diff --git a/configure.ac b/configure.ac
index 30a4ed26e5..785069a46c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5308,7 +5308,7 @@ if test "x$CURL_DISABLE_LDAP" != "x1"; then
   SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS LDAP"
   if test "x$CURL_DISABLE_LDAPS" != "x1"; then
     if (test "x$USE_OPENLDAP" = "x1" && test "x$SSL_ENABLED" = "x1") ||
-      (test "x$USE_OPENLDAP" != "x1"  && test "x$HAVE_LDAP_SSL" = "x1"); then
+      (test "x$USE_OPENLDAP" != "x1" && test "x$HAVE_LDAP_SSL" = "x1"); then
       SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS LDAPS"
     fi
   fi
diff --git a/include/curl/system.h b/include/curl/system.h
index 38becce6d5..ebcdc5e4fd 100644
--- a/include/curl/system.h
+++ b/include/curl/system.h
@@ -329,7 +329,7 @@
    defined(__ppc__) || defined(__powerpc__) || defined(__arm__) ||      \
    defined(__sparc__) || defined(__mips__) || defined(__sh__) ||        \
    defined(__XTENSA__) ||                                               \
-   (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ == 4)  ||               \
+   (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ == 4) ||                \
    (defined(__LONG_MAX__) && __LONG_MAX__ == 2147483647L))
 #    define CURL_TYPEOF_CURL_OFF_T     long long
 #    define CURL_FORMAT_CURL_OFF_T     "lld"
diff --git a/lib/connect.c b/lib/connect.c
index 5d9486394a..ac16c3399b 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -831,7 +831,7 @@ static CURLcode start_connect(struct Curl_cfilter *cf,
     addr1 = addr_first_match(dns->addr, ai_family1);
     /* no ip address families, probably AF_UNIX or something, use the
      * address family given to us */
-    if(!addr1  && !addr0 && dns->addr) {
+    if(!addr1 && !addr0 && dns->addr) {
       ai_family0 = dns->addr->ai_family;
       addr0 = addr_first_match(dns->addr, ai_family0);
     }
diff --git a/lib/http_proxy.h b/lib/http_proxy.h
index 33204203dd..e6ab2bacf3 100644
--- a/lib/http_proxy.h
+++ b/lib/http_proxy.h
@@ -57,7 +57,7 @@ CURLcode Curl_cf_http_proxy_insert_after(struct Curl_cfilter *cf_at,
 
 extern struct Curl_cftype Curl_cft_http_proxy;
 
-#endif /* !CURL_DISABLE_PROXY  && !CURL_DISABLE_HTTP */
+#endif /* !CURL_DISABLE_PROXY && !CURL_DISABLE_HTTP */
 
 #define IS_HTTPS_PROXY(t) (((t) == CURLPROXY_HTTPS) ||  \
                            ((t) == CURLPROXY_HTTPS2))
diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c
index 910d50db66..f23a1ae6ed 100644
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@@ -420,7 +420,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
 
   code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, FALSE,
                            &nwritten);
-  if(code  || (4 != nwritten)) {
+  if(code || (4 != nwritten)) {
     failf(data, "Failed to send GSS-API encryption request.");
     gss_release_buffer(&gss_status, &gss_w_token);
     Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
@@ -431,7 +431,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     memcpy(socksreq, &gss_enc, 1);
     code = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 1, FALSE,
                              &nwritten);
-    if(code || ( 1 != nwritten)) {
+    if(code || (1 != nwritten)) {
       failf(data, "Failed to send GSS-API encryption type.");
       Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
       return CURLE_COULDNT_CONNECT;
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 08e15e289a..b0f91cf400 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2868,8 +2868,8 @@ ossl_set_ssl_version_min_max(struct Curl_cfilter *cf, SSL_CTX *ctx)
   long curl_ssl_version_max;
 
   /* convert curl min SSL version option to OpenSSL constant */
-#if (defined(OPENSSL_IS_BORINGSSL)  || \
-     defined(OPENSSL_IS_AWSLC)      || \
+#if (defined(OPENSSL_IS_BORINGSSL) || \
+     defined(OPENSSL_IS_AWSLC) || \
      defined(LIBRESSL_VERSION_NUMBER))
   uint16_t ossl_ssl_version_min = 0;
   uint16_t ossl_ssl_version_max = 0;
diff --git a/lib/vtls/schannel_int.h b/lib/vtls/schannel_int.h
index fe10125456..511a852c7a 100644
--- a/lib/vtls/schannel_int.h
+++ b/lib/vtls/schannel_int.h
@@ -68,53 +68,51 @@
 #endif
 
