From 478b50cf67d6a91fdcd584cff57c58b7e863055d Mon Sep 17 00:00:00 2001 From: Veres Lajos Date: Thu, 13 Jun 2013 00:22:32 +0100 Subject: [PATCH] misspellings fixes by https://github.com/vlajos/misspell_fixer --- CHANGES | 8 ++-- CHANGES.SSLeay | 4 +- Configure | 2 +- FAQ | 2 +- INSTALL | 2 +- INSTALL.NW | 2 +- Netware/globals.txt | 2 +- apps/ca.c | 6 +-- apps/openssl-vms.cnf | 4 +- apps/openssl.cnf | 4 +- apps/s_client.c | 2 +- apps/s_server.c | 2 +- apps/srp.c | 2 +- bugs/sslref.dif | 4 +- config | 4 +- crypto/asn1/tasn_utl.c | 2 +- crypto/bn/asm/README | 2 +- crypto/bn/asm/sparcv8plus.S | 2 +- crypto/bn/asm/sparcv9a-mont.pl | 2 +- crypto/bn/asm/vis3-mont.pl | 2 +- crypto/bn/todo | 2 +- crypto/des/VERSION | 2 +- crypto/des/asm/des_enc.m4 | 4 +- crypto/des/makefile.bc | 2 +- crypto/dh/dh_ameth.c | 2 +- crypto/dsa/fips186a.txt | 2 +- crypto/dso/dso.h | 8 ++-- crypto/dso/dso_dl.c | 4 +- crypto/ec/ec.h | 50 +++++++++++------------ crypto/engine/README | 2 +- crypto/engine/eng_table.c | 2 +- crypto/err/err.c | 2 +- crypto/evp/encode.c | 2 +- crypto/md5/asm/md5-sparcv9.pl | 2 +- crypto/modes/asm/ghash-sparcv9.pl | 2 +- crypto/objects/obj_dat.c | 2 +- crypto/perlasm/readme | 2 +- crypto/perlasm/sparcv9_modes.pl | 2 +- crypto/perlasm/x86_64-xlate.pl | 2 +- crypto/pkcs7/bio_ber.c | 2 +- crypto/pkcs7/example.c | 4 +- crypto/pkcs7/pk7_doit.c | 2 +- crypto/rand/rand_egd.c | 4 +- crypto/rand/rand_nw.c | 2 +- crypto/rc2/version | 2 +- crypto/ripemd/README | 2 +- crypto/sha/asm/sha1-sparcv9.pl | 2 +- crypto/sha/asm/sha1-sparcv9a.pl | 2 +- crypto/sha/asm/sha512-sparcv9.pl | 2 +- crypto/x509v3/pcy_tree.c | 2 +- demos/certs/apps/apps.cnf | 2 +- demos/certs/ca.cnf | 2 +- demos/easy_tls/easy-tls.c | 2 +- demos/engines/zencod/hw_zencod.h | 4 +- doc/apps/openssl.pod | 2 +- doc/apps/req.pod | 2 +- doc/apps/x509v3_config.pod | 2 +- doc/crypto/ASN1_generate_nconf.pod | 2 +- doc/crypto/BN_BLINDING_new.pod | 2 +- doc/crypto/EVP_DigestInit.pod | 2 +- doc/crypto/EVP_PKEY_cmp.pod | 4 +- doc/crypto/X509_NAME_add_entry_by_txt.pod | 2 +- doc/crypto/X509_STORE_CTX_get_error.pod | 8 ++-- doc/crypto/rand.pod | 2 +- doc/ssleay.txt | 28 ++++++------- e_os.h | 2 +- engines/ccgost/README.gost | 2 +- fips/fips_post.c | 2 +- openssl.spec | 2 +- ssl/d1_enc.c | 2 +- ssl/s3_cbc.c | 2 +- ssl/s3_clnt.c | 2 +- ssl/s3_enc.c | 2 +- ssl/s3_pkt.c | 2 +- ssl/t1_enc.c | 2 +- test/CAss.cnf | 2 +- test/CAtsa.cnf | 2 +- 77 files changed, 136 insertions(+), 136 deletions(-) diff --git a/CHANGES b/CHANGES index 5406c82c30..166fe5626b 100644 --- a/CHANGES +++ b/CHANGES @@ -1402,7 +1402,7 @@ *) New option -sigopt to dgst utility. Update dgst to use EVP_Digest{Sign,Verify}*. These two changes make it possible to use - alternative signing paramaters such as X9.31 or PSS in the dgst + alternative signing parameters such as X9.31 or PSS in the dgst utility. [Steve Henson] @@ -6448,7 +6448,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't reveal whether illegal block cipher padding was found or a MAC - verification error occured. (Neither SSLerr() codes nor alerts + verification error occurred. (Neither SSLerr() codes nor alerts are directly visible to potential attackers, but the information may leak via logfiles.) @@ -8855,7 +8855,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Bugfix: ssl23_get_client_hello did not work properly when called in state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read, - but a retry condition occured while trying to read the rest. + but a retry condition occurred while trying to read the rest. [Bodo Moeller] *) The PKCS7_ENC_CONTENT_new() function was setting the content type as @@ -9780,7 +9780,7 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k other platforms details on the command line without having to patch the Configure script everytime: One now can use ``perl Configure :
'', i.e. platform ids are allowed to have details appended - to them (seperated by colons). This is treated as there would be a static + to them (separated by colons). This is treated as there would be a static pre-configured entry in Configure's %table under key with value
