type == DHCP_INFORM &&
 			    (opt->option == DHO_RENEWALTIME ||
 				opt->option == DHO_REBINDTIME))
 				continue;
 			AREA_FIT(1);
 			*p++ = (uint8_t)opt->option;
+		}
 		for (i = 0, opt = ifo->dhcp_override;
 		    i < ifo->dhcp_override_len;
 		    i++, opt++)
+		{
 			/* Check if added above */
 			for (lp = n_params + 1; lp < p; lp++)
 				if (*lp == (uint8_t)opt->option)
 					break;
 			if (lp < p)
 				continue;
 			if (!DHC_REQOPT(opt, ifo->requestmask, ifo->nomask))
 				continue;
 			if (type == DHCP_INFORM &&
 			    (opt->option == DHO_RENEWALTIME ||
 				opt->option == DHO_REBINDTIME))
 				continue;
 			AREA_FIT(1);
 			*p++ = (uint8_t)opt->option;
+		}
 		*n_params = (uint8_t)(p - n_params - 1);
 		if (mtu != -1 &&
 		    !(has_option_mask(ifo->nomask, DHO_MAXMESSAGESIZE)))
+		{
 			AREA_CHECK(2);
 			*p++ = DHO_MAXMESSAGESIZE;
 			*p++ = 2;
 			sz = htons((uint16_t)(mtu - IP_UDP_SIZE));
 			memcpy(p, &sz, 2);
 			p += 2;
+		}
 		if (ifo->userclass[0] &&
 		    !has_option_mask(ifo->nomask, DHO_USERCLASS))
+		{
 			AREA_CHECK(ifo->userclass[0]);
 			*p++ = DHO_USERCLASS;
 			memcpy(p, ifo->userclass,
 			    (size_t)ifo->userclass[0] + 1);
 			p += ifo->userclass[0] + 1;
+		}
+	}
 	if (state->clientid) {
 		AREA_CHECK(state->clientid[0]);
 		*p++ = DHO_CLIENTID;
 		memcpy(p, state->clientid, (size_t)state->clientid[0] + 1);
 		p += state->clientid[0] + 1;
+	}
 	if (DHCP_DIR(type) &&
 	    !has_option_mask(ifo->nomask, DHO_VENDORCLASSID) &&
 	    ifo->vendorclassid[0])
+	{
 		AREA_CHECK(ifo->vendorclassid[0]);
 		*p++ = DHO_VENDORCLASSID;
 		memcpy(p, ifo->vendorclassid, (size_t)ifo->vendorclassid[0]+1);
 		p += ifo->vendorclassid[0] + 1;
+	}
 	if (type == DHCP_DISCOVER &&
 	    !(ifp->ctx->options & DHCPCD_TEST) &&
 	    DHC_REQ(ifo->requestmask, ifo->nomask, DHO_RAPIDCOMMIT))
+	{
 		/* RFC 4039 Section 3 */
 		AREA_CHECK(0);
 		*p++ = DHO_RAPIDCOMMIT;
 		*p++ = 0;
+	}
 	if (DHCP_DIR(type)) {
 		hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo);
 		/*
 		 * RFC4702 3.1 States that if we send the Client FQDN option
 		 * then we MUST NOT also send the Host Name option.
 		 * Technically we could, but that is not RFC conformant and
 		 * also seems to break some DHCP server implemetations such as
 		 * Windows. On the other hand, ISC dhcpd is just as non RFC
 		 * conformant by not accepting a partially qualified FQDN.
 		 */
 		if (ifo->fqdn != FQDN_DISABLE) {
 			/* IETF DHC-FQDN option (81), RFC4702 */
 			i = 3;
 			if (hostname)
 				i += encode_rfc1035(hostname, NULL);
 			AREA_CHECK(i);
 			*p++ = DHO_FQDN;
 			*p++ = (uint8_t)i;
 			/*
 			 * Flags: 0000NEOS
 			 * S: 1 => Client requests Server to update
 			 *         a RR in DNS as well as PTR
 			 * O: 1 => Server indicates to client that
 			 *         DNS has been updated
 			 * E: 1 => Name data is DNS format
 			 * N: 1 => Client requests Server to not
 			 *         update DNS
 			 */
 			if (hostname)
 				*p++ = (uint8_t)((ifo->fqdn & 0x09) | 0x04);
 			else
 				*p++ = (FQDN_NONE & 0x09) | 0x04;
 			*p++ = 0; /* from server for PTR RR */
 			*p++ = 0; /* from server for A RR if S=1 */
 			if (hostname) {
 				i = encode_rfc1035(hostname, p);
 				p += i;
+			}
 		} else if (ifo->options & DHCPCD_HOSTNAME && hostname) {
 			len = strlen(hostname);
 			AREA_CHECK(len);
 			*p++ = DHO_HOSTNAME;
 			*p++ = (uint8_t)len;
 			memcpy(p, hostname, len);
 			p += len;
+		}
+	}
 #ifdef AUTH
 	auth = NULL;	/* appease GCC */
 	auth_len = 0;
 	if (ifo->auth.options & DHCPCD_AUTH_SEND) {
 		ssize_t alen = dhcp_auth_encode(ifp->ctx, &ifo->auth,
 		    state->auth.token,
 		    NULL, 0, 4, type, NULL, 0);
 		if (alen != -1 && alen > UINT8_MAX) {
 			errno = ERANGE;
 			alen = -1;
+		}
 		if (alen == -1)
 			logerr("%s: dhcp_auth_encode", ifp->name);
 		else if (alen != 0) {
 			auth_len = (uint8_t)alen;
 			AREA_CHECK(auth_len);
 			*p++ = DHO_AUTHENTICATION;
 			*p++ = auth_len;
 			auth = p;
 			p += auth_len;
+		}
+	}
 #endif
 	/* RFC 2563 Auto Configure */
 	if (type == DHCP_DISCOVER && ifo->options & DHCPCD_IPV4LL &&
 	    !(has_option_mask(ifo->nomask, DHO_AUTOCONFIGURE)))
+	{
 		AREA_CHECK(1);
 		*p++ = DHO_AUTOCONFIGURE;
 		*p++ = 1;
 		*p++ = 1;
+	}
 	if (DHCP_DIR(type)) {
 		if (ifo->mudurl[0]) {
 		       AREA_CHECK(ifo->mudurl[0]);
 		       *p++ = DHO_MUDURL;
 		       memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1);
 		       p += ifo->mudurl[0] + 1;
+		}
 		if (ifo->vivco_len &&
 		    !has_option_mask(ifo->nomask, DHO_VIVCO))
+		{
 			AREA_CHECK(sizeof(ul));
 			*p++ = DHO_VIVCO;
 			lp = p++;
 			*lp = sizeof(ul);
 			ul = htonl(ifo->vivco_en);
 			memcpy(p, &ul, sizeof(ul));
 			p += sizeof(ul);
 			for (i = 0, vivco = ifo->vivco;
 			    i < ifo->vivco_len;
 			    i++, vivco++)
+			{
 				AREA_FIT(vivco->len);
 				if (vivco->len + 2 + *lp > 255) {
 					logerrx("%s: VIVCO option too big",
 					    ifp->name);
 					free(bootp);
 					return -1;
+				}
 				*p++ = (uint8_t)vivco->len;
 				memcpy(p, vivco->data, vivco->len);
 				p += vivco->len;
 				*lp = (uint8_t)(*lp + vivco->len + 1);
+			}
+		}
 #ifdef AUTH
 		if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) !=
 		    DHCPCD_AUTH_SENDREQUIRE &&
 		    !has_option_mask(ifo->nomask, DHO_FORCERENEW_NONCE))
+		{
 			/* We support HMAC-MD5 */
 			AREA_CHECK(1);
 			*p++ = DHO_FORCERENEW_NONCE;
 			*p++ = 1;
 			*p++ = AUTH_ALG_HMAC_MD5;
+		}
 #endif
+	}
 	*p++ = DHO_END;
 	len = (size_t)(p - (uint8_t *)bootp);
 	/* Pad out to the BOOTP message length.
 	 * Even if we send a DHCP packet with a variable length vendor area,
 	 * some servers / relay agents don't like packets smaller than
 	 * a BOOTP message which is fine because that's stipulated
 	 * in RFC1542 section 2.1. */
 	while (len < sizeof(*bootp)) {
 		*p++ = DHO_PAD;
 		len++;
+	}
 #ifdef AUTH
 	if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0)
 		dhcp_auth_encode(ifp->ctx, &ifo->auth, state->auth.token,
 		    (uint8_t *)bootp, len, 4, type, auth, auth_len);
 #endif
 	return (ssize_t)len;
 toobig:
 	logerrx("%s: DHCP message too big", ifp->name);
 	free(bootp);
 	return -1;
+}
 static size_t
 read_lease(struct interface *ifp, struct bootp **bootp)
+{
 	union {
 		struct bootp bootp;
 		uint8_t buf[FRAMELEN_MAX];
 	} buf;
 	struct dhcp_state *state = D_STATE(ifp);
 	ssize_t sbytes;
 	size_t bytes;
 	uint8_t type;
 #ifdef AUTH
 	const uint8_t *auth;
 	size_t auth_len;
 #endif
 	/* Safety */
 	*bootp = NULL;
 	if (state->leasefile[0] == '\0') {
 		logdebugx("reading standard input");
 		sbytes = read(fileno(stdin), buf.buf, sizeof(buf.buf));
 	} else {
 		logdebugx("%s: reading lease: %s",
 		    ifp->name, state->leasefile);
 		sbytes = dhcp_readfile(ifp->ctx, state->leasefile,
 		    buf.buf, sizeof(buf.buf));
+	}
 	if (sbytes == -1) {
 		if (errno != ENOENT)
 			logerr("%s: %s", ifp->name, state->leasefile);
 		return 0;
+	}
 	bytes = (size_t)sbytes;
 	/* Ensure the packet is at lease BOOTP sized
 	 * with a vendor area of 4 octets
 	 * (it should be more, and our read packet enforces this so this
 	 * code should not be needed, but of course people could
 	 * scribble whatever in the stored lease file. */
 	if (bytes < DHCP_MIN_LEN) {
 		logerrx("%s: %s: truncated lease", ifp->name, __func__);
 		return 0;
+	}
 	if (ifp->ctx->options & DHCPCD_DUMPLEASE)
 		goto out;
 	/* We may have found a BOOTP server */
 	if (get_option_uint8(ifp->ctx, &type, &buf.bootp, bytes,
 	    DHO_MESSAGETYPE) == -1)
 		type = 0;
 #ifdef AUTH
 	/* Authenticate the message */
 	auth = get_option(ifp->ctx, &buf.bootp, bytes,
 	    DHO_AUTHENTICATION, &auth_len);
 	if (auth) {
 		if (dhcp_auth_validate(&state->auth, &ifp->options->auth,
 		    &buf.bootp, bytes, 4, type, auth, auth_len) == NULL)
+		{
 			logerr("%s: authentication failed", ifp->name);
 			return 0;
+		}
 		if (state->auth.token)
 			logdebugx("%s: validated using 0x%08" PRIu32,
 			    ifp->name, state->auth.token->secretid);
 		else
 			logdebugx("%s: accepted reconfigure key", ifp->name);
 	} else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) ==
 	    DHCPCD_AUTH_SENDREQUIRE)
+	{
 		logerrx("%s: authentication now required", ifp->name);
 		return 0;
+	}
 #endif
 out:
 	*bootp = malloc(bytes);
 	if (*bootp == NULL) {
 		logerr(__func__);
 		return 0;
+	}
 	memcpy(*bootp, buf.buf, bytes);
 	return bytes;
+}
 static const struct dhcp_opt *
 dhcp_getoverride(const struct if_options *ifo, unsigned int o)
+{
 	size_t i;
 	const struct dhcp_opt *opt;
 	for (i = 0, opt = ifo->dhcp_override;
 	    i < ifo->dhcp_override_len;
 	    i++, opt++)
+	{
 		if (opt->option == o)
 			return opt;
+	}
 	return NULL;
+}
 static const uint8_t *
 dhcp_getoption(struct dhcpcd_ctx *ctx,
     size_t *os, unsigned int *code, size_t *len,
     const uint8_t *od, size_t ol, struct dhcp_opt **oopt)
+{
 	size_t i;
 	struct dhcp_opt *opt;
 	if (od) {
 		if (ol < 2) {
 			errno = EINVAL;
 			return NULL;
+		}
 		*os = 2; /* code + len */
 		*code = (unsigned int)*od++;
 		*len = (size_t)*od++;
 		if (*len > ol - *os) {
 			errno = ERANGE;
 			return NULL;
+		}
+	}
 	*oopt = NULL;
 	for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) {
 		if (opt->option == *code) {
 			*oopt = opt;
 			break;
+		}
+	}
 	return od;
+}
 ssize_t
 dhcp_env(FILE *fenv, const char *prefix, const struct interface *ifp,
     const struct bootp *bootp, size_t bootp_len)
+{
 	const struct if_options *ifo;
 	const uint8_t *p;
 	struct in_addr addr;
 	struct in_addr net;
 	struct in_addr brd;
 	struct dhcp_opt *opt, *vo;
 	size_t i, pl;
 	char safe[(BOOTP_FILE_LEN * 4) + 1];
 	uint8_t overl = 0;
 	uint32_t en;
 	ifo = ifp->options;
 	if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len,
 	    DHO_OPTSOVERLOADED) == -1)
 		overl = 0;
 	if (bootp->yiaddr || bootp->ciaddr) {
 		/* Set some useful variables that we derive from the DHCP
 		 * message but are not necessarily in the options */
 		addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr;
 		if (efprintf(fenv, "%s_ip_address=%s",
 		    prefix, inet_ntoa(addr)) == -1)
 			return -1;
 		if (get_option_addr(ifp->ctx, &net,
 		    bootp, bootp_len, DHO_SUBNETMASK) == -1) {
 			net.s_addr = ipv4_getnetmask(addr.s_addr);
 			if (efprintf(fenv, "%s_subnet_mask=%s",
 			    prefix, inet_ntoa(net)) == -1)
 				return -1;
+		}
 		if (efprintf(fenv, "%s_subnet_cidr=%d",
 		    prefix, inet_ntocidr(net))== -1)
 			return -1;
 		if (get_option_addr(ifp->ctx, &brd,
 		    bootp, bootp_len, DHO_BROADCAST) == -1)
+		{
 			brd.s_addr = addr.s_addr | ~net.s_addr;
 			if (efprintf(fenv, "%s_broadcast_address=%s",
 			    prefix, inet_ntoa(brd)) == -1)
 				return -1;
+		}
 		addr.s_addr = bootp->yiaddr & net.s_addr;
 		if (efprintf(fenv, "%s_network_number=%s",
 		    prefix, inet_ntoa(addr)) == -1)
 			return -1;
+	}
 	if (*bootp->file && !(overl & 1)) {
 		print_string(safe, sizeof(safe), OT_STRING,
 		    bootp->file, sizeof(bootp->file));
 		if (efprintf(fenv, "%s_filename=%s", prefix, safe) == -1)
 			return -1;
+	}
 	if (*bootp->sname && !(overl & 2)) {
 		print_string(safe, sizeof(safe), OT_STRING | OT_DOMAIN,
 		    bootp->sname, sizeof(bootp->sname));
 		if (efprintf(fenv, "%s_server_name=%s", prefix, safe) == -1)
 			return -1;
+	}
 	/* Zero our indexes */
 	for (i = 0, opt = ifp->ctx->dhcp_opts;
 	    i < ifp->ctx->dhcp_opts_len;
 	    i++, opt++)
 		dhcp_zero_index(opt);
 	for (i = 0, opt = ifp->options->dhcp_override;
 	    i < ifp->options->dhcp_override_len;
 	    i++, opt++)
 		dhcp_zero_index(opt);
 	for (i = 0, opt = ifp->ctx->vivso;
 	    i < ifp->ctx->vivso_len;
 	    i++, opt++)
 		dhcp_zero_index(opt);
 	for (i = 0, opt = ifp->ctx->dhcp_opts;
 	    i < ifp->ctx->dhcp_opts_len;
 	    i++, opt++)
+	{
 		if (has_option_mask(ifo->nomask, opt->option))
 			continue;
 		if (dhcp_getoverride(ifo, opt->option))
 			continue;
 		p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl);
 		if (p == NULL)
 			continue;
 		dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name,
 		    opt, dhcp_getoption, p, pl);
 		if (opt->option != DHO_VIVSO || pl <= (int)sizeof(uint32_t))
 			continue;
 		memcpy(&en, p, sizeof(en));
 		en = ntohl(en);
 		vo = vivso_find(en, ifp);
 		if (vo == NULL)
 			continue;
 		/* Skip over en + total size */
 		p += sizeof(en) + 1;
 		pl -= sizeof(en) + 1;
 		dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name,
 		    vo, dhcp_getoption, p, pl);
+	}
 	for (i = 0, opt = ifo->dhcp_override;
 	    i < ifo->dhcp_override_len;
 	    i++, opt++)
+	{
 		if (has_option_mask(ifo->nomask, opt->option))
 			continue;
 		p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl);
 		if (p == NULL)
 			continue;
 		dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name,
 		    opt, dhcp_getoption, p, pl);
+	}
 	return 1;
+}
 static void
 get_lease(struct interface *ifp,
     struct dhcp_lease *lease, const struct bootp *bootp, size_t len)
+{
 	struct dhcpcd_ctx *ctx;
 	assert(bootp != NULL);
 	memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie));
 	/* BOOTP does not set yiaddr for replies when ciaddr is set. */
 	lease->addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr;
 	ctx = ifp->ctx;
 	if (ifp->options->options & (DHCPCD_STATIC | DHCPCD_INFORM)) {
 		if (ifp->options->req_addr.s_addr != INADDR_ANY) {
 			lease->mask = ifp->options->req_mask;
 			if (ifp->options->req_brd.s_addr != INADDR_ANY)
 				lease->brd = ifp->options->req_brd;
 			else
 				lease->brd.s_addr =
 				    lease->addr.s_addr | ~lease->mask.s_addr;
 		} else {
 			const struct ipv4_addr *ia;
 			ia = ipv4_iffindaddr(ifp, &lease->addr, NULL);
 			assert(ia != NULL);
 			lease->mask = ia->mask;
 			lease->brd = ia->brd;
+		}
 	} else {
 		if (get_option_addr(ctx, &lease->mask, bootp, len,
 		    DHO_SUBNETMASK) == -1)
 			lease->mask.s_addr =
 			    ipv4_getnetmask(lease->addr.s_addr);
 		if (get_option_addr(ctx, &lease->brd, bootp, len,
 		    DHO_BROADCAST) == -1)
 			lease->brd.s_addr =
 			    lease->addr.s_addr | ~lease->mask.s_addr;
+	}
 	if (get_option_uint32(ctx, &lease->leasetime,
 	    bootp, len, DHO_LEASETIME) != 0)
 		lease->leasetime = DHCP_INFINITE_LIFETIME;
 	if (get_option_uint32(ctx, &lease->renewaltime,
 	    bootp, len, DHO_RENEWALTIME) != 0)
 		lease->renewaltime = 0;
 	if (get_option_uint32(ctx, &lease->rebindtime,
 	    bootp, len, DHO_REBINDTIME) != 0)
 		lease->rebindtime = 0;
 	if (get_option_addr(ctx, &lease->server, bootp, len, DHO_SERVERID) != 0)
 		lease->server.s_addr = INADDR_ANY;
+}
 static const char *
 get_dhcp_op(uint8_t type)
+{
 	const struct dhcp_op *d;
 	for (d = dhcp_ops; d->name; d++)
 		if (d->value == type)
 			return d->name;
 	return NULL;
+}
 static void
 dhcp_fallback(void *arg)
+{
 	struct interface *iface;
 	iface = (struct interface *)arg;
 	dhcpcd_selectprofile(iface, iface->options->fallback);
 	dhcpcd_startinterface(iface);
+}
 static void
 dhcp_new_xid(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	const struct interface *ifp1;
 	const struct dhcp_state *state1;
 	state = D_STATE(ifp);
 	if (ifp->options->options & DHCPCD_XID_HWADDR &&
 	    ifp->hwlen >= sizeof(state->xid))
 		/* The lower bits are probably more unique on the network */
 		memcpy(&state->xid,
 		    (ifp->hwaddr + ifp->hwlen) - sizeof(state->xid),
 		    sizeof(state->xid));
 	else {
 again:
 		state->xid = arc4random();
+	}
 	/* Ensure it's unique */
 	TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) {
 		if (ifp == ifp1)
 			continue;
 		if ((state1 = D_CSTATE(ifp1)) == NULL)
 			continue;
 		if (state1->xid == state->xid)
 			break;
+	}
 	if (ifp1 != NULL) {
 		if (ifp->options->options & DHCPCD_XID_HWADDR &&
 		    ifp->hwlen >= sizeof(state->xid))
+		{
 			logerrx("%s: duplicate xid on %s",
 			    ifp->name, ifp1->name);
 			    return;
+		}
 		goto again;
+	}
 	/* We can't do this when sharing leases across interfaes */
 #if 0
 	/* As the XID changes, re-apply the filter. */
 	if (state->bpf_fd != -1) {
 		if (bpf_bootp(ifp, state->bpf_fd) == -1)
 			logerr(__func__); /* try to continue */
+	}
 #endif
+}
-void
+static void
-dhcp_close(struct interface *ifp)
+dhcp_closebpf(struct interface *ifp)
+{
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	struct dhcp_state *state = D_STATE(ifp);
 	if (state == NULL)
 		return;
 #ifdef PRIVSEP
-	if (IN_PRIVSEP_SE(ctx)) {
+	if (IN_PRIVSEP_SE(ctx))
 		ps_bpf_closebootp(ifp);
 		if (state->addr != NULL)
 			ps_inet_closebootp(state->addr);
 #endif
 	if (state->bpf != NULL) {
 		eloop_event_delete(ctx->eloop, state->bpf->bpf_fd);
 		bpf_close(state->bpf);
 		state->bpf = NULL;
+	}
+}
 static void
 dhcp_closeinet(struct interface *ifp)
+{
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	struct dhcp_state *state = D_STATE(ifp);
 #ifdef PRIVSEP
 	if (IN_PRIVSEP_SE(ctx)) {
 		if (state->addr != NULL)
 			ps_inet_closebootp(state->addr);
+	}
 #endif
 	if (state->udp_rfd != -1) {
 		eloop_event_delete(ctx->eloop, state->udp_rfd);
 		close(state->udp_rfd);
 		state->udp_rfd = -1;
+	}
+}
 void
 dhcp_close(struct interface *ifp)
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	if (state == NULL)
 		return;
 	dhcp_closebpf(ifp);
 	dhcp_closeinet(ifp);
 	state->interval = 0;
+}
 int
 dhcp_openudp(struct in_addr *ia)
+{
 	int s;
 	struct sockaddr_in sin;
 	int n;
 	if ((s = xsocket(PF_INET, SOCK_DGRAM | SOCK_CXNB, IPPROTO_UDP)) == -1)
 		return -1;
 	n = 1;
 	if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(n)) == -1)
 		goto errexit;
 #ifdef IP_RECVIF
 	if (setsockopt(s, IPPROTO_IP, IP_RECVIF, &n, sizeof(n)) == -1)
 		goto errexit;
 #else
 	if (setsockopt(s, IPPROTO_IP, IP_RECVPKTINFO, &n, sizeof(n)) == -1)
 		goto errexit;
 #endif
 #ifdef SO_RERROR
 	if (setsockopt(s, SOL_SOCKET, SO_RERROR, &n, sizeof(n)) == -1)
 		goto errexit;
 #endif
 	memset(&sin, 0, sizeof(sin));
 	sin.sin_family = AF_INET;
 	sin.sin_port = htons(BOOTPC);
 	if (ia != NULL)
 		sin.sin_addr = *ia;
 	if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1)
 		goto errexit;
 	return s;
 errexit:
 	close(s);
 	return -1;
+}
 static uint16_t
 in_cksum(const void *data, size_t len, uint32_t *isum)
+{
 	const uint16_t *word = data;
 	uint32_t sum = isum != NULL ? *isum : 0;
 	for (; len > 1; len -= sizeof(*word))
 		sum += *word++;
 	if (len == 1)
 		sum += htons((uint16_t)(*(const uint8_t *)word << 8));
 	if (isum != NULL)
 		*isum = sum;
 	sum = (sum >> 16) + (sum & 0xffff);
 	sum += (sum >> 16);
 	return (uint16_t)~sum;
+}
 static struct bootp_pkt *
 dhcp_makeudppacket(size_t *sz, const uint8_t *data, size_t length,
 	struct in_addr source, struct in_addr dest)
+{
 	struct bootp_pkt *udpp;
 	struct ip *ip;
 	struct udphdr *udp;
 	if ((udpp = calloc(1, sizeof(*ip) + sizeof(*udp) + length)) == NULL)
 		return NULL;
 	ip = &udpp->ip;
 	udp = &udpp->udp;
 	/* OK, this is important :)
 	 * We copy the data to our packet and then create a small part of the
 	 * ip structure and an invalid ip_len (basically udp length).
 	 * We then fill the udp structure and put the checksum
 	 * of the whole packet into the udp checksum.
 	 * Finally we complete the ip structure and ip checksum.
 	 * If we don't do the ordering like so then the udp checksum will be
 	 * broken, so find another way of doing it! */
 	memcpy(&udpp->bootp, data, length);
 	ip->ip_p = IPPROTO_UDP;
 	ip->ip_src.s_addr = source.s_addr;
 	if (dest.s_addr == 0)
 		ip->ip_dst.s_addr = INADDR_BROADCAST;
 	else
 		ip->ip_dst.s_addr = dest.s_addr;
 	udp->uh_sport = htons(BOOTPC);
 	udp->uh_dport = htons(BOOTPS);
 	udp->uh_ulen = htons((uint16_t)(sizeof(*udp) + length));
 	ip->ip_len = udp->uh_ulen;
 	udp->uh_sum = in_cksum(udpp, sizeof(*ip) + sizeof(*udp) + length, NULL);
 	ip->ip_v = IPVERSION;
 	ip->ip_hl = sizeof(*ip) >> 2;
 	ip->ip_id = (uint16_t)arc4random_uniform(UINT16_MAX);
 	ip->ip_ttl = IPDEFTTL;
 	ip->ip_len = htons((uint16_t)(sizeof(*ip) + sizeof(*udp) + length));
 	ip->ip_sum = in_cksum(ip, sizeof(*ip), NULL);
 	if (ip->ip_sum == 0)
 		ip->ip_sum = 0xffff; /* RFC 768 */
 	*sz = sizeof(*ip) + sizeof(*udp) + length;
 	return udpp;
+}
 static ssize_t
 dhcp_sendudp(struct interface *ifp, struct in_addr *to, void *data, size_t len)
+{
 	struct sockaddr_in sin = {
 		.sin_family = AF_INET,
 		.sin_addr = *to,
 		.sin_port = htons(BOOTPS),
 #ifdef HAVE_SA_LEN
 		.sin_len = sizeof(sin),
 #endif
 	};
 	struct udphdr udp = {
 	    .uh_sport = htons(BOOTPC),
 	    .uh_dport = htons(BOOTPS),
 	    .uh_ulen = htons((uint16_t)(sizeof(udp) + len)),
 	};
 	struct iovec iov[] = {
 	    { .iov_base = &udp, .iov_len = sizeof(udp), },
 	    { .iov_base = data, .iov_len = len, },
 	};
 	struct msghdr msg = {
 		.msg_name = (void *)&sin,
 		.msg_namelen = sizeof(sin),
 		.msg_iov = iov,
 		.msg_iovlen = __arraycount(iov),
 	};
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 #ifdef PRIVSEP
 	if (ctx->options & DHCPCD_PRIVSEP)
 		return ps_inet_sendbootp(ifp, &msg);
 #endif
 	return sendmsg(ctx->udp_wfd, &msg, 0);
+}
 static void
 send_message(struct interface *ifp, uint8_t type,
     void (*callback)(void *))
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	struct if_options *ifo = ifp->options;
 	struct bootp *bootp;
 	struct bootp_pkt *udp;
 	size_t len, ulen;
 	ssize_t r;
 	struct in_addr from, to;
 	unsigned int RT;
 	if (callback == NULL) {
 		/* No carrier? Don't bother sending the packet. */
 		if (!if_is_link_up(ifp))
 			return;
 		logdebugx("%s: sending %s with xid 0x%x",
 		    ifp->name,
 		    ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type),
 		    state->xid);
 		RT = 0; /* bogus gcc warning */
 	} else {
 		if (state->interval == 0)
 			state->interval = 4;
 		else {
 			state->interval *= 2;
 			if (state->interval > 64)
 				state->interval = 64;
+		}
 		RT = (state->interval * MSEC_PER_SEC) +
 		    (arc4random_uniform(MSEC_PER_SEC * 2) - MSEC_PER_SEC);
 		/* No carrier? Don't bother sending the packet.
 		 * However, we do need to advance the timeout. */
 		if (!if_is_link_up(ifp))
 			goto fail;
 		logdebugx("%s: sending %s (xid 0x%x), next in %0.1f seconds",
 		    ifp->name,
 		    ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type),
 		    state->xid,
 		    (float)RT / MSEC_PER_SEC);
+	}
 	r = make_message(&bootp, ifp, type);
 	if (r == -1)
 		goto fail;
 	len = (size_t)r;
 	if (!(state->added & (STATE_FAKE | STATE_EXPIRED)) &&
 	    state->addr != NULL &&
 	    ipv4_iffindaddr(ifp, &state->lease.addr, NULL) != NULL)
 		from.s_addr = state->lease.addr.s_addr;
 	else
 		from.s_addr = INADDR_ANY;
 	if (from.s_addr != INADDR_ANY &&
 	    state->lease.server.s_addr != INADDR_ANY)
 		to.s_addr = state->lease.server.s_addr;
 	else
 		to.s_addr = INADDR_BROADCAST;
 	/*
 	 * If not listening on the unspecified address we can
 	 * only receive broadcast messages via BPF.
 	 * Sockets bound to an address cannot receive broadcast messages
 	 * even if they are setup to send them.
 	 * Broadcasting from UDP is only an optimisation for rebinding
 	 * and on BSD, at least, is reliant on the subnet route being
 	 * correctly configured to receive the unicast reply.
 	 * As such, we always broadcast and receive the reply to it via BPF.
 	 * This also guarantees we have a DHCP server attached to the
 	 * interface we want to configure because we can't dictate the
 	 * interface via IP_PKTINFO unlike for IPv6.
