More typo fixes

Fix some comments too
[skip ci]

Reviewed-by: Tim Hudson <[email protected]>
Reviewed-by: Richard Levitte <[email protected]>
(Merged from openssl#3069)

CHANGES

@@ -466,7 +466,7 @@
   *) Add X25519 support.
      Add ASN.1 and EVP_PKEY methods for X25519. This includes support
      for public and private key encoding using the format documented in
-     draft-ietf-curdle-pkix-02. The coresponding EVP_PKEY method supports
+     draft-ietf-curdle-pkix-02. The corresponding EVP_PKEY method supports
      key generation and key derivation.
 
      TLS support complies with draft-ietf-tls-rfc4492bis-08 and uses

Configure

@@ -2580,7 +2580,7 @@ sub isabsolute {
     # On non-platforms, we just use file_name_is_absolute().
     return file_name_is_absolute($file) unless $^O eq "VMS";
 
-    # If the file spec includes a device or a directpry spec,
+    # If the file spec includes a device or a directory spec,
     # file_name_is_absolute() is perfectly safe.
     return file_name_is_absolute($file) if $file =~ m|[:\[]|;
 

NOTES.VMS

@@ -77,7 +77,7 @@
     $ set image /flag=call_debug [.test]evp_test.exe
 
  Then just run it and you will find yourself in a debugging session.
- When done, we recomment that you turn that flag back off:
+ When done, we recommend that you turn that flag back off:
 
     $ set image /flag=nocall_debug [.test]evp_test.exe
 

apps/passwd.c

@@ -70,7 +70,7 @@ typedef enum OPTION_choice {
 
 const OPTIONS passwd_options[] = {
     {"help", OPT_HELP, '-', "Display this summary"},
-    {"in", OPT_IN, '<', "Pead passwords from file"},
+    {"in", OPT_IN, '<', "Read passwords from file"},
     {"noverify", OPT_NOVERIFY, '-',
      "Never verify when reading password from terminal"},
     {"quiet", OPT_QUIET, '-', "No warnings"},

crypto/aes/asm/aesni-sha1-x86_64.pl

@@ -315,7 +315,7 @@ ()
     $r++;	unshift(@rndkey,pop(@rndkey));
 };
 
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
@@ -1188,7 +1188,7 @@ ()
     $r++;	unshift(@rndkey,pop(@rndkey));
 };
 
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions

crypto/bio/b_addr.c

@@ -762,7 +762,7 @@ int BIO_lookup(const char *host, const char *service,
                  * it was errno. To minimize mixup add 1000. Underlying
                  * reason for this is that hstrerror is declared obsolete,
                  * not to mention that a) h_errno is not always guaranteed
-                 * to be meanigless; b) hstrerror can reside in yet another
+                 * to be meaningless; b) hstrerror can reside in yet another
                  * library, linking for sake of hstrerror is an overkill;
                  * c) this path is not executed on contemporary systems
                  * anyway [above getaddrinfo/gai_strerror is]. We just let

crypto/bn/asm/sparcv9-mont.pl

@@ -30,7 +30,7 @@
 # instructions...
 
 # (*)	Engine accessing the driver in question is on my TODO list.
-#	For reference, acceleator is estimated to give 6 to 10 times
+#	For reference, accelerator is estimated to give 6 to 10 times
 #	improvement on single-threaded RSA sign. It should be noted
 #	that 6-10x improvement coefficient does not actually mean
 #	something extraordinary in terms of absolute [single-threaded]

crypto/pem/pem_lib.c

@@ -316,7 +316,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
         dsize = 0;
         goto err;
     }
-    /* dzise + 8 bytes are needed */
+    /* dsize + 8 bytes are needed */
     /* actually it needs the cipher block size extra... */
     data = OPENSSL_malloc((unsigned int)dsize + 20);
     if (data == NULL) {

crypto/sha/asm/sha1-586.pl

@@ -661,7 +661,7 @@ sub sha1op38 {
 	&jmp	(&label("loop"));
 
