@@ -1238,12 +1238,12 @@
 	SSL_CTX_set_keylog_callback(ctx, KeyLogCallback);
     }
 
 #if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3)
     if (proto == TLS_PROTO_TLS1_3) {
-        SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
-        SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
+        SSL_CTX_set_min_proto_version (ctx, TLS1_3_VERSION);
+        SSL_CTX_set_max_proto_version (ctx, TLS1_3_VERSION);
     }
 #endif
     
     SSL_CTX_set_app_data( ctx, (void*)interp);	/* remember the interpreter */
     SSL_CTX_set_options( ctx, SSL_OP_ALL);	/* all SSL bug workarounds */
@@ -1513,11 +1513,10 @@
     SSL_get0_alpn_selected(statePtr->ssl, &proto, &len);
     Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("alpn", -1));
     Tcl_ListObjAppendElement(interp, objPtr,
       Tcl_NewStringObj((char *)proto, (int)len));
 #endif
-
     Tcl_ListObjAppendElement(interp, objPtr,
 	Tcl_NewStringObj("version", -1));
     Tcl_ListObjAppendElement(interp, objPtr,
 	Tcl_NewStringObj(SSL_get_version(statePtr->ssl), -1));
 
@@ -1671,19 +1670,19 @@
 		/* RSA_free(rsa); freed by EVP_PKEY_free */
 #elif OPENSSL_VERSION_NUMBER < 0x30000000L
 	    bne = BN_new();
 	    rsa = RSA_new();
 	    pkey = EVP_PKEY_new();
-	    if (bne == NULL || rsa == NULL || pkey == NULL || !BN_set_word(bne,RSA_F4) || 
+	    if (bne == NULL || rsa == NULL || pkey == NULL || !BN_set_word(bne,RSA_F4) ||
 		!RSA_generate_key_ex(rsa, keysize, bne, NULL) || !EVP_PKEY_assign_RSA(pkey, rsa)) {
 		EVP_PKEY_free(pkey);
 		/* RSA_free(rsa); freed by EVP_PKEY_free */
 		BN_free(bne);
 #else
 	    pkey = EVP_RSA_gen((unsigned int) keysize);
 	    ctx = EVP_PKEY_CTX_new(pkey,NULL);
-	    if (pkey == NULL || ctx == NULL || !EVP_PKEY_keygen_init(ctx) || 
+	    if (pkey == NULL || ctx == NULL || !EVP_PKEY_keygen_init(ctx) ||
 		!EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, keysize) || !EVP_PKEY_keygen(ctx, &pkey)) {
 		EVP_PKEY_free(pkey);
 		EVP_PKEY_CTX_free(ctx);
 #endif
 		Tcl_SetResult(interp,"Error generating private key",NULL);