 	 */
 	if (to.s_addr != INADDR_BROADCAST) {
 		if (dhcp_sendudp(ifp, &to, bootp, len) != -1)
 			goto out;
 		logerr("%s: dhcp_sendudp", ifp->name);
+	}
 	if (dhcp_openbpf(ifp) == -1)
 		goto out;
 	udp = dhcp_makeudppacket(&ulen, (uint8_t *)bootp, len, from, to);
 	if (udp == NULL) {
 		logerr("%s: dhcp_makeudppacket", ifp->name);
 		r = 0;
 #ifdef PRIVSEP
 	} else if (ifp->ctx->options & DHCPCD_PRIVSEP) {
 		r = ps_bpf_sendbootp(ifp, udp, ulen);
 		free(udp);
 #endif
 	} else {
 		r = bpf_send(state->bpf, ETHERTYPE_IP, udp, ulen);
 		free(udp);
+	}
 	/* If we failed to send a raw packet this normally means
 	 * we don't have the ability to work beneath the IP layer
 	 * for this interface.
 	 * As such we remove it from consideration without actually
 	 * stopping the interface. */
 	if (r == -1) {
 		logerr("%s: bpf_send", ifp->name);
 		switch(errno) {
 		case ENETDOWN:
 		case ENETRESET:
 		case ENETUNREACH:
 		case ENOBUFS:
 			break;
 		default:
 			if (!(ifp->ctx->options & DHCPCD_TEST))
 				dhcp_drop(ifp, "FAIL");
 			eloop_timeout_delete(ifp->ctx->eloop,
 			    NULL, ifp);
 			callback = NULL;
+		}
+	}
 out:
 	free(bootp);
 fail:
 	/* Even if we fail to send a packet we should continue as we are
 	 * as our failure timeouts will change out codepath when needed. */
 	if (callback != NULL)
 		eloop_timeout_add_msec(ifp->ctx->eloop, RT, callback, ifp);
+}
 static void
 send_inform(void *arg)
+{
 	send_message((struct interface *)arg, DHCP_INFORM, send_inform);
+}
 static void
 send_discover(void *arg)
+{
 	send_message((struct interface *)arg, DHCP_DISCOVER, send_discover);
+}
 static void
 send_request(void *arg)
+{
 	send_message((struct interface *)arg, DHCP_REQUEST, send_request);
+}
 static void
 send_renew(void *arg)
+{
 	send_message((struct interface *)arg, DHCP_REQUEST, send_renew);
+}
 static void
 send_rebind(void *arg)
+{
 	send_message((struct interface *)arg, DHCP_REQUEST, send_rebind);
+}
 void
 dhcp_discover(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state = D_STATE(ifp);
 	struct if_options *ifo = ifp->options;
 	state->state = DHS_DISCOVER;
 	dhcp_new_xid(ifp);
 	eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 	if (!(state->added & STATE_EXPIRED)) {
 		if (ifo->fallback)
 			eloop_timeout_add_sec(ifp->ctx->eloop,
 			    ifo->reboot, dhcp_fallback, ifp);
 #ifdef IPV4LL
 		else if (ifo->options & DHCPCD_IPV4LL)
 			eloop_timeout_add_sec(ifp->ctx->eloop,
 			    ifo->reboot, ipv4ll_start, ifp);
 #endif
+	}
 	if (ifo->options & DHCPCD_REQUEST)
 		loginfox("%s: soliciting a DHCP lease (requesting %s)",
 		    ifp->name, inet_ntoa(ifo->req_addr));
 	else
 		loginfox("%s: soliciting a %s lease",
 		    ifp->name, ifo->options & DHCPCD_BOOTP ? "BOOTP" : "DHCP");
 	send_discover(ifp);
+}
 static void
 dhcp_request(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state = D_STATE(ifp);
 	state->state = DHS_REQUEST;
 	send_request(ifp);
+}
 static void
 dhcp_expire(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state = D_STATE(ifp);
 	if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) {
 		logwarnx("%s: DHCP lease expired, extending lease", ifp->name);
 		state->added |= STATE_EXPIRED;
 	} else {
 		logerrx("%s: DHCP lease expired", ifp->name);
 		dhcp_drop(ifp, "EXPIRE");
 		dhcp_unlink(ifp->ctx, state->leasefile);
+	}
 	state->interval = 0;
 	dhcp_discover(ifp);
+}
 #if defined(ARP) || defined(IN_IFF_DUPLICATED)
 static void
 dhcp_decline(struct interface *ifp)
+{
 	send_message(ifp, DHCP_DECLINE, NULL);
+}
 #endif
 static void
 dhcp_startrenew(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state;
 	struct dhcp_lease *lease;
 	if ((state = D_STATE(ifp)) == NULL)
 		return;
 	/* Only renew in the bound or renew states */
 	if (state->state != DHS_BOUND &&
 	    state->state != DHS_RENEW)
 		return;
 	/* Remove the timeout as the renew may have been forced. */
 	eloop_timeout_delete(ifp->ctx->eloop, dhcp_startrenew, ifp);
 	lease = &state->lease;
 	logdebugx("%s: renewing lease of %s", ifp->name,
 	    inet_ntoa(lease->addr));
 	state->state = DHS_RENEW;
 	dhcp_new_xid(ifp);
 	state->interval = 0;
 	send_renew(ifp);
+}
 void
 dhcp_renew(struct interface *ifp)
+{
 	dhcp_startrenew(ifp);
+}
 static void
 dhcp_rebind(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state = D_STATE(ifp);
 	struct dhcp_lease *lease = &state->lease;
 	logwarnx("%s: failed to renew DHCP, rebinding", ifp->name);
 	logdebugx("%s: expire in %"PRIu32" seconds",
 	    ifp->name, lease->leasetime - lease->rebindtime);
 	state->state = DHS_REBIND;
 	eloop_timeout_delete(ifp->ctx->eloop, send_renew, ifp);
 	state->lease.server.s_addr = INADDR_ANY;
 	state->interval = 0;
 	ifp->options->options &= ~(DHCPCD_CSR_WARNED |
 	    DHCPCD_ROUTER_HOST_ROUTE_WARNED);
 	send_rebind(ifp);
+}
 #if defined(ARP) || defined(IN_IFF_DUPLICATED)
 static void
 dhcp_finish_dad(struct interface *ifp, struct in_addr *ia)
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	if (state->state != DHS_PROBE)
 		return;
 	if (state->offer == NULL || state->offer->yiaddr != ia->s_addr)
 		return;
 	logdebugx("%s: DAD completed for %s", ifp->name, inet_ntoa(*ia));
 	if (!(ifp->options->options & DHCPCD_INFORM))
 		dhcp_bind(ifp);
 #ifndef IN_IFF_DUPLICATED
 	else {
 		struct bootp *bootp;
 		size_t len;
 		bootp = state->new;
 		len = state->new_len;
 		state->new = state->offer;
 		state->new_len = state->offer_len;
 		get_lease(ifp, &state->lease, state->new, state->new_len);
 		ipv4_applyaddr(ifp);
 		state->new = bootp;
 		state->new_len = len;
+	}
 #endif
 #ifdef IPV4LL
 	/* Stop IPv4LL now we have a working DHCP address */
 	ipv4ll_drop(ifp);
 #endif
 	if (ifp->options->options & DHCPCD_INFORM)
 		dhcp_inform(ifp);
+}
 static bool
 dhcp_addr_duplicated(struct interface *ifp, struct in_addr *ia)
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	unsigned long long opts = ifp->options->options;
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	bool deleted = false;
 #ifdef IN_IFF_DUPLICATED
 	struct ipv4_addr *iap;
 #endif
 	if ((state->offer == NULL || state->offer->yiaddr != ia->s_addr) &&
 	    !IN_ARE_ADDR_EQUAL(ia, &state->lease.addr))
 		return deleted;
 	/* RFC 2131 3.1.5, Client-server interaction */
 	logerrx("%s: DAD detected %s", ifp->name, inet_ntoa(*ia));
 	dhcp_unlink(ifp->ctx, state->leasefile);
 	if (!(opts & DHCPCD_STATIC) && !state->lease.frominfo)
 		dhcp_decline(ifp);
 #ifdef IN_IFF_DUPLICATED
 	if ((iap = ipv4_iffindaddr(ifp, ia, NULL)) != NULL) {
 		ipv4_deladdr(iap, 0);
 		deleted = true;
+	}
 #endif
 	eloop_timeout_delete(ctx->eloop, NULL, ifp);
 	if (opts & (DHCPCD_STATIC | DHCPCD_INFORM)) {
 		state->reason = "EXPIRE";
 		script_runreason(ifp, state->reason);
 #define NOT_ONLY_SELF (DHCPCD_MASTER | DHCPCD_IPV6RS | DHCPCD_DHCP6)
 		if (!(ctx->options & NOT_ONLY_SELF))
 			eloop_exit(ifp->ctx->eloop, EXIT_FAILURE);
 		return deleted;
+	}
 	eloop_timeout_add_sec(ifp->ctx->eloop,
 	    DHCP_RAND_MAX, dhcp_discover, ifp);
 	return deleted;
+}
 #endif
 #ifdef ARP
 #ifdef KERNEL_RFC5227
 #ifdef ARPING
 static void
 dhcp_arp_announced(struct arp_state *state)
+{
 	arp_free(state);
+}
 #endif
 #else
 static void
 dhcp_arp_defend_failed(struct arp_state *astate)
+{
 	struct interface *ifp = astate->iface;
 	dhcp_drop(ifp, "EXPIRED");
 	dhcp_start1(ifp);
+}
 #endif
 #if !defined(KERNEL_RFC5227) || defined(ARPING)
 static void dhcp_arp_not_found(struct arp_state *);
 static struct arp_state *
 dhcp_arp_new(struct interface *ifp, struct in_addr *addr)
+{
 	struct arp_state *astate;
 	astate = arp_new(ifp, addr);
 	if (astate == NULL)
 		return NULL;
 	astate->found_cb = dhcp_arp_found;
 	astate->not_found_cb = dhcp_arp_not_found;
 #ifdef KERNEL_RFC5227
 	astate->announced_cb = dhcp_arp_announced;
 #else
 	astate->announced_cb = NULL;
 	astate->defend_failed_cb = dhcp_arp_defend_failed;
 #endif
 	return astate;
+}
 #endif
 #ifdef ARPING
 static int
 dhcp_arping(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	struct if_options *ifo;
 	struct arp_state *astate;
 	struct in_addr addr;
 	state = D_STATE(ifp);
 	ifo = ifp->options;
 	if (ifo->arping_len == 0 || state->arping_index > ifo->arping_len)
 		return 0;
 	if (state->arping_index + 1 == ifo->arping_len) {
 		state->arping_index++;
 		dhcpcd_startinterface(ifp);
 		return 1;
+	}
 	addr.s_addr = ifo->arping[++state->arping_index];
 	astate = dhcp_arp_new(ifp, &addr);
 	if (astate == NULL) {
 		logerr(__func__);
 		return -1;
+	}
 	arp_probe(astate);
 	return 1;
+}
 #endif
 #if !defined(KERNEL_RFC5227) || defined(ARPING)
 static void
 dhcp_arp_not_found(struct arp_state *astate)
+{
 	struct interface *ifp;
 	ifp = astate->iface;
 #ifdef ARPING
 	if (dhcp_arping(ifp) == 1) {
 		arp_free(astate);
 		return;
+	}
 #endif
 	dhcp_finish_dad(ifp, &astate->addr);
+}
 static void
 dhcp_arp_found(struct arp_state *astate, const struct arp_msg *amsg)
+{
 	struct in_addr addr;
 	struct interface *ifp = astate->iface;
 #ifdef ARPING
 	struct dhcp_state *state;
 	struct if_options *ifo;
 	state = D_STATE(ifp);
 	ifo = ifp->options;
 	if (state->arping_index != -1 &&
 	    state->arping_index < ifo->arping_len &&
 	    amsg &&
 	    amsg->sip.s_addr == ifo->arping[state->arping_index])
+	{
 		char buf[HWADDR_LEN * 3];
 		hwaddr_ntoa(amsg->sha, ifp->hwlen, buf, sizeof(buf));
 		if (dhcpcd_selectprofile(ifp, buf) == -1 &&
 		    dhcpcd_selectprofile(ifp, inet_ntoa(amsg->sip)) == -1)
+		{
 			/* We didn't find a profile for this
 			 * address or hwaddr, so move to the next
 			 * arping profile */
 			dhcp_arp_not_found(astate);
 			return;
+		}
 		arp_free(astate);
 		eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 		dhcpcd_startinterface(ifp);
 		return;
+	}
 #else
 	UNUSED(amsg);
 #endif
 	addr = astate->addr;
 	arp_free(astate);
 	dhcp_addr_duplicated(ifp, &addr);
+}
 #endif
 #endif /* ARP */
 void
 dhcp_bind(struct interface *ifp)
+{
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	struct dhcp_state *state = D_STATE(ifp);
 	struct if_options *ifo = ifp->options;
 	struct dhcp_lease *lease = &state->lease;
 	uint8_t old_state;
 	state->reason = NULL;
 	/* If we don't have an offer, we are re-binding a lease on preference,
 	 * normally when two interfaces have a lease matching IP addresses. */
 	if (state->offer) {
 		free(state->old);
 		state->old = state->new;
 		state->old_len = state->new_len;
 		state->new = state->offer;
 		state->new_len = state->offer_len;
 		state->offer = NULL;
 		state->offer_len = 0;
+	}
 	get_lease(ifp, lease, state->new, state->new_len);
 	if (ifo->options & DHCPCD_STATIC) {
 		loginfox("%s: using static address %s/%d",
 		    ifp->name, inet_ntoa(lease->addr),
 		    inet_ntocidr(lease->mask));
 		lease->leasetime = DHCP_INFINITE_LIFETIME;
 		state->reason = "STATIC";
 	} else if (ifo->options & DHCPCD_INFORM) {
 		loginfox("%s: received approval for %s",
 		    ifp->name, inet_ntoa(lease->addr));
 		lease->leasetime = DHCP_INFINITE_LIFETIME;
 		state->reason = "INFORM";
 	} else {
 		if (lease->frominfo)
 			state->reason = "TIMEOUT";
 		if (lease->leasetime == DHCP_INFINITE_LIFETIME) {
 			lease->renewaltime =
 			    lease->rebindtime =
 			    lease->leasetime;
 			loginfox("%s: leased %s for infinity",
 			   ifp->name, inet_ntoa(lease->addr));
 		} else {
 			if (lease->leasetime < DHCP_MIN_LEASE) {
 				logwarnx("%s: minimum lease is %d seconds",
 				    ifp->name, DHCP_MIN_LEASE);
 				lease->leasetime = DHCP_MIN_LEASE;
+			}
 			if (lease->rebindtime == 0)
 				lease->rebindtime =
 				    (uint32_t)(lease->leasetime * T2);
 			else if (lease->rebindtime >= lease->leasetime) {
 				lease->rebindtime =
 				    (uint32_t)(lease->leasetime * T2);
 				logwarnx("%s: rebind time greater than lease "
 				    "time, forcing to %"PRIu32" seconds",
 				    ifp->name, lease->rebindtime);
+			}
 			if (lease->renewaltime == 0)
 				lease->renewaltime =
 				    (uint32_t)(lease->leasetime * T1);
 			else if (lease->renewaltime > lease->rebindtime) {
 				lease->renewaltime =
 				    (uint32_t)(lease->leasetime * T1);
 				logwarnx("%s: renewal time greater than "
 				    "rebind time, forcing to %"PRIu32" seconds",
 				    ifp->name, lease->renewaltime);
+			}
 			if (state->state == DHS_RENEW && state->addr &&
 			    lease->addr.s_addr == state->addr->addr.s_addr &&
 			    !(state->added & STATE_FAKE))
 				logdebugx("%s: leased %s for %"PRIu32" seconds",
 				    ifp->name, inet_ntoa(lease->addr),
 				    lease->leasetime);
 			else
 				loginfox("%s: leased %s for %"PRIu32" seconds",
 				    ifp->name, inet_ntoa(lease->addr),
 				    lease->leasetime);
+		}
+	}
 	if (ctx->options & DHCPCD_TEST) {
 		state->reason = "TEST";
 		script_runreason(ifp, state->reason);
 		eloop_exit(ctx->eloop, EXIT_SUCCESS);
 		return;
+	}
 	if (state->reason == NULL) {
 		if (state->old &&
 		    !(state->added & (STATE_FAKE | STATE_EXPIRED)))
+		{
 			if (state->old->yiaddr == state->new->yiaddr &&
 			    lease->server.s_addr &&
 			    state->state != DHS_REBIND)
 				state->reason = "RENEW";
 			else
 				state->reason = "REBIND";
 		} else if (state->state == DHS_REBOOT)
 			state->reason = "REBOOT";
 		else
 			state->reason = "BOUND";
+	}
 	if (lease->leasetime == DHCP_INFINITE_LIFETIME)
 		lease->renewaltime = lease->rebindtime = lease->leasetime;
 	else {
 		eloop_timeout_add_sec(ctx->eloop,
 		    lease->renewaltime, dhcp_startrenew, ifp);
 		eloop_timeout_add_sec(ctx->eloop,
 		    lease->rebindtime, dhcp_rebind, ifp);
 		eloop_timeout_add_sec(ctx->eloop,
 		    lease->leasetime, dhcp_expire, ifp);
 		logdebugx("%s: renew in %"PRIu32" seconds, rebind in %"PRIu32
 		    " seconds",
 		    ifp->name, lease->renewaltime, lease->rebindtime);
+	}
 	state->state = DHS_BOUND;
 	if (!state->lease.frominfo &&
 	    !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))) {
 		logdebugx("%s: writing lease: %s",
 		    ifp->name, state->leasefile);
 		if (dhcp_writefile(ifp->ctx, state->leasefile, 0640,
 		    state->new, state->new_len) == -1)
 			logerr("dhcp_writefile: %s", state->leasefile);
+	}
 	old_state = state->added;
 	/* Close the BPF filter as we can now receive DHCP messages
 	 * on a UDP socket. */
-	old_state = state->added;
+	dhcp_closebpf(ifp);
 	if (ctx->options & DHCPCD_MASTER ||
 	    state->old == NULL ||
 	    state->old->yiaddr != state->new->yiaddr || old_state & STATE_FAKE)
 		dhcp_close(ifp);
 	/* Add the address */
 	ipv4_applyaddr(ifp);
 	/* If not in master mode, open an address specific socket. */
 	if (ctx->options & DHCPCD_MASTER ||
 	    (state->old != NULL &&
-	    state->old->yiaddr == state->new->yiaddr &&
+	     state->old->yiaddr == state->new->yiaddr &&
-	    old_state & STATE_ADDED && !(old_state & STATE_FAKE)))
+	     old_state & STATE_ADDED && !(old_state & STATE_FAKE)))
 		return;
 	dhcp_closeinet(ifp);
 #ifdef PRIVSEP
 	if (IN_PRIVSEP_SE(ctx)) {
 		if (ps_inet_openbootp(state->addr) == -1)
 		    logerr(__func__);
 		return;
+	}
 #endif
 	state->udp_rfd = dhcp_openudp(&state->addr->addr);
 	if (state->udp_rfd == -1) {
 		logerr(__func__);
 		/* Address sharing without master mode is not supported.
 		 * It's also possible another DHCP client could be running,
 		 * which is even worse.
 		 * We still need to work, so re-open BPF. */
 		dhcp_openbpf(ifp);
 		return;
+	}
 	eloop_event_add(ctx->eloop, state->udp_rfd, dhcp_handleifudp, ifp);
+}
 static size_t
 dhcp_message_new(struct bootp **bootp,
     const struct in_addr *addr, const struct in_addr *mask)
+{
 	uint8_t *p;
 	uint32_t cookie;
 	if ((*bootp = calloc(1, sizeof(**bootp))) == NULL)
 		return 0;
 	(*bootp)->yiaddr = addr->s_addr;
 	p = (*bootp)->vend;
 	cookie = htonl(MAGIC_COOKIE);
 	memcpy(p, &cookie, sizeof(cookie));
 	p += sizeof(cookie);
 	if (mask->s_addr != INADDR_ANY) {
 		*p++ = DHO_SUBNETMASK;
 		*p++ = sizeof(mask->s_addr);
 		memcpy(p, &mask->s_addr, sizeof(mask->s_addr));
 		p+= sizeof(mask->s_addr);
+	}
 	*p = DHO_END;
 	return sizeof(**bootp);
+}
 #if defined(ARP) || defined(KERNEL_RFC5227)
 static int
 dhcp_arp_address(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	struct in_addr addr;
 	struct ipv4_addr *ia;
 	eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 	state = D_STATE(ifp);
 	addr.s_addr = state->offer->yiaddr == INADDR_ANY ?
 	    state->offer->ciaddr : state->offer->yiaddr;
 	/* If the interface already has the address configured
 	 * then we can't ARP for duplicate detection. */
 	ia = ipv4_iffindaddr(ifp, &addr, NULL);
 #ifdef IN_IFF_NOTUSEABLE
 	if (ia == NULL || ia->addr_flags & IN_IFF_NOTUSEABLE) {
 		state->state = DHS_PROBE;
 		if (ia == NULL) {
 			struct dhcp_lease l;
 			get_lease(ifp, &l, state->offer, state->offer_len);
 			/* Add the address now, let the kernel handle DAD. */
 			ipv4_addaddr(ifp, &l.addr, &l.mask, &l.brd,
 			    l.leasetime, l.rebindtime);
 		} else if (ia->addr_flags & IN_IFF_DUPLICATED)
 			dhcp_addr_duplicated(ifp, &ia->addr);
 		else
 			loginfox("%s: waiting for DAD on %s",
 			    ifp->name, inet_ntoa(addr));
 		return 0;
+	}
 #else
 	if (!(ifp->flags & IFF_NOARP) &&
 	    ifp->options->options & DHCPCD_ARP)
+	{
 		struct arp_state *astate;
 		struct dhcp_lease l;
 		/* Even if the address exists, we need to defend it. */
 		astate = dhcp_arp_new(ifp, &addr);
 		if (astate == NULL)
 			return -1;
 		if (ia == NULL) {
 			state->state = DHS_PROBE;
 			get_lease(ifp, &l, state->offer, state->offer_len);
 			loginfox("%s: probing address %s/%d",
 			    ifp->name, inet_ntoa(l.addr), inet_ntocidr(l.mask));
 			/* We need to handle DAD. */
 			arp_probe(astate);
 			return 0;
+		}
+	}
 #endif
 	return 1;
+}
 static void
 dhcp_arp_bind(struct interface *ifp)
+{
 	if (ifp->ctx->options & DHCPCD_TEST ||
 	    dhcp_arp_address(ifp) == 1)
 		dhcp_bind(ifp);
+}
 #endif
 static void
 dhcp_lastlease(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcp_state *state = D_STATE(ifp);
 	loginfox("%s: timed out contacting a DHCP server, using last lease",
 	    ifp->name);
 #if defined(ARP) || defined(KERNEL_RFC5227)
 	dhcp_arp_bind(ifp);
 #else
 	dhcp_bind(ifp);
 #endif
 	/* Set expired here because dhcp_bind() -> ipv4_addaddr() will reset
 	 * state */
 	state->added |= STATE_EXPIRED;
 	state->interval = 0;
 	dhcp_discover(ifp);
+}
 static void
 dhcp_static(struct interface *ifp)
+{
 	struct if_options *ifo;
 	struct dhcp_state *state;
 	struct ipv4_addr *ia;
 	state = D_STATE(ifp);
 	ifo = ifp->options;
 	ia = NULL;
 	if (ifo->req_addr.s_addr == INADDR_ANY &&
 	    (ia = ipv4_iffindaddr(ifp, NULL, NULL)) == NULL)
+	{
 		loginfox("%s: waiting for 3rd party to "
 		    "configure IP address", ifp->name);
 		state->reason = "3RDPARTY";
 		script_runreason(ifp, state->reason);
 		return;
+	}
 	state->offer_len = dhcp_message_new(&state->offer,
 	    ia ? &ia->addr : &ifo->req_addr,
 	    ia ? &ia->mask : &ifo->req_mask);
 	if (state->offer_len)
 #if defined(ARP) || defined(KERNEL_RFC5227)
 		dhcp_arp_bind(ifp);
 #else
 		dhcp_bind(ifp);
 #endif
+}
 void
 dhcp_inform(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	struct if_options *ifo;
 	struct ipv4_addr *ia;
 	state = D_STATE(ifp);
 	ifo = ifp->options;
 	state->state = DHS_INFORM;
 	free(state->offer);
 	state->offer = NULL;
 	state->offer_len = 0;
 	if (ifo->req_addr.s_addr == INADDR_ANY) {
 		ia = ipv4_iffindaddr(ifp, NULL, NULL);
 		if (ia == NULL) {
 			loginfox("%s: waiting for 3rd party to "
 			    "configure IP address",
 			    ifp->name);
 			if (!(ifp->ctx->options & DHCPCD_TEST)) {
 				state->reason = "3RDPARTY";
 				script_runreason(ifp, state->reason);
+			}
 			return;
+		}
 	} else {
 		ia = ipv4_iffindaddr(ifp, &ifo->req_addr, &ifo->req_mask);
 		if (ia == NULL) {
 			if (ifp->ctx->options & DHCPCD_TEST) {
 				logerrx("%s: cannot add IP address in test mode",
 				    ifp->name);
 				return;
+			}
 			ia = ipv4_iffindaddr(ifp, &ifo->req_addr, NULL);
 			if (ia != NULL)
 				/* Netmask must be different, delete it. */
 				ipv4_deladdr(ia, 1);
 			state->offer_len = dhcp_message_new(&state->offer,
 			    &ifo->req_addr, &ifo->req_mask);
 #ifdef ARP
 			if (dhcp_arp_address(ifp) != 1)
 				return;
 #endif
 			ia = ipv4_iffindaddr(ifp,
 			    &ifo->req_addr, &ifo->req_mask);
 			assert(ia != NULL);
+		}
+	}
 	state->addr = ia;
 	state->offer_len = dhcp_message_new(&state->offer,
 	    &ia->addr, &ia->mask);
 	if (state->offer_len) {
 		dhcp_new_xid(ifp);
 		get_lease(ifp, &state->lease, state->offer, state->offer_len);
 		send_inform(ifp);
+	}
+}
 void
 dhcp_reboot_newopts(struct interface *ifp, unsigned long long oldopts)
+{
 	struct if_options *ifo;
 	struct dhcp_state *state = D_STATE(ifp);
 	if (state == NULL || state->state == DHS_NONE)
 		return;
 	ifo = ifp->options;
 	if ((ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC) &&
 		(state->addr == NULL ||
 		state->addr->addr.s_addr != ifo->req_addr.s_addr)) ||
 	    (oldopts & (DHCPCD_INFORM | DHCPCD_STATIC) &&
 		!(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))))
+	{
 		dhcp_drop(ifp, "EXPIRE");
+	}
+}
 #ifdef ARP
 static int
 dhcp_activeaddr(const struct interface *ifp, const struct in_addr *addr)
+{
 	const struct interface *ifp1;
 	const struct dhcp_state *state;
 	TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) {
 		if (ifp1 == ifp)
 			continue;
 		if ((state = D_CSTATE(ifp1)) == NULL)
 			continue;
 		switch(state->state) {
 		case DHS_REBOOT:
 		case DHS_RENEW:
 		case DHS_REBIND:
 		case DHS_BOUND:
 		case DHS_INFORM:
 			break;
 		default:
 			continue;
+		}
 		if (state->lease.addr.s_addr == addr->s_addr)
 			return 1;
+	}
 	return 0;
+}
 #endif
 static void
 dhcp_reboot(struct interface *ifp)
+{
 	struct if_options *ifo;
 	struct dhcp_state *state = D_STATE(ifp);
 #ifdef ARP
 	struct ipv4_addr *ia;
 #endif
 	if (state == NULL || state->state == DHS_NONE)
 		return;
 	ifo = ifp->options;
 	state->state = DHS_REBOOT;
 	state->interval = 0;
 	if (ifo->options & DHCPCD_LINK && !if_is_link_up(ifp)) {
 		loginfox("%s: waiting for carrier", ifp->name);
 		return;
+	}
 	if (ifo->options & DHCPCD_STATIC) {
 		dhcp_static(ifp);
 		return;
+	}
 	if (ifo->options & DHCPCD_INFORM) {
 		loginfox("%s: informing address of %s",
 		    ifp->name, inet_ntoa(state->lease.addr));
 		dhcp_inform(ifp);
 		return;
+	}
 	if (ifo->reboot == 0 || state->offer == NULL) {
 		dhcp_discover(ifp);
 		return;
+	}
 	if (!IS_DHCP(state->offer))
 		return;
 	loginfox("%s: rebinding lease of %s",
 	    ifp->name, inet_ntoa(state->lease.addr));
 #ifdef ARP
 #ifndef KERNEL_RFC5227
 	/* Create the DHCP ARP state so we can defend it. */
 	(void)dhcp_arp_new(ifp, &state->lease.addr);
 #endif
 	/* If the address exists on the interface and no other interface
 	 * is currently using it then announce it to ensure this
 	 * interface gets the reply. */
 	ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL);
 	if (ia != NULL &&
 	    !(ifp->ctx->options & DHCPCD_TEST) &&
 #ifdef IN_IFF_NOTUSEABLE
 	    !(ia->addr_flags & IN_IFF_NOTUSEABLE) &&
 #endif
 	    dhcp_activeaddr(ifp, &state->lease.addr) == 0)
 		arp_ifannounceaddr(ifp, &state->lease.addr);
 #endif
 	dhcp_new_xid(ifp);
 	state->lease.server.s_addr = INADDR_ANY;
 	eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 #ifdef IPV4LL
 	/* Need to add this before dhcp_expire and friends. */
 	if (!ifo->fallback && ifo->options & DHCPCD_IPV4LL)
 		eloop_timeout_add_sec(ifp->ctx->eloop,
 		    ifo->reboot, ipv4ll_start, ifp);
 #endif
 	if (ifo->options & DHCPCD_LASTLEASE && state->lease.frominfo)
 		eloop_timeout_add_sec(ifp->ctx->eloop,
 		    ifo->reboot, dhcp_lastlease, ifp);
 	else if (!(ifo->options & DHCPCD_INFORM))
 		eloop_timeout_add_sec(ifp->ctx->eloop,
 		    ifo->reboot, dhcp_expire, ifp);
 	/* Don't bother ARP checking as the server could NAK us first.
