ispell (and minor modifications)
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 7fe8027..65b46ed 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -413,7 +413,7 @@
*(d++) = v[1];
/* lets populate the random area */
- /* get the chalenge_length */
+ /* get the challenge_length */
i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
memset(d,0,SSL3_RANDOM_SIZE);
memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index e4e9660..6ff6a51 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -245,7 +245,7 @@
/* ERR_clear_error();*/
/* If we want to cache session-ids in the client
- * and we sucessfully add the session-id to the
+ * and we successfully add the session-id to the
* cache, and there is a callback, then pass it out.
* 26/11/96 - eay - only add if not a re-used session.
*/
@@ -368,7 +368,7 @@
*/
#endif
- /* we need to do this incase we were trying to reuse a
+ /* we need to do this in case we were trying to reuse a
* client session but others are already reusing it.
* If this was a new 'blank' session ID, the session-id
* length will still be 0 */
@@ -418,7 +418,7 @@
/* In theory we could have ciphers sent back that we
* don't want to use but that does not matter since we
- * will check against the list we origionally sent and
+ * will check against the list we originally sent and
* for performance reasons we should not bother to match
* the two lists up just to check. */
for (i=0; i<sk_SSL_CIPHER_num(cl); i++)
@@ -768,7 +768,7 @@
{
/* this is not good. If things have failed it
* means there so something wrong with the key.
- * We will contiune with a 0 length signature
+ * We will continue with a 0 length signature
*/
}
memset(&ctx,0,sizeof(ctx));
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index af300ba..4eb453b 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -689,7 +689,7 @@
s->init_off=0;
}
/* SSL2_ST_SEND_SERVER_HELLO_B */
- /* If we are using TCP/IP, the performace is bad if we do 2
+ /* If we are using TCP/IP, the performance is bad if we do 2
* writes without a read between them. This occurs when
* Session-id reuse is used, so I will put in a buffering module
*/
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 22e35c2..279d2c0 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1225,7 +1225,7 @@
if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
{
- /* If netscape tollerance is on, ignore errors */
+ /* If netscape tolerance is on, ignore errors */
if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
goto cont;
else
@@ -1258,7 +1258,7 @@
ERR_clear_error();
}
- /* we should setup a certficate to return.... */
+ /* we should setup a certificate to return.... */
s->s3->tmp.cert_req=1;
s->s3->tmp.ctype_num=ctype_num;
if (s->s3->tmp.ca_names != NULL)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 4caf708..fd0edf2 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -571,11 +571,11 @@
case SSL_AD_ACCESS_DENIED: return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_DECODE_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_DECRYPT_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
- case SSL_AD_EXPORT_RESTRICION: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_EXPORT_RESTRICTION: return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_PROTOCOL_VERSION: return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_INTERNAL_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
- case SSL_AD_USER_CANCLED: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_USER_CANCELLED: return(SSL3_AD_HANDSHAKE_FAILURE);
case SSL_AD_NO_RENEGOTIATION: return(-1); /* Don't send it :-) */
default: return(-1);
}
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index a1a7014..2f56df3 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -331,7 +331,7 @@
/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
* rr->length bytes of encrypted compressed stuff. */
- /* check is not needed I belive */
+ /* check is not needed I believe */
if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
{
al=SSL_AD_RECORD_OVERFLOW;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index b500b23..b6b09e9 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -788,7 +788,7 @@
* compression - basically ignored right now
* ssl version is set - sslv3
* s->session - The ssl session has been setup.
- * s->hit - sesson reuse flag
+ * s->hit - session reuse flag
* s->tmp.new_cipher - the new cipher to use.
*/
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 7903332..712ec3a 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -369,7 +369,7 @@
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
struct x509_store_st /* X509_STORE */ *cert_store;
- struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
+ struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
/* Most session-ids that will be cached, default is
* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
unsigned long session_cache_size;
@@ -655,7 +655,7 @@
unsigned long mode; /* API behaviour */
int first_packet;
int client_version; /* what was passed, used for
- * SSLv3/TLS rolback check */
+ * SSLv3/TLS rollback check */
};
#include <openssl/ssl2.h>
@@ -663,7 +663,7 @@
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
#include <openssl/ssl23.h>
-/* compatablity */
+/* compatibility */
#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
@@ -672,7 +672,7 @@
#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
/* The following are the possible values for ssl->state are are
- * used to indicate where we are upto in the SSL connection establishment.