and ``perl Configure '' is called. So, when you want to perform a quick test-compile under FreeBSD 3.1 with pgcc and without diff --git a/CHANGES.SSLeay b/CHANGES.SSLeay index ca5cd72976..14bae79268 100644 --- a/CHANGES.SSLeay +++ b/CHANGES.SSLeay @@ -29,7 +29,7 @@ eric (about to go bushwalking for the 4 day easter break :-) 7-Jan-98 - Finally reworked the cipher string to ciphers again, so it works correctly - - All the app_data stuff is now ex_data with funcion calls to access. + - All the app_data stuff is now ex_data with function calls to access. The index is supplied by a function and 'methods' can be setup for the types that are called on XXX_new/XXX_free. This lets applications get notified on creation and destruction. Some of @@ -937,7 +937,7 @@ Reasons to start playing with version 0.5.0 certificate, it is my aim to use perl5/Tk but I don't have time to do this right now. It will generate the certificates but the management scripts still need to be written. This is not a hard task. -- Things have been cleaned up alot. +- Things have been cleaned up a lot. - Have a look at the enc and dgst programs in the apps directory. - It supports v3 of x509 certiticates. diff --git a/Configure b/Configure index 45ae45c570..d742dfc327 100755 --- a/Configure +++ b/Configure @@ -1590,7 +1590,7 @@ if ($aes_obj =~ /\.o$/) # aes-ctr.o is not a real file, only indication that assembler # module implements AES_ctr32_encrypt... $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//); - # aes-xts.o indicates presense of AES_xts_[en|de]crypt... + # aes-xts.o indicates presence of AES_xts_[en|de]crypt... $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//); $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2); $aes_obj =~ s/\s*(vp|bs)aes-\w*\.o//g if ($fipscanisterinternal eq "y"); diff --git a/FAQ b/FAQ index 612e33060c..d2ef2cb078 100644 --- a/FAQ +++ b/FAQ @@ -721,7 +721,7 @@ working across wider range of *BSD branches, not just OpenBSD. If the test program in question fails withs SIGILL, Illegal Instruction exception, then you more than likely to run SSE2-capable CPU, such as Intel P4, under control of kernel which does not support SSE2 -instruction extentions. See accompanying INSTALL file and +instruction extensions. See accompanying INSTALL file and OPENSSL_ia32cap(3) documentation page for further information. * Why does compiler fail to compile sha512.c? diff --git a/INSTALL b/INSTALL index 85e2660191..610f7dad26 100644 --- a/INSTALL +++ b/INSTALL @@ -79,7 +79,7 @@ compiler flags for any other CPU specific configuration, e.g. "-m32" to build x86 code on an x64 system. - no-sse2 Exclude SSE2 code pathes. Normally SSE2 extention is + no-sse2 Exclude SSE2 code pathes. Normally SSE2 extension is detected at run-time, but the decision whether or not the machine code will be executed is taken solely on CPU capability vector. This means that if you happen to run OS diff --git a/INSTALL.NW b/INSTALL.NW index 609a7309e1..29eb8075b3 100644 --- a/INSTALL.NW +++ b/INSTALL.NW @@ -378,7 +378,7 @@ The openssl program has numerous options and can be used for many different things. Many of the options operate in an interactive mode requiring the user to enter data. Because of this, a default screen is created for the program. However, when running the test script it is not desirable to -have a seperate screen. Therefore, the build also creates openssl2.nlm. +have a separate screen. Therefore, the build also creates openssl2.nlm. Openssl2.nlm is functionally identical but uses the console screen. Openssl2 can be used when a non-interactive mode is desired. diff --git a/Netware/globals.txt b/Netware/globals.txt index fe05d390cf..7d1bd7ed0f 100644 --- a/Netware/globals.txt +++ b/Netware/globals.txt @@ -66,7 +66,7 @@ static LHASH *error_hash=NULL; static LHASH *thread_hash=NULL; several files have routines with static "init" to track if error strings - have been loaded ( may not want seperate error strings for each process ) + have been loaded ( may not want separate error strings for each process ) The "init" variable can't be left "global" because the error has is a ptr that is malloc'ed. The malloc'ed error has is dependant on the "init" vars. diff --git a/apps/ca.c b/apps/ca.c index 5d488e2fac..934970d9e4 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -148,7 +148,7 @@ static const char *ca_usage[]={ "usage: ca args\n", "\n", -" -verbose - Talk alot while doing things\n", +" -verbose - Talk a lot while doing things\n", " -config file - A config file\n", " -name arg - The particular CA definition to use\n", " -gencrl - Generate a new CRL\n", @@ -179,7 +179,7 @@ static const char *ca_usage[]={ " -utf8 - input characters are UTF8 (default ASCII)\n", " -multivalue-rdn - enable support for multivalued RDNs\n", " -extensions .. - Extension section (override value in config file)\n", -" -extfile file - Configuration file with X509v3 extentions to add\n", +" -extfile file - Configuration file with X509v3 extensions to add\n", " -crlexts .. - CRL extension section (override value in config file)\n", #ifndef OPENSSL_NO_ENGINE " -engine e - use engine e, possibly a hardware device.