 ######################################################################
-# SSE instruction sequence is first broken to groups of indepentent
+# SSE instruction sequence is first broken to groups of independent
 # instructions, independent in respect to their inputs and shifter
 # (not all architectures have more than one). Then IALU instructions
 # are "knitted in" between the SSE groups. Distance is maintained for
@@ -670,14 +670,14 @@ sub sha1op38 {
 #
 # Temporary registers usage. X[2] is volatile at the entry and at the
 # end is restored from backtrace ring buffer. X[3] is expected to
-# contain current K_XX_XX constant and is used to caclulate X[-1]+K
+# contain current K_XX_XX constant and is used to calculate X[-1]+K
 # from previous round, it becomes volatile the moment the value is
 # saved to stack for transfer to IALU. X[4] becomes volatile whenever
 # X[-4] is accumulated and offloaded to backtrace ring buffer, at the
 # end it is loaded with next K_XX_XX [which becomes X[3] in next
 # round]...
 #
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
@@ -1200,7 +1200,7 @@ ()
 	&and	(@T[0],@T[1]);
 	&jmp	(&label("loop"));
 
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions

crypto/sha/asm/sha1-x86_64.pl

@@ -577,7 +577,7 @@ ()
     $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
 }
 
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
@@ -1042,7 +1042,7 @@ ()
 	jmp	.Loop_avx
 ___
 
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_avx_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
@@ -1526,7 +1526,7 @@ ()
 	)
 }
 
-sub Xupdate_avx2_16_31()		# recall that $Xi starts wtih 4
+sub Xupdate_avx2_16_31()		# recall that $Xi starts with 4
 { use integer;
   my $body = shift;
   my @insns = (&$body,&$body,&$body,&$body,&$body);	# 35 instructions

crypto/x86cpuid.pl

@@ -283,7 +283,7 @@
 &set_label("spin");
 	&lea	("ebx",&DWP(0,"eax","ecx"));
 	&nop	();
-	&data_word(0x1ab10ff0);	# lock;	cmpxchg	%ebx,(%edx)	# %eax is envolved and is always reloaded
+	&data_word(0x1ab10ff0);	# lock;	cmpxchg	%ebx,(%edx)	# %eax is involved and is always reloaded
 	&jne	(&label("spin"));
 	&mov	("eax","ebx");	# OpenSSL expects the new value
 	&pop	("ebx");

doc/README

@@ -2,7 +2,7 @@
 README  This file
 
 fingerprints.txt
-        PGP fingerprints of authoried release signers
+        PGP fingerprints of authorised release signers
 
 standards.txt
         Moved to the web, https://www.openssl.org/docs/standards.html

doc/man3/BN_rand.pod

@@ -21,7 +21,7 @@ BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-r
 BN_rand() generates a cryptographically strong pseudo-random number of
 B<bits> in length and stores it in B<rnd>.
 If B<bits> is less than zero, or too small to
-accomodate the requirements specified by the B<top> and B<bottom>
+accommodate the requirements specified by the B<top> and B<bottom>
 parameters, an error is returned.
 The B<top> parameters specifies
 requirements on the most significant bit of the generated number.

doc/man3/SCT_new.pod

@@ -162,7 +162,7 @@ SCT_set_version() returns 1 if the specified version is supported, 0 otherwise.
 SCT_set_log_entry_type() returns 1 if the specified log entry type is supported, 0 otherwise.
 
 SCT_set0_log_id() and B<SCT_set1_log_id> return 1 if the specified LogID is a
-valid SHA-256 hash, 0 otherwise. Aditionally, B<SCT_set1_log_id> returns 0 if
+valid SHA-256 hash, 0 otherwise. Additionally, B<SCT_set1_log_id> returns 0 if
 malloc fails.
 
 B<SCT_set_signature_nid> returns 1 if the specified NID is supported, 0 otherwise.

doc/man3/SSL_SESSION_get0_peer.pod

@@ -20,7 +20,7 @@ returned value (unless L<X509_up_ref(3)> has also been called).
 =head1 RETURN VALUES
 
 SSL_SESSION_get0_peer() returns a pointer to the peer certificate or NULL if
-no peer certificat is available.
+no peer certificate is available.
 