+ * used to indicate where we are up to in the SSL connection establishment.
* The macros that follow are about the only things you should need to use
* and even then, only when using non-blocking IO.
* It can also be useful to work out where you were when the connection
@@ -730,7 +730,7 @@
#define SSLeay_add_ssl_algorithms() SSL_library_init()
-/* this is for backward compatablility */
+/* this is for backward compatibility */
#if 0 /* NEW_SSLEAY */
#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
@@ -738,7 +738,7 @@
#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
#endif
-/* More backward compatablity */
+/* More backward compatibility */
#define SSL_get_cipher(s) \
SSL_CIPHER_get_name(SSL_get_current_cipher(s))
#define SSL_get_cipher_bits(s,np) \
@@ -790,11 +790,11 @@
#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICION TLS1_AD_EXPORT_RESTRICION/* fatal */
+#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */
#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
-#define SSL_AD_USER_CANCLED TLS1_AD_USER_CANCLED
+#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
#define SSL_ERROR_NONE 0
@@ -1474,14 +1474,14 @@
#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060
+#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
-#define SSL_R_TLSV1_ALERT_USER_CANCLED 1090
+#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index da47377..88a04b4 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -282,7 +282,7 @@
int warn_alert;
int fatal_alert;
- /* we alow one fatal and one warning alert to be outstanding,
+ /* we allow one fatal and one warning alert to be outstanding,
* send close alert via the warning alert */
int alert_dispatch;
unsigned char send_alert[2];
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index d77b0f2..e77cddd 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -91,7 +91,7 @@
return(0);
/* Note that I cheat in the following 2 assignments. I know
- * that if the ASN1_INTERGER passed to ASN1_INTEGER_set
+ * that if the ASN1_INTEGER passed to ASN1_INTEGER_set
* is > sizeof(long)+1, the buffer will not be re-Malloc()ed.
* This is a bit evil but makes things simple, no dynamic allocation
* to clean up :-) */
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 04294e2..1cbc288 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -608,7 +608,7 @@
{
/*
* We hit something, we cannot deal with,
- * it is no command or seperator nor
+ * it is no command or separator nor
* alphanumeric, so we call this an error.
*/
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
@@ -633,7 +633,7 @@
multi=0;
/*
- * Now search for the name in the ca_list. Be carefule
+ * Now search for the name in the ca_list. Be careful
* with the strncmp, because the "buflen" limitation
* will make the rule "ADH:SOME" and the cipher
* "ADH-MY-CIPHER" look like a match for buflen=3.
@@ -752,7 +752,7 @@
* There might be two types of entries in the rule_str: 1) names
* of ciphers themselves 2) aliases for groups of ciphers.
* For 1) we need the available ciphers and for 2) the cipher
- * groups of cipher_aliases added togehter in one list (otherwise
+ * groups of cipher_aliases added together in one list (otherwise
* we would be happy with just the cipher_aliases table).
*/
num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
@@ -844,7 +844,7 @@
/*
* Now it is getting really strange. If something failed during
- * the previous pointer assignement or if one of the pointers was
+ * the previous pointer assignment or if one of the pointers was
* not requested, the error condition is met. That might be
* discussable. The strange thing is however that in this case
* the memory "ret" pointed to is "free()ed" and hence the pointer
@@ -1006,7 +1006,7 @@
return("(NONE)");
}
-/* number of bits for symetric cipher */
+/* number of bits for symmetric cipher */
int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
{
int ret=0;
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index d387cf3..5630d4c 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -357,14 +357,14 @@
{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"},
{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"},
{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"},
-{SSL_R_TLSV1_ALERT_EXPORT_RESTRICION ,"tlsv1 alert export restricion"},
+{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"},
{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"},
{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"},
{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"},
{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"},
{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"},
-{SSL_R_TLSV1_ALERT_USER_CANCLED ,"tlsv1 alert user cancled"},
+{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"},
{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 7b9d29d..19ab4c6 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -163,9 +163,9 @@
* can be publicly accessed.
* Use the according functions for cipher management instead.
*
- * The bit mask hendling in the selection and sorting scheme in
+ * The bit mask handling in the selection and sorting scheme in
* ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusiv:
+ * that the different entities within are mutually exclusive:
* ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
*/
#define SSL_MKEY_MASK 0x0000001FL
@@ -212,14 +212,14 @@
/* we have used 001fffff - 11 bits left to go */
/*
- * Export and cipher strenght information. For each cipher we have to decide
+ * Export and cipher strength information. For each cipher we have to decide
* whether it is exportable or not. This information is likely to change
* over time, since the export control rules are no static technical issue.
*
* Independent of the export flag the cipher strength is sorted into classes.
* SSL_EXP40 was denoting the 40bit US export limit of past times, which now
* is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * againg (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
+ * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
* since SSL_EXP64 could be similar to SSL_LOW.
* For this reason SSL_MICRO and SSL_MINI macros are included to widen the
* namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
@@ -371,7 +371,7 @@
/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
* It is a bit of a mess of functions, but hell, think of it as
- * an opaque strucute :-) */
+ * an opaque structure :-) */
typedef struct ssl3_enc_method
{
int (*enc)(SSL *, int);
@@ -392,7 +392,7 @@
/* Used for holding the relevant compression methods loaded into SSL_CTX */
typedef struct ssl3_comp_st
{
- int comp_id; /* The identifer byte for this compression type */
+ int comp_id; /* The identifier byte for this compression type */
char *name; /* Text name used for the compression type */
COMP_METHOD *method; /* The method :-) */
} SSL3_COMP;
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index 1335764..c95c211 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -184,7 +184,7 @@
#endif
#if !defined(NO_SSL2) && !defined(NO_SSL3)
-/* SSLv2/v3 compatablitity states */
+/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
@@ -333,7 +333,7 @@
#endif
#if !defined(NO_SSL2) && !defined(NO_SSL3)
-/* SSLv2/v3 compatablitity states */
+/* SSLv2/v3 compatibility states */
/* client */
case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
@@ -404,7 +404,7 @@
str="close notify";
break;
case SSL3_AD_UNEXPECTED_MESSAGE:
- str="unexected_message";
+ str="unexpected_message";
break;
case SSL3_AD_BAD_RECORD_MAC:
str="bad record mac";
@@ -431,7 +431,7 @@
str="certificate expired";
break;
case SSL3_AD_CERTIFICATE_UNKNOWN:
- str="certifcate unknown";
+ str="certificate unknown";
break;
case SSL3_AD_ILLEGAL_PARAMETER:
str="illegal parameter";
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 292c758..2d6c849 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -503,9 +503,9 @@
* Useful functions for querying the state of BIO pair endpoints:
*
* BIO_ctrl_pending(bio) number of bytes we can read now
- * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
+ * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfill
* other side's read attempt
- * BIO_ctrl_get_write_gurantee(bio) number of bytes we can write now
+ * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
*
* ..._read_request is never more than ..._write_guarantee;
* it depends on the application which one you should use.
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 2434642..279e45d 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -621,11 +621,11 @@
case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
- case SSL_AD_EXPORT_RESTRICION: return(TLS1_AD_EXPORT_RESTRICION);
+ case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION);
case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
- case SSL_AD_USER_CANCLED: return(TLS1_AD_USER_CANCLED);
+ case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
default: return(-1);
}
diff --git a/ssl/tls1.h b/ssl/tls1.h
index afb1e10..6e2b06d 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -77,11 +77,11 @@
#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
#define TLS1_AD_DECODE_ERROR 50 /* fatal */
#define TLS1_AD_DECRYPT_ERROR 51
-#define TLS1_AD_EXPORT_RESTRICION 60 /* fatal */
+#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
-#define TLS1_AD_USER_CANCLED 90
+#define TLS1_AD_USER_CANCELLED 90
#define TLS1_AD_NO_RENEGOTIATION 100
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