 	 * Don't call dhcp_request as that would change the state */
 	send_request(ifp);
+}
 void
 dhcp_drop(struct interface *ifp, const char *reason)
+{
 	struct dhcp_state *state;
 #ifdef RELEASE_SLOW
 	struct timespec ts;
 #endif
 	state = D_STATE(ifp);
 	/* dhcp_start may just have been called and we don't yet have a state
 	 * but we do have a timeout, so punt it. */
 	if (state == NULL || state->state == DHS_NONE) {
 		eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 		return;
+	}
 #ifdef ARP
 	if (state->addr != NULL)
 		arp_freeaddr(ifp, &state->addr->addr);
 #endif
 #ifdef ARPING
 	state->arping_index = -1;
 #endif
 	if (ifp->options->options & DHCPCD_RELEASE &&
 	    !(ifp->options->options & DHCPCD_INFORM))
+	{
 		/* Failure to send the release may cause this function to
 		 * re-enter so guard by setting the state. */
 		if (state->state == DHS_RELEASE)
 			return;
 		state->state = DHS_RELEASE;
 		dhcp_unlink(ifp->ctx, state->leasefile);
 		if (if_is_link_up(ifp) &&
 		    state->new != NULL &&
 		    state->lease.server.s_addr != INADDR_ANY)
+		{
 			loginfox("%s: releasing lease of %s",
 			    ifp->name, inet_ntoa(state->lease.addr));
 			dhcp_new_xid(ifp);
 			send_message(ifp, DHCP_RELEASE, NULL);
 #ifdef RELEASE_SLOW
 			/* Give the packet a chance to go */
 			ts.tv_sec = RELEASE_DELAY_S;
 			ts.tv_nsec = RELEASE_DELAY_NS;
 			nanosleep(&ts, NULL);
 #endif
+		}
+	}
 #ifdef AUTH
 	else if (state->auth.reconf != NULL) {
 		/*
 		 * Drop the lease as the token may only be present
 		 * in the initial reply message and not subsequent
 		 * renewals.
 		 * If dhcpcd is restarted, the token is lost.
 		 * XXX persist this in another file?
 		 */
 		dhcp_unlink(ifp->ctx, state->leasefile);
+	}
 #endif
 	eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 #ifdef AUTH
 	dhcp_auth_reset(&state->auth);
 #endif
 	/* Close DHCP ports so a changed interface family is picked
 	 * up by a new BPF state. */
 	dhcp_close(ifp);
 	state->state = DHS_NONE;
 	free(state->offer);
 	state->offer = NULL;
 	state->offer_len = 0;
 	free(state->old);
 	state->old = state->new;
 	state->old_len = state->new_len;
 	state->new = NULL;
 	state->new_len = 0;
 	state->reason = reason;
 	ipv4_applyaddr(ifp);
 	free(state->old);
 	state->old = NULL;
 	state->old_len = 0;
 	state->lease.addr.s_addr = 0;
 	ifp->options->options &= ~(DHCPCD_CSR_WARNED |
 	    DHCPCD_ROUTER_HOST_ROUTE_WARNED);
+}
 static int
 blacklisted_ip(const struct if_options *ifo, in_addr_t addr)
+{
 	size_t i;
 	for (i = 0; i < ifo->blacklist_len; i += 2)
 		if (ifo->blacklist[i] == (addr & ifo->blacklist[i + 1]))
 			return 1;
 	return 0;
+}
 #define	WHTLST_NONE	0
 #define	WHTLST_MATCH	1
 #define WHTLST_NOMATCH	2
 static unsigned int
 whitelisted_ip(const struct if_options *ifo, in_addr_t addr)
+{
 	size_t i;
 	if (ifo->whitelist_len == 0)
 		return WHTLST_NONE;
 	for (i = 0; i < ifo->whitelist_len; i += 2)
 		if (ifo->whitelist[i] == (addr & ifo->whitelist[i + 1]))
 			return WHTLST_MATCH;
 	return WHTLST_NOMATCH;
+}
 static void
 log_dhcp(int loglevel, const char *msg,
     const struct interface *ifp, const struct bootp *bootp, size_t bootp_len,
     const struct in_addr *from, int ad)
+{
 	const char *tfrom;
 	char *a, sname[sizeof(bootp->sname) * 4];
 	struct in_addr addr;
 	int r;
 	uint8_t overl;
 	if (strcmp(msg, "NAK:") == 0) {
 		a = get_option_string(ifp->ctx, bootp, bootp_len, DHO_MESSAGE);
 		if (a) {
 			char *tmp;
 			size_t al, tmpl;
 			al = strlen(a);
 			tmpl = (al * 4) + 1;
 			tmp = malloc(tmpl);
 			if (tmp == NULL) {
 				logerr(__func__);
 				free(a);
 				return;
+			}
 			print_string(tmp, tmpl, OT_STRING, (uint8_t *)a, al);
 			free(a);
 			a = tmp;
+		}
 	} else if (ad && bootp->yiaddr != 0) {
 		addr.s_addr = bootp->yiaddr;
 		a = strdup(inet_ntoa(addr));
 		if (a == NULL) {
 			logerr(__func__);
 			return;
+		}
 	} else
 		a = NULL;
 	tfrom = "from";
 	r = get_option_addr(ifp->ctx, &addr, bootp, bootp_len, DHO_SERVERID);
 	if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len,
 	    DHO_OPTSOVERLOADED) == -1)
 		overl = 0;
 	if (bootp->sname[0] && r == 0 && !(overl & 2)) {
 		print_string(sname, sizeof(sname), OT_STRING | OT_DOMAIN,
 		    bootp->sname, sizeof(bootp->sname));
 		if (a == NULL)
 			logmessage(loglevel, "%s: %s %s %s %s",
 			    ifp->name, msg, tfrom, inet_ntoa(addr), sname);
 		else
 			logmessage(loglevel, "%s: %s %s %s %s %s",
 			    ifp->name, msg, a, tfrom, inet_ntoa(addr), sname);
 	} else {
 		if (r != 0) {
 			tfrom = "via";
 			addr = *from;
+		}
 		if (a == NULL)
 			logmessage(loglevel, "%s: %s %s %s",
 			    ifp->name, msg, tfrom, inet_ntoa(addr));
 		else
 			logmessage(loglevel, "%s: %s %s %s %s",
 			    ifp->name, msg, a, tfrom, inet_ntoa(addr));
+	}
 	free(a);
+}
 /* If we're sharing the same IP address with another interface on the
  * same network, we may receive the DHCP reply on the wrong interface.
  * Try and re-direct it here. */
 static void
 dhcp_redirect_dhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
     const struct in_addr *from)
+{
 	struct interface *ifn;
 	const struct dhcp_state *state;
 	uint32_t xid;
 	xid = ntohl(bootp->xid);
 	TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) {
 		if (ifn == ifp)
 			continue;
 		state = D_CSTATE(ifn);
 		if (state == NULL || state->state == DHS_NONE)
 			continue;
 		if (state->xid != xid)
 			continue;
 		if (ifn->hwlen <= sizeof(bootp->chaddr) &&
 		    memcmp(bootp->chaddr, ifn->hwaddr, ifn->hwlen))
 			continue;
 		logdebugx("%s: redirecting DHCP message to %s",
 		    ifp->name, ifn->name);
 		dhcp_handledhcp(ifn, bootp, bootp_len, from);
+	}
+}
 static void
 dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
     const struct in_addr *from)
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	struct if_options *ifo = ifp->options;
 	struct dhcp_lease *lease = &state->lease;
 	uint8_t type, tmp;
 	struct in_addr addr;
 	unsigned int i;
 	char *msg;
 	bool bootp_copied;
 	uint32_t v6only_time = 0;
 	bool use_v6only = false;
 #ifdef AUTH
 	const uint8_t *auth;
 	size_t auth_len;
 #endif
 #ifdef IN_IFF_DUPLICATED
 	struct ipv4_addr *ia;
 #endif
 #define LOGDHCP0(l, m) \
 	log_dhcp((l), (m), ifp, bootp, bootp_len, from, 0)
 #define LOGDHCP(l, m) \
 	log_dhcp((l), (m), ifp, bootp, bootp_len, from, 1)
 #define IS_STATE_ACTIVE(s) ((s)-state != DHS_NONE && \
 	(s)->state != DHS_INIT && (s)->state != DHS_BOUND)
 	if (bootp->op != BOOTREPLY) {
 		if (IS_STATE_ACTIVE(state))
 			logdebugx("%s: op (%d) is not BOOTREPLY",
 			    ifp->name, bootp->op);
 		return;
+	}
 	if (state->xid != ntohl(bootp->xid)) {
 		if (IS_STATE_ACTIVE(state))
 			logdebugx("%s: wrong xid 0x%x (expecting 0x%x) from %s",
 			    ifp->name, ntohl(bootp->xid), state->xid,
 			    inet_ntoa(*from));
 		dhcp_redirect_dhcp(ifp, bootp, bootp_len, from);
 		return;
+	}
 	if (ifp->hwlen <= sizeof(bootp->chaddr) &&
 	    memcmp(bootp->chaddr, ifp->hwaddr, ifp->hwlen))
+	{
 		if (IS_STATE_ACTIVE(state)) {
 			char buf[sizeof(bootp->chaddr) * 3];
 			logdebugx("%s: xid 0x%x is for hwaddr %s",
 			    ifp->name, ntohl(bootp->xid),
 			    hwaddr_ntoa(bootp->chaddr, sizeof(bootp->chaddr),
 				    buf, sizeof(buf)));
+		}
 		dhcp_redirect_dhcp(ifp, bootp, bootp_len, from);
 		return;
+	}
 	if (!ifp->active)
 		return;
 	i = whitelisted_ip(ifp->options, from->s_addr);
 	switch (i) {
 	case WHTLST_NOMATCH:
 		logwarnx("%s: non whitelisted DHCP packet from %s",
 		    ifp->name, inet_ntoa(*from));
 		return;
 	case WHTLST_MATCH:
 		break;
 	case WHTLST_NONE:
 		if (blacklisted_ip(ifp->options, from->s_addr) == 1) {
 			logwarnx("%s: blacklisted DHCP packet from %s",
 			    ifp->name, inet_ntoa(*from));
 			return;
+		}
+	}
 	/* We may have found a BOOTP server */
 	if (get_option_uint8(ifp->ctx, &type,
 	    bootp, bootp_len, DHO_MESSAGETYPE) == -1)
 		type = 0;
 	else if (ifo->options & DHCPCD_BOOTP) {
 		logdebugx("%s: ignoring DHCP reply (expecting BOOTP)",
 		    ifp->name);
 		return;
+	}
 #ifdef AUTH
 	/* Authenticate the message */
 	auth = get_option(ifp->ctx, bootp, bootp_len,
 	    DHO_AUTHENTICATION, &auth_len);
 	if (auth) {
 		if (dhcp_auth_validate(&state->auth, &ifo->auth,
 		    (uint8_t *)bootp, bootp_len, 4, type,
 		    auth, auth_len) == NULL)
+		{
 			LOGDHCP0(LOG_ERR, "authentication failed");
 			return;
+		}
 		if (state->auth.token)
 			logdebugx("%s: validated using 0x%08" PRIu32,
 			    ifp->name, state->auth.token->secretid);
 		else
 			loginfox("%s: accepted reconfigure key", ifp->name);
 	} else if (ifo->auth.options & DHCPCD_AUTH_SEND) {
 		if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) {
 			LOGDHCP0(LOG_ERR, "no authentication");
 			return;
+		}
 		LOGDHCP0(LOG_WARNING, "no authentication");
+	}
 #endif
 	/* RFC 3203 */
 	if (type == DHCP_FORCERENEW) {
 		if (from->s_addr == INADDR_ANY ||
 		    from->s_addr == INADDR_BROADCAST)
+		{
 			LOGDHCP(LOG_ERR, "discarding Force Renew");
 			return;
+		}
 #ifdef AUTH
 		if (auth == NULL) {
 			LOGDHCP(LOG_ERR, "unauthenticated Force Renew");
 			if (ifo->auth.options & DHCPCD_AUTH_REQUIRE)
 				return;
+		}
 		if (state->state != DHS_BOUND && state->state != DHS_INFORM) {
 			LOGDHCP(LOG_DEBUG, "not bound, ignoring Force Renew");
 			return;
+		}
 		LOGDHCP(LOG_INFO, "Force Renew from");
 		/* The rebind and expire timings are still the same, we just
 		 * enter the renew state early */
 		if (state->state == DHS_BOUND)
 			dhcp_renew(ifp);
 		else {
 			eloop_timeout_delete(ifp->ctx->eloop,
 			    send_inform, ifp);
 			dhcp_inform(ifp);
+		}
 #else
 		LOGDHCP(LOG_ERR, "unauthenticated Force Renew");
 #endif
 		return;
+	}
 	if (state->state == DHS_BOUND) {
 		LOGDHCP(LOG_DEBUG, "bound, ignoring");
 		return;
+	}
 	if (state->state == DHS_PROBE) {
 		/* Ignore any DHCP messages whilst probing a lease to bind. */
 		LOGDHCP(LOG_DEBUG, "probing, ignoring");
 		return;
+	}
 	/* reset the message counter */
 	state->interval = 0;
 	/* Ensure that no reject options are present */
 	for (i = 1; i < 255; i++) {
 		if (has_option_mask(ifo->rejectmask, i) &&
 		    get_option_uint8(ifp->ctx, &tmp,
 		    bootp, bootp_len, (uint8_t)i) == 0)
+		{
 			LOGDHCP(LOG_WARNING, "reject DHCP");
 			return;
+		}
+	}
 	if (type == DHCP_NAK) {
 		/* For NAK, only check if we require the ServerID */
 		if (has_option_mask(ifo->requiremask, DHO_SERVERID) &&
 		    get_option_addr(ifp->ctx, &addr,
 		    bootp, bootp_len, DHO_SERVERID) == -1)
+		{
 			LOGDHCP(LOG_WARNING, "reject NAK");
 			return;
+		}
 		/* We should restart on a NAK */
 		LOGDHCP(LOG_WARNING, "NAK:");
 		if ((msg = get_option_string(ifp->ctx,
 		    bootp, bootp_len, DHO_MESSAGE)))
+		{
 			logwarnx("%s: message: %s", ifp->name, msg);
 			free(msg);
+		}
 		if (state->state == DHS_INFORM) /* INFORM should not be NAKed */
 			return;
 		if (!(ifp->ctx->options & DHCPCD_TEST)) {
 			dhcp_drop(ifp, "NAK");
 			dhcp_unlink(ifp->ctx, state->leasefile);
+		}
 		/* If we constantly get NAKS then we should slowly back off */
 		eloop_timeout_add_sec(ifp->ctx->eloop,
 		    state->nakoff, dhcp_discover, ifp);
 		if (state->nakoff == 0)
 			state->nakoff = 1;
 		else {
 			state->nakoff *= 2;
 			if (state->nakoff > NAKOFF_MAX)
 				state->nakoff = NAKOFF_MAX;
+		}
 		return;
+	}
 	/* Ensure that all required options are present */
 	for (i = 1; i < 255; i++) {
 		if (has_option_mask(ifo->requiremask, i) &&
 		    get_option_uint8(ifp->ctx, &tmp,
 		    bootp, bootp_len, (uint8_t)i) != 0)
+		{
 			/* If we are BOOTP, then ignore the need for serverid.
 			 * To ignore BOOTP, require dhcp_message_type.
 			 * However, nothing really stops BOOTP from providing
 			 * DHCP style options as well so the above isn't
 			 * always true. */
 			if (type == 0 && i == DHO_SERVERID)
 				continue;
 			LOGDHCP(LOG_WARNING, "reject DHCP");
 			return;
+		}
+	}
 	if (has_option_mask(ifo->requestmask, DHO_IPV6_PREFERRED_ONLY)) {
 		if (get_option_uint32(ifp->ctx, &v6only_time, bootp, bootp_len,
 		    DHO_IPV6_PREFERRED_ONLY) == 0 &&
 		    (state->state == DHS_DISCOVER || state->state == DHS_REBOOT))
+		{
 			char v6msg[128];
 			use_v6only = true;
 			if (v6only_time < MIN_V6ONLY_WAIT)
 				v6only_time = MIN_V6ONLY_WAIT;
 			snprintf(v6msg, sizeof(v6msg),
 			    "IPv6-Only Preferred received (%u seconds)",
 			    v6only_time);
 			LOGDHCP(LOG_INFO, v6msg);
+		}
+	}
 	/* DHCP Auto-Configure, RFC 2563 */
 	if (type == DHCP_OFFER && bootp->yiaddr == 0) {
 		LOGDHCP(LOG_WARNING, "no address given");
 		if ((msg = get_option_string(ifp->ctx,
 		    bootp, bootp_len, DHO_MESSAGE)))
+		{
 			logwarnx("%s: message: %s", ifp->name, msg);
 			free(msg);
+		}
 #ifdef IPV4LL
 		if (state->state == DHS_DISCOVER &&
 		    get_option_uint8(ifp->ctx, &tmp, bootp, bootp_len,
 		    DHO_AUTOCONFIGURE) == 0)
+		{
 			switch (tmp) {
 			case 0:
 				LOGDHCP(LOG_WARNING, "IPv4LL disabled from");
 				ipv4ll_drop(ifp);
 #ifdef ARP
 				arp_drop(ifp);
 #endif
 				break;
 			case 1:
 				LOGDHCP(LOG_WARNING, "IPv4LL enabled from");
 				ipv4ll_start(ifp);
 				break;
 			default:
 				logerrx("%s: unknown auto configuration "
 				    "option %d",
 				    ifp->name, tmp);
 				break;
+			}
 			eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 			eloop_timeout_add_sec(ifp->ctx->eloop,
-			    DHCP_MAX, dhcp_discover, ifp);
+			    use_v6only ? v6only_time : DHCP_MAX,
 			    dhcp_discover, ifp);
+		}
 #endif
 		return;
+	}
 	if (use_v6only) {
 		dhcp_drop(ifp, "EXPIRE");
 		dhcp_unlink(ifp->ctx, state->leasefile);
 		eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 		eloop_timeout_add_sec(ifp->ctx->eloop, v6only_time,
 		    dhcp_discover, ifp);
 		return;
+	}
 	/* Ensure that the address offered is valid */
 	if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) &&
 	    (bootp->ciaddr == INADDR_ANY || bootp->ciaddr == INADDR_BROADCAST)
 	    &&
 	    (bootp->yiaddr == INADDR_ANY || bootp->yiaddr == INADDR_BROADCAST))
+	{
 		LOGDHCP(LOG_WARNING, "reject invalid address");
 		return;
+	}
 #ifdef IN_IFF_DUPLICATED
 	ia = ipv4_iffindaddr(ifp, &lease->addr, NULL);
 	if (ia && ia->addr_flags & IN_IFF_DUPLICATED) {
 		LOGDHCP(LOG_WARNING, "declined duplicate address");
 		if (type)
 			dhcp_decline(ifp);
 		ipv4_deladdr(ia, 0);
 		eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 		eloop_timeout_add_sec(ifp->ctx->eloop,
 		    DHCP_RAND_MAX, dhcp_discover, ifp);
 		return;
+	}
 #endif
 	bootp_copied = false;
 	if ((type == 0 || type == DHCP_OFFER) && state->state == DHS_DISCOVER) {
 		lease->frominfo = 0;
 		lease->addr.s_addr = bootp->yiaddr;
 		memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie));
 		if (type == 0 ||
 		    get_option_addr(ifp->ctx,
 		    &lease->server, bootp, bootp_len, DHO_SERVERID) != 0)
 			lease->server.s_addr = INADDR_ANY;
 		/* Test for rapid commit in the OFFER */
 		if (!(ifp->ctx->options & DHCPCD_TEST) &&
 		    has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT) &&
 		    get_option(ifp->ctx, bootp, bootp_len,
 		    DHO_RAPIDCOMMIT, NULL))
+		{
 			state->state = DHS_REQUEST;
 			goto rapidcommit;
+		}
 		LOGDHCP(LOG_INFO, "offered");
 		if (state->offer_len < bootp_len) {
 			free(state->offer);
 			if ((state->offer = malloc(bootp_len)) == NULL) {
 				logerr(__func__);
 				state->offer_len = 0;
 				return;
+			}
+		}
 		state->offer_len = bootp_len;
 		memcpy(state->offer, bootp, bootp_len);
 		bootp_copied = true;
 		if (ifp->ctx->options & DHCPCD_TEST) {
 			free(state->old);
 			state->old = state->new;
 			state->old_len = state->new_len;
 			state->new = state->offer;
 			state->new_len = state->offer_len;
 			state->offer = NULL;
 			state->offer_len = 0;
 			state->reason = "TEST";
 			script_runreason(ifp, state->reason);
 			eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS);
 			state->bpf->bpf_flags |= BPF_EOF;
 			return;
+		}
 		eloop_timeout_delete(ifp->ctx->eloop, send_discover, ifp);
 		/* We don't request BOOTP addresses */
 		if (type) {
 			/* We used to ARP check here, but that seems to be in
 			 * violation of RFC2131 where it only describes
 			 * DECLINE after REQUEST.
 			 * It also seems that some MS DHCP servers actually
 			 * ignore DECLINE if no REQUEST, ie we decline a
 			 * DISCOVER. */
 			dhcp_request(ifp);
 			return;
+		}
+	}
 	if (type) {
 		if (type == DHCP_OFFER) {
 			LOGDHCP(LOG_WARNING, "ignoring offer of");
 			return;
+		}
 		/* We should only be dealing with acks */
 		if (type != DHCP_ACK) {
 			LOGDHCP(LOG_ERR, "not ACK or OFFER");
 			return;
+		}
 		if (state->state == DHS_DISCOVER) {
 			/* We only allow ACK of rapid commit DISCOVER. */
 			if (has_option_mask(ifo->requestmask,
 			    DHO_RAPIDCOMMIT) &&
 			    get_option(ifp->ctx, bootp, bootp_len,
 			    DHO_RAPIDCOMMIT, NULL))
 				state->state = DHS_REQUEST;
 			else {
 				LOGDHCP(LOG_DEBUG, "ignoring ack of");
 				return;
+			}
+		}
 rapidcommit:
 		if (!(ifo->options & DHCPCD_INFORM))
 			LOGDHCP(LOG_DEBUG, "acknowledged");
 		else
 		    ifo->options &= ~DHCPCD_STATIC;
+	}
 	/* No NAK, so reset the backoff
 	 * We don't reset on an OFFER message because the server could
 	 * potentially NAK the REQUEST. */
 	state->nakoff = 0;
 	/* BOOTP could have already assigned this above. */
 	if (!bootp_copied) {
 		if (state->offer_len < bootp_len) {
 			free(state->offer);
 			if ((state->offer = malloc(bootp_len)) == NULL) {
 				logerr(__func__);
 				state->offer_len = 0;
 				return;
+			}
+		}
 		state->offer_len = bootp_len;
 		memcpy(state->offer, bootp, bootp_len);
+	}
 	lease->frominfo = 0;
 	eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
 #if defined(ARP) || defined(KERNEL_RFC5227)
 	dhcp_arp_bind(ifp);
 #else
 	dhcp_bind(ifp);
 #endif
+}
 static void *
 get_udp_data(void *packet, size_t *len)
+{
 	const struct ip *ip = packet;
 	size_t ip_hl = (size_t)ip->ip_hl * 4;
 	char *p = packet;
 	p += ip_hl + sizeof(struct udphdr);
 	*len = (size_t)ntohs(ip->ip_len) - sizeof(struct udphdr) - ip_hl;
 	return p;
+}
 static bool
 is_packet_udp_bootp(void *packet, size_t plen)
+{
 	struct ip *ip = packet;
 	size_t ip_hlen;
 	struct udphdr udp;
 	if (plen < sizeof(*ip))
 		return false;
 	if (ip->ip_v != IPVERSION || ip->ip_p != IPPROTO_UDP)
 		return false;
 	/* Sanity. */
 	if (ntohs(ip->ip_len) > plen)
 		return false;
 	ip_hlen = (size_t)ip->ip_hl * 4;
 	if (ip_hlen < sizeof(*ip))
 		return false;
 	/* Check we have a UDP header and BOOTP. */
 	if (ip_hlen + sizeof(udp) + offsetof(struct bootp, vend) > plen)
 		return false;
 	/* Sanity. */
 	memcpy(&udp, (char *)ip + ip_hlen, sizeof(udp));
 	if (ntohs(udp.uh_ulen) < sizeof(udp))
 		return false;
 	if (ip_hlen + ntohs(udp.uh_ulen) > plen)
 		return false;
 	/* Check it's to and from the right ports. */
 	if (udp.uh_dport != htons(BOOTPC) || udp.uh_sport != htons(BOOTPS))
 		return false;
 	return true;
+}
 /* Lengths have already been checked. */
 static bool
 checksums_valid(void *packet,
     struct in_addr *from, unsigned int flags)
+{
 	struct ip *ip = packet;
 	union pip {
 		struct ip ip;
 		uint16_t w[sizeof(struct ip) / 2];
 	} pip = {
 		.ip = {
 			.ip_p = IPPROTO_UDP,
 			.ip_src = ip->ip_src,
 			.ip_dst = ip->ip_dst,
+		}
 	};
 	size_t ip_hlen;
 	struct udphdr udp;
 	char *udpp, *uh_sump;
 	uint32_t csum;
 	if (from != NULL)
 		from->s_addr = ip->ip_src.s_addr;
 	ip_hlen = (size_t)ip->ip_hl * 4;
 	if (in_cksum(ip, ip_hlen, NULL) != 0)
 		return false;
 	if (flags & BPF_PARTIALCSUM)
 		return true;
 	udpp = (char *)ip + ip_hlen;
 	memcpy(&udp, udpp, sizeof(udp));
 	if (udp.uh_sum == 0)
 		return true;
 	/* UDP checksum is based on a pseudo IP header alongside
 	 * the UDP header and payload. */
 	pip.ip.ip_len = udp.uh_ulen;
 	csum = 0;
 	/* Need to zero the UDP sum in the packet for the checksum to work. */
 	uh_sump = udpp + offsetof(struct udphdr, uh_sum);
 	memset(uh_sump, 0, sizeof(udp.uh_sum));
 	/* Checksum pseudo header and then UDP + payload. */
 	in_cksum(pip.w, sizeof(pip.w), &csum);
 	csum = in_cksum(udpp, ntohs(udp.uh_ulen), &csum);
 #if 0	/* Not needed, just here for completeness. */
 	/* Put the checksum back. */
 	memcpy(uh_sump, &udp.uh_sum, sizeof(udp.uh_sum));
 #endif
 	return csum == udp.uh_sum;
+}
 static void
 dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len,
     struct in_addr *from)
+{
 	size_t v;
 	if (len < offsetof(struct bootp, vend)) {
 		logerrx("%s: truncated packet (%zu) from %s",
 		    ifp->name, len, inet_ntoa(*from));
 		return;
+	}
 	/* Unlikely, but appeases sanitizers. */
 	if (len > FRAMELEN_MAX) {
 		logerrx("%s: packet exceeded frame length (%zu) from %s",
 		    ifp->name, len, inet_ntoa(*from));
 		return;
+	}
 	/* To make our IS_DHCP macro easy, ensure the vendor
 	 * area has at least 4 octets. */
 	v = len - offsetof(struct bootp, vend);
 	while (v < 4) {
 		bootp->vend[v++] = '\0';
 		len++;
+	}
 	dhcp_handledhcp(ifp, bootp, len, from);
+}
 void
 dhcp_packet(struct interface *ifp, uint8_t *data, size_t len,
     unsigned int bpf_flags)
+{
 	struct bootp *bootp;
 	struct in_addr from;
 	size_t udp_len;
 	size_t fl = bpf_frame_header_len(ifp);
 #ifdef PRIVSEP
 	const struct dhcp_state *state = D_CSTATE(ifp);
 	/* It's possible that an interface departs and arrives in short
 	 * order to receive a BPF frame out of order.
 	 * There is a similar check in ARP, but much lower down the stack.
 	 * It's not needed for other inet protocols because we send the
 	 * message as a whole and select the interface off that and then
 	 * check state. BPF on the other hand is very interface
 	 * specific and we do need this check. */
 	if (state == NULL)
 		return;
 	/* Ignore double reads */
 	if (IN_PRIVSEP(ifp->ctx)) {
 		switch (state->state) {
 		case DHS_BOUND: /* FALLTHROUGH */
 		case DHS_RENEW:
 			return;
 		default:
 			break;
+		}
+	}
 #endif
 	/* Trim frame header */
 	if (fl != 0) {
 		if (len < fl) {
 			logerrx("%s: %s: short frame header %zu",
 			    __func__, ifp->name, len);
 			return;
+		}
 		len -= fl;
 		/* Move the data to avoid alignment errors. */
 		memmove(data, data + fl, len);
+	}
 	/* Validate filter. */
 	if (!is_packet_udp_bootp(data, len)) {
 #ifdef BPF_DEBUG
 		logerrx("%s: DHCP BPF validation failure", ifp->name);
 #endif
 		return;
+	}
 	if (!checksums_valid(data, &from, bpf_flags)) {
 		logerrx("%s: checksum failure from %s",
 		    ifp->name, inet_ntoa(from));
 		return;
+	}
 	/*
 	 * DHCP has a variable option area rather than a fixed vendor area.
 	 * Because DHCP uses the BOOTP protocol it should still send BOOTP
 	 * sized packets to be RFC compliant.
 	 * However some servers send a truncated vendor area.
 	 * dhcpcd can work fine without the vendor area being sent.
