diff --git a/Configure b/Configure index fdd88208b6a8da30c642cac1f10110cba4bebdd5..62e1b193092805f48a65f80023dbef885c60e04a 100755 --- a/Configure +++ b/Configure @@ -67,9 +67,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script # -# MD5_ASM use some extra md5 assember, -# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 -# RMD160_ASM use some extra ripemd160 assember, +# MD5_ASM use some extra md5 assembler, +# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 +# RMD160_ASM use some extra ripemd160 assembler, # SHA256_ASM sha256_block is implemented in assembler # SHA512_ASM sha512_block is implemented in assembler # AES_ASM ASE_[en|de]crypt is implemented in assembler @@ -149,7 +149,7 @@ sub read_config; # resolve_config(target) # -# Resolves all the late evalutations, inheritances and so on for the +# Resolves all the late evaluations, inheritances and so on for the # chosen target and any target it inherits from. sub resolve_config; @@ -227,7 +227,7 @@ $config{sdirs} = [ my @tls = qw(ssl3 tls1 tls1_1 tls1_2); my @dtls = qw(dtls1 dtls1_2); -# Explicitelly known options that are possible to disable. They can +# Explicitly known options that are possible to disable. They can # be regexps, and will be used like this: /^no-${option}$/ # For developers: keep it sorted alphabetically @@ -701,7 +701,7 @@ foreach (@argvcopy) unless ($_ eq $target || /^no-/ || /^disable-/) { # "no-..." follows later after implied disactivations - # have been derived. (Don't take this too seroiusly, + # have been derived. (Don't take this too seriously, # we really only write OPTIONS to the Makefile out of # nostalgia.) @@ -972,7 +972,7 @@ unless ($disabled{threads}) { $disabled{threads} = "unavailable"; } } else { - # The user chose to enable threads explicitely, let's see + # The user chose to enable threads explicitly, let's see # if there's a chance that's possible if ($target{thread_scheme} eq "(unknown)") { # If the user asked for "threads" and we don't have internal @@ -2093,8 +2093,8 @@ sub read_config { } -# configuration resolver. Will only resolve all the lazy evalutation -# codeblocks for the chozen target and all those it inherits from, +# configuration resolver. Will only resolve all the lazy evaluation +# codeblocks for the chosen target and all those it inherits from, # recursively sub resolve_config { my $target = shift; @@ -2147,7 +2147,7 @@ sub resolve_config { # - If a value is a coderef, it will be executed with the list of # inherited values as arguments. # - If the corresponding key doesn't have a value at all or is the - # emoty string, the inherited value list will be run through the + # empty string, the inherited value list will be run through the # default combiner (below), and the result becomes this target's # value. # - Otherwise, this target's value is assumed to be a string that diff --git a/apps/apps.c b/apps/apps.c index 7ba12fea5a031d95da68e1baf5e04d132a31481c..41045530451f68669f741f26c484aef3e1fb1c9e 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1964,9 +1964,9 @@ void policies_print(X509_STORE_CTX *ctx) * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. * outlen: (output) set to the length of the resulting buffer on success. * err: (maybe NULL) on failure, an error message line is written to this BIO. - * in: a NUL termianted string like "abc,def,ghi" + * in: a NUL terminated string like "abc,def,ghi" * - * returns: a malloced buffer or NULL on failure. + * returns: a malloc'd buffer or NULL on failure. */ unsigned char *next_protos_parse(size_t *outlen, const char *in) { diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c index 9a6eaf612ab81349703f5a829275def106df38c3..e71bd633c75f2b252929d7267eff6aa4617a054f 100644 --- a/crypto/asn1/bio_ndef.c +++ b/crypto/asn1/bio_ndef.c @@ -119,7 +119,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free); /* - * Now let callback prepend any digest, cipher etc BIOs ASN1 structure + * Now let callback prepends any digest, cipher etc BIOs ASN1 structure * needs. */ diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index ed4c1397d97bc9ba3839a654081adf9eb7ac6d48..9323325b77000cbe29a66c78b9e12a5b9a5fed34 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -583,7 +583,7 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service, * family, such as AF_UNIX * * the return value is 1 on success, or 0 on failure, which - * only happens if a memory allocation error occured. + * only happens if a memory allocation error occurred. */ static int addrinfo_wrap(int family, int socktype, const void *where, size_t wherelen, @@ -749,7 +749,7 @@ int BIO_lookup(const char *host, const char *service, #endif struct servent *se; - /* Apprently, on WIN64, s_proto and s_port have traded places... */ + /* Apparently, on WIN64, s_proto and s_port have traded places... */ #ifdef _WIN64 struct servent se_fallback = { NULL, NULL, NULL, 0 }; #else diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h index f6a54d8567ea77320cac0cc92fe4cd0e52721f7e..df12cde3321bd6729032bdcb3cd1df64c362a427 100644 --- a/crypto/engine/eng_int.h +++ b/crypto/engine/eng_int.h @@ -207,7 +207,7 @@ struct engine_st { int struct_ref; /* * reference count on usability of the engine type. NB: This controls the - * loading and initialisation of any functionlity required by this + * loading and initialisation of any functionality required by this * engine, whereas the previous count is simply to cope with * (de)allocation of this structure. Hence, running_ref <= struct_ref at * all times. diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h index ae30842d6de132ff2041b8da66fbd8b46279d204..296853fc8cbe890bd40ae4f5a8c08e76ef4f5de0 100644 --- a/crypto/include/internal/cryptlib_int.h +++ b/crypto/include/internal/cryptlib_int.h @@ -67,7 +67,7 @@ struct thread_local_inits_st { int ossl_init_thread_start(uint64_t opts); /* * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below - * are those ommitted from crypto.h because they are "reserverd for internal + * are those ommitted from crypto.h because they are "reserved for internal * use". */ # define OPENSSL_INIT_ZLIB 0x00010000L diff --git a/crypto/include/internal/md32_common.h b/crypto/include/internal/md32_common.h index 156fa3aeba49cd262594293841e9227090cdba4c..b3d72e4db3a2a0f03e699e5dd73d3656b30f17ff 100644 --- a/crypto/include/internal/md32_common.h +++ b/crypto/include/internal/md32_common.h @@ -387,7 +387,7 @@ int HASH_FINAL(unsigned char *md, HASH_CTX *c) # if defined(__alpha) || defined(__sparcv9) || defined(__mips) # define MD32_REG_T long /* - * This comment was originaly written for MD5, which is why it + * This comment was originally written for MD5, which is why it * discusses A-D. But it basically applies to all 32-bit digests, * which is why it was moved to common header file. * diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index fc032ae07d2ef86f51f12e9ccb6f2f9213165183..c6fdd8d7c2c62d1b8e32bd1bb3cfebfb41e4f378 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -109,7 +109,7 @@ struct X509_req_st { struct X509_crl_info_st { ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */ - X509_ALGOR sig_alg; /* signagture algorithm */ + X509_ALGOR sig_alg; /* signature algorithm */ X509_NAME *issuer; /* CRL issuer name */ ASN1_TIME *lastUpdate; /* lastUpdate field */ ASN1_TIME *nextUpdate; /* nextUpdate field: optional */ diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index 6bec8b30f885fd04c6afe3694590812efc76457c..8d069b97d05a89e118e9c23e57f69f646011bee2 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -94,7 +94,7 @@ typedef unsigned int u32; * POLY1305_BLOCK_SIZE and |padbit| to 0. In all other cases |padbit| * should be set to 1 to perform implicit padding with 128th bit. * poly1305_blocks does not actually check for this constraint though, - * it's caller(*)'s resposibility to comply. + * it's caller(*)'s responsibility to comply. * * (*) In the context "caller" is not application code, but higher * level Poly1305_* from this very module, so that quirks are diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index 78db60888efbf6452aa7538a8a05c48d9417beb1..606ed8bdef25ef4a264b499be8378d7862a69010 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -445,7 +445,7 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file) if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0) goto err; - user_pwd = NULL; /* abandon responsability */ + user_pwd = NULL; /* abandon responsibility */ } } } diff --git a/crypto/x509v3/pcy_int.h b/crypto/x509v3/pcy_int.h index 809dc5e43692f4a4d983b8e28b51988a51e508f9..8c2ef959e3e4fc9e13390f40c702f0fc7e904f2c 100644 --- a/crypto/x509v3/pcy_int.h +++ b/crypto/x509v3/pcy_int.h @@ -168,7 +168,7 @@ struct X509_POLICY_TREE_st { * required. */ STACK_OF(X509_POLICY_DATA) *extra_data; - /* This is the authority constained policy set */ + /* This is the authority constrained policy set */ STACK_OF(X509_POLICY_NODE) *auth_policies; STACK_OF(X509_POLICY_NODE) *user_policies; unsigned int flags; diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod index b42b64c1782c07f278657af82a5adbdfa7ce5ac4..ad949dd99cd93c6e597c560c2e00a5cecd7b317d 100644 --- a/doc/crypto/EVP_EncryptInit.pod +++ b/doc/crypto/EVP_EncryptInit.pod @@ -388,7 +388,7 @@ the L section below for details. =item EVP_aes_128_ocb(void), EVP_aes_192_ocb(void), EVP_aes_256_ocb(void) -Offest Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively. +Offset Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively. These ciphers require additional control operations to function correctly: see the L section below for details. diff --git a/include/openssl/ct.h