 #ifndef SCH_CREDENTIALS_VERSION
-
 #define SCH_CREDENTIALS_VERSION  0x00000005
 
-typedef enum _eTlsAlgorithmUsage
-{
-    TlsParametersCngAlgUsageKeyExchange,
-    TlsParametersCngAlgUsageSignature,
-    TlsParametersCngAlgUsageCipher,
-    TlsParametersCngAlgUsageDigest,
-    TlsParametersCngAlgUsageCertSig
+typedef enum _eTlsAlgorithmUsage {
+  TlsParametersCngAlgUsageKeyExchange,
+  TlsParametersCngAlgUsageSignature,
+  TlsParametersCngAlgUsageCipher,
+  TlsParametersCngAlgUsageDigest,
+  TlsParametersCngAlgUsageCertSig
 } eTlsAlgorithmUsage;
 
-typedef struct _CRYPTO_SETTINGS
-{
-    eTlsAlgorithmUsage  eAlgorithmUsage;
-    UNICODE_STRING      strCngAlgId;
-    DWORD               cChainingModes;
-    PUNICODE_STRING     rgstrChainingModes;
-    DWORD               dwMinBitLength;
-    DWORD               dwMaxBitLength;
+/* !checksrc! disable TYPEDEFSTRUCT 1 */
+typedef struct _CRYPTO_SETTINGS {
+  eTlsAlgorithmUsage  eAlgorithmUsage;
+  UNICODE_STRING      strCngAlgId;
+  DWORD               cChainingModes;
+  PUNICODE_STRING     rgstrChainingModes;
+  DWORD               dwMinBitLength;
+  DWORD               dwMaxBitLength;
 } CRYPTO_SETTINGS, * PCRYPTO_SETTINGS;
 
-typedef struct _TLS_PARAMETERS
-{
-    DWORD               cAlpnIds;
-    PUNICODE_STRING     rgstrAlpnIds;
-    DWORD               grbitDisabledProtocols;
-    DWORD               cDisabledCrypto;
-    PCRYPTO_SETTINGS    pDisabledCrypto;
-    DWORD               dwFlags;
+/* !checksrc! disable TYPEDEFSTRUCT 1 */
+typedef struct _TLS_PARAMETERS {
+  DWORD               cAlpnIds;
+  PUNICODE_STRING     rgstrAlpnIds;
+  DWORD               grbitDisabledProtocols;
+  DWORD               cDisabledCrypto;
+  PCRYPTO_SETTINGS    pDisabledCrypto;
+  DWORD               dwFlags;
 } TLS_PARAMETERS, * PTLS_PARAMETERS;
 
-typedef struct _SCH_CREDENTIALS
-{
-    DWORD               dwVersion;
-    DWORD               dwCredFormat;
-    DWORD               cCreds;
-    PCCERT_CONTEXT* paCred;
-    HCERTSTORE          hRootStore;
+/* !checksrc! disable TYPEDEFSTRUCT 1 */
+typedef struct _SCH_CREDENTIALS {
+  DWORD               dwVersion;
+  DWORD               dwCredFormat;
+  DWORD               cCreds;
+  PCCERT_CONTEXT* paCred;
+  HCERTSTORE          hRootStore;
 
-    DWORD               cMappers;
-    struct _HMAPPER **aphMappers;
+  DWORD               cMappers;
+  struct _HMAPPER **aphMappers;
 
-    DWORD               dwSessionLifespan;
-    DWORD               dwFlags;
-    DWORD               cTlsParameters;
-    PTLS_PARAMETERS     pTlsParameters;
+  DWORD               dwSessionLifespan;
+  DWORD               dwFlags;
+  DWORD               cTlsParameters;
+  PTLS_PARAMETERS     pTlsParameters;
 } SCH_CREDENTIALS, * PSCH_CREDENTIALS;
 
 #define SCH_CRED_MAX_SUPPORTED_PARAMETERS 16
diff --git a/m4/curl-schannel.m4 b/m4/curl-schannel.m4
index 865c54a1c3..6270ae14a1 100644
--- a/m4/curl-schannel.m4
+++ b/m4/curl-schannel.m4
@@ -26,7 +26,7 @@ AC_DEFUN([CURL_WITH_SCHANNEL], [
 AC_MSG_CHECKING([whether to enable Windows native SSL/TLS])
 if test "x$OPT_SCHANNEL" != xno; then
   ssl_msg=
-  if test "x$OPT_SCHANNEL" != "xno"  &&
+  if test "x$OPT_SCHANNEL" != "xno" &&
      test "x$curl_cv_native_windows" = "xyes"; then
     AC_MSG_RESULT(yes)
     AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support])
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 7e6a259c5f..4766dade2f 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -941,7 +941,7 @@ static ParameterError set_data(cmdline_t cmd,
 
   if(curlx_dyn_len(&config->postdata)) {
     /* skip separator append for --json */
-    if(!err && (cmd != C_JSON)  &&
+    if(!err && (cmd != C_JSON) &&
        curlx_dyn_addn(&config->postdata, "&", 1))
       err = PARAM_NO_MEM;
   }