 	 */
 	bootp = get_udp_data(data, &udp_len);
 	dhcp_handlebootp(ifp, bootp, udp_len, &from);
+}
 static void
 dhcp_readbpf(void *arg)
+{
 	struct interface *ifp = arg;
 	uint8_t buf[FRAMELEN_MAX];
 	ssize_t bytes;
 	struct dhcp_state *state = D_STATE(ifp);
 	struct bpf *bpf = state->bpf;
 	bpf->bpf_flags &= ~BPF_EOF;
 	while (!(bpf->bpf_flags & BPF_EOF)) {
 		bytes = bpf_read(bpf, buf, sizeof(buf));
 		if (bytes == -1) {
 			if (state->state != DHS_NONE) {
 				logerr("%s: %s", __func__, ifp->name);
 				dhcp_close(ifp);
+			}
 			break;
+		}
 		dhcp_packet(ifp, buf, (size_t)bytes, bpf->bpf_flags);
 		/* Check we still have a state after processing. */
 		if ((state = D_STATE(ifp)) == NULL)
 			break;
 		if ((bpf = state->bpf) == NULL)
 			break;
+	}
+}
 void
 dhcp_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg)
+{
 	struct sockaddr_in *from = (struct sockaddr_in *)msg->msg_name;
 	struct iovec *iov = &msg->msg_iov[0];
 	struct interface *ifp;
 	const struct dhcp_state *state;
 	ifp = if_findifpfromcmsg(ctx, msg, NULL);
 	if (ifp == NULL) {
 		logerr(__func__);
 		return;
+	}
 	state = D_CSTATE(ifp);
 	if (state == NULL) {
 		/* Try re-directing it to another interface. */
 		dhcp_redirect_dhcp(ifp, (struct bootp *)iov->iov_base,
 		    iov->iov_len, &from->sin_addr);
 		return;
+	}
 	if (state->bpf != NULL) {
 		/* Avoid a duplicate read if BPF is open for the interface. */
 		return;
+	}
 #ifdef PRIVSEP
 	if (IN_PRIVSEP(ctx)) {
 		switch (state->state) {
 		case DHS_BOUND: /* FALLTHROUGH */
 		case DHS_RENEW:
 			break;
 		default:
 			/* Any other state we ignore it or will receive
 			 * via BPF. */
 			return;
+		}
+	}
 #endif
 	dhcp_handlebootp(ifp, iov->iov_base, iov->iov_len,
 	    &from->sin_addr);
+}
 static void
 dhcp_readudp(struct dhcpcd_ctx *ctx, struct interface *ifp)
+{
 	const struct dhcp_state *state;
 	struct sockaddr_in from;
 	union {
 		struct bootp bootp;
 		uint8_t buf[10 * 1024]; /* Maximum MTU */
 	} iovbuf;
 	struct iovec iov = {
 		.iov_base = iovbuf.buf,
 		.iov_len = sizeof(iovbuf.buf),
 	};
 	union {
 		struct cmsghdr hdr;
 #ifdef IP_RECVIF
 		uint8_t buf[CMSG_SPACE(sizeof(struct sockaddr_dl))];
 #else
 		uint8_t buf[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #endif
 	} cmsgbuf = { .buf = { 0 } };
 	struct msghdr msg = {
 	    .msg_name = &from, .msg_namelen = sizeof(from),
 	    .msg_iov = &iov, .msg_iovlen = 1,
 	    .msg_control = cmsgbuf.buf, .msg_controllen = sizeof(cmsgbuf.buf),
 	};
 	int s;
 	ssize_t bytes;
 	if (ifp != NULL) {
 		state = D_CSTATE(ifp);
 		s = state->udp_rfd;
 	} else
 		s = ctx->udp_rfd;
 	bytes = recvmsg(s, &msg, 0);
 	if (bytes == -1) {
 		logerr(__func__);
 		return;
+	}
 	iov.iov_len = (size_t)bytes;
 	dhcp_recvmsg(ctx, &msg);
+}
 static void
 dhcp_handleudp(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	dhcp_readudp(ctx, NULL);
+}
 static void
 dhcp_handleifudp(void *arg)
+{
 	struct interface *ifp = arg;
 	dhcp_readudp(ifp->ctx, ifp);
+}
 static int
 dhcp_openbpf(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	state = D_STATE(ifp);
 #ifdef PRIVSEP
 	if (IN_PRIVSEP_SE(ifp->ctx)) {
 		if (ps_bpf_openbootp(ifp) == -1) {
 			logerr(__func__);
 			return -1;
+		}
 		return 0;
+	}
 #endif
 	if (state->bpf != NULL)
 		return 0;
 	state->bpf = bpf_open(ifp, bpf_bootp, NULL);
 	if (state->bpf == NULL) {
 		if (errno == ENOENT) {
 			logerrx("%s not found", bpf_name);
 			/* May as well disable IPv4 entirely at
 			 * this point as we really need it. */
 			ifp->options->options &= ~DHCPCD_IPV4;
 		} else
 			logerr("%s: %s", __func__, ifp->name);
 		return -1;
+	}
 	eloop_event_add(ifp->ctx->eloop,
 	    state->bpf->bpf_fd, dhcp_readbpf, ifp);
 	return 0;
+}
 void
 dhcp_free(struct interface *ifp)
+{
 	struct dhcp_state *state = D_STATE(ifp);
 	struct dhcpcd_ctx *ctx;
 	dhcp_close(ifp);
 #ifdef ARP
 	arp_drop(ifp);
 #endif
 	if (state) {
 		state->state = DHS_NONE;
 		free(state->old);
 		free(state->new);
 		free(state->offer);
 		free(state->clientid);
 		free(state);
+	}
 	ctx = ifp->ctx;
 	/* If we don't have any more DHCP enabled interfaces,
 	 * close the global socket and release resources */
 	if (ctx->ifaces) {
 		TAILQ_FOREACH(ifp, ctx->ifaces, next) {
 			state = D_STATE(ifp);
 			if (state != NULL && state->state != DHS_NONE)
 				break;
+		}
+	}
 	if (ifp == NULL) {
 		if (ctx->udp_rfd != -1) {
 			eloop_event_delete(ctx->eloop, ctx->udp_rfd);
 			close(ctx->udp_rfd);
 			ctx->udp_rfd = -1;
+		}
 		if (ctx->udp_wfd != -1) {
 			close(ctx->udp_wfd);
 			ctx->udp_wfd = -1;
+		}
 		free(ctx->opt_buffer);
 		ctx->opt_buffer = NULL;
+	}
+}
 static int
 dhcp_initstate(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	state = D_STATE(ifp);
 	if (state != NULL)
 		return 0;
 	ifp->if_data[IF_DATA_DHCP] = calloc(1, sizeof(*state));
 	state = D_STATE(ifp);
 	if (state == NULL)
 		return -1;
 	state->state = DHS_NONE;
 	/* 0 is a valid fd, so init to -1 */
 	state->udp_rfd = -1;
 #ifdef ARPING
 	state->arping_index = -1;
 #endif
 	return 1;
+}
 static int
 dhcp_init(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	struct if_options *ifo;
 	uint8_t len;
 	char buf[(sizeof(ifo->clientid) - 1) * 3];
 	if (dhcp_initstate(ifp) == -1)
 		return -1;
 	state = D_STATE(ifp);
 	state->state = DHS_INIT;
 	state->reason = "PREINIT";
 	state->nakoff = 0;
 	dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile),
 	    AF_INET, ifp);
 	ifo = ifp->options;
 	/* We need to drop the leasefile so that dhcp_start
 	 * doesn't load it. */
 	if (ifo->options & DHCPCD_REQUEST)
 		dhcp_unlink(ifp->ctx, state->leasefile);
 	free(state->clientid);
 	state->clientid = NULL;
 	if (ifo->options & DHCPCD_ANONYMOUS) {
 		uint8_t duid[DUID_LEN];
 		uint8_t duid_len;
 		duid_len = (uint8_t)duid_make(duid, ifp, DUID_LL);
 		if (duid_len != 0) {
 			state->clientid = malloc((size_t)duid_len + 6);
 			if (state->clientid == NULL)
 				goto eexit;
 			state->clientid[0] =(uint8_t)(duid_len + 5);
 			state->clientid[1] = 255; /* RFC 4361 */
 			memcpy(state->clientid + 2, ifo->iaid, 4);
 			memset(state->clientid + 2, 0, 4); /* IAID */
 			memcpy(state->clientid + 6, duid, duid_len);
+		}
 	} else if (*ifo->clientid) {
 		state->clientid = malloc((size_t)(ifo->clientid[0] + 1));
 		if (state->clientid == NULL)
 			goto eexit;
 		memcpy(state->clientid, ifo->clientid,
 		    (size_t)(ifo->clientid[0]) + 1);
 	} else if (ifo->options & DHCPCD_CLIENTID) {
 		if (ifo->options & DHCPCD_DUID) {
 			state->clientid = malloc(ifp->ctx->duid_len + 6);
 			if (state->clientid == NULL)
 				goto eexit;
 			state->clientid[0] =(uint8_t)(ifp->ctx->duid_len + 5);
 			state->clientid[1] = 255; /* RFC 4361 */
 			memcpy(state->clientid + 2, ifo->iaid, 4);
 			memcpy(state->clientid + 6, ifp->ctx->duid,
 			    ifp->ctx->duid_len);
 		} else {
 			len = (uint8_t)(ifp->hwlen + 1);
 			state->clientid = malloc((size_t)len + 1);
 			if (state->clientid == NULL)
 				goto eexit;
 			state->clientid[0] = len;
 			state->clientid[1] = (uint8_t)ifp->hwtype;
 			memcpy(state->clientid + 2, ifp->hwaddr,
 			    ifp->hwlen);
+		}
+	}
 	if (ifo->options & DHCPCD_DUID)
 		/* Don't bother logging as DUID and IAID are reported
 		 * at device start. */
 		return 0;
 	if (ifo->options & DHCPCD_CLIENTID && state->clientid != NULL)
 		logdebugx("%s: using ClientID %s", ifp->name,
 		    hwaddr_ntoa(state->clientid + 1, state->clientid[0],
 			buf, sizeof(buf)));
 	else if (ifp->hwlen)
 		logdebugx("%s: using hwaddr %s", ifp->name,
 		    hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf)));
 	return 0;
 eexit:
 	logerr(__func__);
 	return -1;
+}
 static void
 dhcp_start1(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	struct if_options *ifo = ifp->options;
 	struct dhcp_state *state;
 	uint32_t l;
 	int nolease;
 	if (!(ifo->options & DHCPCD_IPV4))
 		return;
 	/* Listen on *.*.*.*:bootpc so that the kernel never sends an
 	 * ICMP port unreachable message back to the DHCP server.
 	 * Only do this in master mode so we don't swallow messages
 	 * for dhcpcd running on another interface. */
 	if ((ctx->options & (DHCPCD_MASTER|DHCPCD_PRIVSEP)) == DHCPCD_MASTER
 	    && ctx->udp_rfd == -1)
+	{
 		ctx->udp_rfd = dhcp_openudp(NULL);
 		if (ctx->udp_rfd == -1) {
 			logerr(__func__);
 			return;
+		}
 		eloop_event_add(ctx->eloop, ctx->udp_rfd, dhcp_handleudp, ctx);
+	}
 	if (!IN_PRIVSEP(ctx) && ctx->udp_wfd == -1) {
 		ctx->udp_wfd = xsocket(PF_INET, SOCK_RAW|SOCK_CXNB,IPPROTO_UDP);
 		if (ctx->udp_wfd == -1) {
 			logerr(__func__);
 			return;
+		}
+	}
 	if (dhcp_init(ifp) == -1) {
 		logerr("%s: dhcp_init", ifp->name);
 		return;
+	}
 	state = D_STATE(ifp);
 	clock_gettime(CLOCK_MONOTONIC, &state->started);
 	state->interval = 0;
 	free(state->offer);
 	state->offer = NULL;
 	state->offer_len = 0;
 #ifdef ARPING
 	if (ifo->arping_len && state->arping_index < ifo->arping_len) {
 		dhcp_arping(ifp);
 		return;
+	}
 #endif
 	if (ifo->options & DHCPCD_STATIC) {
 		dhcp_static(ifp);
 		return;
+	}
 	if (ifo->options & DHCPCD_INFORM) {
 		dhcp_inform(ifp);
 		return;
+	}
 	/* We don't want to read the old lease if we NAK an old test */
 	nolease = state->offer && ifp->ctx->options & DHCPCD_TEST;
 	if (!nolease && ifo->options & DHCPCD_DHCP) {
 		state->offer_len = read_lease(ifp, &state->offer);
 		/* Check the saved lease matches the type we want */
 		if (state->offer) {
 #ifdef IN_IFF_DUPLICATED
 			struct in_addr addr;
 			struct ipv4_addr *ia;
 			addr.s_addr = state->offer->yiaddr;
 			ia = ipv4_iffindaddr(ifp, &addr, NULL);
 #endif
 			if ((!IS_DHCP(state->offer) &&
 			    !(ifo->options & DHCPCD_BOOTP)) ||
 #ifdef IN_IFF_DUPLICATED
 			    (ia && ia->addr_flags & IN_IFF_DUPLICATED) ||
 #endif
 			    (IS_DHCP(state->offer) &&
 			    ifo->options & DHCPCD_BOOTP))
+			{
 				free(state->offer);
 				state->offer = NULL;
 				state->offer_len = 0;
+			}
+		}
+	}
 	if (state->offer) {
 		struct ipv4_addr *ia;
 		time_t mtime;
 		get_lease(ifp, &state->lease, state->offer, state->offer_len);
 		state->lease.frominfo = 1;
 		if (state->new == NULL &&
 		    (ia = ipv4_iffindaddr(ifp,
 		    &state->lease.addr, &state->lease.mask)) != NULL)
+		{
 			/* We still have the IP address from the last lease.
 			 * Fake add the address and routes from it so the lease
 			 * can be cleaned up. */
 			state->new = malloc(state->offer_len);
 			if (state->new) {
 				memcpy(state->new,
 				    state->offer, state->offer_len);
 				state->new_len = state->offer_len;
 				state->addr = ia;
 				state->added |= STATE_ADDED | STATE_FAKE;
 				rt_build(ifp->ctx, AF_INET);
 			} else
 				logerr(__func__);
+		}
 		if (!IS_DHCP(state->offer)) {
 			free(state->offer);
 			state->offer = NULL;
 			state->offer_len = 0;
 		} else if (!(ifo->options & DHCPCD_LASTLEASE_EXTEND) &&
 		    state->lease.leasetime != DHCP_INFINITE_LIFETIME &&
 		    dhcp_filemtime(ifp->ctx, state->leasefile, &mtime) == 0)
+		{
 			time_t now;
 			/* Offset lease times and check expiry */
 			now = time(NULL);
 			if (now == -1 ||
 			    (time_t)state->lease.leasetime < now - mtime)
+			{
 				logdebugx("%s: discarding expired lease",
 				    ifp->name);
 				free(state->offer);
 				state->offer = NULL;
 				state->offer_len = 0;
 				state->lease.addr.s_addr = 0;
 				/* Technically we should discard the lease
 				 * as it's expired, just as DHCPv6 addresses
 				 * would be by the kernel.
 				 * However, this may violate POLA so
 				 * we currently leave it be.
 				 * If we get a totally different lease from
 				 * the DHCP server we'll drop it anyway, as
 				 * we will on any other event which would
 				 * trigger a lease drop.
 				 * This should only happen if dhcpcd stops
 				 * running and the lease expires before
 				 * dhcpcd starts again. */
 #if 0
 				if (state->new)
 					dhcp_drop(ifp, "EXPIRE");
 #endif
 			} else {
 				l = (uint32_t)(now - mtime);
 				state->lease.leasetime -= l;
 				state->lease.renewaltime -= l;
 				state->lease.rebindtime -= l;
+			}
+		}
+	}
 #ifdef IPV4LL
 	if (!(ifo->options & DHCPCD_DHCP)) {
 		if (ifo->options & DHCPCD_IPV4LL)
 			ipv4ll_start(ifp);
 		return;
+	}
 #endif
 	if (state->offer == NULL ||
 	    !IS_DHCP(state->offer) ||
 	    ifo->options & DHCPCD_ANONYMOUS)
 		dhcp_discover(ifp);
 	else
 		dhcp_reboot(ifp);
+}
 void
 dhcp_start(struct interface *ifp)
+{
 	unsigned int delay;
 #ifdef ARPING
 	const struct dhcp_state *state;
 #endif
 	if (!(ifp->options->options & DHCPCD_IPV4))
 		return;
 	/* If we haven't been given a netmask for our requested address,
 	 * set it now. */
 	if (ifp->options->req_addr.s_addr != INADDR_ANY &&
 	    ifp->options->req_mask.s_addr == INADDR_ANY)
 		ifp->options->req_mask.s_addr =
 		    ipv4_getnetmask(ifp->options->req_addr.s_addr);
 	/* If we haven't specified a ClientID and our hardware address
 	 * length is greater than BOOTP CHADDR then we enforce a ClientID
 	 * of the hardware address type and the hardware address.
 	 * If there is no hardware address and no ClientID set,
 	 * force a DUID based ClientID. */
 	if (ifp->hwlen > 16)
 		ifp->options->options |= DHCPCD_CLIENTID;
 	else if (ifp->hwlen == 0 && !(ifp->options->options & DHCPCD_CLIENTID))
 		ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_DUID;
 	/* Firewire and InfiniBand interfaces require ClientID and
 	 * the broadcast option being set. */
 	switch (ifp->hwtype) {
 	case ARPHRD_IEEE1394:	/* FALLTHROUGH */
 	case ARPHRD_INFINIBAND:
 		ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_BROADCAST;
 		break;
+	}
 	/* If we violate RFC2131 section 3.7 then require ARP
 	 * to detect if any other client wants our address. */
 	if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND)
 		ifp->options->options |= DHCPCD_ARP;
 	/* No point in delaying a static configuration */
 	if (ifp->options->options & DHCPCD_STATIC ||
 	    !(ifp->options->options & DHCPCD_INITIAL_DELAY))
+	{
 		dhcp_start1(ifp);
 		return;
+	}
 #ifdef ARPING
 	/* If we have arpinged then we have already delayed. */
 	state = D_CSTATE(ifp);
 	if (state != NULL && state->arping_index != -1) {
 		dhcp_start1(ifp);
 		return;
+	}
 #endif
 	delay = MSEC_PER_SEC +
 		(arc4random_uniform(MSEC_PER_SEC * 2) - MSEC_PER_SEC);
 	logdebugx("%s: delaying IPv4 for %0.1f seconds",
 	    ifp->name, (float)delay / MSEC_PER_SEC);
 	eloop_timeout_add_msec(ifp->ctx->eloop, delay, dhcp_start1, ifp);
+}
 void
 dhcp_abort(struct interface *ifp)
+{
 	struct dhcp_state *state;
 	state = D_STATE(ifp);
 #ifdef ARPING
 	if (state != NULL)
 		state->arping_index = -1;
 #endif
 	eloop_timeout_delete(ifp->ctx->eloop, dhcp_start1, ifp);
 	if (state != NULL && state->added) {
 		rt_build(ifp->ctx, AF_INET);
 #ifdef ARP
 		if (ifp->options->options & DHCPCD_ARP)
 			arp_announceaddr(ifp->ctx, &state->addr->addr);
 #endif
+	}
+}
 struct ipv4_addr *
 dhcp_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid)
+{
 	struct interface *ifp;
 	struct dhcp_state *state;
 	struct if_options *ifo;
 	uint8_t i;
 	ifp = ia->iface;
 	state = D_STATE(ifp);
 	if (state == NULL || state->state == DHS_NONE)
 		return ia;
 	if (cmd == RTM_DELADDR) {
 		if (state->addr == ia) {
 			loginfox("%s: pid %d deleted IP address %s",
 			    ifp->name, pid, ia->saddr);
 			dhcp_close(ifp);
 			state->addr = NULL;
 			/* Don't clear the added state as we need
 			 * to drop the lease. */
 			dhcp_drop(ifp, "EXPIRE");
 			dhcp_start1(ifp);
 			return ia;
+		}
+	}
 	if (cmd != RTM_NEWADDR)
 		return ia;
 #ifdef IN_IFF_NOTUSEABLE
 	if (!(ia->addr_flags & IN_IFF_NOTUSEABLE))
 		dhcp_finish_dad(ifp, &ia->addr);
 	else if (ia->addr_flags & IN_IFF_DUPLICATED)
 		return dhcp_addr_duplicated(ifp, &ia->addr) ? NULL : ia;
 #endif
 	ifo = ifp->options;
 	if (ifo->options & DHCPCD_INFORM) {
 		if (state->state != DHS_INFORM)
 			dhcp_inform(ifp);
 		return ia;
+	}
 	if (!(ifo->options & DHCPCD_STATIC))
 		return ia;
 	if (ifo->req_addr.s_addr != INADDR_ANY)
 		return ia;
 	free(state->old);
 	state->old = state->new;
 	state->new_len = dhcp_message_new(&state->new, &ia->addr, &ia->mask);
 	if (state->new == NULL)
 		return ia;

 @@ -1,858 +1,850 @@
 .\" SPDX-License-Identifier: BSD-2-Clause
 .\"
 .\" Copyright (c) 2006-2020 Roy Marples
 .\" All rights reserved
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
 .\"
 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd September 2, 2020
+.Dd October 30, 2020
 .Dt DHCPCD 8
 .Os
 .Sh NAME
 .Nm dhcpcd
 .Nd a DHCP client
 .Sh SYNOPSIS
 .Nm
 .Op Fl 146ABbDdEGgHJKLMNPpqTV
 .Op Fl C , Fl Fl nohook Ar hook
 .Op Fl c , Fl Fl script Ar script
 .Op Fl e , Fl Fl env Ar value
 .Op Fl F , Fl Fl fqdn Ar FQDN
 .Op Fl f , Fl Fl config Ar file
 .Op Fl h , Fl Fl hostname Ar hostname
 .Op Fl I , Fl Fl clientid Ar clientid
 .Op Fl i , Fl Fl vendorclassid Ar vendorclassid
 .Op Fl j , Fl Fl logfile Ar logfile
 .Op Fl l , Fl Fl leasetime Ar seconds
 .Op Fl m , Fl Fl metric Ar metric
 .Op Fl O , Fl Fl nooption Ar option
 .Op Fl o , Fl Fl option Ar option
 .Op Fl Q , Fl Fl require Ar option
 .Op Fl r , Fl Fl request Ar address
 .Op Fl S , Fl Fl static Ar value
 .Op Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address
 .Op Fl Fl inform6
 .Op Fl t , Fl Fl timeout Ar seconds
 .Op Fl u , Fl Fl userclass Ar class
 .Op Fl v , Fl Fl vendor Ar code , Ar value
 .Op Fl W , Fl Fl whitelist Ar address Ns Op Ar /cidr
 .Op Fl w
 .Op Fl Fl waitip Ns = Ns Op 4 | 6
 .Op Fl y , Fl Fl reboot Ar seconds
 .Op Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr
 .Op Fl Z , Fl Fl denyinterfaces Ar pattern
 .Op Fl z , Fl Fl allowinterfaces Ar pattern
 .Op Fl Fl inactive
 .Op interface
 .Op ...
 .Nm
 .Fl n , Fl Fl rebind
 .Op interface
 .Nm
 .Fl k , Fl Fl release
 .Op interface
 .Nm
 .Fl U , Fl Fl dumplease
 .Op Ar interface
 .Nm
 .Fl Fl version
 .Nm
 .Fl x , Fl Fl exit
 .Op interface
 .Sh DESCRIPTION
 .Nm
 is an implementation of the DHCP client specified in
 .Li RFC 2131 .
 .Nm
 gets the host information
 .Po
 IP address, routes, etc
 .Pc
 from a DHCP server and configures the network
 .Ar interface
 of the
 machine on which it is running.
 .Nm
 then runs the configuration script which writes DNS information to
 .Xr resolvconf 8 ,
 if available, otherwise directly to
 .Pa /etc/resolv.conf .
 If the hostname is currently blank, (null) or localhost, or
 .Va force_hostname
 is YES or TRUE or 1 then
 .Nm
 sets the hostname to the one supplied by the DHCP server.
 .Nm
 then daemonises and waits for the lease renewal time to lapse.
 It will then attempt to renew its lease and reconfigure if the new lease
 changes when the lease begins to expire or the DHCP server sends a message
 to renew early.
 .Pp
 If any interface reports a working carrier then
 .Nm
 will try to obtain a lease before forking to the background,
 otherwise it will fork right away.
 This behaviour can be modified with the
 .Fl b , Fl Fl background
 and
 .Fl w , Fl Fl waitip
 options.
 .Pp
 .Nm
 is also an implementation of the BOOTP client specified in
 .Li RFC 951 .
 .Pp
 .Nm
 is also an implementation of the IPv6 Router Solicitor as specified in
 .Li RFC 4861
 and
 .Li RFC 6106 .
 .Pp
 .Nm
 is also an implementation of the IPv6 Privacy Extensions to AutoConf as
 specified in
 .Li RFC 4941 .
 This feature needs to be enabled in the kernel and
 .Nm
 will start using it.
 .Pp
 .Nm
 is also an implementation of the DHCPv6 client as specified in
 .Li RFC 3315 .
 By default,
 .Nm
 only starts DHCPv6 when instructed to do so by an IPV6 Router Advertisement.
 If no Identity Association is configured,
 then a Non-temporary Address is requested.
 .Ss Local Link configuration
 If
 .Nm
 failed to obtain a lease, it probes for a valid IPv4LL address
 .Po
 aka ZeroConf, aka APIPA
 .Pc .
 Once obtained it restarts the process of looking for a DHCP server to get a
 proper address.
 .Pp
 When using IPv4LL,
 .Nm
 nearly always succeeds and returns an exit code of 0.
 In the rare case it fails, it normally means that there is a reverse ARP proxy
 installed which always defeats IPv4LL probing.
 To disable this behaviour, you can use the
 .Fl L , Fl Fl noipv4ll
 option.
 .Ss Multiple interfaces
 If a list of interfaces are given on the command line, then
 .Nm
 only works with those interfaces, otherwise
 .Nm
 discovers available Ethernet interfaces that can be configured.
 When
 .Nm
 not limited to one interface on the command line,
 it is running in Master mode.
 The
 .Nm dhcpcd-ui
 project expects dhcpcd to be running this way.
 .Pp
 If a single interface is given then
 .Nm
 only works for that interface and runs as a separate instance to other
 .Nm
 processes.
 .Fl w , Fl Fl waitip
 option is enabled in this instance to maintain compatibility with older
 versions.
 Using a single interface also affects the
 .Fl k ,
 .Fl N ,
 .Fl n
 and
 .Fl x
 options, where the same interface will need to be specified, as a lack of an
 interface will imply Master mode which this is not.
 To force starting in Master mode with only one interface, the
 .Fl M , Fl Fl master
 option can be used.
 .Pp
 Interfaces are preferred by carrier, DHCP lease/IPv4LL and then lowest metric.
 For systems that support route metrics, each route will be tagged with the
 metric, otherwise
 .Nm
 changes the routes to use the interface with the same route and the lowest
 metric.
 See options below for controlling which interfaces we allow and deny through
 the use of patterns.
 .Pp
 Non-ethernet interfaces and some virtual ethernet interfaces
 such as TAP and bridge are ignored by default,
 as is the FireWire interface.
 To work with these devices they either need to be specified on the command line,
 be listed in
 .Fl Fl allowinterfaces
 or have an interface directive in
 .Pa @SYSCONFDIR@/dhcpcd.conf .
 .Ss Hooking into events
 .Nm
 runs
 .Pa @SCRIPT@ ,
 or the script specified by the
 .Fl c , Fl Fl script
 option.
 This script runs each script found in
 .Pa @HOOKDIR@
 in a lexical order.
 The default installation supplies the scripts
 .Pa 01-test ,
 .Pa 02-dump ,
 .Pa 20-resolv.conf
 and
 .Pa 30-hostname .
 You can disable each script by using the
 .Fl C , Fl Fl nohook
 option.
 See
 .Xr dhcpcd-run-hooks 8
 for details on how these scripts work.
 .Nm
 currently ignores the exit code of the script.
 .Pp
 More scripts are supplied in
 .Pa @DATADIR@/dhcpcd/hooks
 and need to be copied to
 .Pa @HOOKDIR@
 if you intend to use them.
 For example, you could install
 .Pa 29-lookup-hostname
 so that
 .Nm
 can lookup the hostname of the IP address in DNS if no hostname
 is given by the lease and one is not already set.
 .Ss Fine tuning
 You can fine-tune the behaviour of
 .Nm
 with the following options:
 .Bl -tag -width indent
 .It Fl b , Fl Fl background
 Background immediately.
 This is useful for startup scripts which don't disable link messages for
 carrier status.
 .It Fl c , Fl Fl script Ar script
 Use this
 .Ar script
 instead of the default
 .Pa @SCRIPT@ .
 .It Fl D , Fl Fl duid
 Use a DHCP Unique Identifier.
 If a system UUID is available, that will be used to create a DUID-UUID,
 otheriwse if persistent storage is available then a DUID-LLT
 (link local address + time) is generated,
 otherwise DUID-LL is generated (link local address).
 This, plus the IAID will be used as the
 .Fl I , Fl Fl clientid .
 The DUID generated will be held in
 .Pa @DBDIR@/duid
 and should not be copied to other hosts.
 This file also takes precedence over the above rules.
 .It Fl d , Fl Fl debug
 Echo debug messages to the stderr and syslog.
 .It Fl E , Fl Fl lastlease
 If
 .Nm
 cannot obtain a lease, then try to use the last lease acquired for the
 interface.
 .It Fl Fl lastleaseextend
 Same as the above, but the lease will be retained even if it expires.
 .Nm
 will give it up if any other host tries to claim it for their own via ARP.
 This violates RFC 2131, section 3.7, which states the lease should be
 dropped once it has expired.
 .It Fl e , Fl Fl env Ar value
 Push
 .Ar value
 to the environment for use in
 .Xr dhcpcd-run-hooks 8 .
 For example, you can force the hostname hook to always set the hostname with
 .Fl e
 .Va force_hostname=YES .
 .It Fl g , Fl Fl reconfigure
 .Nm
 will re-apply IP address, routing and run
 .Xr dhcpcd-run-hooks 8
 for each interface.
 This is useful so that a 3rd party such as PPP or VPN can change the routing
 table and / or DNS, etc and then instruct
 .Nm
 to put things back afterwards.
 .Nm
 does not read a new configuration when this happens - you should rebind if you
 need that functionality.
 .It Fl F , Fl Fl fqdn Ar fqdn
 Requests that the DHCP server updates DNS using FQDN instead of just a
 hostname.
 Valid values for
 .Ar fqdn
 are disable, none, ptr and both.
 .Nm
 itself never does any DNS updates.
 .Nm
 encodes the FQDN hostname as specified in
 .Li RFC 1035 .
 .It Fl f , Fl Fl config Ar file
 Specify a config to load instead of
 .Pa @SYSCONFDIR@/dhcpcd.conf .
 .Nm
 always processes the config file before any command line options.
 .It Fl h , Fl Fl hostname Ar hostname
 Sends
 .Ar hostname
 to the DHCP server so it can be registered in DNS.
 If
 .Ar hostname
 is an empty string then the current system hostname is sent.
 If
 .Ar hostname
 is a FQDN (i.e., contains a .) then it will be encoded as such.
 .It Fl I , Fl Fl clientid Ar clientid
 Send the
 .Ar clientid .
 If the string is of the format 01:02:03 then it is encoded as hex.
 For interfaces whose hardware address is longer than 8 bytes, or if the
 .Ar clientid
 is an empty string then
 .Nm
 sends a default
 .Ar clientid
 of the hardware family and the hardware address.
 .It Fl i , Fl Fl vendorclassid Ar vendorclassid
 Override the DHCPv4
 .Ar vendorclassid
 field sent.
 The default is
 dhcpcd-<version>:<os>:<machine>:<platform>.
 For example
 .D1 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386
 If not set then none is sent.
 Some badly configured DHCP servers reject unknown vendorclassids.
 To work around it, try and impersonate Windows by using the MSFT vendorclassid.