b/include/openssl/ct.h index 0da3125d1727ac71ab9a779cbc783a2e0bd5661c..fa25c69d9b4775cd86b06bc3e2fef97b84bd5644 100644 --- a/include/openssl/ct.h +++ b/include/openssl/ct.h @@ -367,7 +367,7 @@ __owur int SCT_LIST_validate(const STACK_OF(SCT) *scts, * for data that caller is responsible for freeing (only if function returns * successfully). * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring - * that "*pp" is large enough to accept all of the serializied data. + * that "*pp" is large enough to accept all of the serialized data. * Returns < 0 on error, >= 0 indicating bytes written (or would have been) * on success. */ @@ -394,7 +394,7 @@ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, * for data that caller is responsible for freeing (only if function returns * successfully). * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring - * that "*pp" is large enough to accept all of the serializied data. + * that "*pp" is large enough to accept all of the serialized data. * Returns < 0 on error, >= 0 indicating bytes written (or would have been) * on success. */ @@ -428,7 +428,7 @@ __owur int i2o_SCT(const SCT *sct, unsigned char **out); * Parses an SCT in TLS format and returns it. * If |psct| is not null, it will end up pointing to the parsed SCT. If it * already points to a non-null pointer, the pointer will be free'd. - * |in| should be a pointer to a string contianing the TLS-format SCT. + * |in| should be a pointer to a string containing the TLS-format SCT. * |in| will be advanced to the end of the SCT if parsing succeeds. * |len| should be the length of the SCT in |in|. * Returns NULL if an error occurs. @@ -449,7 +449,7 @@ __owur int i2o_SCT_signature(const SCT *sct, unsigned char **out); /* * Parses an SCT signature in TLS format and populates the |sct| with it. -* |in| should be a pointer to a string contianing the TLS-format signature. +* |in| should be a pointer to a string containing the TLS-format signature. * |in| will be advanced to the end of the signature if parsing succeeds. * |len| should be the length of the signature in |in|. * Returns the number of bytes parsed, or a negative integer if an error occurs. diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 2e021e235b9f04f6132065d1281286fae562f5ed..9b3df55b0c968b2f2c26154fad67ed2e825f1b5c 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -85,7 +85,7 @@ extern "C" { /* * If this flag is set the DH method is FIPS compliant and can be used in * FIPS mode. This is set in the validated module method. If an application - * sets this flag in its own methods it is its reposibility to ensure the + * sets this flag in its own methods it is its responsibility to ensure the * result is compliant. */ diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index 1b045842e006b9e15f86c89e6a25f53995b019b3..29fc86f725c94e60416c5a7119fdb3456f480af1 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -96,7 +96,7 @@ extern "C" { /* * If this flag is set the DSA method is FIPS compliant and can be used in * FIPS mode. This is set in the validated module method. If an application - * sets this flag in its own methods it is its reposibility to ensure the + * sets this flag in its own methods it is its responsibility to ensure the * result is compliant. */ diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 892239dd87f938d4b3268c43f773c2b44ec3f1b2..9a99091c83b15abe1e1babf2b86e3d6f7a229b1f 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -241,7 +241,7 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group); -/** Gets the number of bits of ther order of an EC_GROUP +/** Gets the number of bits of the order of an EC_GROUP * \param group EC_GROUP object * \return number of bits of group order. */ @@ -438,7 +438,7 @@ typedef struct { /* * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all - * available curves or zero if a error occurred. In case r ist not zero + * available curves or zero if a error occurred. In case r is not zero, * nitems EC_builtin_curve structures are filled with the data of the first * nitems internal groups */ @@ -711,7 +711,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) - * \param num number futher summands + * \param num number further summands * \param p array of size num of EC_POINT objects * \param m array of size num of BIGNUM objects * \param ctx BN_CTX object (optional) @@ -918,7 +918,7 @@ int EC_KEY_check_key(const EC_KEY *key); */ int EC_KEY_can_sign(const EC_KEY *eckey); -/** Sets a public key from affine coordindates performing +/** Sets a public key from affine coordinates performing * necessary NIST PKV tests. * \param key the EC_KEY object * \param x public key x coordinate @@ -1142,7 +1142,7 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, * \param dgst pointer to the hash value to sign * \param dgstlen length