From 63b658341e5b033d800014ea1224d2764f24e8bc Mon Sep 17 00:00:00 2001 From: Viktor Dukhovni Date: Wed, 6 Jan 2016 13:48:16 -0500 Subject: [PATCH] DANE documentation typos Reported-by: Claus Assmann Reviewed-by: Rich Salz --- doc/ssl/SSL_CTX_dane_enable.pod | 4 ++-- doc/ssl/SSL_set1_host.pod | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod index 66eb1b3d8d..c3c203ef6a 100644 --- a/doc/ssl/SSL_CTX_dane_enable.pod +++ b/doc/ssl/SSL_CTX_dane_enable.pod @@ -41,7 +41,7 @@ to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context. The B argument specifies a DANE TLSA matching type and the -the B argument specifies the associated digest algorithm handle. +B argument specifies the associated digest algorithm handle. The B argument specifies a strength ordinal. Algorithms with a larger strength ordinal are considered more secure. Strength ordinals are used to implement RFC7671 digest algorithm agility. @@ -181,7 +181,7 @@ the lifetime of the SSL connection. } ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len); - /* free data as approriate */ + /* free data as appropriate */ if (ret < 0) /* handle SSL library internal error */ diff --git a/doc/ssl/SSL_set1_host.pod b/doc/ssl/SSL_set1_host.pod index b008a5ff6e..0ef2448438 100644 --- a/doc/ssl/SSL_set1_host.pod +++ b/doc/ssl/SSL_set1_host.pod @@ -35,7 +35,7 @@ that can match the peer's certificate. Any previous names set via SSL_set1_host() or SSL_add1_host() are retained, no change is made if B is NULL or empty. When multiple names are configured, the peer is considered verified when any name matches. This function -is required for DANE TLA in the presence of service name indirection +is required for DANE TLSA in the presence of service name indirection via CNAME, MX or SRV records as specified in RFC7671, RFC7672 or RFC7673. -- GitLab