 .It Fl j , Fl Fl logfile Ar logfile
 Writes to the specified
 .Ar logfile .
 .Nm
 still writes to
 .Xr syslog 3 .
 The
 .Ar logfile
 is reopened when
 .Nm
 receives the
 .Dv SIGUSR2
 signal.
 .It Fl k , Fl Fl release Op Ar interface
 This causes an existing
 .Nm
 process running on the
 .Ar interface
 to release its lease and de-configure the
 .Ar interface
 regardless of the
 .Fl p , Fl Fl persistent
 option.
 If no
 .Ar interface
 is specified then this applies to all interfaces in Master mode.
 If no interfaces are left running,
 .Nm
 will exit.
 .It Fl l , Fl Fl leasetime Ar seconds
 Request a lease time of
 .Ar seconds .
 .Ar -1
 represents an infinite lease time.
 By default
 .Nm
 does not request any lease time and leaves it in the hands of the
 DHCP server.
 .It Fl M , Fl Fl master
 Start
 .Nm
 in Master mode even if only one interface specified on the command line.
 See the Multiple Interfaces section above.
 .It Fl m , Fl Fl metric Ar metric
 Metrics are used to prefer an interface over another one, lowest wins.
 .Nm
 will supply a default metic of 200 +
 .Xr if_nametoindex 3 .
 An extra 100 will be added for wireless interfaces.
 .It Fl n , Fl Fl rebind Op Ar interface
 Notifies
 .Nm
 to reload its configuration and rebind the specified
 .Ar interface .
 If no
 .Ar interface
 is specified then this applies to all interfaces in Master mode.
 If
 .Nm
 is not running, then it starts up as normal.
 .It Fl N , Fl Fl renew Op Ar interface
 Notifies
 .Nm
 to renew existing addresses on the specified
 .Ar interface .
 If no
 .Ar interface
 is specified then this applies to all interfaces in Master mode.
 If
 .Nm
 is not running, then it starts up as normal.
 Unlike the
 .Fl n , Fl Fl rebind
 option above, the configuration for
 .Nm
 is not reloaded.
 .It Fl o , Fl Fl option Ar option
 Request the DHCP
 .Ar option
 variable for use in
 .Pa @SCRIPT@ .
 .It Fl p , Fl Fl persistent
 .Nm
 normally de-configures the
 .Ar interface
 and configuration when it exits.
 Sometimes, this isn't desirable if, for example, you have root mounted over
 NFS or SSH clients connect to this host and they need to be notified of
 the host shutting down.
 You can use this option to stop this from happening.
 .It Fl r , Fl Fl request Ar address
 Request the
 .Ar address
 in the DHCP DISCOVER message.
 There is no guarantee this is the address the DHCP server will actually give.
 If no
 .Ar address
 is given then the first address currently assigned to the
 .Ar interface
 is used.
 .It Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address
 Behaves like
 .Fl r , Fl Fl request
 as above, but sends a DHCP INFORM instead of DISCOVER/REQUEST.
 This does not get a lease as such, just notifies the DHCP server of the
 .Ar address
 in use.
 You should also include the optional
 .Ar cidr
 network number in case the address is not already configured on the interface.
 .Nm
 remains running and pretends it has an infinite lease.
 .Nm
 will not de-configure the interface when it exits.
 If
 .Nm
 fails to contact a DHCP server then it returns a failure instead of falling
 back on IPv4LL.
 .It Fl Fl inform6
 Performs a DHCPv6 Information Request.
 No address is requested or specified, but all other DHCPv6 options are allowed.
 This is normally performed automatically when the IPv6 Router Advertises
 that the client should perform this operation.
 This option is only needed when
 .Nm
 is not processing IPv6RA messages and the need for DHCPv6 Information Request
 exists.
 .It Fl S , Fl Fl static Ar value
 Configures a static DHCP
 .Ar value .
 If you set
 .Ic ip_address
 then
 .Nm
 will not attempt to obtain a lease and just use the value for the address with
 an infinite lease time.
 .Pp
 Here is an example which configures a static address, routes and DNS.
 .D1 dhcpcd -S ip_address=192.168.0.10/24 \e
 .D1 -S routers=192.168.0.1 \e
 .D1 -S domain_name_servers=192.168.0.1 \e
 .D1 eth0
 .Pp
 You cannot presently set static DHCPv6 values.
 Use the
 .Fl e , Fl Fl env
 option instead.
 .It Fl t , Fl Fl timeout Ar seconds
 Timeout after
 .Ar seconds ,
 instead of the default 30.
 A setting of 0
 .Ar seconds
 causes
 .Nm
 to wait forever to get a lease.
 If
 .Nm
 is working on a single interface then
 .Nm
 will exit when a timeout occurs, otherwise
 .Nm
 will fork into the background.
 .It Fl u , Fl Fl userclass Ar class
 Tags the DHCPv4 message with the userclass
 .Ar class .
 DHCP servers use this to give members of the class DHCP options other than the
 default, without having to know things like hardware address or hostname.
 .It Fl v , Fl Fl vendor Ar code , Ns Ar value
 Add an encapsulated vendor option.
 .Ar code
 should be between 1 and 254 inclusive.
 To add a raw vendor string, omit
 .Ar code
 but keep the comma.
 Examples.
 .Pp
 Set the vendor option 01 with an IP address.
 .D1 dhcpcd \-v 01,192.168.0.2 eth0
 Set the vendor option 02 with a hex code.
 .D1 dhcpcd \-v 02,01:02:03:04:05 eth0
 Set the vendor option 03 with an IP address as a string.
 .D1 dhcpcd \-v 03,\e"192.168.0.2\e" eth0
 Set un-encapsulated vendor option to hello world.
 .D1 dhcpcd \-v ,"hello world" eth0
 .It Fl Fl version
 Display both program version and copyright information.
 .Nm
 then exits before doing any configuration.
 .It Fl w
 Wait for an address to be assigned before forking to the background.
 Does not take an argument, unlike the below option.
 .It Fl Fl waitip Ns = Ns Op 4 | 6
 Wait for an address to be assigned before forking to the background.
 means wait for an IPv4 address to be assigned.
 means wait for an IPv6 address to be assigned.
 If no argument is given,
 .Nm
 will wait for any address protocol to be assigned.
 It is possible to wait for more than one address protocol and
 .Nm
 will only fork to the background when all waiting conditions are satisfied.
 .It Fl x , Fl Fl exit Op Ar interface
 This will signal an existing
 .Nm
 process running on the
 .Ar interface
 to exit.
 If no
 .Ar interface
 is specified, then the above is applied to all interfaces in Master mode.
 See the
 .Fl p , Fl Fl persistent
 option to control configuration persistence on exit,
 which is enabled by default in
 .Xr dhcpcd.conf 5 .
 .Nm
 then waits until this process has exited.
 .It Fl y , Fl Fl reboot Ar seconds
 Allow
 .Ar reboot
 seconds before moving to the discover phase if we have an old lease to use.
 Allow
 .Ar reboot
 seconds before starting fallback states from the discover phase.
 IPv4LL is started when the first
 .Ar reboot
 timeout is reached.
 The default is 5 seconds.
 A setting of 0 seconds causes
 .Nm
 to skip the reboot phase and go straight into discover.
 This has no effect on DHCPv6 other than skipping the reboot phase.
 .El
 .Ss Restricting behaviour
 .Nm
 will try to do as much as it can by default.
 However, there are sometimes situations where you don't want the things to be
 configured exactly how the DHCP server wants.
 Here are some options that deal with turning these bits off.
 .Pp
 Note that when
 .Nm
 is restricted to a single interface then the interface also needs to be
 specified when asking
 .Nm
 to exit using the commandline.
 If the protocol is restricted as well then the protocol needs to be included
 with the exit instruction.
 .Bl -tag -width indent
 .It Fl 1 , Fl Fl oneshot
 Exit after configuring an interface.
 Use the
 .Fl w , Fl Fl waitip
 option to specify which protocol(s) to configure before exiting.
 .It Fl 4 , Fl Fl ipv4only
 Configure IPv4 only.
 .It Fl 6 , Fl Fl ipv6only
 Configure IPv6 only.
 .It Fl A , Fl Fl noarp
 Don't request or claim the address by ARP.
 This also disables IPv4LL.
 .It Fl B , Fl Fl nobackground
 Don't run in the background when we acquire a lease.
 This is mainly useful for running under the control of another process, such
 as a debugger or a network manager.
 .It Fl C , Fl Fl nohook Ar script
 Don't run this hook script.
 Matches full name, or prefixed with 2 numbers optionally ending with
 .Pa .sh .
 .Pp
 So to stop
 .Nm
 from touching your DNS settings you would do:-
 .D1 dhcpcd -C resolv.conf eth0
 .It Fl G , Fl Fl nogateway
 Don't set any default routes.
 .It Fl H , Fl Fl xidhwaddr
 Use the last four bytes of the hardware address as the DHCP xid instead
 of a randomly generated number.
 .It Fl J , Fl Fl broadcast
 Instructs the DHCP server to broadcast replies back to the client.
 Normally this is only set for non-Ethernet interfaces,
 such as FireWire and InfiniBand.
 In most instances,
 .Nm
 will set this automatically.
 .It Fl K , Fl Fl nolink
 Don't receive link messages for carrier status.
 You should only have to use this with buggy device drivers or running
 .Nm
 through a network manager.
 .It Fl L , Fl Fl noipv4ll
 Don't use IPv4LL (aka APIPA, aka Bonjour, aka ZeroConf).
 .It Fl O , Fl Fl nooption Ar option
 Removes the
 .Ar option
 from the DHCP message before processing.
 .It Fl P , Fl Fl printpidfile
 Print the
 .Pa pidfile
 .Nm
 will use based on commmand-line arguments to stdout.
 .It Fl Q , Fl Fl require Ar option
 Requires the
 .Ar option
 to be present in all DHCP messages, otherwise the message is ignored.
 To enforce that
 .Nm
 only responds to DHCP servers and not BOOTP servers, you can
 .Fl Q
 .Ar dhcp_message_type .
 .It Fl q , Fl Fl quiet
 Quiet
 .Nm
 on the command line, only warnings and errors will be displayed.
 If this option is used another time then all console output is disabled.
 These messages are still logged via
 .Xr syslog 3 .
 .It Fl T , Fl Fl test
 On receipt of DHCP messages just call
 .Pa @SCRIPT@
 with the reason of TEST which echos the DHCP variables found in the message
 to the console.
 The interface configuration isn't touched and neither are any configuration
 files.
 The
 .Ar rapid_commit
 option is not sent in TEST mode so that the server does not lease an address.
 To test INFORM the interface needs to be configured with the desired address
 before starting
 .Nm .
 .It Fl U , Fl Fl dumplease Op Ar interface
 Dumps the current lease for the
 .Ar interface
 to stdout.
 If no
 .Ar interface
 is given then all interfaces are dumped.
 Use the
 .Fl 4
 or
 .Fl 6
 flags to specify an address family.
 If a lease is piped in via standard input then that is dumped.
 In this case, specifying an address family is mandatory.
 .It Fl V , Fl Fl variables
 Display a list of option codes, the associated variable and encoding for use in
 .Xr dhcpcd-run-hooks 8 .
 Variables are prefixed with new_ and old_ unless the option number is -.
 Variables without an option are part of the DHCP message and cannot be
 directly requested.
 .It Fl W , Fl Fl whitelist Ar address Ns Op /cidr
 Only accept packets from
 .Ar address Ns Op /cidr .
 .Fl X , Fl Fl blacklist
 is ignored if
 .Fl W , Fl Fl whitelist
 is set.
 .It Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr
 Ignore all packets from
 .Ar address Ns Op Ar /cidr .
 .It Fl Z , Fl Fl denyinterfaces Ar pattern
 When discovering interfaces, the interface name must not match
 .Ar pattern
 which is a space or comma separated list of patterns passed to
 .Xr fnmatch 3 .
 .It Fl z , Fl Fl allowinterfaces Ar pattern
 When discovering interfaces, the interface name must match
 .Ar pattern
 which is a space or comma separated list of patterns passed to
 .Xr fnmatch 3 .
 If the same interface is matched in
 .Fl Z , Fl Fl denyinterfaces
 then it is still denied.
 .It Fl Fl inactive
 Don't start any interfaces other than those specified on the command line.
 This allows
 .Nm
 to be started in Master mode and then wait for subsequent
 .Nm
 commands to start each interface as required.
 .It Fl Fl nodev
 Don't load any
 .Pa /dev
 management modules.
 .El
 .Sh 3RDPARTY LINK MANAGEMENT
 Some interfaces require configuration by 3rd parties, such as PPP or VPN.
 When an interface configuration in
 .Nm
 is marked as STATIC or INFORM without an address then
 .Nm
 will monitor the interface until an address is added or removed from it and
 act accordingly.
 For point to point interfaces (like PPP), a default route to its
 destination is automatically added to the configuration.
 If the point to point interface is configured for INFORM, then
 .Nm
 unicasts INFORM to the destination, otherwise it defaults to STATIC.
 .Sh NOTES
 .Nm
 requires a Berkley Packet Filter, or BPF device on BSD based systems and a
 Linux Socket Filter, or LPF device on Linux based systems for all IPv4
 configuration.
 .Pp
 If restricting
 .Nm
 to a single interface and optionally address family via the command-line
 then all further calls to
 .Nm
 to rebind, reconfigure or exit need to include the same restrictive flags
 so that
 .Nm
 knows which process to signal.
 .Pp
 Some DHCP servers implement ClientID filtering.
 If
 .Nm
 is replacing an in-use DHCP client then you might need to adjust the clientid
 option
 .Nm
 sends to match.
 If using a DUID in place of the ClientID, edit
 .Pa @DBDIR@/duid
 accordingly.
 .Sh FILES
 .Bl -ohang
 .It Pa @SYSCONFDIR@/dhcpcd.conf
 Configuration file for dhcpcd.
 If you always use the same options, put them here.
 .It Pa @SCRIPT@
 Bourne shell script that is run to configure or de-configure an interface.
 .It Pa @LIBDIR@/dhcpcd/dev
 Linux
 .Pa /dev
 management modules.
 .It Pa @HOOKDIR@
 A directory containing bourne shell scripts that are run by the above script.
 Each script can be disabled by using the
 .Fl C , Fl Fl nohook
 option described above.
 .It Pa @DBDIR@/duid
 Text file that holds the DUID used to identify the host.
 .It Pa @DBDIR@/secret
 Text file that holds a secret key known only to the host.
 .It Pa @DBDIR@/ Ns Ar interface Ns Ar -ssid Ns .lease
 The actual DHCP message sent by the server.
 We use this when reading the last
 lease and use the file's mtime as when it was issued.
 .It Pa @DBDIR@/ Ns Ar interface Ns Ar -ssid Ns .lease6
 The actual DHCPv6 message sent by the server.
 We use this when reading the last
 lease and use the file's mtime as when it was issued.
 .It Pa @DBDIR@/rdm_monotonic
 Stores the monotonic counter used in the
 .Ar replay
 field in Authentication Options.
 .It Pa @RUNDIR@/pid
 Stores the PID of
 .Nm
 running on all interfaces.
 .It Pa @RUNDIR@/ Ns Ar interface Ns .pid
 Stores the PID of
 .Nm
 running on the
 .Ar interface .
 .It Pa @RUNDIR@/sock
 Control socket to the master daemon.
 .It Pa @RUNDIR@/unpriv.sock
 Unprivileged socket to the master daemon, only allows state retrieval.
 .It Pa @RUNDIR@/ Ns Ar interface Ns .sock
 Control socket to per interface daemon.
 .El
 .Sh SEE ALSO
 .Xr fnmatch 3 ,
 .Xr if_nametoindex 3 ,
 .Xr dhcpcd.conf 5 ,
 .Xr resolv.conf 5 ,
 .Xr dhcpcd-run-hooks 8 ,
 .Xr resolvconf 8
 .Sh STANDARDS
 RFC\ 951, RFC\ 1534, RFC\ 2104, RFC\ 2131, RFC\ 2132, RFC\ 2563, RFC\ 2855,
 RFC\ 3004, RFC\ 3118, RFC\ 3203, RFC\ 3315, RFC\ 3361, RFC\ 3633, RFC\ 3396,
 RFC\ 3397, RFC\ 3442, RFC\ 3495, RFC\ 3925, RFC\ 3927, RFC\ 4039, RFC\ 4075,
 RFC\ 4242, RFC\ 4361, RFC\ 4390, RFC\ 4702, RFC\ 4074, RFC\ 4861, RFC\ 4833,
 RFC\ 4941, RFC\ 5227, RFC\ 5942, RFC\ 5969, RFC\ 6106, RFC\ 6334, RFC\ 6355,
 RFC\ 6603, RFC\ 6704, RFC\ 7217, RFC\ 7550, RFC\ 7844.
 .Sh AUTHORS
 .An Roy Marples Aq Mt roy@marples.name
 .Sh BUGS
 If
 .Nm
 is running in a
 .Xr chroot 2
 then re-opening the
 .Fl Fl logfile
 from SIGUSR2 may not work.
 .Pp
 Please report them to
 .Lk http://roy.marples.name/projects/dhcpcd

 @@ -426,2163 +426,2169 @@ stop_interface(struct interface *ifp, co
 	/* De-activate the interface */
 	ifp->active = IF_INACTIVE;
 	ifp->options->options &= ~DHCPCD_STOPPING;
 	if (!(ctx->options & (DHCPCD_MASTER | DHCPCD_TEST)))
 		eloop_exit(ctx->eloop, EXIT_FAILURE);
+}
 static void
 configure_interface1(struct interface *ifp)
+{
 	struct if_options *ifo = ifp->options;
 	/* Do any platform specific configuration */
 	if_conf(ifp);
 	/* If we want to release a lease, we can't really persist the
 	 * address either. */
 	if (ifo->options & DHCPCD_RELEASE)
 		ifo->options &= ~DHCPCD_PERSISTENT;
 	if (ifp->flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) {
 		ifo->options &= ~DHCPCD_ARP;
 		if (!(ifp->flags & IFF_MULTICAST))
 			ifo->options &= ~DHCPCD_IPV6RS;
 		if (!(ifo->options & (DHCPCD_INFORM | DHCPCD_WANTDHCP)))
 			ifo->options |= DHCPCD_STATIC;
+	}
 	if (ifo->metric != -1)
 		ifp->metric = (unsigned int)ifo->metric;
 #ifdef INET6
 	/* We want to setup INET6 on the interface as soon as possible. */
 	if (ifp->active == IF_ACTIVE_USER &&
 	    ifo->options & DHCPCD_IPV6 &&
 	    !(ifp->ctx->options & (DHCPCD_DUMPLEASE | DHCPCD_TEST)))
+	{
 		/* If not doing any DHCP, disable the RDNSS requirement. */
 		if (!(ifo->options & (DHCPCD_DHCP | DHCPCD_DHCP6)))
 			ifo->options &= ~DHCPCD_IPV6RA_REQRDNSS;
 		if_setup_inet6(ifp);
+	}
 #endif
 	if (!(ifo->options & DHCPCD_IAID)) {
 		/*
 		 * An IAID is for identifying a unqiue interface within
 		 * the client. It is 4 bytes long. Working out a default
 		 * value is problematic.
+		 *
 		 * Interface name and number are not stable
 		 * between different OS's. Some OS's also cannot make
 		 * up their mind what the interface should be called
 		 * (yes, udev, I'm looking at you).
 		 * Also, the name could be longer than 4 bytes.
 		 * Also, with pluggable interfaces the name and index
 		 * could easily get swapped per actual interface.
+		 *
 		 * The MAC address is 6 bytes long, the final 3
 		 * being unique to the manufacturer and the initial 3
 		 * being unique to the organisation which makes it.
 		 * We could use the last 4 bytes of the MAC address
 		 * as the IAID as it's the most stable part given the
 		 * above, but equally it's not guaranteed to be
 		 * unique.
+		 *
 		 * Given the above, and our need to reliably work
 		 * between reboots without persitent storage,
 		 * generating the IAID from the MAC address is the only
 		 * logical default.
 		 * Saying that, if a VLANID has been specified then we
 		 * can use that. It's possible that different interfaces
 		 * can have the same VLANID, but this is no worse than
 		 * generating the IAID from the duplicate MAC address.
+		 *
 		 * dhclient uses the last 4 bytes of the MAC address.
 		 * dibbler uses an increamenting counter.
 		 * wide-dhcpv6 uses 0 or a configured value.
 		 * odhcp6c uses 1.
 		 * Windows 7 uses the first 3 bytes of the MAC address
 		 * and an unknown byte.
 		 * dhcpcd-6.1.0 and earlier used the interface name,
 		 * falling back to interface index if name > 4.
 		 */
 		if (ifp->vlanid != 0) {
 			uint32_t vlanid;
 			/* Maximal VLANID is 4095, so prefix with 0xff
 			 * so we don't conflict with an interface index. */
 			vlanid = htonl(ifp->vlanid | 0xff000000);
 			memcpy(ifo->iaid, &vlanid, sizeof(vlanid));
 		} else if (ifo->options & DHCPCD_ANONYMOUS)
 			memset(ifo->iaid, 0, sizeof(ifo->iaid));
 		else if (ifp->hwlen >= sizeof(ifo->iaid)) {
 			memcpy(ifo->iaid,
 			    ifp->hwaddr + ifp->hwlen - sizeof(ifo->iaid),
 			    sizeof(ifo->iaid));
 		} else {
 			uint32_t len;
 			len = (uint32_t)strlen(ifp->name);
 			if (len <= sizeof(ifo->iaid)) {
 				memcpy(ifo->iaid, ifp->name, len);
 				if (len < sizeof(ifo->iaid))
 					memset(ifo->iaid + len, 0,
 					    sizeof(ifo->iaid) - len);
 			} else {
 				/* IAID is the same size as a uint32_t */
 				len = htonl(ifp->index);
 				memcpy(ifo->iaid, &len, sizeof(ifo->iaid));
+			}
+		}
 		ifo->options |= DHCPCD_IAID;
+	}
 #ifdef DHCP6
 	if (ifo->ia_len == 0 && ifo->options & DHCPCD_IPV6 &&
 	    ifp->name[0] != '\0')
+	{
 		ifo->ia = malloc(sizeof(*ifo->ia));
 		if (ifo->ia == NULL)
 			logerr(__func__);
 		else {
 			ifo->ia_len = 1;
 			ifo->ia->ia_type = D6_OPTION_IA_NA;
 			memcpy(ifo->ia->iaid, ifo->iaid, sizeof(ifo->iaid));
 			memset(&ifo->ia->addr, 0, sizeof(ifo->ia->addr));
 #ifndef SMALL
 			ifo->ia->sla = NULL;
 			ifo->ia->sla_len = 0;
 #endif
+		}
 	} else {
 		size_t i;
 		for (i = 0; i < ifo->ia_len; i++) {
 			if (!ifo->ia[i].iaid_set) {
 				memcpy(&ifo->ia[i].iaid, ifo->iaid,
 				    sizeof(ifo->ia[i].iaid));
 				ifo->ia[i].iaid_set = 1;
+			}
+		}
+	}
 #endif
 	/* If root is network mounted, we don't want to kill the connection
 	 * if the DHCP server goes the way of the dodo OR dhcpcd is rebooting
 	 * and the lease file has expired. */
 	if (is_root_local() == 0)
 		ifo->options |= DHCPCD_LASTLEASE_EXTEND;
+}
 int
 dhcpcd_selectprofile(struct interface *ifp, const char *profile)
+{
 	struct if_options *ifo;
 	char pssid[PROFILE_LEN];
 	if (ifp->ssid_len) {
 		ssize_t r;
 		r = print_string(pssid, sizeof(pssid), OT_ESCSTRING,
 		    ifp->ssid, ifp->ssid_len);
 		if (r == -1) {
 			logerr(__func__);
 			pssid[0] = '\0';
+		}
 	} else
 		pssid[0] = '\0';
 	ifo = read_config(ifp->ctx, ifp->name, pssid, profile);
 	if (ifo == NULL) {
 		logdebugx("%s: no profile %s", ifp->name, profile);
 		return -1;
+	}
 	if (profile != NULL) {
 		strlcpy(ifp->profile, profile, sizeof(ifp->profile));
 		loginfox("%s: selected profile %s", ifp->name, profile);
 	} else
 		*ifp->profile = '\0';
 	free_options(ifp->ctx, ifp->options);
 	ifp->options = ifo;
 	if (profile) {
 		add_options(ifp->ctx, ifp->name, ifp->options,
 		    ifp->ctx->argc, ifp->ctx->argv);
 		configure_interface1(ifp);
+	}
 	return 1;
+}
 static void
 configure_interface(struct interface *ifp, int argc, char **argv,
     unsigned long long options)
+{
 	time_t old;
 	old = ifp->options ? ifp->options->mtime : 0;
 	dhcpcd_selectprofile(ifp, NULL);
 	if (ifp->options == NULL) {
 		/* dhcpcd cannot continue with this interface. */
 		ifp->active = IF_INACTIVE;
 		return;
+	}
 	add_options(ifp->ctx, ifp->name, ifp->options, argc, argv);
 	ifp->options->options |= options;
 	configure_interface1(ifp);
 	/* If the mtime has changed drop any old lease */
 	if (old != 0 && ifp->options->mtime != old) {
 		logwarnx("%s: config file changed, expiring leases",
 		    ifp->name);
 		dhcpcd_drop(ifp, 0);
+	}
+}
 static void
 dhcpcd_initstate2(struct interface *ifp, unsigned long long options)
+{
 	struct if_options *ifo;
 	if (options) {
 		if ((ifo = default_config(ifp->ctx)) == NULL) {
 			logerr(__func__);
 			return;
+		}
 		ifo->options |= options;
 		free(ifp->options);
 		ifp->options = ifo;
 	} else
 		ifo = ifp->options;
 #ifdef INET6
 	if (ifo->options & DHCPCD_IPV6 && ipv6_init(ifp->ctx) == -1) {
 		logerr(__func__);
 		ifo->options &= ~DHCPCD_IPV6;
+	}
 #endif
+}
 static void
 dhcpcd_initstate1(struct interface *ifp, int argc, char **argv,
     unsigned long long options)
+{
 	configure_interface(ifp, argc, argv, options);
 	if (ifp->active)
 		dhcpcd_initstate2(ifp, 0);
+}
 static void
 dhcpcd_initstate(struct interface *ifp, unsigned long long options)
+{
 	dhcpcd_initstate1(ifp, ifp->ctx->argc, ifp->ctx->argv, options);
+}
 static void
 dhcpcd_reportssid(struct interface *ifp)
+{
 	char pssid[IF_SSIDLEN * 4];
 	if (print_string(pssid, sizeof(pssid), OT_ESCSTRING,
 	    ifp->ssid, ifp->ssid_len) == -1)
+	{
 		logerr(__func__);
 		return;
+	}
 	loginfox("%s: connected to Access Point: %s", ifp->name, pssid);
+}
 void
 dhcpcd_handlecarrier(struct interface *ifp, int carrier, unsigned int flags)
+{
 	bool was_link_up = if_is_link_up(ifp);
 	ifp->carrier = carrier;
 	ifp->flags = flags;
 	if (!if_is_link_up(ifp)) {
 		if (!was_link_up || !ifp->active)
 			return;
 		loginfox("%s: carrier lost", ifp->name);
 		script_runreason(ifp, "NOCARRIER");
 #ifdef NOCARRIER_PRESERVE_IP
 		if (ifp->flags & IFF_UP &&
 		    !(ifp->options->options & DHCPCD_ANONYMOUS))
+		{
 #ifdef ARP
 			arp_drop(ifp);
 #endif
 #ifdef INET
 			dhcp_abort(ifp);
 #endif
 #ifdef DHCP6
 			dhcp6_abort(ifp);
 #endif
 		} else
 #endif
 			dhcpcd_drop(ifp, 0);
 		if (ifp->options->options & DHCPCD_ANONYMOUS) {
 			bool is_up = ifp->flags & IFF_UP;
 			if (is_up)
 				if_down(ifp);
 			if (if_randomisemac(ifp) == -1 && errno != ENXIO)
 				logerr(__func__);
 			if (is_up)
 				if_up(ifp);
+		}
 		return;
+	}
 	/*
 	 * At this point carrier is NOT DOWN and we have IFF_UP.
 	 * We should treat LINK_UNKNOWN as up as the driver may not support
 	 * link state changes.
 	 * The consideration of any other information about carrier should
 	 * be handled in the OS specific if_carrier() function.