of the hash value * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), + * \param rp BIGNUM with a pre-computed rp value (optional), * see ECDSA_sign_setup * \param eckey EC_KEY object containing a private EC key * \return pointer to a ECDSA_SIG structure or NULL if an error occurred @@ -1193,7 +1193,7 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, * \param sig buffer to hold the DER encoded signature * \param siglen pointer to the length of the returned signature * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), + * \param rp BIGNUM with a pre-computed rp value (optional), * see ECDSA_sign_setup * \param eckey EC_KEY object containing a private EC key * \return 1 on success and 0 otherwise diff --git a/include/openssl/srp.h b/include/openssl/srp.h index 37e767886376398f24b0031235d8c30f769e501a..7a7406ffac387eb73c34b197212cf1cd6e1b9eae 100644 --- a/include/openssl/srp.h +++ b/include/openssl/srp.h @@ -106,7 +106,7 @@ typedef struct SRP_VBASE_st { } SRP_VBASE; /* - * Structure interne pour retenir les couples N et g + * Internal structure storing N and g pair */ typedef struct SRP_gN_st { char *id; diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index c3344e193f83559f58585a1ead0f009a185ed0a8..ffc6eb7c5aff0eb139b53ef5ae2aa410be654201 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -156,7 +156,7 @@ extern "C" { #endif -/* Default security level if not overriden at config time */ +/* Default security level if not overridden at config time */ # ifndef OPENSSL_TLS_SECURITY_LEVEL # define OPENSSL_TLS_SECURITY_LEVEL 1 # endif diff --git a/include/openssl/ui.h b/include/openssl/ui.h index 3d1507ee007400fd7d48e46837b529a02d21ce55..7132ebd949d9bd9cc8278a43090049d5091f2cd7 100644 --- a/include/openssl/ui.h +++ b/include/openssl/ui.h @@ -270,7 +270,7 @@ UI_METHOD *UI_OpenSSL(void); display a dialog box after it has been built. a reader This function is called to read a given prompt, maybe from the tty, maybe from a field in a - window. Note that it's called wth all string + window. Note that it's called with all string structures, not only the prompt ones, so it must check such things itself. a closer This function closes the session, maybe by closing @@ -355,7 +355,7 @@ int UI_get_input_flags(UI_STRING *uis); /* Return the actual string to output (the prompt, info or error) */ const char *UI_get0_output_string(UI_STRING *uis); /* - * Return the optional action string to output (the boolean promtp + * Return the optional action string to output (the boolean prompt * instruction) */ const char *UI_get0_action_string(UI_STRING *uis); diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index 093b0f3d0ae5b4bddc606390bff86b1e2ee766d0..33d5e455f3f41451e19f651ed08f04ecc0414a40 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -391,7 +391,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); # define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 /* Delta CRL support */ # define X509_V_FLAG_USE_DELTAS 0x2000 -/* Check selfsigned CA signature */ +/* Check self-signed CA signature */ # define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 /* Use trusted store first */ # define X509_V_FLAG_TRUSTED_FIRST 0x8000 diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 6d75225cce6ab61779ed13a5137c8ae549587f2a..193f603374f058e39827833ed139de50ea492354 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -797,7 +797,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) } /* - * This is unneccessary if rbio and wbio are one and the same - but + * This is unnecessary if rbio and wbio are one and the same - but * maybe they're not. We ignore errors here - some BIOs do not * support this. */ diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 00af44e09d86812197bc59cf2685f028fa699125..6f9ac96d053db7d2d5bea7cfa2c53a2bd5f04ec4 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -666,7 +666,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (dest_maxlen > 0) { /* - * XDTLS: In a pathalogical case, the Client Hello may be + * XDTLS: In a pathological case, the Client Hello may be * fragmented--don't always expect dest_maxlen bytes */ if (SSL3_RECORD_get_length(rr) < dest_maxlen) { diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 773a6d68d9acfebd069677c416afead648df0082..4a5907b6f36a7cfbf9f8327a0ef1f254a61a30f5 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -495,7 +495,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) /* * Depending on platform multi-block can deliver several *times* * better performance. Downside is that it has to allocate - * jumbo buffer to accomodate up to 8 records, but the + * jumbo buffer to accommodate up to 8 records, but the * compromise is considered worthy. */ if (type == SSL3_RT_APPLICATION_DATA && @@ -631,7 +631,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) split_send_fragment = s->split_send_fragment; /* * If max_pipelines is 0 then this means "undefined" and we default to - * 1 pipeline. Similaraly if the cipher does not support pipelined + * 1 pipeline. Similarly if the cipher does not support pipelined * processing then we also only use 1 pipeline, or if we're not using * explicit IVs */ @@ -810,7 +810,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* * extra fragment would be couple of cipher blocks, which would be * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real - * payload, then we can just pretent we simply have two headers. + * payload, then we can just pretend we simply have two headers. */ align = (size_t)SSL3_BUFFER_get_buf(wb) + 2 * SSL3_RT_HEADER_LENGTH; align = (0-align) & (SSL3_ALIGN_PAYLOAD - 1); @@ -862,7 +862,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, *(outbuf[j]++) = (s->version >> 8); /* - * Some servers hang if iniatial client hello is larger than 256 bytes + * Some servers hang if initial client hello is larger than 256 bytes * and record version number > TLS 1.0 */ if (SSL_get_state(s) == TLS_ST_CW_CLNT_HELLO @@ -1445,7 +1445,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, /* * This is a warning but we receive it if we requested * renegotiation and the peer denied it. Terminate with a fatal - * alert because if application tried to renegotiatie it + * alert because if application tried to renegotiate it * presumably had a good reason and expects it to succeed. In * future we might have a renegotiation where we don't care if * the peer refused it where we carry on. diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 35ef9487f91d28336e9ca21969c478d4d8f670fb..ec5ff9be53993f52616bd151af58a1b82d1fe2aa 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -231,7 +231,7 @@ int ssl3_change_cipher_state(SSL *s, int which) goto err; else /* - * make sure it's intialized in case we exit later with an error + * make sure it's initialised in case we exit later with an error */ EVP_CIPHER_CTX_reset(s->enc_read_ctx); dd = s->enc_read_ctx; @@ -262,7 +262,7 @@ int ssl3_change_cipher_state(SSL *s, int which) goto err; else /* - * make sure it's intialized in case we exit later with an error + * make sure it's initialised in case we exit later with an error */ EVP_CIPHER_CTX_reset(s->enc_write_ctx); dd = s->enc_write_ctx; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index ef65050cc4f617409e5c01c1d309ce8a9fa7cf7c..fc2aac890e11977af08d802de26d9371ee59f11a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3839,7 +3839,7 @@ int ssl3_shutdown(SSL *s) if (ret == -1) { /* * we only get to return -1 here the 2nd/Nth invocation, we must - * have already signalled return 0 upon a previous invoation, + * have already signalled return 0 upon a previous invocation, * return WANT_WRITE */ return (ret); diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 24ac352d1da47c4644475b5d55069be32bed1f30..8668a595e19e8db19112365fd19b1f63e756b77f 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -842,7 +842,7 @@ static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) return 1; } -/* Add certificate chain to internal SSL BUF_MEM strcuture */ +/* Add certificate chain to internal SSL BUF_MEM structure */ int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l) { BUF_MEM *buf = s->init_buf; diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index d0cadc60f0887e5e785484d69857e693358e2e19..8e00743e6462dc535e41433a7c8d07f71e397236 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -588,7 +588,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"}, {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"}, {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), - "required compresssion algorithm missing"}, + "required compression algorithm missing"}, {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"}, {ERR_REASON(SSL_R_SCT_VERIFICATION_FAILED), "sct verification failed"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e6511895cef91ad57e1ad71eb7ef5d7e3fd278c2..a289d3af73a335ce68ff41d53b31c1a1aaa75915 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3706,7 +3706,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, /* * Allocates new EVP_MD_CTX and sets pointer to it into given pointer - * vairable, freeing EVP_MD_CTX previously stored in that variable, if any. + * variable, freeing EVP_MD_CTX previously stored in that variable, if any. * If EVP_MD pointer is passed, initializes ctx with this md Returns newly * allocated ctx; */ diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c index b2c6bf7ce655d38529d9e72ebf036662308633c4..e0f82eccf1178f4f97df7937f63e475a5b9365a2 100644 --- a/ssl/ssl_txt.c +++ b/ssl/ssl_txt.c @@ -238,7 +238,7 @@ int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x) /* * the RSA prefix is required by the