diff --git a/src/acl.c b/src/acl.c
index 1ef3c8d..63a3d34 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -40,7 +40,7 @@
  */
 struct acl_s {
         acl_access_t access;
-	struct hostspec h;
+        struct hostspec h;
 };
 
 
@@ -85,8 +85,8 @@ insert_acl (char *location, acl_access_t access_type, acl_list_t *access_list)
          */
         memset (&acl, 0, sizeof (struct acl_s));
         acl.access = access_type;
-	if(hostspec_parse(location, &acl.h) || acl.h.type == HST_NONE)
-		return -1;
+        if(hostspec_parse(location, &acl.h) || acl.h.type == HST_NONE)
+                return -1;
 
         if(!sblist_add(*access_list, &acl)) return -1;
         return 0;
@@ -249,6 +249,7 @@ int check_acl (const char *ip, union sockaddr_union *addr, acl_list_t access_lis
                                ? check_numeric_acl (acl, numeric_addr)
                                : -1;
                         break;
+
                 case HST_NONE:
                         perm = -1;
                         break;
diff --git a/src/hostspec.c b/src/hostspec.c
index 49adcaf..adbad53 100644
--- a/src/hostspec.c
+++ b/src/hostspec.c
@@ -13,45 +13,45 @@
  */
 static int
 fill_netmask_array (char *bitmask_string, int v6,
-                    unsigned char array[], size_t len)
+		    unsigned char array[], size_t len)
 {
-        unsigned int i;
-        unsigned long int mask;
-        char *endptr;
+	unsigned int i;
+	unsigned long int mask;
+	char *endptr;
 
-        errno = 0;              /* to distinguish success/failure after call */
-        mask = strtoul (bitmask_string, &endptr, 10);
+	errno = 0;              /* to distinguish success/failure after call */
+	mask = strtoul (bitmask_string, &endptr, 10);
 
-        /* check for various conversion errors */
-        if ((errno == ERANGE && mask == ULONG_MAX)
-            || (errno != 0 && mask == 0) || (endptr == bitmask_string))
-                return -1;
+	/* check for various conversion errors */
+	if ((errno == ERANGE && mask == ULONG_MAX)
+	    || (errno != 0 && mask == 0) || (endptr == bitmask_string))
+		return -1;
 
-        if (v6 == 0) {
-                /* The mask comparison is done as an IPv6 address, so
-                 * convert to a longer mask in the case of IPv4
-                 * addresses. */
-                mask += 12 * 8;
-        }
+	if (v6 == 0) {
+		/* The mask comparison is done as an IPv6 address, so
+		 * convert to a longer mask in the case of IPv4
+		 * addresses. */
+		mask += 12 * 8;
+	}
 
-        /* check valid range for a bit mask */
-        if (mask > (8 * len))
-                return -1;
+	/* check valid range for a bit mask */
+	if (mask > (8 * len))
+		return -1;
 
-        /* we have a valid range to fill in the array */
-        for (i = 0; i != len; ++i) {
-                if (mask >= 8) {
-                        array[i] = 0xff;
-                        mask -= 8;
-                } else if (mask > 0) {
-                        array[i] = (unsigned char) (0xff << (8 - mask));
-                        mask = 0;
-                } else {
-                        array[i] = 0;
-                }
-        }
+	/* we have a valid range to fill in the array */
+	for (i = 0; i != len; ++i) {
+		if (mask >= 8) {
+			array[i] = 0xff;
+			mask -= 8;
+		} else if (mask > 0) {
+			array[i] = (unsigned char) (0xff << (8 - mask));
+			mask = 0;
+		} else {
+			array[i] = 0;
+		}
+	}
 
-        return 0;
+	return 0;
 }
 
 
@@ -95,7 +95,7 @@ int hostspec_parse(char *location, struct hostspec *h) {
 			for (i = 0; i < IPV6_LEN; i++)
 				h->address.ip.network[i] = ip_dst[i] &
 				h->address.ip.mask[i];
-                }
+		}
 	} else {
 		/* either bogus IP or hostname */
 			/* bogus ipv6 ? */
@@ -141,7 +141,7 @@ static int numeric_match(const uint8_t addr[], const struct hostspec *h)
 		/* If x and y don't match, the IP addresses don't match */
 		if (x != y)
 			return 0;
-        }
+	}
 
 	return 1;
 }