\n", @@ -994,7 +994,7 @@ bad: } /*****************************************************************/ - /* Read extentions config file */ + /* Read extensions config file */ if (extfile) { extconf = NCONF_new(NULL); diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index 45e46a0fb4..abea6d8255 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -55,7 +55,7 @@ crl = $dir]crl.pem # The current CRL private_key = $dir.private]cakey.pem# The private key RANDFILE = $dir.private].rand # private random number file -x509_extensions = usr_cert # The extentions to add to the cert +x509_extensions = usr_cert # The extensions to add to the cert # Comment out the following two lines for the "traditional" # (and highly broken) format. @@ -107,7 +107,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert # Passwords for private keys if not present they will be prompted for # input_password = secret diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 18760c6e67..ccc21a290b 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -55,7 +55,7 @@ crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file -x509_extensions = usr_cert # The extentions to add to the cert +x509_extensions = usr_cert # The extensions to add to the cert # Comment out the following two lines for the "traditional" # (and highly broken) format. @@ -107,7 +107,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert # Passwords for private keys if not present they will be prompted for # input_password = secret diff --git a/apps/s_client.c b/apps/s_client.c index a2876b8b68..2f135035b2 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1866,7 +1866,7 @@ SSL_set_tlsext_status_ids(con, ids); if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) { - BIO_printf(bio_err,"TIMEOUT occured\n"); + BIO_printf(bio_err,"TIMEOUT occurred\n"); } if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds)) diff --git a/apps/s_server.c b/apps/s_server.c index 1d8b6412bb..ae5b1618b5 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2359,7 +2359,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context) if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) { - BIO_printf(bio_err,"TIMEOUT occured\n"); + BIO_printf(bio_err,"TIMEOUT occurred\n"); } if (i <= 0) continue; diff --git a/apps/srp.c b/apps/srp.c index 92e5584bcb..749bc64c17 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -84,7 +84,7 @@ static char *srp_usage[]={ "usage: srp [args] [user] \n", "\n", -" -verbose Talk alot while doing things\n", +" -verbose Talk a lot while doing things\n", " -config file A config file\n", " -name arg The particular srp definition to use\n", " -srpvfile arg The srp verifier file name\n", diff --git a/bugs/sslref.dif b/bugs/sslref.dif index 0aa92bfe6d..0817009bb4 100644 --- a/bugs/sslref.dif +++ b/bugs/sslref.dif @@ -17,10 +17,10 @@ is returned as 1. ===== I have not tested the following but it is reported by holtzman@mit.edu. -SSLref clients wait to recieve a server-verify before they send a +SSLref clients wait to receive a server-verify before they send a client-finished. Besides this not being evident from the examples in 2.2.1, it makes more sense to always send all packets you can before -reading. SSLeay was waiting in the server to recieve a client-finish +reading. SSLeay was waiting in the server to receive a client-finish before sending the server-verify :-). I have changed SSLeay to send a server-verify before trying to read the client-finished. diff --git a/config b/config index a019f20a9f..b432f627cc 100755 --- a/config +++ b/config @@ -382,7 +382,7 @@ esac # # Do the Apollo stuff first. Here, we just simply assume -# that the existance of the /usr/apollo directory is proof +# that the existence of the /usr/apollo directory is proof # enough if [ -d /usr/apollo ]; then echo "whatever-apollo-whatever" @@ -862,7 +862,7 @@ case "$GUESSOS" in *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; esac -# NB: This atalla support has been superceded by the ENGINE support +# NB: This atalla support has been superseded by the ENGINE support # That contains its own header and definitions anyway. Support can # be enabled or disabled on any supported platform without external # headers, eg. by adding the "hw-atalla" switch to ./config or diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c index ca9ec7a32f..977564d6a9 100644 --- a/crypto/asn1/tasn_utl.c +++ b/crypto/asn1/tasn_utl.c @@ -95,7 +95,7 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) /* Do reference counting. The value 'op' decides what to do. * if it is +1 then the count is incremented. If op is 0 count is * set to 1. If op is -1 count is decremented and the return value - * is the current refrence count or 0 if no reference count exists. + * is the current reference count or 0 if no reference count exists. */ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) diff --git a/crypto/bn/asm/README b/crypto/bn/asm/README index b0f3a68a06..542894deee 100644 --- a/crypto/bn/asm/README +++ b/crypto/bn/asm/README @@ -19,7 +19,7 @@ a 2 times speedup :-). There are 3 versions of assember for the HP PA-RISC. -pa-risc.s is the origional one which works fine and generated using gcc :-) +pa-risc.s is the original one which works fine and generated using gcc :-) pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations by Chris Ruemmler from HP (with some help from the HP C compiler). diff --git a/crypto/bn/asm/sparcv8plus.S b/crypto/bn/asm/sparcv8plus.S index b45bc24088..915a4e781a 100644 --- a/crypto/bn/asm/sparcv8plus.S +++ b/crypto/bn/asm/sparcv8plus.S @@ -71,7 +71,7 @@ * * Q. 64-bit registers under 32-bit kernels? Didn't you just say it * doesn't work? - * A. You can't adress *all* registers as 64-bit wide:-( The catch is + * A. You can't address *all* registers as 64-bit wide:-( The catch is * that you actually may rely upon %o0-%o5 and %g1-%g4 being fully * preserved if you're in a leaf function, i.e. such never calling * any other functions. All functions in this module are leaf and diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl index a14205f2f0..4cde041ce5 100755 --- a/crypto/bn/asm/sparcv9a-mont.pl +++ b/crypto/bn/asm/sparcv9a-mont.pl @@ -867,7 +867,7 @@ ___ $code =~ s/\`([^\`]*)\`/eval($1)/gem; # Below substitution makes it possible to compile without demanding -# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I +# VIS extensions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I # dare to do this, because VIS capability is detected at run-time now # and this routine is not called on CPU not capable to execute it. Do # note that fzeros is not the only VIS dependency! Another dependency diff --git a/crypto/bn/asm/vis3-mont.pl b/crypto/bn/asm/vis3-mont.pl index a1357de0e9..8da52c638c 100644 --- a/crypto/bn/asm/vis3-mont.pl +++ b/crypto/bn/asm/vis3-mont.pl @@ -333,7 +333,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis3 { diff --git a/crypto/bn/todo b/crypto/bn/todo index e47e381aea..61e970f622 100644 --- a/crypto/bn/todo +++ b/crypto/bn/todo @@ -1,3 +1,3 @@ Cache RECP_CTX values -make the result argument independant of the inputs. +make the result argument independent of the inputs. split up the _exp_ functions diff --git a/crypto/des/VERSION b/crypto/des/VERSION index c7d01542bc..a18712edbb 100644 --- a/crypto/des/VERSION +++ b/crypto/des/VERSION @@ -68,7 +68,7 @@ Version 3.26 Thanks to Jens Kupferschmidt . */ SIGWINCH case put in des_read_passwd() so the function does not - 'exit' if this function is recieved. + 'exit' if this function is received. Version 3.25 17/07/96 Modified read_pwd.c so that stdin can be read if not a tty. diff --git a/crypto/des/asm/des_enc.m4 b/crypto/des/asm/des_enc.m4 index 546043b101..c4b1e484f8 100644 --- a/crypto/des/asm/des_enc.m4 +++ b/crypto/des/asm/des_enc.m4 @@ -272,7 +272,7 @@ define(ip_macro, { ! other half (use). ! ! In this version we do two rounds in a loop repeated 7 times -! and two rounds seperately. +! and two rounds separately. ! ! One half has the bits for the sboxes in the following positions: ! @@ -1542,7 +1542,7 @@ DES_ncbc_encrypt: xor global4, local1, out5 ! iv xor next block ba .ncbc.enc.next.block_2 - add in1, 8, in1 ! output adress + add in1, 8, in1 ! output address .ncbc.enc.next.block_fp: diff --git a/crypto/des/makefile.bc b/crypto/des/makefile.bc index 1fe6d4915a..c121f7c5aa 100644 --- a/crypto/des/makefile.bc +++ b/crypto/des/makefile.bc @@ -1,5 +1,5 @@ # -# Origional BC Makefile from Teun +# Original BC Makefile from Teun # # CC = bcc diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 8b0a153ef3..2b0035cd0a 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -200,7 +200,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) /* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in - * that the AlgorithmIdentifier contains the paramaters, the private key + * that the AlgorithmIdentifier contains the parameters, the private key * is explcitly included and the pubkey must be recalculated. */ diff --git a/crypto/dsa/fips186a.txt b/crypto/dsa/fips186a.txt index 3a2e0a0d51..974f255070 100644 --- a/crypto/dsa/fips186a.txt +++ b/crypto/dsa/fips186a.txt @@ -1,4 +1,4 @@ -The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5 +The original FIPE 180 used SHA-0 (FIPS 180) for its appendix 5 examples. This is an updated version that uses SHA-1 (FIPS 180-1) supplied to me by Wei Dai -- diff --git a/crypto/dso/dso.h b/crypto/dso/dso.h index 839f2e0617..23a35e1354 100644 --- a/crypto/dso/dso.h +++ b/crypto/dso/dso.h @@ -109,14 +109,14 @@ typedef struct dso_st DSO; /* The function prototype used for method functions (or caller-provided * callbacks) that transform filenames. They are passed a DSO structure pointer - * (or NULL if they are to be used independantly of a DSO object) and a + * (or NULL if they are to be used independently of a DSO object) and a * filename to transform. They should either return NULL (if there is an error * condition) or a newly allocated string containing the transformed form that * the caller will need to free with OPENSSL_free() when done. */ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); /* The function prototype used for method functions (or caller-provided * callbacks) that merge two file specifications. They are passed a - * DSO structure pointer (or NULL if they are to be used independantly of + * DSO structure pointer (or NULL if they are to be used independently of * a DSO object) and two file specifications to merge. They should * either return NULL (if there is an error condition) or a newly allocated * string containing the result of merging that the caller will need @@ -202,7 +202,7 @@ struct dso_st * be used in DSO_load() in place of meth->dso_merger. NB: This * should normally set using DSO_set_merger(). */ DSO_MERGER_FUNC merger; - /* This is populated with (a copy of) the platform-independant + /* This is populated with (a copy of) the platform-independent * filename used for this DSO. */ char *filename; /* This is populated with (a copy of) the translated filename by which @@ -231,7 +231,7 @@ long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg); * replaced. Return value is non-zero for success. */ int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb, DSO_NAME_CONVERTER_FUNC *oldcb); -/* These functions can be used to get/set the platform-independant filename +/* These functions can be used to get/set the platform-independent filename * used for a DSO. NB: set will fail if the DSO is already loaded. */ const char *DSO_get_filename(DSO *dso); int DSO_set_filename(DSO *dso, const char *filename); diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c index fc4236bd9a..0a69867453 100644 --- a/crypto/dso/dso_dl.c +++ b/crypto/dso/dso_dl.c @@ -124,7 +124,7 @@ static int dl_load(DSO *dso) shl_t ptr = NULL; /* We don't do any fancy retries or anything, just take the method's * (or DSO's if it has the callback set) best translation of the - * platform-independant filename and try once with that. */ + * platform-independent filename and try once with that. */ char *filename= DSO_convert_filename(dso, NULL); if(filename == NULL) @@ -315,7 +315,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at the * same time, there's no great duplicating the code. Figuring out an elegant * way to share one copy of the code would be more difficult and would not - * leave the implementations independant. */ + * leave the implementations independent. */ #if defined(__hpux) static const char extension[] = ".sl"; #else diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index fd5be8b63d..c357b2736d 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -235,7 +235,7 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth); * \param order the order of the group generated by the generator. * \param cofactor the index of the sub-group generated by the generator * in the group of all points on the elliptic curve. - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); @@ -249,7 +249,7 @@ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); * \param group EC_GROUP object * \param order BIGNUM to which the order is copied * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); @@ -257,7 +257,7 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); * \param group EC_GROUP object * \param cofactor BIGNUM to which the cofactor is copied * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); @@ -289,7 +289,7 @@ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); * \param a BIGNUM with parameter a of the equation * \param b BIGNUM with parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); @@ -299,7 +299,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co * \param a BIGNUM for parameter a of the equation * \param b BIGNUM for parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); @@ -310,7 +310,7 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM * * \param a BIGNUM with parameter a of the equation * \param b BIGNUM with parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); @@ -320,7 +320,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c * \param a BIGNUM for parameter a of the equation * \param b BIGNUM for parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); #endif @@ -424,7 +424,7 @@ void EC_POINT_clear_free(EC_POINT *point); /** Copies EC_POINT object * \param dst destination EC_POINT object * \param src source EC_POINT object - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); @@ -445,7 +445,7 @@ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); /** Sets a point to infinity (neutral element) * \param group underlying EC_GROUP object * \param point EC_POINT to set to infinity - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); @@ -456,7 +456,7 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); * \param y BIGNUM with the y-coordinate * \param z BIGNUM with the z-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); @@ -468,7 +468,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param y BIGNUM for the y-coordinate * \param z BIGNUM for the z-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx); @@ -479,7 +479,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, * \param x BIGNUM with the x-coordinate * \param y BIGNUM with the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); @@ -490,7 +490,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM for the x-coordinate * \param y BIGNUM for the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); @@ -501,7 +501,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, * \param x BIGNUM with x-coordinate * \param y_bit integer with the y-Bit (either 0 or 1) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, int y_bit, BN_CTX *ctx); @@ -512,7 +512,7 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM with the x-coordinate * \param y BIGNUM with the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); @@ -523,7 +523,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM for the x-coordinate * \param y BIGNUM for the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); @@ -534,7 +534,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, * \param x BIGNUM with x-coordinate * \param y_bit integer with the y-Bit (either 0 or 1) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, int y_bit, BN_CTX *ctx); @@ -559,7 +559,7 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, * \param buf memory buffer with the encoded ec point * \param len length of the encoded ec point * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, const unsigned char *buf, size_t len, BN_CTX *ctx); @@ -585,7 +585,7 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, * \param a EC_POINT object with the first summand * \param b EC_POINT object with the second summand * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); @@ -594,7 +594,7 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC * \param r EC_POINT object for the result (r = 2 * a) * \param a EC_POINT object * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx); @@ -602,7 +602,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX * * \param group underlying EC_GROUP object * \param a EC_POINT object to be inverted (it's used for the result as well) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); @@ -641,7 +641,7 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], * \param p array of size num of EC_POINT objects * \param m array of size num of BIGNUM objects * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx); @@ -652,14 +652,14 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t nu * \param q EC_POINT object with the first factor of