format's definition although there's - * nothing RSA-specifc in the output, therefore, we don't have to check if + * nothing RSA-specific in the output, therefore, we don't have to check if * the cipher suite is based on RSA */ if (BIO_puts(bp, "RSA ") <= 0) diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h index 263a39539220d8903d2a8d470ab3b5ce7ba78fe8..f8f79cfa3503eee129b2940566b095abd7d50de8 100644 --- a/ssl/statem/statem.h +++ b/ssl/statem/statem.h @@ -54,7 +54,7 @@ /***************************************************************************** * * - * These emums should be considered PRIVATE to the state machine. No * + * These enums should be considered PRIVATE to the state machine. No * * non-state machine code should need to use these * * * *****************************************************************************/ diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 73f54bcb96c7b4a67029b3f98a57fbeb64e75d84..08b8c7d0e7713c105783664b3ad93cee61386196 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -870,7 +870,7 @@ int tls_construct_client_hello(SSL *s) * 1. Client hello indicates TLS 1.2 * 2. Server hello says TLS 1.0 * 3. RSA encrypted premaster secret uses 1.2. - * 4. Handhaked proceeds using TLS 1.0. + * 4. Handshake proceeds using TLS 1.0. * 5. Server sends hello request to renegotiate. * 6. Client hello indicates TLS v1.0 as we now * know that is maximum server supports. diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index a20e85fb4b0a55442aa28946947f80e4ce1ab570..26feac96fad71a406bea05fff9814a6f7e497e30 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -767,7 +767,7 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) # ifndef OPENSSL_NO_EC /* - * tls1_check_ec_tmp_key - Check EC temporary key compatiblity + * tls1_check_ec_tmp_key - Check EC temporary key compatibility * @s: SSL connection * @cid: Cipher ID we're considering using * @@ -1179,7 +1179,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, /*- * check for enough space. - * 4 for the servername type and entension length + * 4 for the servername type and extension length * 2 for servernamelist length * 1 for the hostname type * 2 for hostname length @@ -1217,7 +1217,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, /*- * check for enough space. - * 4 for the srp type type and entension length + * 4 for the srp type type and extension length * 1 for the srp user identity * + srp user identity length */ @@ -1412,7 +1412,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, #ifndef OPENSSL_NO_NEXTPROTONEG if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) { /* - * The client advertises an emtpy extension to indicate its support + * The client advertises an empty extension to indicate its support * for Next Protocol Negotiation */ if (limit - ret - 4 < 0) @@ -2002,7 +2002,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al) /* * Although the server_name extension was intended to be * extensible to new name types, RFC 4366 defined the - * syntax inextensibly and OpenSSL 1.0.x parses it as + * syntax inextensibility and OpenSSL 1.0.x parses it as * such. * RFC 6066 corrected the mistake but adding new name types * is nevertheless no longer feasible, so act as if no other @@ -2231,7 +2231,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al) * * s->new_session will be set on renegotiation, but we * probably shouldn't rely that it couldn't be set on - * the initial renegotation too in certain cases (when + * the initial renegotiation too in certain cases (when * there's some other reason to disallow resuming an * earlier session -- the current code won't be doing * anything like that, but this might change). @@ -2733,7 +2733,8 @@ int tls1_set_server_sigalgs(SSL *s) { int al; size_t i; - /* Clear any shared sigtnature algorithms */ + + /* Clear any shared signature algorithms */ OPENSSL_free(s->cert->shared_sigalgs); s->cert->shared_sigalgs = NULL; s->cert->shared_sigalgslen = 0; @@ -3071,7 +3072,7 @@ end: * tls_decrypt_ticket attempts to decrypt a session ticket. * * etick: points to the body of the session ticket extension. - * eticklen: the length of the session tickets extenion. + * eticklen: the length of the session tickets extension. * sess_id: points at the session ID. * sesslen: the length of the session ID. * psess: (output) on return, if a ticket was decrypted, then this is set to diff --git a/test/dhtest.c b/test/dhtest.c index 5940aa78b2efea674e804104a81ddd9d2ba5cd7b..e15e8a8a6d9919cd6d3c4f3e1bb3c23799b47f4e 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -607,7 +607,7 @@ static int run_rfc5114_tests(void) OPENSSL_free(Z1); OPENSSL_free(Z2); - fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1); + fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1); ERR_print_errors_fp(stderr); return 0; err: