Add some newlines needed for pod2man, and run ispell.

Submitted by: Reviewed by: PR:

Add some newlines needed for pod2man, and run ispell.
Submitted by: Reviewed by: PR:
19d2bb57 · Ulf Möller · 35f4850a · 19d2bb57 · 19d2bb57 · 19d2bb57
13 changed file
--- a/doc/man/README
+++ b/doc/man/README
-This is *very* preliminiary documentation for some
+This is *very* preliminary documentation for some
 of the main commands in the openssl utility. The
 information reflects the way the commands may work
 when OpenSSL 0.9.5 is released. They are subject

--- a/doc/man/asn1parse.pod
+++ b/doc/man/asn1parse.pod
@@ -43,7 +43,7 @@ combined with the B<-strparse> option.

 =item B<-noout>

-don't ouput the parsed version of the input file.
+don't output the parsed version of the input file.

 =item B<-offset number>


--- a/doc/man/ca.pod
+++ b/doc/man/ca.pod
@@ -94,7 +94,7 @@ the private key to sign requests with.

 =item B<-key password>

-the password used to encrrypt the private key. Since on some
+the password used to encrypt the private key. Since on some
 systems the command line arguments are visible (e.g. Unix with
 the 'ps' utility) this option should be used with caution.

@@ -140,7 +140,7 @@ need this option.

 Normally the DN order of a certificate is the same as the order of the
 fields in the relevant policy section. When this option is set the order 
-is the same as the request. This is largely for compatability with the
+is the same as the request. This is largely for compatibility with the
 older IE enrollment control which would only accept certificates if their
 DNs match the order of the request. This is not needed for Xenroll.

@@ -401,7 +401,7 @@ on the same database can have unpredictable results.
 =head1 FILES

 Note: the location of all files can change either by compile time options,
-configration file entries, environment variables or command line options.
+configuration file entries, environment variables or command line options.
 The values below reflect the default values.

 /usr/local/ssl/lib/openssl.cnf - master configuration file

--- a/doc/man/config.pod
+++ b/doc/man/config.pod
@@ -3,11 +3,11 @@

 =head1 NAME

-config - OpenSSL CONF library configuaration files
+config - OpenSSL CONF library configuration files

 =head1 DESCRIPTION

-The OpenSSL CONF library can be used to read confiuration files.
+The OpenSSL CONF library can be used to read configuration files.
 It is used for the OpenSSL master configuration file B<openssl.cnf>
 and in a few other places like B<SPKAC> files and certificate extension
 files for the B<x509> utility.
@@ -40,7 +40,7 @@ The value string undergoes variable expansion. This can be done by
 including the form B<$var> or B<${var}>: this will substitute the value
 of the named variable in the current section. It is also possible to
 substitute a value from another section using the syntax B<$section::name>
-or B<${section::name}>. By using the form B<$ENV::name> environement
+or B<${section::name}>. By using the form B<$ENV::name> environment
 variables can be substituted. It is also possible to assign values to
 environment variables by using the name B<ENV::name>, this will work
 if the program looks up environment variables using the B<CONF> library
@@ -53,7 +53,7 @@ the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognised.

 =head1 NOTES

-If a configuration file attempts to expand a varible that doesn't exist
+If a configuration file attempts to expand a variable that doesn't exist
 then an error is flagged and the file will not load. This can happen
 if an attempt is made to expand an environment variable that doesn't
 exist. For example the default OpenSSL master configuration file used

--- a/doc/man/dgst.pod
+++ b/doc/man/dgst.pod
 =pod
+
 =head1 NAME

 dgst, md5, md2, sha1, sha, mdc2, ripemd160 - message digests

--- a/doc/man/enc.pod
+++ b/doc/man/enc.pod
 =pod
+
 =head1 NAME

 enc - symmetric cipher routines
@@ -23,7 +24,7 @@ B<openssl enc -ciphername>

 =head1 DESCRIPTION

-The symmetric cipher commands allow data to be encrytped or decrypted
+The symmetric cipher commands allow data to be encrypted or decrypted
 using various block and stream ciphers using keys based on passwords
 or explicitly provided. Base64 encoding or decoding can also be performed
 either by itself or in addition to the encryption or decryption.
@@ -43,14 +44,14 @@ the output filename, standard output by default.
 =item B<-salt>

 use a salt in the key derivation routines. This option should B<ALWAYS>
-be used unless compatability with previous versions of OpenSSL or SSLeay
+be used unless compatibility with previous versions of OpenSSL or SSLeay
 is required. This option is only present on OpenSSL versions 0.9.5 or
 above.

 =item B<-nosalt>

 don't use a salt in the key derivation routines. This is the default for
-compatability with previous versions of OpenSSL and SSLeay.
+compatibility with previous versions of OpenSSL and SSLeay.

 =item B<-e>

@@ -120,7 +121,7 @@ B<openssl enc -ciphername>.
 A password will be prompted for to derive the key and IV if necessary.

 The B<-salt> option should B<ALWAYS> be used if the key is being derived
-from a password unless you want compatability with previous versions of
+from a password unless you want compatibility with previous versions of
 OpenSSL and SSLeay.

 Without the B<-salt> option it is possible to perform efficient dictionary
@@ -149,7 +150,7 @@ Blowfish and RC5 algorithms use a 128 bit key.

 bf-cbc             Blowfish in CBC mode
 bf                 Alias for bf-cbc
- bf-cfb             Blowish in CFB mode
+ bf-cfb             Blowfish in CFB mode
 bf-ecb             Blowfish in ECB mode
 bf-ofb             Blowfish in OFB mode


--- a/doc/man/nseq.pod
+++ b/doc/man/nseq.pod
@@ -59,7 +59,7 @@ The B<PEM> encoded form uses the same headers and footers as a certificate:

 A Netscape certificate sequence is a Netscape specific form that can be sent
 to browsers as an alternative to the standard PKCS#7 format when several
-certificates are sent to the browser: for example during certificate erollment.
+certificates are sent to the browser: for example during certificate enrollment.
 It is used by Netscape certificate server for example.

 =head1 BUGS

--- a/doc/man/pkcs8.pod
+++ b/doc/man/pkcs8.pod
@@ -214,7 +214,7 @@ There should be an option that prints out the encryption algorithm
 in use and other details such as the iteration count.

 PKCS#8 using triple DES and PKCS#5 v2.0 should be the default private
-key format for OpenSSL: for compatability several of the utilities use
+key format for OpenSSL: for compatibility several of the utilities use
 the old format at present.

 =head1 SEE ALSO

--- a/doc/man/req.pod
+++ b/doc/man/req.pod
@@ -194,7 +194,7 @@ It should be noted that very few CAs still require the use of this option.

 =head1 CONFIGURATION FILE FORMAT

-The configuation options are specified in the B<req> section of
+The configuration options are specified in the B<req> section of
 the configuration file. As with all configuration files if no
 value is specified in the specific section (i.e. B<req>) then
 the initial unnamed or B<default> section is searched too.
@@ -214,13 +214,13 @@ B<envpassout> override the configuration file values.

 This specifies the default key size in bits. If not specified then
 512 is used. It is used if the B<-new> option is used. It can be
-overriden by using the B<-newkey> option.
+overridden by using the B<-newkey> option.

 =item B<default_keyfile>

 This is the default filename to write a private key to. If not
 specified the key is written to standard output. This can be
-overriden by the B<-keyout> option.
+overridden by the B<-keyout> option.

 =item B<oid_file>

@@ -245,7 +245,7 @@ placed and read from. It is used for private key generation.

 If this is set to B<no> then if a private key is generated it is
 B<not> encrypted. This is equivalent to the B<-nodes> command line
-option. For compatability B<encrypt_rsai_key> is an equivalent option.
+option. For compatibility B<encrypt_rsai_key> is an equivalent option.

 =item B<default_md>

@@ -284,12 +284,12 @@ is used. It can be overridden by the B<-extensions> command line switch.
 this specifies the section containing any request attributes: its format
 is the same as B<distinguished_name> described below. Typically these
 may contain the challengePassword or unstructuredName types. They are
-currently ignored by OpenSSLs request signing utilities but some CAs
+currently ignored by OpenSSL's request signing utilities but some CAs
 might want them.

 =item B<distinguished_name>

-This specifies the section containing the distiguished name fields to
+This specifies the section containing the distinguished name fields to
 prompt for when generating a certificate or certificate request. This
 consists of lines of the form:

@@ -299,7 +299,7 @@ consists of lines of the form:
 	fieldName_max= 4

 "fieldName" is the field name being used, for example commonName (or CN).
-The "prompt" string is used to ask the user to enter the relvant
+The "prompt" string is used to ask the user to enter the relevant
 details. If the user enters nothing then the default value is used if no
 default value is present then the field is omitted. A field can
 still be omitted if a default value is present if the user just
@@ -432,7 +432,7 @@ This is followed some time later by...
 The first error message is the clue: it can't find the configuration
 file! Certain operations (like examining a certificate request) don't
 need a configuration file so its use isn't enforced. Generation of
-certficates or requests however does need a configuration file. This
+certificates or requests however does need a configuration file. This
 could be regarded as a bug.

 Another puzzling message is this:
@@ -454,13 +454,13 @@ for more information.

 The variable B<OPENSSL_CONF> if defined allows an alternative configuration
 file location to be specified, it will be overridden by the B<-config> command
-line switch if it is present. For compatability reasons the B<SSLEAY_CONF>
+line switch if it is present. For compatibility reasons the B<SSLEAY_CONF>
 environment variable serves the same purpose but its use is discouraged.

 =head1 BUGS

-OpenSSLs handling of T61Strings (aka TeletexStrings) is broken: it effectively
-treats them as ISO-8859-1 (latin 1), Netscape and MSIE have similar behaviour.
+OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
+treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour.
 This can cause problems if you need characters that aren't available in
 PrintableStrings and you don't want to or can't use BMPStrings.


--- a/doc/man/smime.pod
+++ b/doc/man/smime.pod
@@ -115,7 +115,7 @@ do not verify the signers certificate of a signed message.

 =item B<-nochain>

-do not do chain verification of signers certfificates: that is don't
+do not do chain verification of signers certificates: that is don't
 use the certificates in the signed message as untrusted CAs.

 =item B<-nosigs>
@@ -205,7 +205,7 @@ message: see the examples section.

 This version of the program only allows one signer per message but it
 will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains mutiple signers. It is possible to sign
+choke if a message contains multiple signers. It is possible to sign
 messages "in parallel" by signing an already signed message.

 The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
@@ -239,7 +239,7 @@ an error occurred decrypting or verifying the message.

 =item 5

-the message was verified correctly but an error occured writing out
+the message was verified correctly but an error occurred writing out
 the signers certificates.

 =back

--- a/doc/man/spkac.pod
+++ b/doc/man/spkac.pod
@@ -74,11 +74,11 @@ verifies the digital signature on the supplied SPKAC.

 Print out the contents of an SPKAC:

- openssl spkac -in skpac.cnf
+ openssl spkac -in spkac.cnf

 Verify the signature of an SPKAC:

- openssl spkac -in skpac.cnf -noout -verify
+ openssl spkac -in spkac.cnf -noout -verify

 Create an SPKAC using the challenge string "hello":


--- a/doc/man/verify.pod
+++ b/doc/man/verify.pod
@@ -92,7 +92,7 @@ up. The chain is built up by looking up a certificate whose subject name
 matches the issuer name of the current certificate. If a certificate is found
 whose subject and issuer names are identical it is assumed to be the root CA.
 The lookup first looks in the list of untrusted certificates and if no match
-is found the remaining lookups are from the trusted certficates. The root CA
+is found the remaining lookups are from the trusted certificates. The root CA
 is always looked up in the trusted certificate list: if the certificate to
 verify is a root certificate then an exact match must be found in the trusted
 list.
@@ -105,7 +105,7 @@ CA certificates. The precise extensions required are described in more detail in
 the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.

 The third operation is to check the trust settings on the root CA. The root
-CA should be trusted for the supplied purpose. For compatability with previous
+CA should be trusted for the supplied purpose. For compatibility with previous
 versions of SSLeay and OpenSSL a certificate with no trust settings is considered
 to be valid for all purposes. 

@@ -158,7 +158,7 @@ the certificate signature could not be decrypted. This means that the actual sig
 could not be determined rather than it not matching the expected value, this is only
 meaningful for RSA keys.

-=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's's signature>
+=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>

 the CRL signature could not be decrypted: this means that the actual signature value
 could not be determined rather than it not matching the expected value. Unused.
@@ -209,7 +209,7 @@ the CRL nextUpdate field contains an invalid time. Unused.

 =item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>

-an error occured trying to allocate memory. This should never happen.
+an error occurred trying to allocate memory. This should never happen.

 =item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>


--- a/doc/man/x509.pod
+++ b/doc/man/x509.pod
@@ -100,7 +100,7 @@ this option has no effect: SHA1 is always used with DSA keys.
 =head1 DISPLAY OPTIONS

 Note: the B<-alias> and B<-purpose> options are also display options
-but are desribed in the B<TRUST OPTIONS> section.
+but are described in the B<TRUST OPTIONS> section.

 =over 4

@@ -196,7 +196,7 @@ certificate is automatically output if any trust settings are modified.
 =item B<-setalias arg>

 sets the alias of the certificate. This will allow the certificate
-to be reffered to using a nickname for example "Steve's Certificate".
+to be referred to using a nickname for example "Steve's Certificate".

 =item B<-alias>

@@ -363,7 +363,7 @@ extensions for a CA:
 	openssl x509 -req -in careq.pem -config openssl.cnf -extensions v3_ca \
 		-signkey key.pem -out cacert.pem

-Sign a certificate request using the CA certifcate above and add user
+Sign a certificate request using the CA certificate above and add user
 certificate extensions:

 	openssl x509 -req -in req.pem -config openssl.cnf -extensions v3_usr \