 =head1 SEE ALSO
 

doc/man3/SSL_set_bio.pod

@@ -63,7 +63,7 @@ previously set value, then no additional references are consumed.
 =item *
 
 If the rbio and wbio parameters are different and the rbio is the same as the
-previously set value then one reference is consumbed for the wbio and no
+previously set value then one reference is consumed for the wbio and no
 references are consumed for the rbio.
 
 =item *

doc/man3/X509_VERIFY_PARAM_set_flags.pod

@@ -269,7 +269,7 @@ is used to specify a verification time, the check is not suppressed.
 
 =head1 INHERITANCE FLAGS
 
-These flags spevify how parameters are "inherited" from one structure to
+These flags specify how parameters are "inherited" from one structure to
 another.
 
 If B<X509_VP_FLAG_ONCE> is set then the current setting is zeroed

doc/man7/X25519.pod

@@ -36,7 +36,7 @@ output in PEM format:
  EVP_PKEY_CTX_free(pctx);
  PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
 
-The key derviation example in L<EVP_PKEY_derive(3)> can be used with
+The key derivation example in L<EVP_PKEY_derive(3)> can be used with
 B<X25519>.
 
 =head1 SEE ALSO

include/internal/dso.h

@@ -139,7 +139,7 @@ DSO_METHOD *DSO_METHOD_openssl(void);
  * This function writes null-terminated pathname of DSO module containing
  * 'addr' into 'sz' large caller-provided 'path' and returns the number of
  * characters [including trailing zero] written to it. If 'sz' is 0 or
- * negative, 'path' is ignored and required amount of charachers [including
+ * negative, 'path' is ignored and required amount of characters [including
  * trailing zero] to accommodate pathname is returned. If 'addr' is NULL, then
  * pathname of cryptolib itself is returned. Negative or zero return value
  * denotes error.

include/openssl/bio.h

@@ -170,7 +170,7 @@ extern "C" {
 /*
  * This is used with memory BIOs:
  * BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
- * BIO_FLAGS_NONCLEAR_RST means we should't clear data on reset.
+ * BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
  */
 # define BIO_FLAGS_MEM_RDONLY    0x200
 # define BIO_FLAGS_NONCLEAR_RST  0x400

include/openssl/objects.h

@@ -91,15 +91,15 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
  * const void *a_;
  * const nid_triple const *a = a_;
  *
- * The assignement discards a const because what you really want is:
+ * The assignment discards a const because what you really want is:
  *
  * const int const * const *a = a_;
  *
  * But if you do that, you lose the fact that a is an array of 3 ints,
  * which breaks comparison functions.
  *
  * Thus we end up having to cast, sadly, or unpack the
- * declarations. Or, as I finally did in this case, delcare nid_triple
+ * declarations. Or, as I finally did in this case, declare nid_triple
  * to be a struct, which it should have been in the first place.
  *
  * Ben, August 2008.

include/openssl/ui.h

@@ -207,7 +207,7 @@ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
 UI_METHOD *UI_OpenSSL(void);
 
 /*
- * NULL method.  Literarily does nothing, but may serve as a placeholder
+ * NULL method.  Literally does nothing, but may serve as a placeholder
  * to avoid internal default.
  */
 const UI_METHOD *UI_null(void);

include/openssl/x509.h

@@ -641,7 +641,7 @@ int X509_get_signature_type(const X509 *x);
 
 /*
  * This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x), &buf)
  */
 X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x);
 const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);

ssl/record/ssl3_record.c

@@ -1662,8 +1662,7 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
 }
 
 /*
- * retrieve a buffered record that belongs to the current epoch, ie,
- * processed
+ * Retrieve a buffered record that belongs to the current epoch, i.e. processed
  */
 #define dtls1_get_processed_record(s) \
                    dtls1_retrieve_buffered_record((s), \

ssl/ssl_lib.c

@@ -741,7 +741,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
 {
     /*
      * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
-     * we can "construct" a session to give us the desired check - ie. to
+     * we can "construct" a session to give us the desired check - i.e. to
      * find if there's a session in the hash table that would conflict with
      * any new session built out of this id/id_len and the ssl_version in use
      * by this SSL.
@@ -2546,8 +2546,8 @@ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
 }
 