 	 */
 	if (was_link_up)
 		return;
 	if (ifp->active) {
 		if (carrier == LINK_UNKNOWN)
 			loginfox("%s: carrier unknown, assuming up", ifp->name);
 		else
 			loginfox("%s: carrier acquired", ifp->name);
+	}
 #if !defined(__linux__) && !defined(__NetBSD__)
 	/* BSD does not emit RTM_NEWADDR or RTM_CHGADDR when the
 	 * hardware address changes so we have to go
 	 * through the disovery process to work it out. */
 	dhcpcd_handleinterface(ifp->ctx, 0, ifp->name);
 #endif
 	if (ifp->wireless) {
 		uint8_t ossid[IF_SSIDLEN];
 		size_t olen;
 		olen = ifp->ssid_len;
 		memcpy(ossid, ifp->ssid, ifp->ssid_len);
 		if_getssid(ifp);
 		/* If we changed SSID network, drop leases */
 		if ((ifp->ssid_len != olen ||
 		    memcmp(ifp->ssid, ossid, ifp->ssid_len)) && ifp->active)
+		{
 			dhcpcd_reportssid(ifp);
 #ifdef NOCARRIER_PRESERVE_IP
 			dhcpcd_drop(ifp, 0);
 #endif
 #ifdef IPV4LL
 			ipv4ll_reset(ifp);
 #endif
+		}
+	}
 	if (!ifp->active)
 		return;
 	dhcpcd_initstate(ifp, 0);
 	script_runreason(ifp, "CARRIER");
 #ifdef INET6
 #ifdef NOCARRIER_PRESERVE_IP
 	/* Set any IPv6 Routers we remembered to expire faster than they
 	 * would normally as we maybe on a new network. */
 	ipv6nd_startexpire(ifp);
 #endif
 #ifdef IPV6_MANAGETEMPADDR
 	/* RFC4941 Section 3.5 */
 	ipv6_regentempaddrs(ifp);
 #endif
 #endif
 	dhcpcd_startinterface(ifp);
+}
 static void
 warn_iaid_conflict(struct interface *ifp, uint16_t ia_type, uint8_t *iaid)
+{
 	struct interface *ifn;
 #ifdef INET6
 	size_t i;
 	struct if_ia *ia;
 #endif
 	TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) {
 		if (ifn == ifp || !ifn->active)
 			continue;
 		if (ifn->options->options & DHCPCD_ANONYMOUS)
 			continue;
 		if (ia_type == 0 &&
 		    memcmp(ifn->options->iaid, iaid,
 		    sizeof(ifn->options->iaid)) == 0)
 			break;
 #ifdef INET6
 		for (i = 0; i < ifn->options->ia_len; i++) {
 			ia = &ifn->options->ia[i];
 			if (ia->ia_type == ia_type &&
 			    memcmp(ia->iaid, iaid, sizeof(ia->iaid)) == 0)
 				break;
+		}
 #endif
+	}
 	/* This is only a problem if the interfaces are on the same network. */
 	if (ifn)
 		logerrx("%s: IAID conflicts with one assigned to %s",
 		    ifp->name, ifn->name);
+}
 static void
 dhcpcd_initduid(struct dhcpcd_ctx *ctx, struct interface *ifp)
+{
 	char buf[DUID_LEN * 3];
 	if (ctx->duid != NULL)
 		return;
 	duid_init(ctx, ifp);
 	if (ctx->duid == NULL)
 		return;
 	loginfox("DUID %s",
 	    hwaddr_ntoa(ctx->duid, ctx->duid_len, buf, sizeof(buf)));
+}
 void
 dhcpcd_startinterface(void *arg)
+{
 	struct interface *ifp = arg;
 	struct if_options *ifo = ifp->options;
 	if (ifo->options & DHCPCD_LINK && !if_is_link_up(ifp)) {
 		loginfox("%s: waiting for carrier", ifp->name);
 		return;
+	}
 	if (ifo->options & (DHCPCD_DUID | DHCPCD_IPV6) &&
 	    !(ifo->options & DHCPCD_ANONYMOUS))
+	{
 		char buf[sizeof(ifo->iaid) * 3];
 #ifdef INET6
 		size_t i;
 		struct if_ia *ia;
 #endif
 		/* Try and init DUID from the interface hardware address */
 		dhcpcd_initduid(ifp->ctx, ifp);
 		/* Report IAIDs */
 		loginfox("%s: IAID %s", ifp->name,
 		    hwaddr_ntoa(ifo->iaid, sizeof(ifo->iaid),
 		    buf, sizeof(buf)));
 		warn_iaid_conflict(ifp, 0, ifo->iaid);
 #ifdef INET6
 		for (i = 0; i < ifo->ia_len; i++) {
 			ia = &ifo->ia[i];
 			if (memcmp(ifo->iaid, ia->iaid, sizeof(ifo->iaid))) {
 				loginfox("%s: IA type %u IAID %s",
 				    ifp->name, ia->ia_type,
 				    hwaddr_ntoa(ia->iaid, sizeof(ia->iaid),
 				    buf, sizeof(buf)));
 				warn_iaid_conflict(ifp, ia->ia_type, ia->iaid);
+			}
+		}
 #endif
+	}
 #ifdef INET6
 	if (ifo->options & DHCPCD_IPV6 && ipv6_start(ifp) == -1) {
 		logerr("%s: ipv6_start", ifp->name);
 		ifo->options &= ~DHCPCD_IPV6;
+	}
 	if (ifo->options & DHCPCD_IPV6) {
 		if (ifp->active == IF_ACTIVE_USER) {
 			ipv6_startstatic(ifp);
 			if (ifo->options & DHCPCD_IPV6RS)
 				ipv6nd_startrs(ifp);
+		}
 #ifdef DHCP6
 		/* DHCPv6 could be turned off, but the interface
 		 * is still delegated to. */
 		if (ifp->active)
 			dhcp6_find_delegates(ifp);
 		if (ifo->options & DHCPCD_DHCP6) {
 			if (ifp->active == IF_ACTIVE_USER) {
 				enum DH6S d6_state;
 				if (ifo->options & DHCPCD_IA_FORCED)
 					d6_state = DH6S_INIT;
 				else if (ifo->options & DHCPCD_INFORM6)
 					d6_state = DH6S_INFORM;
 				else
 					d6_state = DH6S_CONFIRM;
 				if (dhcp6_start(ifp, d6_state) == -1)
 					logerr("%s: dhcp6_start", ifp->name);
+			}
+		}
 #endif
+	}
 #endif
 #ifdef INET
 	if (ifo->options & DHCPCD_IPV4 && ifp->active == IF_ACTIVE_USER) {
 		/* Ensure we have an IPv4 state before starting DHCP */
 		if (ipv4_getstate(ifp) != NULL)
 			dhcp_start(ifp);
+	}
 #endif
+}
 static void
 dhcpcd_prestartinterface(void *arg)
+{
 	struct interface *ifp = arg;
 	struct dhcpcd_ctx *ctx = ifp->ctx;
 	bool anondown;
 	if (ifp->carrier <= LINK_DOWN &&
 	    ifp->options->options & DHCPCD_ANONYMOUS &&
 	    ifp->flags & IFF_UP)
+	{
 		if_down(ifp);
 		anondown = true;
 	} else
 		anondown = false;
 	if ((!(ctx->options & DHCPCD_MASTER) ||
 	    ifp->options->options & DHCPCD_IF_UP || anondown) &&
 	    !(ifp->flags & IFF_UP))
+	{
 		if (ifp->options->options & DHCPCD_ANONYMOUS &&
 		    if_randomisemac(ifp) == -1)
 			logerr(__func__);
 		if (if_up(ifp) == -1)
 			logerr(__func__);
+	}
 	dhcpcd_startinterface(ifp);
+}
 static void
 run_preinit(struct interface *ifp)
+{
 	if (ifp->ctx->options & DHCPCD_TEST)
 		return;
 	script_runreason(ifp, "PREINIT");
 	if (ifp->wireless && if_is_link_up(ifp))
 		dhcpcd_reportssid(ifp);
 	if (ifp->options->options & DHCPCD_LINK && ifp->carrier != LINK_UNKNOWN)
 		script_runreason(ifp,
 		    ifp->carrier == LINK_UP ? "CARRIER" : "NOCARRIER");
+}
 void
 dhcpcd_activateinterface(struct interface *ifp, unsigned long long options)
+{
 	if (!ifp->active) {
 		ifp->active = IF_ACTIVE;
 		dhcpcd_initstate2(ifp, options);
 		/* It's possible we might not have been able to load
 		 * a config. */
 		if (ifp->active) {
 			configure_interface1(ifp);
 			run_preinit(ifp);
 			dhcpcd_prestartinterface(ifp);
+		}
+	}
+}
 int
 dhcpcd_handleinterface(void *arg, int action, const char *ifname)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	struct ifaddrs *ifaddrs;
 	struct if_head *ifs;
 	struct interface *ifp, *iff;
 	const char * const argv[] = { ifname };
 	int e;
 	if (action == -1) {
 		ifp = if_find(ctx->ifaces, ifname);
 		if (ifp == NULL) {
 			errno = ESRCH;
 			return -1;
+		}
 		if (ifp->active) {
 			logdebugx("%s: interface departed", ifp->name);
 			stop_interface(ifp, "DEPARTED");
+		}
 		TAILQ_REMOVE(ctx->ifaces, ifp, next);
 		if_free(ifp);
 		return 0;
+	}
 	ifs = if_discover(ctx, &ifaddrs, -1, UNCONST(argv));
 	if (ifs == NULL) {
 		logerr(__func__);
 		return -1;
+	}
 	ifp = if_find(ifs, ifname);
 	if (ifp == NULL) {
 		/* This can happen if an interface is quickly added
 		 * and then removed. */
 		errno = ENOENT;
 		e = -1;
 		goto out;
+	}
 	e = 1;
 	/* Check if we already have the interface */
 	iff = if_find(ctx->ifaces, ifp->name);
 	if (iff != NULL) {
 		if (iff->active)
 			logdebugx("%s: interface updated", iff->name);
 		/* The flags and hwaddr could have changed */
 		iff->flags = ifp->flags;
 		iff->hwlen = ifp->hwlen;
 		if (ifp->hwlen != 0)
 			memcpy(iff->hwaddr, ifp->hwaddr, iff->hwlen);
 	} else {
 		TAILQ_REMOVE(ifs, ifp, next);
 		TAILQ_INSERT_TAIL(ctx->ifaces, ifp, next);
 		if (ifp->active) {
 			logdebugx("%s: interface added", ifp->name);
 			dhcpcd_initstate(ifp, 0);
 			run_preinit(ifp);
+		}
 		iff = ifp;
+	}
 	if (action > 0) {
 		if_learnaddrs(ctx, ifs, &ifaddrs);
 		if (iff->active)
 			dhcpcd_prestartinterface(iff);
+	}
 out:
 	/* Free our discovered list */
 	while ((ifp = TAILQ_FIRST(ifs))) {
 		TAILQ_REMOVE(ifs, ifp, next);
 		if_free(ifp);
+	}
 	free(ifs);
 	return e;
+}
 static void
 dhcpcd_handlelink(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	if (if_handlelink(ctx) == -1) {
 		if (errno == ENOBUFS || errno == ENOMEM) {
 			dhcpcd_linkoverflow(ctx);
 			return;
+		}
 		if (errno != ENOTSUP)
 			logerr(__func__);
+	}
+}
 static void
 dhcpcd_checkcarrier(void *arg)
+{
 	struct interface *ifp0 = arg, *ifp;
 	ifp = if_find(ifp0->ctx->ifaces, ifp0->name);
 	if (ifp == NULL || ifp->carrier == ifp0->carrier)
 		return;
 	dhcpcd_handlecarrier(ifp, ifp0->carrier, ifp0->flags);
 	if_free(ifp0);
+}
 #ifndef SMALL
 static void
 dhcpcd_setlinkrcvbuf(struct dhcpcd_ctx *ctx)
+{
 	socklen_t socklen;
 	if (ctx->link_rcvbuf == 0)
 		return;
 	logdebugx("setting route socket receive buffer size to %d bytes",
 	    ctx->link_rcvbuf);
 	socklen = sizeof(ctx->link_rcvbuf);
 	if (setsockopt(ctx->link_fd, SOL_SOCKET,
 	    SO_RCVBUF, &ctx->link_rcvbuf, socklen) == -1)
 		logerr(__func__);
+}
 #endif
 static void
 dhcpcd_runprestartinterface(void *arg)
+{
 	struct interface *ifp = arg;
 	run_preinit(ifp);
 	dhcpcd_prestartinterface(ifp);
+}
 void
 dhcpcd_linkoverflow(struct dhcpcd_ctx *ctx)
+{
 	socklen_t socklen;
 	int rcvbuflen;
 	char buf[2048];
 	ssize_t rlen;
 	size_t rcnt;
 	struct if_head *ifaces;
 	struct ifaddrs *ifaddrs;
 	struct interface *ifp, *ifn, *ifp1;
 	socklen = sizeof(rcvbuflen);
 	if (getsockopt(ctx->link_fd, SOL_SOCKET,
 	    SO_RCVBUF, &rcvbuflen, &socklen) == -1)
 		rcvbuflen = 0;
 #ifdef __linux__
 	else
 		rcvbuflen /= 2;
 #endif
 	logerrx("route socket overflowed (rcvbuflen %d)"
 	    " - learning interface state", rcvbuflen);
 	/* Drain the socket.
 	 * We cannot open a new one due to privsep. */
 	rcnt = 0;
 	do {
 		rlen = read(ctx->link_fd, buf, sizeof(buf));
 		if (++rcnt % 1000 == 0)
 			logwarnx("drained %zu messages", rcnt);
 	} while (rlen != -1 || errno == ENOBUFS || errno == ENOMEM);
 	if (rcnt % 1000 != 0)
 		logwarnx("drained %zu messages", rcnt);
 	/* Work out the current interfaces. */
 	ifaces = if_discover(ctx, &ifaddrs, ctx->ifc, ctx->ifv);
 	if (ifaces == NULL) {
 		logerr(__func__);
 		return;
+	}
 	/* Punt departed interfaces */
 	TAILQ_FOREACH_SAFE(ifp, ctx->ifaces, next, ifn) {
 		if (if_find(ifaces, ifp->name) != NULL)
 			continue;
 		dhcpcd_handleinterface(ctx, -1, ifp->name);
+	}
 	/* Add new interfaces */
 	while ((ifp = TAILQ_FIRST(ifaces)) != NULL ) {
 		TAILQ_REMOVE(ifaces, ifp, next);
 		ifp1 = if_find(ctx->ifaces, ifp->name);
 		if (ifp1 != NULL) {
 			/* If the interface already exists,
 			 * check carrier state.
 			 * dhcpcd_checkcarrier will free ifp. */
 			eloop_timeout_add_sec(ctx->eloop, 0,
 			    dhcpcd_checkcarrier, ifp);
 			continue;
+		}
 		TAILQ_INSERT_TAIL(ctx->ifaces, ifp, next);
 		if (ifp->active) {
 			dhcpcd_initstate(ifp, 0);
 			eloop_timeout_add_sec(ctx->eloop, 0,
 			    dhcpcd_runprestartinterface, ifp);
+		}
+	}
 	free(ifaces);
 	/* Update address state. */
 	if_markaddrsstale(ctx->ifaces);
 	if_learnaddrs(ctx, ctx->ifaces, &ifaddrs);
 	if_deletestaleaddrs(ctx->ifaces);
+}
 void
 dhcpcd_handlehwaddr(struct interface *ifp,
     uint16_t hwtype, const void *hwaddr, uint8_t hwlen)
+{
 	char buf[sizeof(ifp->hwaddr) * 3];
 	if (hwaddr == NULL || !if_valid_hwaddr(hwaddr, hwlen))
 		hwlen = 0;
 	if (hwlen > sizeof(ifp->hwaddr)) {
 		errno = ENOBUFS;
 		logerr("%s: %s", __func__, ifp->name);
 		return;
+	}
 	if (ifp->hwtype != hwtype) {
 		loginfox("%s: hardware address type changed from %d to %d",
 		    ifp->name, ifp->hwtype, hwtype);
 		ifp->hwtype = hwtype;
+	}
 	if (ifp->hwlen == hwlen &&
 	    (hwlen == 0 || memcmp(ifp->hwaddr, hwaddr, hwlen) == 0))
 		return;
 	loginfox("%s: new hardware address: %s", ifp->name,
 	    hwaddr_ntoa(hwaddr, hwlen, buf, sizeof(buf)));
 	ifp->hwlen = hwlen;
 	if (hwaddr != NULL)
 		memcpy(ifp->hwaddr, hwaddr, hwlen);
+}
 static void
 if_reboot(struct interface *ifp, int argc, char **argv)
+{
 #ifdef INET
 	unsigned long long oldopts;
 	oldopts = ifp->options->options;
 #endif
 	script_runreason(ifp, "RECONFIGURE");
 	dhcpcd_initstate1(ifp, argc, argv, 0);
 #ifdef INET
 	dhcp_reboot_newopts(ifp, oldopts);
 #endif
 #ifdef DHCP6
 	dhcp6_reboot(ifp);
 #endif
 	dhcpcd_prestartinterface(ifp);
+}
 static void
 reload_config(struct dhcpcd_ctx *ctx)
+{
 	struct if_options *ifo;
 	free_globals(ctx);
 	if ((ifo = read_config(ctx, NULL, NULL, NULL)) == NULL)
 		return;
 	add_options(ctx, NULL, ifo, ctx->argc, ctx->argv);
 	/* We need to preserve these options. */
 	if (ctx->options & DHCPCD_STARTED)
 		ifo->options |= DHCPCD_STARTED;
 	if (ctx->options & DHCPCD_MASTER)
 		ifo->options |= DHCPCD_MASTER;
 	if (ctx->options & DHCPCD_DAEMONISED)
 		ifo->options |= DHCPCD_DAEMONISED;
 	if (ctx->options & DHCPCD_PRIVSEP)
 		ifo->options |= DHCPCD_PRIVSEP;
 	ctx->options = ifo->options;
 	free_options(ctx, ifo);
+}
 static void
 reconf_reboot(struct dhcpcd_ctx *ctx, int action, int argc, char **argv, int oi)
+{
 	int i;
 	struct interface *ifp;
 	TAILQ_FOREACH(ifp, ctx->ifaces, next) {
 		for (i = oi; i < argc; i++) {
 			if (strcmp(ifp->name, argv[i]) == 0)
 				break;
+		}
 		if (oi != argc && i == argc)
 			continue;
 		if (ifp->active == IF_ACTIVE_USER) {
 			if (action)
 				if_reboot(ifp, argc, argv);
 #ifdef INET
 			else
 				ipv4_applyaddr(ifp);
 #endif
 		} else if (i != argc) {
 			ifp->active = IF_ACTIVE_USER;
 			dhcpcd_initstate1(ifp, argc, argv, 0);
 			run_preinit(ifp);
 			dhcpcd_prestartinterface(ifp);
+		}
+	}
+}
 static void
 stop_all_interfaces(struct dhcpcd_ctx *ctx, unsigned long long opts)
+{
 	struct interface *ifp;
 	ctx->options |= DHCPCD_EXITING;
 	if (ctx->ifaces == NULL)
 		return;
 	/* Drop the last interface first */
 	TAILQ_FOREACH_REVERSE(ifp, ctx->ifaces, if_head, next) {
 		if (!ifp->active)
 			continue;
 		ifp->options->options |= opts;
 		if (ifp->options->options & DHCPCD_RELEASE)
 			ifp->options->options &= ~DHCPCD_PERSISTENT;
 		ifp->options->options |= DHCPCD_EXITING;
 		stop_interface(ifp, NULL);
+	}
+}
 static void
 dhcpcd_ifrenew(struct interface *ifp)
+{
 	if (!ifp->active)
 		return;
 	if (ifp->options->options & DHCPCD_LINK && !if_is_link_up(ifp))
 		return;
 #ifdef INET
 	dhcp_renew(ifp);
 #endif
 #ifdef INET6
 #define DHCPCD_RARENEW (DHCPCD_IPV6 | DHCPCD_IPV6RS)
 	if ((ifp->options->options & DHCPCD_RARENEW) == DHCPCD_RARENEW)
 		ipv6nd_startrs(ifp);
 #endif
 #ifdef DHCP6
 	dhcp6_renew(ifp);
 #endif
+}
 static void
 dhcpcd_renew(struct dhcpcd_ctx *ctx)
+{
 	struct interface *ifp;
 	TAILQ_FOREACH(ifp, ctx->ifaces, next) {
 		dhcpcd_ifrenew(ifp);
+	}
+}
 #ifdef USE_SIGNALS
 #define sigmsg "received %s, %s"
 static void
 dhcpcd_signal_cb(int sig, void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	unsigned long long opts;
 	int exit_code;
 	if (ctx->options & DHCPCD_DUMPLEASE) {
 		eloop_exit(ctx->eloop, EXIT_FAILURE);
 		return;
+	}
 	if (sig != SIGCHLD && ctx->options & DHCPCD_FORKED) {
 		if (sig != SIGHUP &&
 		    write(ctx->fork_fd, &sig, sizeof(sig)) == -1)
 			logerr("%s: write", __func__);
 		return;
+	}
 	opts = 0;
 	exit_code = EXIT_FAILURE;
 	switch (sig) {
 	case SIGINT:
 		loginfox(sigmsg, "SIGINT", "stopping");
 		break;
 	case SIGTERM:
 		loginfox(sigmsg, "SIGTERM", "stopping");
 		exit_code = EXIT_SUCCESS;
 		break;
 	case SIGALRM:
 		loginfox(sigmsg, "SIGALRM", "releasing");
 		opts |= DHCPCD_RELEASE;
 		exit_code = EXIT_SUCCESS;
 		break;
 	case SIGHUP:
 		loginfox(sigmsg, "SIGHUP", "rebinding");
 		reload_config(ctx);
 		/* Preserve any options passed on the commandline
 		 * when we were started. */
 		reconf_reboot(ctx, 1, ctx->argc, ctx->argv,
 		    ctx->argc - ctx->ifc);
 		return;
 	case SIGUSR1:
 		loginfox(sigmsg, "SIGUSR1", "renewing");
 		dhcpcd_renew(ctx);
 		return;
 	case SIGUSR2:
 		loginfox(sigmsg, "SIGUSR2", "reopening log");
-		/* XXX This may not work that well in a chroot */
+#ifdef PRIVSEP
-		logclose();
+		if (IN_PRIVSEP(ctx)) {
 			if (ps_root_logreopen(ctx) == -1)
 				logerr("ps_root_logreopen");
 			return;
+		}
 #endif
 		if (logopen(ctx->logfile) == -1)
-			logerr(__func__);
+			logerr("logopen");
 		return;
 	case SIGCHLD:
 		while (waitpid(-1, NULL, WNOHANG) > 0)
+			;
 		return;
 	default:
 		logerrx("received signal %d but don't know what to do with it",
 		    sig);
 		return;
+	}
 	if (!(ctx->options & DHCPCD_TEST))
 		stop_all_interfaces(ctx, opts);
 	eloop_exit(ctx->eloop, exit_code);
+}
 #endif
 int
 dhcpcd_handleargs(struct dhcpcd_ctx *ctx, struct fd_list *fd,
     int argc, char **argv)
+{
 	struct interface *ifp;
 	unsigned long long opts;
 	int opt, oi, do_reboot, do_renew, af = AF_UNSPEC;
 	size_t len, l, nifaces;
 	char *tmp, *p;
 	/* Special commands for our control socket
 	 * as the other end should be blocking until it gets the
 	 * expected reply we should be safely able just to change the
 	 * write callback on the fd */
 	/* Make any change here in privsep-control.c as well. */
 	if (strcmp(*argv, "--version") == 0) {
 		return control_queue(fd, UNCONST(VERSION),
 		    strlen(VERSION) + 1);
 	} else if (strcmp(*argv, "--getconfigfile") == 0) {
 		return control_queue(fd, UNCONST(fd->ctx->cffile),
 		    strlen(fd->ctx->cffile) + 1);
 	} else if (strcmp(*argv, "--getinterfaces") == 0) {
 		optind = argc = 0;
 		goto dumplease;
 	} else if (strcmp(*argv, "--listen") == 0) {
 		fd->flags |= FD_LISTEN;
 		return 0;
+	}
 	/* Log the command */
 	len = 1;
 	for (opt = 0; opt < argc; opt++)
 		len += strlen(argv[opt]) + 1;
 	tmp = malloc(len);
 	if (tmp == NULL)
 		return -1;
 	p = tmp;
 	for (opt = 0; opt < argc; opt++) {
 		l = strlen(argv[opt]);
 		strlcpy(p, argv[opt], len);
 		len -= l + 1;
 		p += l;
 		*p++ = ' ';
+	}
 	*--p = '\0';
 	loginfox("control command: %s", tmp);
 	free(tmp);
 	optind = 0;
 	oi = 0;
 	opts = 0;
 	do_reboot = do_renew = 0;
 	while ((opt = getopt_long(argc, argv, IF_OPTS, cf_options, &oi)) != -1)
+	{
 		switch (opt) {
 		case 'g':
 			/* Assumed if below not set */
 			break;
 		case 'k':
 			opts |= DHCPCD_RELEASE;
 			break;
 		case 'n':
 			do_reboot = 1;
 			break;
 		case 'p':
 			opts |= DHCPCD_PERSISTENT;
 			break;
 		case 'x':
 			opts |= DHCPCD_EXITING;
 			break;
 		case 'N':
 			do_renew = 1;
 			break;
 		case 'U':
 			opts |= DHCPCD_DUMPLEASE;
 			break;
 		case '4':
 			af = AF_INET;
 			break;
 		case '6':
 			af = AF_INET6;
 			break;
+		}
+	}
 	if (opts & DHCPCD_DUMPLEASE) {
 		ctx->options |= DHCPCD_DUMPLEASE;
 dumplease:
 		nifaces = 0;
 		TAILQ_FOREACH(ifp, ctx->ifaces, next) {
 			if (!ifp->active)
 				continue;
 			for (oi = optind; oi < argc; oi++) {
 				if (strcmp(ifp->name, argv[oi]) == 0)
 					break;
+			}
 			if (optind == argc || oi < argc) {
 				opt = send_interface(NULL, ifp, af);
 				if (opt == -1)
 					goto dumperr;
 				nifaces += (size_t)opt;
+			}
+		}
 		if (write(fd->fd, &nifaces, sizeof(nifaces)) != sizeof(nifaces))
 			goto dumperr;
 		TAILQ_FOREACH(ifp, ctx->ifaces, next) {
 			if (!ifp->active)
 				continue;
 			for (oi = optind; oi < argc; oi++) {
 				if (strcmp(ifp->name, argv[oi]) == 0)
 					break;
+			}
 			if (optind == argc || oi < argc) {
 				if (send_interface(fd, ifp, af) == -1)
 					goto dumperr;
+			}
+		}
 		ctx->options &= ~DHCPCD_DUMPLEASE;
 		return 0;
 dumperr:
 		ctx->options &= ~DHCPCD_DUMPLEASE;
 		return -1;
+	}
 	/* Only privileged users can control dhcpcd via the socket. */
 	if (fd->flags & FD_UNPRIV) {
 		errno = EPERM;
 		return -1;
+	}
 	if (opts & (DHCPCD_EXITING | DHCPCD_RELEASE)) {
 		if (optind == argc) {
 			stop_all_interfaces(ctx, opts);
 			eloop_exit(ctx->eloop, EXIT_SUCCESS);
 			return 0;
+		}
 		for (oi = optind; oi < argc; oi++) {
 			if ((ifp = if_find(ctx->ifaces, argv[oi])) == NULL)
 				continue;
 			if (!ifp->active)
 				continue;
 			ifp->options->options |= opts;
 			if (opts & DHCPCD_RELEASE)
 				ifp->options->options &= ~DHCPCD_PERSISTENT;
 			stop_interface(ifp, NULL);
+		}
 		return 0;
+	}
 	if (do_renew) {
 		if (optind == argc) {
 			dhcpcd_renew(ctx);
 			return 0;
+		}
 		for (oi = optind; oi < argc; oi++) {
 			if ((ifp = if_find(ctx->ifaces, argv[oi])) == NULL)
 				continue;
 			dhcpcd_ifrenew(ifp);
+		}
 		return 0;
+	}
 	reload_config(ctx);
 	/* XXX: Respect initial commandline options? */
 	reconf_reboot(ctx, do_reboot, argc, argv, optind - 1);
 	return 0;
+}
 static void dhcpcd_readdump1(void *);
 static void
 dhcpcd_readdump2(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	ssize_t len;
 	int exit_code = EXIT_FAILURE;
 	len = read(ctx->control_fd, ctx->ctl_buf + ctx->ctl_bufpos,
 	    ctx->ctl_buflen - ctx->ctl_bufpos);
 	if (len == -1) {
 		logerr(__func__);
 		goto finished;
 	} else if (len == 0)
 		goto finished;
 	if ((size_t)len + ctx->ctl_bufpos != ctx->ctl_buflen) {
 		ctx->ctl_bufpos += (size_t)len;
 		return;
+	}
 	if (ctx->ctl_buf[ctx->ctl_buflen - 1] != '\0') /* unlikely */
 		ctx->ctl_buf[ctx->ctl_buflen - 1] = '\0';
 	script_dump(ctx->ctl_buf, ctx->ctl_buflen);
 	fflush(stdout);
 	if (--ctx->ctl_extra != 0) {
 		putchar('\n');
 		eloop_event_add(ctx->eloop, ctx->control_fd,
 		    dhcpcd_readdump1, ctx);
 		return;
+	}
 	exit_code = EXIT_SUCCESS;
 finished:
 	shutdown(ctx->control_fd, SHUT_RDWR);
 	eloop_exit(ctx->eloop, exit_code);
+}
 static void
 dhcpcd_readdump1(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	ssize_t len;
 	len = read(ctx->control_fd, &ctx->ctl_buflen, sizeof(ctx->ctl_buflen));
 	if (len != sizeof(ctx->ctl_buflen)) {
 		if (len != -1)
 			errno = EINVAL;
 		goto err;
+	}
 	if (ctx->ctl_buflen > SSIZE_MAX) {
 		errno = ENOBUFS;
 		goto err;
+	}
 	free(ctx->ctl_buf);
 	ctx->ctl_buf = malloc(ctx->ctl_buflen);
 	if (ctx->ctl_buf == NULL)
 		goto err;
 	ctx->ctl_bufpos = 0;
 	eloop_event_add(ctx->eloop, ctx->control_fd,
 	    dhcpcd_readdump2, ctx);
 	return;
 err:
 	logerr(__func__);
 	eloop_exit(ctx->eloop, EXIT_FAILURE);
+}
 static void
 dhcpcd_readdump0(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	ssize_t len;
 	len = read(ctx->control_fd, &ctx->ctl_extra, sizeof(ctx->ctl_extra));
 	if (len != sizeof(ctx->ctl_extra)) {
 		if (len != -1)
 			errno = EINVAL;
 		logerr(__func__);
 		eloop_exit(ctx->eloop, EXIT_FAILURE);
 		return;
+	}
 	if (ctx->ctl_extra == 0) {
 		eloop_exit(ctx->eloop, EXIT_SUCCESS);
 		return;
+	}
 	eloop_event_add(ctx->eloop, ctx->control_fd,
 	    dhcpcd_readdump1, ctx);
+}
 static void
 dhcpcd_readdumptimeout(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	logerrx(__func__);
 	eloop_exit(ctx->eloop, EXIT_FAILURE);
+}
 static int
 dhcpcd_readdump(struct dhcpcd_ctx *ctx)
+{
 	ctx->options |=	DHCPCD_FORKED;
 	if (eloop_timeout_add_sec(ctx->eloop, 5,
 	    dhcpcd_readdumptimeout, ctx) == -1)
 		return -1;
 	return eloop_event_add(ctx->eloop, ctx->control_fd,
 	    dhcpcd_readdump0, ctx);
+}
 static void
 dhcpcd_fork_cb(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	int exit_code;
 	ssize_t len;
 	len = read(ctx->fork_fd, &exit_code, sizeof(exit_code));
 	if (len == -1) {
 		logerr(__func__);
 		exit_code = EXIT_FAILURE;
 	} else if ((size_t)len < sizeof(exit_code)) {
 		logerrx("%s: truncated read %zd (expected %zu)",
 		    __func__, len, sizeof(exit_code));
 		exit_code = EXIT_FAILURE;
+	}
 	if (ctx->options & DHCPCD_FORKED)
 		eloop_exit(ctx->eloop, exit_code);
 	else
 		dhcpcd_signal_cb(exit_code, ctx);
+}
 static void
 dhcpcd_stderr_cb(void *arg)
+{
 	struct dhcpcd_ctx *ctx = arg;
 	char log[BUFSIZ];
 	ssize_t len;
 	len = read(ctx->stderr_fd, log, sizeof(log));
 	if (len == -1) {
 		if (errno != ECONNRESET)
 			logerr(__func__);
 		return;
+	}
 	log[len] = '\0';
 	fprintf(stderr, "%s", log);
+}
 int
 main(int argc, char **argv, char **envp)
+{
 	struct dhcpcd_ctx ctx;
 	struct ifaddrs *ifaddrs = NULL;
 	struct if_options *ifo;
 	struct interface *ifp;
 	sa_family_t family = AF_UNSPEC;
 	int opt, oi = 0, i;
 	unsigned int logopts, t;
 	ssize_t len;
 #if defined(USE_SIGNALS) || !defined(THERE_IS_NO_FORK)
 	pid_t pid;
 	int fork_fd[2], stderr_fd[2];
 #endif
 #ifdef USE_SIGNALS
 	int sig = 0;
 	const char *siga = NULL;
 	size_t si;
 #endif
 #ifdef SETPROCTITLE_H
 	setproctitle_init(argc, argv, envp);
 #else
 	UNUSED(envp);
 #endif
 	/* Test for --help and --version */
 	if (argc > 1) {
 		if (strcmp(argv[1], "--help") == 0) {
 			usage();
 			return EXIT_SUCCESS;
 		} else if (strcmp(argv[1], "--version") == 0) {
 			printf(""PACKAGE" "VERSION"\n%s\n", dhcpcd_copyright);
 			printf("Compiled in features:"
 #ifdef INET
 			" INET"
 #endif
 #ifdef ARP
 			" ARP"
 #endif
 #ifdef ARPING
 			" ARPing"
 #endif
 #ifdef IPV4LL
 			" IPv4LL"
 #endif
 #ifdef INET6
 			" INET6"
 #endif
 #ifdef DHCP6
 			" DHCPv6"
 #endif
 #ifdef AUTH
 			" AUTH"
 #endif
 #ifdef PRIVSEP
 			" PRIVSEP"
 #endif
 			"\n");
 			return EXIT_SUCCESS;
+		}
+	}
 	memset(&ctx, 0, sizeof(ctx));
 	ifo = NULL;
 	ctx.cffile = CONFIG;
 	ctx.script = UNCONST(dhcpcd_default_script);
 	ctx.control_fd = ctx.control_unpriv_fd = ctx.link_fd = -1;
 	ctx.pf_inet_fd = -1;
 #ifdef PF_LINK
 	ctx.pf_link_fd = -1;
 #endif
 	TAILQ_INIT(&ctx.control_fds);
 #ifdef USE_SIGNALS
 	ctx.fork_fd = -1;
 #endif
 #ifdef PLUGIN_DEV
 	ctx.dev_fd = -1;
 #endif
 #ifdef INET
 	ctx.udp_rfd = -1;
 	ctx.udp_wfd = -1;
 #endif
 #if defined(INET6) && !defined(__sun)
 	ctx.nd_fd = -1;
 #endif
 #ifdef DHCP6
 	ctx.dhcp6_rfd = -1;
 	ctx.dhcp6_wfd = -1;
 #endif
 #ifdef PRIVSEP
-	ctx.ps_root_fd = ctx.ps_data_fd = -1;
+	ctx.ps_root_fd = ctx.ps_log_fd = ctx.ps_data_fd = -1;
 	ctx.ps_inet_fd = ctx.ps_control_fd = -1;
 	TAILQ_INIT(&ctx.ps_processes);
 #endif
 	/* Check our streams for validity */
 	ctx.stdin_valid =  fcntl(STDIN_FILENO,  F_GETFD) != -1;
 	ctx.stdout_valid = fcntl(STDOUT_FILENO, F_GETFD) != -1;
 	ctx.stderr_valid = fcntl(STDERR_FILENO, F_GETFD) != -1;
 	logopts = LOGERR_LOG | LOGERR_LOG_DATE | LOGERR_LOG_PID;
 	if (ctx.stderr_valid)
 		logopts |= LOGERR_ERR;
 	i = 0;
 	while ((opt = getopt_long(argc, argv,
 	    ctx.options & DHCPCD_PRINT_PIDFILE ? NOERR_IF_OPTS : IF_OPTS,
 	    cf_options, &oi)) != -1)
+	{
 		switch (opt) {
 		case '4':
 			family = AF_INET;
 			break;
 		case '6':
 			family = AF_INET6;
 			break;
 		case 'f':
 			ctx.cffile = optarg;
 			break;
 		case 'j':
 			free(ctx.logfile);
 			ctx.logfile = strdup(optarg);
 			break;
 #ifdef USE_SIGNALS
 		case 'k':
 			sig = SIGALRM;
 			siga = "ALRM";
 			break;
 		case 'n':
 			sig = SIGHUP;
 			siga = "HUP";
 			break;
 		case 'g':
 		case 'p':
 			/* Force going via command socket as we're
 			 * out of user definable signals. */
 			i = 4;
 			break;
 		case 'q':
 			/* -qq disables console output entirely.
 			 * This is important for systemd because it logs
 			 * both console AND syslog to the same log
 			 * resulting in untold confusion. */
 			if (logopts & LOGERR_QUIET)
 				logopts &= ~LOGERR_ERR;
 			else
 				logopts |= LOGERR_QUIET;
 			break;
 		case 'x':
 			sig = SIGTERM;
 			siga = "TERM";
 			break;
 		case 'N':
 			sig = SIGUSR1;
 			siga = "USR1";
 			break;
 #endif
 		case 'P':
 			ctx.options |= DHCPCD_PRINT_PIDFILE;
 			logopts &= ~(LOGERR_LOG | LOGERR_ERR);
 			break;
 		case 'T':
 			i = 1;
 			logopts &= ~LOGERR_LOG;
 			break;
 		case 'U':
 			i = 3;
 			break;
 		case 'V':
 			i = 2;
 			break;
 		case '?':
 			if (ctx.options & DHCPCD_PRINT_PIDFILE)
 				continue;
 			usage();
 			goto exit_failure;
+		}
+	}
 	logsetopts(logopts);
 	logopen(ctx.logfile);
 	ctx.argv = argv;
 	ctx.argc = argc;
 	ctx.ifc = argc - optind;
 	ctx.ifv = argv + optind;
 	rt_init(&ctx);
 	ifo = read_config(&ctx, NULL, NULL, NULL);
 	if (ifo == NULL) {
 		if (ctx.options & DHCPCD_PRINT_PIDFILE)
 			goto printpidfile;
 		goto exit_failure;
+	}
 	opt = add_options(&ctx, NULL, ifo, argc, argv);
 	if (opt != 1) {
 		if (ctx.options & DHCPCD_PRINT_PIDFILE)
 			goto printpidfile;
 		if (opt == 0)
 			usage();
 		goto exit_failure;
+	}
 	if (i == 2) {
 		printf("Interface options:\n");
 		if (optind == argc - 1) {
 			free_options(&ctx, ifo);
 			ifo = read_config(&ctx, argv[optind], NULL, NULL);
 			if (ifo == NULL)
 				goto exit_failure;
 			add_options(&ctx, NULL, ifo, argc, argv);
+		}
 		if_printoptions();
 #ifdef INET
 		if (family == 0 || family == AF_INET) {
 			printf("\nDHCPv4 options:\n");
 			dhcp_printoptions(&ctx,
 			    ifo->dhcp_override, ifo->dhcp_override_len);
+		}
 #endif
 #ifdef INET6
 		if (family == 0 || family == AF_INET6) {
 			printf("\nND options:\n");
 			ipv6nd_printoptions(&ctx,
 			    ifo->nd_override, ifo->nd_override_len);
 #ifdef DHCP6
 			printf("\nDHCPv6 options:\n");
 			dhcp6_printoptions(&ctx,
 			    ifo->dhcp6_override, ifo->dhcp6_override_len);
 #endif
+		}
 #endif
 		goto exit_success;
+	}
 	ctx.options |= ifo->options;
 	if (i == 1 || i == 3) {
 		if (i == 1)
 			ctx.options |= DHCPCD_TEST;
 		else
 			ctx.options |= DHCPCD_DUMPLEASE;
 		ctx.options |= DHCPCD_PERSISTENT;
 		ctx.options &= ~DHCPCD_DAEMONISE;
+	}
 #ifdef THERE_IS_NO_FORK
 	ctx.options &= ~DHCPCD_DAEMONISE;
 #endif
 	if (ctx.options & DHCPCD_DEBUG)
 		logsetopts(logopts | LOGERR_DEBUG);
 	if (!(ctx.options & (DHCPCD_TEST | DHCPCD_DUMPLEASE))) {
 printpidfile:
 		/* If we have any other args, we should run as a single dhcpcd
 		 *  instance for that interface. */
 		if (optind == argc - 1 && !(ctx.options & DHCPCD_MASTER)) {
 			const char *per;
 			const char *ifname;
 			ifname = *ctx.ifv;
 			if (ifname == NULL || strlen(ifname) > IF_NAMESIZE) {
 				errno = ifname == NULL ? EINVAL : E2BIG;
 				logerr("%s: ", ifname);
 				goto exit_failure;
+			}
 			/* Allow a dhcpcd interface per address family */
 			switch(family) {
 			case AF_INET:
 				per = "-4";
 				break;
 			case AF_INET6:
 				per = "-6";
 				break;
 			default:
 				per = "";
+			}
 			snprintf(ctx.pidfile, sizeof(ctx.pidfile),
 			    PIDFILE, ifname, per, ".");
 		} else {
 			snprintf(ctx.pidfile, sizeof(ctx.pidfile),
 			    PIDFILE, "", "", "");
 			ctx.options |= DHCPCD_MASTER;
+		}
 		if (ctx.options & DHCPCD_PRINT_PIDFILE) {
 			printf("%s\n", ctx.pidfile);
 			goto exit_success;
+		}
+	}
 	if (chdir("/") == -1)
 		logerr("%s: chdir: /", __func__);
 	/* Freeing allocated addresses from dumping leases can trigger
 	 * eloop removals as well, so init here. */
 	if ((ctx.eloop = eloop_new()) == NULL) {
 		logerr("%s: eloop_init", __func__);
 		goto exit_failure;
+	}
 #ifdef USE_SIGNALS
 	for (si = 0; si < dhcpcd_signals_ignore_len; si++)
 		signal(dhcpcd_signals_ignore[si], SIG_IGN);
 	/* Save signal mask, block and redirect signals to our handler */
 	eloop_signal_set_cb(ctx.eloop,
 	    dhcpcd_signals, dhcpcd_signals_len,
 	    dhcpcd_signal_cb, &ctx);
 	if (eloop_signal_mask(ctx.eloop, &ctx.sigset) == -1) {
 		logerr("%s: eloop_signal_mask", __func__);
 		goto exit_failure;
+	}
 	if (sig != 0) {
 		pid = pidfile_read(ctx.pidfile);
 		if (pid != 0 && pid != -1)
 			loginfox("sending signal %s to pid %d", siga, pid);
 		if (pid == 0 || pid == -1 || kill(pid, sig) != 0) {
 			if (sig != SIGHUP && sig != SIGUSR1 && errno != EPERM)
 				logerrx(PACKAGE" not running");
 			if (pid != 0 && pid != -1 && errno != ESRCH) {
 				logerr("kill");
 				goto exit_failure;
+			}
 			unlink(ctx.pidfile);
 			if (sig != SIGHUP && sig != SIGUSR1)
 				goto exit_failure;
 		} else {
 			struct timespec ts;
 			if (sig == SIGHUP || sig == SIGUSR1)
 				goto exit_success;
 			/* Spin until it exits */
 			loginfox("waiting for pid %d to exit", pid);
 			ts.tv_sec = 0;
 			ts.tv_nsec = 100000000; /* 10th of a second */
 			for(i = 0; i < 100; i++) {
 				nanosleep(&ts, NULL);
 				if (pidfile_read(ctx.pidfile) == -1)
 					goto exit_success;
+			}
 			logerrx("pid %d failed to exit", pid);
 			goto exit_failure;
+		}
+	}
 #endif
 #ifdef PRIVSEP
 	ps_init(&ctx);
 #endif
 #ifndef SMALL
 	if (ctx.options & DHCPCD_DUMPLEASE &&
 	    ioctl(fileno(stdin), FIONREAD, &i, sizeof(i)) == 0 &&
 	    i > 0)
+	{
 		ctx.options |= DHCPCD_FORKED; /* pretend child process */
 #ifdef PRIVSEP
 		if (IN_PRIVSEP(&ctx) && ps_mastersandbox(&ctx, NULL) == -1)
 			goto exit_failure;
 #endif
 		ifp = calloc(1, sizeof(*ifp));
 		if (ifp == NULL) {
 			logerr(__func__);
 			goto exit_failure;
+		}
 		ifp->ctx = &ctx;
 		ifp->options = ifo;
 		switch (family) {
 		case AF_INET:
 #ifdef INET
 			if (dhcp_dump(ifp) == -1)
 				goto exit_failure;
 			break;
 #else
 			logerrx("No DHCP support");
 			goto exit_failure;
 #endif
 		case AF_INET6:
 #ifdef DHCP6
 			if (dhcp6_dump(ifp) == -1)
 				goto exit_failure;
 			break;
 #else
 			logerrx("No DHCP6 support");
 			goto exit_failure;
 #endif
 		default:
 			logerrx("Family not specified. Please use -4 or -6.");
 			goto exit_failure;
+		}
 		goto exit_success;
+	}
 #endif
 	/* Test against siga instead of sig to avoid gcc
 	 * warning about a bogus potential signed overflow.
 	 * The end result will be the same. */
 	if ((siga == NULL || i == 4 || ctx.ifc != 0) &&
 	    !(ctx.options & DHCPCD_TEST))
+	{
 		ctx.options |= DHCPCD_FORKED; /* avoid socket unlink */
 		if (!(ctx.options & DHCPCD_MASTER))
 			ctx.control_fd = control_open(argv[optind], family,
 			    ctx.options & DHCPCD_DUMPLEASE);
 		if (ctx.control_fd == -1)
 			ctx.control_fd = control_open(NULL, AF_UNSPEC,
 			    ctx.options & DHCPCD_DUMPLEASE);
 		if (ctx.control_fd != -1) {
 #ifdef PRIVSEP
 			if (IN_PRIVSEP(&ctx) &&
 			    ps_mastersandbox(&ctx, NULL) == -1)
 				goto exit_failure;
 #endif
 			if (!(ctx.options & DHCPCD_DUMPLEASE))
 				loginfox("sending commands to dhcpcd process");
 			len = control_send(&ctx, argc, argv);
 			if (len > 0)
 				logdebugx("send OK");
 			else {
 				logerr("%s: control_send", __func__);
 				goto exit_failure;
+			}
 			if (ctx.options & DHCPCD_DUMPLEASE) {
 				if (dhcpcd_readdump(&ctx) == -1) {
 					logerr("%s: dhcpcd_readdump", __func__);
 					goto exit_failure;
+				}
 				goto run_loop;
+			}
 			goto exit_success;
 		} else {
 			if (errno != ENOENT)
 				logerr("%s: control_open", __func__);
 			if (ctx.options & DHCPCD_DUMPLEASE) {
 				if (errno == ENOENT)
 					logerrx("dhcpcd is not running");
 				goto exit_failure;
+			}
 			if (errno == EPERM || errno == EACCES)
 				goto exit_failure;
+		}
 		ctx.options &= ~DHCPCD_FORKED;
+	}
 	if (!(ctx.options & DHCPCD_TEST)) {
 		/* Ensure we have the needed directories */
 		if (mkdir(DBDIR, 0750) == -1 && errno != EEXIST)
 			logerr("%s: mkdir: %s", __func__, DBDIR);
 		if (mkdir(RUNDIR, 0755) == -1 && errno != EEXIST)
 			logerr("%s: mkdir: %s", __func__, RUNDIR);
 		if ((pid = pidfile_lock(ctx.pidfile)) != 0) {
 			if (pid == -1)
 				logerr("%s: pidfile_lock: %s",
 				    __func__, ctx.pidfile);
 			else
 				logerrx(PACKAGE
 				    " already running on pid %d (%s)",
 				    pid, ctx.pidfile);
 			goto exit_failure;
+		}
+	}
 	loginfox(PACKAGE "-" VERSION " starting");
 	if (ctx.stdin_valid && freopen(_PATH_DEVNULL, "w", stdin) == NULL)
 		logwarn("freopen stdin");
 #if defined(USE_SIGNALS) && !defined(THERE_IS_NO_FORK)
 	if (xsocketpair(AF_UNIX, SOCK_DGRAM | SOCK_CXNB, 0, fork_fd) == -1 ||
 	    (ctx.stderr_valid &&
 	    xsocketpair(AF_UNIX, SOCK_DGRAM | SOCK_CXNB, 0, stderr_fd) == -1))
+	{
 		logerr("socketpair");
 		goto exit_failure;
+	}
 	switch (pid = fork()) {
 	case -1:
 		logerr("fork");
 		goto exit_failure;
 	case 0:
 		ctx.fork_fd = fork_fd[1];
 		close(fork_fd[0]);
 #ifdef PRIVSEP_RIGHTS
 		if (ps_rights_limit_fd(ctx.fork_fd) == -1) {
 			logerr("ps_rights_limit_fdpair");
 			goto exit_failure;
+		}
 #endif
 		eloop_event_add(ctx.eloop, ctx.fork_fd, dhcpcd_fork_cb, &ctx);
 		/*
 		 * Redirect stderr to the stderr socketpair.
 		 * Redirect stdout as well.
 		 * dhcpcd doesn't output via stdout, but something in
 		 * a called script might.
 		 */
 		if (ctx.stderr_valid) {
 			if (dup2(stderr_fd[1], STDERR_FILENO) == -1 ||
 			    (ctx.stdout_valid &&
 			    dup2(stderr_fd[1], STDOUT_FILENO) == -1))
 				logerr("dup2");
 			close(stderr_fd[0]);
 			close(stderr_fd[1]);
 		} else if (ctx.stdout_valid) {
 			if (freopen(_PATH_DEVNULL, "w", stdout) == NULL)
 				logerr("freopen stdout");
+		}
 		if (setsid() == -1) {
 			logerr("%s: setsid", __func__);
 			goto exit_failure;
+		}
 		/* Ensure we can never get a controlling terminal */
 		switch (pid = fork()) {
 		case -1:
 			logerr("fork");
 			goto exit_failure;
 		case 0:
 			break;
 		default:
 			ctx.options |= DHCPCD_FORKED; /* A lie */
 			i = EXIT_SUCCESS;
 			goto exit1;
+		}
 		break;
 	default:
 		setproctitle("[launcher]");
 		ctx.options |= DHCPCD_FORKED | DHCPCD_LAUNCHER;
 		ctx.fork_fd = fork_fd[0];
 		close(fork_fd[1]);
 #ifdef PRIVSEP_RIGHTS
 		if (ps_rights_limit_fd(ctx.fork_fd) == -1) {
 			logerr("ps_rights_limit_fd");
 			goto exit_failure;
+		}
 #endif
 		eloop_event_add(ctx.eloop, ctx.fork_fd, dhcpcd_fork_cb, &ctx);
 		if (ctx.stderr_valid) {
 			ctx.stderr_fd = stderr_fd[0];
 			close(stderr_fd[1]);
 #ifdef PRIVSEP_RIGHTS
 			if (ps_rights_limit_fd(ctx.stderr_fd) == 1) {
 				logerr("ps_rights_limit_fd");
 				goto exit_failure;
+			}
 #endif
 			eloop_event_add(ctx.eloop, ctx.stderr_fd,
 			    dhcpcd_stderr_cb, &ctx);
+		}
 #ifdef PRIVSEP
 		if (IN_PRIVSEP(&ctx) && ps_mastersandbox(&ctx, NULL) == -1)
 			goto exit_failure;
 #endif
 		goto run_loop;
+	}
 	/* We have now forked, setsid, forked once more.
 	 * From this point on, we are the controlling daemon. */
 	ctx.options |= DHCPCD_STARTED;
 	logdebugx("spawned master process on PID %d", getpid());
 	if ((pid = pidfile_lock(ctx.pidfile)) != 0) {
 		logerr("%s: pidfile_lock %d", __func__, pid);
 #ifdef PRIVSEP
 		/* privsep has not started ... */
 		ctx.options &= ~DHCPCD_PRIVSEP;
 #endif
 		goto exit_failure;
+	}
 #endif
 	os_init();
 #if defined(BSD) && defined(INET6)
 	/* Disable the kernel RTADV sysctl as early as possible. */
 	if (ctx.options & DHCPCD_IPV6 && ctx.options & DHCPCD_IPV6RS)
 		if_disable_rtadv();
 #endif
 #ifdef PRIVSEP
 	if (IN_PRIVSEP(&ctx) && ps_start(&ctx) == -1) {
 		logerr("ps_start");
 		goto exit_failure;
+	}
 	if (ctx.options & DHCPCD_FORKED)
 		goto run_loop;
 #endif
 	if (!(ctx.options & DHCPCD_TEST)) {
 		if (control_start(&ctx,
 		    ctx.options & DHCPCD_MASTER ?
 		    NULL : argv[optind], family) == -1)
+		{
 			logerr("%s: control_start", __func__);
 			goto exit_failure;
+		}
+	}
 #ifdef PLUGIN_DEV
 	/* Start any dev listening plugin which may want to
 	 * change the interface name provided by the kernel */
 	if (!IN_PRIVSEP(&ctx) &&
 	    (ctx.options & (DHCPCD_MASTER | DHCPCD_DEV)) ==
 	    (DHCPCD_MASTER | DHCPCD_DEV))
 		dev_start(&ctx, dhcpcd_handleinterface);
 #endif
 	setproctitle("%s%s%s",
 	    ctx.options & DHCPCD_MASTER ? "[master]" : argv[optind],
 	    ctx.options & DHCPCD_IPV4 ? " [ip4]" : "",
 	    ctx.options & DHCPCD_IPV6 ? " [ip6]" : "");
 	if (if_opensockets(&ctx) == -1) {
 		logerr("%s: if_opensockets", __func__);
 		goto exit_failure;
+	}
 #ifndef SMALL
 	dhcpcd_setlinkrcvbuf(&ctx);
 #endif
 	/* Try and create DUID from the machine UUID. */
 	dhcpcd_initduid(&ctx, NULL);
 	/* Cache the default vendor option. */
 	if (dhcp_vendor(ctx.vendor, sizeof(ctx.vendor)) == -1)
 		logerr("dhcp_vendor");
 	/* Start handling kernel messages for interfaces, addresses and
 	 * routes. */
 	eloop_event_add(ctx.eloop, ctx.link_fd, dhcpcd_handlelink, &ctx);
 #ifdef PRIVSEP
 	if (IN_PRIVSEP(&ctx) && ps_mastersandbox(&ctx, "stdio route") == -1)
 		goto exit_failure;
 #endif
 	/* When running dhcpcd against a single interface, we need to retain
 	 * the old behaviour of waiting for an IP address */
 	if (ctx.ifc == 1 && !(ctx.options & DHCPCD_BACKGROUND))
 		ctx.options |= DHCPCD_WAITIP;
 	ctx.ifaces = if_discover(&ctx, &ifaddrs, ctx.ifc, ctx.ifv);
 	if (ctx.ifaces == NULL) {
 		logerr("%s: if_discover", __func__);
 		goto exit_failure;
+	}
 	for (i = 0; i < ctx.ifc; i++) {
 		if ((ifp = if_find(ctx.ifaces, ctx.ifv[i])) == NULL)
 			logerrx("%s: interface not found",
 			    ctx.ifv[i]);
 		else if (!ifp->active)
 			logerrx("%s: interface has an invalid configuration",
 			    ctx.ifv[i]);
+	}
 	TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 		if (ifp->active == IF_ACTIVE_USER)
 			break;
+	}
 	if (ifp == NULL) {
 		if (ctx.ifc == 0) {
 			int loglevel;
 			loglevel = ctx.options & DHCPCD_INACTIVE ?
 			    LOG_DEBUG : LOG_ERR;
 			logmessage(loglevel, "no valid interfaces found");
 			dhcpcd_daemonise(&ctx);
 		} else
 			goto exit_failure;
 		if (!(ctx.options & DHCPCD_LINK)) {
 			logerrx("aborting as link detection is disabled");
 			goto exit_failure;
+		}
+	}
 	TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 		if (ifp->active)
 			dhcpcd_initstate1(ifp, argc, argv, 0);
+	}
 	if_learnaddrs(&ctx, ctx.ifaces, &ifaddrs);
 	if (ctx.options & DHCPCD_BACKGROUND)
 		dhcpcd_daemonise(&ctx);
 	opt = 0;
 	TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 		if (ifp->active) {
 			run_preinit(ifp);
 			if (if_is_link_up(ifp))
 				opt = 1;
+		}
+	}
 	if (!(ctx.options & DHCPCD_BACKGROUND)) {
 		if (ctx.options & DHCPCD_MASTER)
 			t = ifo->timeout;
 		else {
 			t = 0;
 			TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 				if (ifp->active) {
 					t = ifp->options->timeout;
 					break;
+				}
+			}
+		}
 		if (opt == 0 &&
 		    ctx.options & DHCPCD_LINK &&
 		    !(ctx.options & DHCPCD_WAITIP))
+		{
 			int loglevel;
 			loglevel = ctx.options & DHCPCD_INACTIVE ?
 			    LOG_DEBUG : LOG_WARNING;
 			logmessage(loglevel, "no interfaces have a carrier");
 			dhcpcd_daemonise(&ctx);
 		} else if (t > 0 &&
 		    /* Test mode removes the daemonise bit, so check for both */
 		    ctx.options & (DHCPCD_DAEMONISE | DHCPCD_TEST))
+		{
 			eloop_timeout_add_sec(ctx.eloop, t,
 			    handle_exit_timeout, &ctx);
+		}
+	}
 	free_options(&ctx, ifo);
 	ifo = NULL;
 	TAILQ_FOREACH(ifp, ctx.ifaces, next) {
 		if (ifp->active)
 			eloop_timeout_add_sec(ctx.eloop, 0,
 			    dhcpcd_prestartinterface, ifp);
+	}
 run_loop:
 	i = eloop_start(ctx.eloop, &ctx.sigset);
 	if (i < 0) {
 		logerr("%s: eloop_start", __func__);
 		goto exit_failure;
+	}
 	goto exit1;
 exit_success:
 	i = EXIT_SUCCESS;
 	goto exit1;
 exit_failure:
 	i = EXIT_FAILURE;
 exit1:
 	if (control_stop(&ctx) == -1)
 		logerr("%s: control_stop", __func__);
 	if (ifaddrs != NULL) {
 #ifdef PRIVSEP_GETIFADDRS
 		if (IN_PRIVSEP(&ctx))
 			free(ifaddrs);
 		else
 #endif
 			freeifaddrs(ifaddrs);
+	}
 	/* ps_stop will clear DHCPCD_PRIVSEP but we need to
 	 * remember it to avoid attemping to remove the pidfile */
 	oi = ctx.options & DHCPCD_PRIVSEP ? 1 : 0;
 #ifdef PRIVSEP
 	ps_stop(&ctx);
 #endif
 	/* Free memory and close fd's */
 	if (ctx.ifaces) {
 		while ((ifp = TAILQ_FIRST(ctx.ifaces))) {
 			TAILQ_REMOVE(ctx.ifaces, ifp, next);
 			if_free(ifp);
+		}
 		free(ctx.ifaces);
 		ctx.ifaces = NULL;
+	}
 	free_options(&ctx, ifo);
 #ifdef HAVE_OPEN_MEMSTREAM
 	if (ctx.script_fp)
 		fclose(ctx.script_fp);
 #endif
 	free(ctx.script_buf);
 	free(ctx.script_env);
 	rt_dispose(&ctx);
 	free(ctx.duid);
 	if (ctx.link_fd != -1) {
 		eloop_event_delete(ctx.eloop, ctx.link_fd);
 		close(ctx.link_fd);
+	}
 	if_closesockets(&ctx);
 	free_globals(&ctx);
 #ifdef INET6
 	ipv6_ctxfree(&ctx);
 #endif
 #ifdef PLUGIN_DEV
 	dev_stop(&ctx);
 #endif
 #ifdef PRIVSEP
 	eloop_free(ctx.ps_eloop);
 #endif
 	eloop_free(ctx.eloop);
 	if (ctx.script != dhcpcd_default_script)
 		free(ctx.script);
 	if (ctx.options & DHCPCD_STARTED && !(ctx.options & DHCPCD_FORKED))
 		loginfox(PACKAGE " exited");
 	logclose();
 	free(ctx.logfile);
 	free(ctx.ctl_buf);
 #ifdef SETPROCTITLE_H
 	setproctitle_fini();
 #endif
 #ifdef USE_SIGNALS
 	if (ctx.options & DHCPCD_STARTED) {
 		/* Try to detach from the launch process. */
 		if (ctx.fork_fd != -1 &&
 		    write(ctx.fork_fd, &i, sizeof(i)) == -1)
 			logerr("%s: write", __func__);
+	}
 	if (ctx.options & DHCPCD_FORKED || oi != 0)
 		_exit(i); /* so atexit won't remove our pidfile */
 #endif
 	return i;
+}

 @@ -1,984 +1,997 @@
 /* SPDX-License-Identifier: BSD-2-Clause */
 /*
  * Privilege Separation for dhcpcd
  * Copyright (c) 2006-2020 Roy Marples <roy@marples.name>
  * All rights reserved
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 /*
  * The current design is this:
  * Spawn a priv process to carry out privileged actions and
  * spawning unpriv process to initate network connections such as BPF
  * or address specific listener.
  * Spawn an unpriv process to send/receive common network data.
  * Then drop all privs and start running.
  * Every process aside from the privileged actioneer is chrooted.
  * All privsep processes ignore signals - only the master process accepts them.
+ *
  * dhcpcd will maintain the config file in the chroot, no need to handle
  * this in a script or something.
  */
 #include <sys/resource.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 #ifdef AF_LINK
 #include <net/if_dl.h>
 #endif
 #include <assert.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <grp.h>
 #include <paths.h>
 #include <pwd.h>
 #include <stddef.h>	/* For offsetof, struct padding debug */
 #include <signal.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 #include "arp.h"
 #include "common.h"
 #include "control.h"
 #include "dev.h"
 #include "dhcp.h"
 #include "dhcp6.h"
 #include "eloop.h"
 #include "ipv6nd.h"
 #include "logerr.h"
 #include "privsep.h"
 #ifdef HAVE_CAPSICUM
 #include <sys/capsicum.h>
 #include <capsicum_helpers.h>
 #endif
 #ifdef HAVE_UTIL_H
 #include <util.h>
 #endif
 int
 ps_init(struct dhcpcd_ctx *ctx)
+{
 	struct passwd *pw;
 	struct stat st;
 	errno = 0;
 	if ((ctx->ps_user = pw = getpwnam(PRIVSEP_USER)) == NULL) {
 		ctx->options &= ~DHCPCD_PRIVSEP;
 		if (errno == 0) {
 			logerrx("no such user %s", PRIVSEP_USER);
 			/* Just incase logerrx caused an error... */
 			errno = 0;
 		} else
 			logerr("getpwnam");
 		return -1;
+	}
 	if (stat(pw->pw_dir, &st) == -1 || !S_ISDIR(st.st_mode)) {
 		ctx->options &= ~DHCPCD_PRIVSEP;
 		logerrx("refusing chroot: %s: %s",
 		    PRIVSEP_USER, pw->pw_dir);
 		errno = 0;
 		return -1;
+	}
 	ctx->options |= DHCPCD_PRIVSEP;
 	return 0;
+}
 static int
 ps_dropprivs(struct dhcpcd_ctx *ctx)
+{
 	struct passwd *pw = ctx->ps_user;
 	if (ctx->options & DHCPCD_LAUNCHER)
 		logdebugx("chrooting as %s to %s", pw->pw_name, pw->pw_dir);
 	if (chroot(pw->pw_dir) == -1 &&
 	    (errno != EPERM || ctx->options & DHCPCD_FORKED))
 		logerr("%s: chroot: %s", __func__, pw->pw_dir);
 	if (chdir("/") == -1)
 		logerr("%s: chdir: /", __func__);
 	if ((setgroups(1, &pw->pw_gid) == -1 ||
 	     setgid(pw->pw_gid) == -1 ||
 	     setuid(pw->pw_uid) == -1) &&
 	     (errno != EPERM || ctx->options & DHCPCD_FORKED))
+	{
 		logerr("failed to drop privileges");
 		return -1;
+	}
 	struct rlimit rzero = { .rlim_cur = 0, .rlim_max = 0 };
 	if (ctx->ps_control_pid != getpid()) {
 		/* Prohibit new files, sockets, etc */
 #if defined(__linux__) || defined(__sun) || defined(__OpenBSD__)
 		/*
 		 * If poll(2) is called with nfds > RLIMIT_NOFILE
 		 * then it returns EINVAL.
 		 * This blows.
 		 * Do the best we can and limit to what we need.
 		 * An attacker could potentially close a file and
 		 * open a new one still, but that cannot be helped.
 		 */
 		unsigned long maxfd;
 		maxfd = (unsigned long)eloop_event_count(ctx->eloop);
 		if (IN_PRIVSEP_SE(ctx))
 			maxfd++; /* XXX why? */
 		struct rlimit rmaxfd = {
 		    .rlim_cur = maxfd,
 		    .rlim_max = maxfd
 		};
 		if (setrlimit(RLIMIT_NOFILE, &rmaxfd) == -1)
 			logerr("setrlimit RLIMIT_NOFILE");
 #else
 		if (setrlimit(RLIMIT_NOFILE, &rzero) == -1)
 			logerr("setrlimit RLIMIT_NOFILE");
 #endif
+	}
 	/* Prohibit writing to files.
 	 * Obviously this won't work if we are using a logfile
 	 * or redirecting stderr to a file. */
 	if (ctx->logfile == NULL &&
 	    (ctx->options & DHCPCD_STARTED ||
 	     !ctx->stderr_valid || isatty(STDERR_FILENO) == 1))
+	{
 		if (setrlimit(RLIMIT_FSIZE, &rzero) == -1)
 			logerr("setrlimit RLIMIT_FSIZE");
+	}
 #ifdef RLIMIT_NPROC
 	/* Prohibit forks */
 	if (setrlimit(RLIMIT_NPROC, &rzero) == -1)
 		logerr("setrlimit RLIMIT_NPROC");
 #endif
 	return 0;
+}
 static int
 ps_setbuf0(int fd, int ctl, int minlen)
+{
 	int len;
 	socklen_t slen;
 	slen = sizeof(len);
 	if (getsockopt(fd, SOL_SOCKET, ctl, &len, &slen) == -1)
 		return -1;
 #ifdef __linux__
 	len /= 2;
 #endif
 	if (len >= minlen)
 		return 0;
 	return setsockopt(fd, SOL_SOCKET, ctl, &minlen, sizeof(minlen));
+}
 static int
 ps_setbuf(int fd)
+{
 	/* Ensure we can receive a fully sized privsep message.
 	 * Double the send buffer. */
 	int minlen = (int)sizeof(struct ps_msg);
 	if (ps_setbuf0(fd, SO_RCVBUF, minlen) == -1 ||
 	    ps_setbuf0(fd, SO_SNDBUF, minlen * 2) == -1)
+	{
 		logerr(__func__);
 		return -1;
+	}
 	return 0;
+}
 int
 ps_setbuf_fdpair(int fd[])
+{
 	if (ps_setbuf(fd[0]) == -1 || ps_setbuf(fd[1]) == -1)
 		return -1;
 	return 0;
+}
 #ifdef PRIVSEP_RIGHTS
 int
 ps_rights_limit_ioctl(int fd)
+{
 	cap_rights_t rights;
 	cap_rights_init(&rights, CAP_IOCTL);
 	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
 		return -1;
 	return 0;
+}
 int
 ps_rights_limit_fd_fctnl(int fd)
+{
 	cap_rights_t rights;
 	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT,
 	    CAP_ACCEPT, CAP_FCNTL);
 	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
 		return -1;
 	return 0;
+}
 int
 ps_rights_limit_fd(int fd)
+{
 	cap_rights_t rights;
 	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT, CAP_SHUTDOWN);
 	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
 		return -1;
 	return 0;
+}
 int
 ps_rights_limit_fd_sockopt(int fd)
+{
 	cap_rights_t rights;
 	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_EVENT,
 	    CAP_GETSOCKOPT, CAP_SETSOCKOPT);
 	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
 		return -1;
 	return 0;
+}
 int
 ps_rights_limit_fd_rdonly(int fd)
+{
 	cap_rights_t rights;
 	cap_rights_init(&rights, CAP_READ, CAP_EVENT);
 	if (cap_rights_limit(fd, &rights) == -1 && errno != ENOSYS)
 		return -1;
 	return 0;
+}
 int
 ps_rights_limit_fdpair(int fd[])
+{
 	if (ps_rights_limit_fd(fd[0]) == -1 || ps_rights_limit_fd(fd[1]) == -1)
 		return -1;
 	return 0;
+}
 static int
 ps_rights_limit_stdio(struct dhcpcd_ctx *ctx)
+{
 	const int iebadf = CAPH_IGNORE_EBADF;
 	int error = 0;
 	if (ctx->stdin_valid &&
 	    caph_limit_stream(STDIN_FILENO, CAPH_READ | iebadf) == -1)
 		error = -1;
 	if (ctx->stdout_valid &&
 	    caph_limit_stream(STDOUT_FILENO, CAPH_WRITE | iebadf) == -1)
 		error = -1;
 	if (ctx->stderr_valid &&
 	    caph_limit_stream(STDERR_FILENO, CAPH_WRITE | iebadf) == -1)
 		error = -1;
 	return error;
+}
 #endif
 pid_t
 ps_dostart(struct dhcpcd_ctx *ctx,
     pid_t *priv_pid, int *priv_fd,
     void (*recv_msg)(void *), void (*recv_unpriv_msg),
     void *recv_ctx, int (*callback)(void *), void (*signal_cb)(int, void *),
     unsigned int flags)
+{
 	int fd[2];
 	pid_t pid;
 	if (xsocketpair(AF_UNIX, SOCK_DGRAM | SOCK_CXNB, 0, fd) == -1) {
 		logerr("%s: socketpair", __func__);
 		return -1;
+	}
 	if (ps_setbuf_fdpair(fd) == -1) {
 		logerr("%s: ps_setbuf_fdpair", __func__);
 		return -1;
+	}
 #ifdef PRIVSEP_RIGHTS
 	if (ps_rights_limit_fdpair(fd) == -1) {
 		logerr("%s: ps_rights_limit_fdpair", __func__);
 		return -1;
+	}
 #endif
 	switch (pid = fork()) {
 	case -1:
 		logerr("fork");
 		return -1;
 	case 0:
 		*priv_fd = fd[1];
 		close(fd[0]);
 		break;
 	default:
 		*priv_pid = pid;
 		*priv_fd = fd[0];
 		close(fd[1]);
 		if (recv_unpriv_msg == NULL)
+			;
 		else if (eloop_event_add(ctx->eloop, *priv_fd,
 		    recv_unpriv_msg, recv_ctx) == -1)
+		{
 			logerr("%s: eloop_event_add", __func__);
 			return -1;
+		}
 		return pid;
+	}
 	ctx->options |= DHCPCD_UNPRIV | DHCPCD_FORKED;
 	if (ctx->fork_fd != -1) {
 		close(ctx->fork_fd);
 		ctx->fork_fd = -1;
+	}
 	pidfile_clean();
 	eloop_clear(ctx->eloop);
 	/* We are not root */
 	if (priv_fd != &ctx->ps_root_fd) {
 		ps_freeprocesses(ctx, recv_ctx);
 		if (ctx->ps_root_fd != -1) {
 			close(ctx->ps_root_fd);
 			ctx->ps_root_fd = -1;
+		}
 #ifdef PRIVSEP_RIGHTS
 		/* We cannot limit the root process in any way. */
 		if (ps_rights_limit_stdio(ctx) == -1) {
 			logerr("ps_rights_limit_stdio");
 			goto errexit;
+		}
 #endif
+	}
 	if (priv_fd != &ctx->ps_inet_fd && ctx->ps_inet_fd != -1) {
 		close(ctx->ps_inet_fd);
 		ctx->ps_inet_fd = -1;
+	}
 	eloop_signal_set_cb(ctx->eloop,
 	    dhcpcd_signals, dhcpcd_signals_len, signal_cb, ctx);
 	/* ctx->sigset aready has the initial sigmask set in main() */
 	if (eloop_signal_mask(ctx->eloop, NULL) == -1) {
 		logerr("%s: eloop_signal_mask", __func__);
 		goto errexit;
+	}
 	if (eloop_event_add(ctx->eloop, *priv_fd, recv_msg, recv_ctx) == -1)
+	{
 		logerr("%s: eloop_event_add", __func__);
 		goto errexit;
+	}
 	if (callback(recv_ctx) == -1)
 		goto errexit;
 	if (flags & PSF_DROPPRIVS)
 		ps_dropprivs(ctx);
 	return 0;
 errexit:
 	/* Failure to start root or inet processes is fatal. */
 	if (priv_fd == &ctx->ps_root_fd || priv_fd == &ctx->ps_inet_fd)
 		(void)ps_sendcmd(ctx, *priv_fd, PS_STOP, 0, NULL, 0);
 	shutdown(*priv_fd, SHUT_RDWR);
 	*priv_fd = -1;
 	eloop_exit(ctx->eloop, EXIT_FAILURE);
 	return -1;
+}
 int
 ps_dostop(struct dhcpcd_ctx *ctx, pid_t *pid, int *fd)
+{
 	int err = 0;
 #ifdef PRIVSEP_DEBUG
 	logdebugx("%s: pid=%d fd=%d", __func__, *pid, *fd);
 #endif
 	if (*fd != -1) {
 		eloop_event_delete(ctx->eloop, *fd);
 		if (ps_sendcmd(ctx, *fd, PS_STOP, 0, NULL, 0) == -1) {
 			logerr(__func__);
 			err = -1;
+		}
 		(void)shutdown(*fd, SHUT_RDWR);
 		close(*fd);
 		*fd = -1;
+	}
 	/* Don't wait for the process as it may not respond to the shutdown
 	 * request. We'll reap the process on receipt of SIGCHLD. */
 	*pid = 0;
 	return err;
+}
 int
 ps_start(struct dhcpcd_ctx *ctx)
+{
 	pid_t pid;
 	TAILQ_INIT(&ctx->ps_processes);
 	switch (pid = ps_root_start(ctx)) {
 	case -1:
 		logerr("ps_root_start");
 		return -1;
 	case 0:
 		return 0;
 	default:
 		logdebugx("spawned privileged actioneer on PID %d", pid);
+	}
 	/* No point in spawning the generic network listener if we're
 	 * not going to use it. */
 	if (!ps_inet_canstart(ctx))
 		goto started_net;
 	switch (pid = ps_inet_start(ctx)) {
 	case -1:
 		return -1;
 	case 0:
 		return 0;
 	default:
 		logdebugx("spawned network proxy on PID %d", pid);
+	}
 started_net:
 	if (!(ctx->options & DHCPCD_TEST)) {
 		switch (pid = ps_ctl_start(ctx)) {
 		case -1:
 			return -1;
 		case 0:
 			return 0;
 		default:
 			logdebugx("spawned controller proxy on PID %d", pid);
+		}
+	}
 #ifdef ARC4RANDOM_H
 	/* Seed the random number generator early incase it needs /dev/urandom
 	 * which won't be available in the chroot. */
 	arc4random();
 #endif
 	return 1;
+}
 int
 ps_entersandbox(const char *_pledge, const char **sandbox)
+{
 #if !defined(HAVE_PLEDGE)
 	UNUSED(_pledge);
 #endif
 #if defined(HAVE_CAPSICUM)
 	if (sandbox != NULL)
 		*sandbox = "capsicum";
 	return cap_enter();
 #elif defined(HAVE_PLEDGE)
 	if (sandbox != NULL)
 		*sandbox = "pledge";
 	return pledge(_pledge, NULL);
 #elif defined(HAVE_SECCOMP)
 	if (sandbox != NULL)
 		*sandbox = "seccomp";
 	return ps_seccomp_enter();
 #else
 	if (sandbox != NULL)
 		*sandbox = "posix resource limited";
 	return 0;
 #endif
+}
 int
 ps_mastersandbox(struct dhcpcd_ctx *ctx, const char *_pledge)
+{
 	const char *sandbox = NULL;
 	bool forked;
 	int dropped;
 	forked = ctx->options & DHCPCD_FORKED;
 	ctx->options &= ~DHCPCD_FORKED;
 	dropped = ps_dropprivs(ctx);
 	if (forked)
 		ctx->options |= DHCPCD_FORKED;
 	/*
 	 * If we don't have a root process, we cannot use syslog.
 	 * If it cannot be opened before chrooting then syslog(3) will fail.
 	 * openlog(3) does not return an error which doubly sucks.
 	 */
 	if (ctx->ps_root_fd == -1) {
 		unsigned int logopts = loggetopts();
 		logopts &= ~LOGERR_LOG;
 		logsetopts(logopts);
+	}
 	if (dropped == -1) {
 		logerr("%s: ps_dropprivs", __func__);
 		return -1;
+	}
 #ifdef PRIVSEP_RIGHTS
 	if ((ctx->pf_inet_fd != -1 &&
 	    ps_rights_limit_ioctl(ctx->pf_inet_fd) == -1) ||
 	     ps_rights_limit_stdio(ctx) == -1)
+	{
 		logerr("%s: cap_rights_limit", __func__);
 		return -1;
+	}
 #endif
 	if (_pledge == NULL)
 		_pledge = "stdio";
 	if (ps_entersandbox(_pledge, &sandbox) == -1) {
 		if (errno == ENOSYS) {
 			if (sandbox != NULL)
 				logwarnx("sandbox unavailable: %s", sandbox);
 			return 0;
+		}
 		logerr("%s: %s", __func__, sandbox);
 		return -1;
 	} else if (ctx->options & DHCPCD_LAUNCHER)
 		logdebugx("sandbox: %s", sandbox);
 	return 0;
+}
 int
 ps_stop(struct dhcpcd_ctx *ctx)
+{
 	int r, ret = 0;
 	if (!(ctx->options & DHCPCD_PRIVSEP) ||
 	    ctx->options & DHCPCD_FORKED ||
 	    ctx->eloop == NULL)
 		return 0;
 	r = ps_ctl_stop(ctx);
 	if (r != 0)
 		ret = r;
 	r = ps_inet_stop(ctx);
 	if (r != 0)
 		ret = r;
 	/* We've been chrooted, so we need to tell the
 	 * privileged actioneer to remove the pidfile. */
 	ps_root_unlink(ctx, ctx->pidfile);
 	r = ps_root_stop(ctx);
 	if (r != 0)
 		ret = r;
 	ctx->options &= ~DHCPCD_PRIVSEP;
 	return ret;
+}
 void
 ps_freeprocess(struct ps_process *psp)
+{
 	TAILQ_REMOVE(&psp->psp_ctx->ps_processes, psp, next);
 	if (psp->psp_fd != -1) {
 		eloop_event_delete(psp->psp_ctx->eloop, psp->psp_fd);
 		close(psp->psp_fd);
+	}
 	if (psp->psp_work_fd != -1) {
 		eloop_event_delete(psp->psp_ctx->eloop, psp->psp_work_fd);
 		close(psp->psp_work_fd);
+	}
 #ifdef INET
 	if (psp->psp_bpf != NULL)
 		bpf_close(psp->psp_bpf);
 #endif
 	free(psp);
+}
 static void
 ps_free(struct dhcpcd_ctx *ctx)
+{
 	struct ps_process *psp;
 	bool stop = ctx->ps_root_pid == getpid();
 	while ((psp = TAILQ_FIRST(&ctx->ps_processes)) != NULL) {
 		if (stop)
 			ps_dostop(ctx, &psp->psp_pid, &psp->psp_fd);
 		ps_freeprocess(psp);
+	}
+}
 int
 ps_unrollmsg(struct msghdr *msg, struct ps_msghdr *psm,
     const void *data, size_t len)
+{
 	uint8_t *datap, *namep, *controlp;
 	namep = UNCONST(data);
 	controlp = namep + psm->ps_namelen;
 	datap = controlp + psm->ps_controllen;
 	if (psm->ps_namelen != 0) {
 		if (psm->ps_namelen > len) {
 			errno = EINVAL;
 			return -1;
+		}
 		msg->msg_name = namep;
 		len -= psm->ps_namelen;
 	} else
 		msg->msg_name = NULL;
 	msg->msg_namelen = psm->ps_namelen;
 	if (psm->ps_controllen != 0) {
 		if (psm->ps_controllen > len) {
 			errno = EINVAL;
 			return -1;
+		}
 		msg->msg_control = controlp;
 		len -= psm->ps_controllen;
 	} else
 		msg->msg_control = NULL;
 	msg->msg_controllen = psm->ps_controllen;
 	if (len != 0) {
 		msg->msg_iovlen = 1;
 		msg->msg_iov[0].iov_base = datap;
 		msg->msg_iov[0].iov_len = len;
 	} else {
 		msg->msg_iovlen = 0;
 		msg->msg_iov[0].iov_base = NULL;
 		msg->msg_iov[0].iov_len = 0;
+	}
 	return 0;
+}
 ssize_t
 ps_sendpsmmsg(struct dhcpcd_ctx *ctx, int fd,
     struct ps_msghdr *psm, const struct msghdr *msg)
+{
 	struct iovec iov[] = {
 		{ .iov_base = UNCONST(psm), .iov_len = sizeof(*psm) },
 		{ .iov_base = NULL, },	/* name */
 		{ .iov_base = NULL, },	/* control */
 		{ .iov_base = NULL, },	/* payload 1 */
 		{ .iov_base = NULL, },	/* payload 2 */
 		{ .iov_base = NULL, },	/* payload 3 */
 	};
 	int iovlen;
 	ssize_t len;
 	if (msg != NULL) {
 		struct iovec *iovp = &iov[1];
 		int i;
 		psm->ps_namelen = msg->msg_namelen;
 		psm->ps_controllen = (socklen_t)msg->msg_controllen;
 		iovp->iov_base = msg->msg_name;
 		iovp->iov_len = msg->msg_namelen;
 		iovp++;
 		iovp->iov_base = msg->msg_control;
 		iovp->iov_len = msg->msg_controllen;
 		iovlen = 3;
 		for (i = 0; i < (int)msg->msg_iovlen; i++) {
 			if ((size_t)(iovlen + i) > __arraycount(iov)) {
 				errno =	ENOBUFS;
 				return -1;
+			}
 			iovp++;
 			iovp->iov_base = msg->msg_iov[i].iov_base;
 			iovp->iov_len = msg->msg_iov[i].iov_len;
+		}
 		iovlen += i;
 	} else
 		iovlen = 1;
 	len = writev(fd, iov, iovlen);
 	if (len == -1) {
 		logerr(__func__);
 		if (ctx->options & DHCPCD_FORKED &&
 		    !(ctx->options & DHCPCD_PRIVSEPROOT))
 			eloop_exit(ctx->eloop, EXIT_FAILURE);
+	}
 	return len;
+}
 ssize_t
 ps_sendpsmdata(struct dhcpcd_ctx *ctx, int fd,
     struct ps_msghdr *psm, const void *data, size_t len)
+{
 	struct iovec iov[] = {
 		{ .iov_base = UNCONST(data), .iov_len = len },
 	};
 	struct msghdr msg = {
 		.msg_iov = iov, .msg_iovlen = 1,
 	};
 	return ps_sendpsmmsg(ctx, fd, psm, &msg);
+}
 ssize_t
 ps_sendmsg(struct dhcpcd_ctx *ctx, int fd, uint16_t cmd, unsigned long flags,
     const struct msghdr *msg)
+{
 	struct ps_msghdr psm = {
 		.ps_cmd = cmd,
 		.ps_flags = flags,
 		.ps_namelen = msg->msg_namelen,
 		.ps_controllen = (socklen_t)msg->msg_controllen,
 	};
 	size_t i;
 	for (i = 0; i < (size_t)msg->msg_iovlen; i++)
 		psm.ps_datalen += msg->msg_iov[i].iov_len;
 #if 0	/* For debugging structure padding. */
 	logerrx("psa.family %lu %zu", offsetof(struct ps_addr, psa_family), sizeof(psm.ps_id.psi_addr.psa_family));
 	logerrx("psa.pad %lu %zu", offsetof(struct ps_addr, psa_pad), sizeof(psm.ps_id.psi_addr.psa_pad));
 	logerrx("psa.psa_u %lu %zu", offsetof(struct ps_addr, psa_u), sizeof(psm.ps_id.psi_addr.psa_u));
 	logerrx("psa %zu", sizeof(psm.ps_id.psi_addr));
 	logerrx("psi.addr %lu %zu", offsetof(struct ps_id, psi_addr), sizeof(psm.ps_id.psi_addr));
 	logerrx("psi.index %lu %zu", offsetof(struct ps_id, psi_ifindex), sizeof(psm.ps_id.psi_ifindex));
 	logerrx("psi.cmd %lu %zu", offsetof(struct ps_id, psi_cmd), sizeof(psm.ps_id.psi_cmd));
 	logerrx("psi.pad %lu %zu", offsetof(struct ps_id, psi_pad), sizeof(psm.ps_id.psi_pad));
 	logerrx("psi %zu", sizeof(struct ps_id));
 	logerrx("ps_cmd %lu", offsetof(struct ps_msghdr, ps_cmd));
 	logerrx("ps_pad %lu %zu", offsetof(struct ps_msghdr, ps_pad), sizeof(psm.ps_pad));
 	logerrx("ps_flags %lu %zu", offsetof(struct ps_msghdr, ps_flags), sizeof(psm.ps_flags));
 	logerrx("ps_id %lu %zu", offsetof(struct ps_msghdr, ps_id), sizeof(psm.ps_id));
 	logerrx("ps_namelen %lu %zu", offsetof(struct ps_msghdr, ps_namelen), sizeof(psm.ps_namelen));
 	logerrx("ps_controllen %lu %zu", offsetof(struct ps_msghdr, ps_controllen), sizeof(psm.ps_controllen));
 	logerrx("ps_pad2 %lu %zu", offsetof(struct ps_msghdr, ps_pad2), sizeof(psm.ps_pad2));
 	logerrx("ps_datalen %lu %zu", offsetof(struct ps_msghdr, ps_datalen), sizeof(psm.ps_datalen));
 	logerrx("psm %zu", sizeof(psm));
 #endif
 	return ps_sendpsmmsg(ctx, fd, &psm, msg);
+}
 ssize_t
 ps_sendcmd(struct dhcpcd_ctx *ctx, int fd, uint16_t cmd, unsigned long flags,
     const void *data, size_t len)
+{
 	struct ps_msghdr psm = {
 		.ps_cmd = cmd,
 		.ps_flags = flags,
 	};
 	struct iovec iov[] = {
 		{ .iov_base = UNCONST(data), .iov_len = len }
 	};
 	struct msghdr msg = {
 		.msg_iov = iov, .msg_iovlen = 1,
 	};
 	return ps_sendpsmmsg(ctx, fd, &psm, &msg);
+}
 static ssize_t
 ps_sendcmdmsg(int fd, uint16_t cmd, const struct msghdr *msg)
+{
 	struct ps_msghdr psm = { .ps_cmd = cmd };
 	uint8_t data[PS_BUFLEN], *p = data;
 	struct iovec iov[] = {
 		{ .iov_base = &psm, .iov_len = sizeof(psm) },
 		{ .iov_base = data, .iov_len = 0 },
 	};
 	size_t dl = sizeof(data);
 	if (msg->msg_namelen != 0) {
 		if (msg->msg_namelen > dl)
 			goto nobufs;
 		psm.ps_namelen = msg->msg_namelen;
 		memcpy(p, msg->msg_name, msg->msg_namelen);
 		p += msg->msg_namelen;
 		dl -= msg->msg_namelen;
+	}
 	if (msg->msg_controllen != 0) {
 		if (msg->msg_controllen > dl)
 			goto nobufs;
 		psm.ps_controllen = (socklen_t)msg->msg_controllen;
 		memcpy(p, msg->msg_control, msg->msg_controllen);
 		p += msg->msg_controllen;
 		dl -= msg->msg_controllen;
+	}
 	psm.ps_datalen = msg->msg_iov[0].iov_len;
 	if (psm.ps_datalen > dl)
 		goto nobufs;
 	iov[1].iov_len = psm.ps_namelen + psm.ps_controllen + psm.ps_datalen;
 	if (psm.ps_datalen != 0)
 		memcpy(p, msg->msg_iov[0].iov_base, psm.ps_datalen);
 	return writev(fd, iov, __arraycount(iov));
 nobufs:
 	errno = ENOBUFS;
 	return -1;
+}
 ssize_t
 ps_recvmsg(struct dhcpcd_ctx *ctx, int rfd, uint16_t cmd, int wfd)
+{
 	struct sockaddr_storage ss = { .ss_family = AF_UNSPEC };
 	uint8_t controlbuf[sizeof(struct sockaddr_storage)] = { 0 };
 	uint8_t databuf[64 * 1024];
 	struct iovec iov[] = {
 	    { .iov_base = databuf, .iov_len = sizeof(databuf) }
 	};
 	struct msghdr msg = {
 		.msg_name = &ss, .msg_namelen = sizeof(ss),
 		.msg_control = controlbuf, .msg_controllen = sizeof(controlbuf),
 		.msg_iov = iov, .msg_iovlen = 1,
 	};
 	ssize_t len = recvmsg(rfd, &msg, 0);
 	if (len == -1)
 		logerr("%s: recvmsg", __func__);
 	if (len == -1 || len == 0) {
 		if (ctx->options & DHCPCD_FORKED &&
 		    !(ctx->options & DHCPCD_PRIVSEPROOT))
 			eloop_exit(ctx->eloop,
 			    len == 0 ? EXIT_SUCCESS : EXIT_FAILURE);
 		return len;
+	}
 	iov[0].iov_len = (size_t)len;
 	len = ps_sendcmdmsg(wfd, cmd, &msg);
 	if (len == -1) {
 		logerr("ps_sendcmdmsg");
 		if (ctx->options & DHCPCD_FORKED &&
 		    !(ctx->options & DHCPCD_PRIVSEPROOT))
 			eloop_exit(ctx->eloop, EXIT_FAILURE);
+	}
 	return len;
+}
 ssize_t
 ps_recvpsmsg(struct dhcpcd_ctx *ctx, int fd,
     ssize_t (*callback)(void *, struct ps_msghdr *, struct msghdr *),
     void *cbctx)
+{
 	struct ps_msg psm;
 	ssize_t len;
 	size_t dlen;
 	struct iovec iov[1];
 	struct msghdr msg = { .msg_iov = iov, .msg_iovlen = 1 };
 	bool stop = false;
 	len = read(fd, &psm, sizeof(psm));
 #ifdef PRIVSEP_DEBUG
 	logdebugx("%s: %zd", __func__, len);
 #endif
 	if (len == -1 || len == 0)
 		stop = true;
 	else {
 		dlen = (size_t)len;
 		if (dlen < sizeof(psm.psm_hdr)) {
 			errno = EINVAL;
 			return -1;
+		}
 		if (psm.psm_hdr.ps_cmd == PS_STOP) {
 			stop = true;
 			len = 0;
+		}
+	}
 	if (stop) {
 #ifdef PRIVSEP_DEBUG
 		logdebugx("process %d stopping", getpid());
 #endif
 		ps_free(ctx);
 #ifdef PLUGIN_DEV
 		dev_stop(ctx);
 #endif
 		eloop_exit(ctx->eloop, len != -1 ? EXIT_SUCCESS : EXIT_FAILURE);
 		return len;
+	}
 	dlen -= sizeof(psm.psm_hdr);
 	if (ps_unrollmsg(&msg, &psm.psm_hdr, psm.psm_data, dlen) == -1)
 		return -1;
 	if (callback == NULL)
 		return 0;
 	errno = 0;
 	return callback(cbctx, &psm.psm_hdr, &msg);
+}
 struct ps_process *
 ps_findprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid)
+{
 	struct ps_process *psp;
 	TAILQ_FOREACH(psp, &ctx->ps_processes, next) {
 		if (memcmp(&psp->psp_id, psid, sizeof(psp->psp_id)) == 0)
 			return psp;
+	}
 	errno = ESRCH;
 	return NULL;
+}
 struct ps_process *
 ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid)
+{
 	struct ps_process *psp;
 	psp = calloc(1, sizeof(*psp));
 	if (psp == NULL)
 		return NULL;
 	psp->psp_ctx = ctx;
 	memcpy(&psp->psp_id, psid, sizeof(psp->psp_id));
 	psp->psp_work_fd = -1;
 	TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next);
 	return psp;
+}
 void
 ps_freeprocesses(struct dhcpcd_ctx *ctx, struct ps_process *notthis)
+{
 	struct ps_process *psp, *psn;
 	TAILQ_FOREACH_SAFE(psp, &ctx->ps_processes, next, psn) {
 		if (psp == notthis)
 			continue;
 		ps_freeprocess(psp);
+	}
+}