 /*
- * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from
- * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name
+ * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|.
+ * On return it sets |*data| to point to |*len| bytes of protocol name
  * (not including the leading length-prefix byte). If the server didn't
  * respond with a negotiated protocol then |*len| will be zero.
  */
@@ -3147,10 +3147,7 @@ int SSL_get_error(const SSL *s, int i)
     }
 
     if (SSL_want_write(s)) {
-        /*
-         * Access wbio directly - in order to use the buffered bio if
-         * present
-         */
+        /* Access wbio directly - in order to use the buffered bio if present */
         bio = s->wbio;
         if (BIO_should_write(bio))
             return (SSL_ERROR_WANT_WRITE);
@@ -3893,7 +3890,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl,
 /*
  * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  * variable, freeing EVP_MD_CTX previously stored in that variable, if any.
- * If EVP_MD pointer is passed, initializes ctx with this md.
+ * If EVP_MD pointer is passed, initializes ctx with this |md|.
  * Returns the newly allocated ctx;
  */
 

ssl/statem/extensions.c

@@ -325,7 +325,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
  * Verify whether we are allowed to use the extension |type| in the current
  * |context|. Returns 1 to indicate the extension is allowed or unknown or 0 to
  * indicate the extension is not allowed. If returning 1 then |*found| is set to
- * 1 if we found a definition for the extension, and |*idx| is set to its index
+ * the definition for the extension we found.
  */
 static int verify_extension(SSL *s, unsigned int context, unsigned int type,
                             custom_ext_methods *meths, RAW_EXTENSION *rawexlist,

ssl/statem/statem_clnt.c

@@ -1983,7 +1983,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al)
         goto err;
     }
 
-    /* test non-zero pupkey */
+    /* test non-zero pubkey */
     if (BN_is_zero(bnpub_key)) {
         *al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_SKE_DHE, SSL_R_BAD_DH_VALUE);

ssl/statem/statem_srvr.c

@@ -659,7 +659,7 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
     case TLS_ST_SW_SRVR_HELLO:
         if (SSL_IS_DTLS(s)) {
             /*
-             * Messages we write from now on should be bufferred and
+             * Messages we write from now on should be buffered and
              * retransmitted if necessary, so we need to use the timer now
              */
             st->use_timer = 1;

ssl/t1_lib.c

@@ -1841,7 +1841,7 @@ static int ssl_check_ca_name(STACK_OF(X509_NAME) *names, X509 *x)
  * attempting to use them.
  */
 
-/* Flags which need to be set for a certificate when stict mode not set */
+/* Flags which need to be set for a certificate when strict mode not set */
 
 #define CERT_PKEY_VALID_FLAGS \
         (CERT_PKEY_EE_SIGNATURE|CERT_PKEY_EE_PARAM)
@@ -2101,7 +2101,7 @@ void tls1_set_cert_validity(SSL *s)
     tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512);
 }
 
-/* User level utiity function to check a chain is suitable */
+/* User level utility function to check a chain is suitable */
 int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
 {
     return tls1_check_chain(s, x, pk, chain, -1);
@@ -2205,8 +2205,8 @@ int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee)
 }
 
 /*
- * Check security of a chain, if sk includes the end entity certificate then
- * x is NULL. If vfy is 1 then we are verifying a peer chain and not sending
+ * Check security of a chain, if |sk| includes the end entity certificate then
+ * |x| is NULL. If |vfy| is 1 then we are verifying a peer chain and not sending
  * one to the peer. Return values: 1 if ok otherwise error code to use
  */
 
@@ -2257,7 +2257,7 @@ int tls_choose_sigalg(SSL *s, int *al)
         int curve = -1, skip_ec = 0;
 #endif
 
-        /* Look for a certificate matching shared sigaglgs */
+        /* Look for a certificate matching shared sigalgs */
         for (i = 0; i < s->cert->shared_sigalgslen; i++) {
             lu = s->cert->shared_sigalgs[i];
 
@@ -2304,7 +2304,7 @@ int tls_choose_sigalg(SSL *s, int *al)
             if (idx == -1)
                 return 1;
             if (idx == SSL_PKEY_GOST_EC) {
-                /* Work out which GOST certificate is avaiable */
+                /* Work out which GOST certificate is available */
                 if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) {
                     idx = SSL_PKEY_GOST12_512;
                 } else if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) {