the second summand * \param m BIGNUM with the second factor of the second summand * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); /** Stores multiples of generator for faster point multiplication * \param group EC_GROUP object * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); @@ -844,7 +844,7 @@ int EC_KEY_generate_key(EC_KEY *key); int EC_KEY_check_key(const EC_KEY *key); /** Sets a public key from affine coordindates performing - * neccessary NIST PKV tests. + * necessary NIST PKV tests. * \param key the EC_KEY object * \param x public key x coordinate * \param y public key y coordinate diff --git a/crypto/engine/README b/crypto/engine/README index 6b69b70f57..41baa184c3 100644 --- a/crypto/engine/README +++ b/crypto/engine/README @@ -122,7 +122,7 @@ use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of ENGINE_TABLE essentially provide linker-separation of the classes so that even if ENGINEs implement *all* possible algorithms, an application using only EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core -ENGINE code that is independant of class, and of course the ENGINE +ENGINE code that is independent of class, and of course the ENGINE implementation that the application loaded. It will *not* however link any class-specific ENGINE code for digests, RSA, etc nor will it bleed over into other APIs, such as the RSA/DSA/etc library code. diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c index 4fde948185..93dc90ec3c 100644 --- a/crypto/engine/eng_table.c +++ b/crypto/engine/eng_table.c @@ -189,7 +189,7 @@ end: static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) { int n; - /* Iterate the 'c->sk' stack removing any occurance of 'e' */ + /* Iterate the 'c->sk' stack removing any occurrence of 'e' */ while((n = sk_ENGINE_find(pile->sk, e)) >= 0) { (void)sk_ENGINE_delete(pile->sk, n); diff --git a/crypto/err/err.c b/crypto/err/err.c index 91949ba468..3492950b59 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -1038,7 +1038,7 @@ ERR_STATE *ERR_get_state(void) ERR_STATE_free(ret); /* could not insert it */ return(&fallback); } - /* If a race occured in this function and we came second, tmpp + /* If a race occurred in this function and we came second, tmpp * is the first one that we just replaced. */ if (tmpp) ERR_STATE_free(tmpp); diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 28546a84bc..e278a1b5d4 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -250,7 +250,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, /* We parse the input data */ for (i=0; i 80 characters, scream alot */ + /* If the current line is > 80 characters, scream a lot */ if (ln >= 80) { rv= -1; goto end; } /* Get char and put it into the buffer */ diff --git a/crypto/md5/asm/md5-sparcv9.pl b/crypto/md5/asm/md5-sparcv9.pl index 407da3c1b0..47a66c584e 100644 --- a/crypto/md5/asm/md5-sparcv9.pl +++ b/crypto/md5/asm/md5-sparcv9.pl @@ -371,7 +371,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { diff --git a/crypto/modes/asm/ghash-sparcv9.pl b/crypto/modes/asm/ghash-sparcv9.pl index 0365e0f1ff..c1074ed35c 100644 --- a/crypto/modes/asm/ghash-sparcv9.pl +++ b/crypto/modes/asm/ghash-sparcv9.pl @@ -530,7 +530,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis3 { diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 8a342ba3eb..959ad65d99 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -207,7 +207,7 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) /* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting - * to use freed up OIDs. If neccessary the actual freeing up of OIDs is + * to use freed up OIDs. If necessary the actual freeing up of OIDs is * delayed. */ diff --git a/crypto/perlasm/readme b/crypto/perlasm/readme index f02bbee75a..2c8435cbe3 100644 --- a/crypto/perlasm/readme +++ b/crypto/perlasm/readme @@ -1,5 +1,5 @@ The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. +multiple different assembler formats via the one original script. The way to use this library is to start with adding the path to this directory and then include it. diff --git a/crypto/perlasm/sparcv9_modes.pl b/crypto/perlasm/sparcv9_modes.pl index a13ffcec2d..75ed1ac12b 100644 --- a/crypto/perlasm/sparcv9_modes.pl +++ b/crypto/perlasm/sparcv9_modes.pl @@ -1376,7 +1376,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl index a2d870bb43..85ffc7571c 100755 --- a/crypto/perlasm/x86_64-xlate.pl +++ b/crypto/perlasm/x86_64-xlate.pl @@ -1092,7 +1092,7 @@ close STDOUT; # .rva .LSEH_end_function # .rva function_unwind_info # -# Reference to functon_unwind_info from .xdata segment is the anchor. +# Reference to function_unwind_info from .xdata segment is the anchor. # In case you wonder why references are 32-bit .rvas and not 64-bit # .quads. References put into these two segments are required to be # *relative* to the base address of the current binary module, a.k.a. diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c index 31973fcd1f..e16eef2d12 100644 --- a/crypto/pkcs7/bio_ber.c +++ b/crypto/pkcs7/bio_ber.c @@ -96,7 +96,7 @@ typedef struct bio_ber_struct int depth; /* used with indefinite encoding. */ int finished; /* No more read data */ - /* writting */ + /* writing */ char *w_addr; int w_offset; int w_left; diff --git a/crypto/pkcs7/example.c b/crypto/pkcs7/example.c index 2953d04b5c..4dcfe6c37c 100644 --- a/crypto/pkcs7/example.c +++ b/crypto/pkcs7/example.c @@ -132,7 +132,7 @@ int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) c.p=ASN1_STRING_data(s); c.max=c.p+ASN1_STRING_length(s); if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ + /* Length is the length of the sequence */ c.q=c.p; if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) @@ -299,7 +299,7 @@ int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) c.p=ASN1_STRING_data(s); c.max=c.p+ASN1_STRING_length(s); if (!asn1_GetSequence(&c,&length)) goto err; - /* Length is the length of the seqence */ + /* Length is the length of the sequence */ c.q=c.p; if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 77fda3b82a..82e145b856 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -544,7 +544,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) if (pcert == NULL) { /* Always attempt to decrypt all rinfo even - * after sucess as a defence against MMA timing + * after success as a defence against MMA timing * attacks. */ for (i=0; i for the - clarification and origional specification of RC2. BSAFE uses + clarification and original specification of RC2. BSAFE uses this last parameter, 'bits'. It the key is 128 bits, BSAFE also sets this parameter to 128. The old behaviour can be duplicated by setting this parameter to 1024. diff --git a/crypto/ripemd/README b/crypto/ripemd/README index f1ffc8b134..f3acc42c40 100644 --- a/crypto/ripemd/README +++ b/crypto/ripemd/README @@ -8,7 +8,7 @@ this point I will not bother right now. I believe the trick will be to remove my 'copy X array onto stack' until inside the RIP1() finctions the first time round. To do this I need another register and will only have one temporary one. A bit tricky.... I can also cleanup the saving of the 5 words -after the first half of the calculation. I should read the origional +after the first half of the calculation. I should read the original value, add then write. Currently I just save the new and read the origioal. I then read both at the end. Bad. diff --git a/crypto/sha/asm/sha1-sparcv9.pl b/crypto/sha/asm/sha1-sparcv9.pl index b5efcde5c1..9ce376cbdc 100644 --- a/crypto/sha/asm/sha1-sparcv9.pl +++ b/crypto/sha/asm/sha1-sparcv9.pl @@ -368,7 +368,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { diff --git a/crypto/sha/asm/sha1-sparcv9a.pl b/crypto/sha/asm/sha1-sparcv9a.pl index e65291bbd9..e81a4dcb05 100644 --- a/crypto/sha/asm/sha1-sparcv9a.pl +++ b/crypto/sha/asm/sha1-sparcv9a.pl @@ -544,7 +544,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { diff --git a/crypto/sha/asm/sha512-sparcv9.pl b/crypto/sha/asm/sha512-sparcv9.pl index 5a9c15d1d3..bd4af64066 100644 --- a/crypto/sha/asm/sha512-sparcv9.pl +++ b/crypto/sha/asm/sha512-sparcv9.pl @@ -791,7 +791,7 @@ ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c index bb9777348f..47b1bf8f27 100644 --- a/crypto/x509v3/pcy_tree.c +++ b/crypto/x509v3/pcy_tree.c @@ -132,7 +132,7 @@ static void tree_print(char *str, X509_POLICY_TREE *tree, #endif /* Initialize policy tree. Return values: - * 0 Some internal error occured. + * 0 Some internal error occurred. * -1 Inconsistent or invalid extensions in certificates. * 1 Tree initialized OK. * 2 Policy tree is empty. diff --git a/demos/certs/apps/apps.cnf b/demos/certs/apps/apps.cnf index a5da21678e..531afe64b2 100644 --- a/demos/certs/apps/apps.cnf +++ b/demos/certs/apps/apps.cnf @@ -15,7 +15,7 @@ default_keyfile = privkey.pem # Don't prompt for fields: use those in section directly prompt = no distinguished_name = req_distinguished_name -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert string_mask = utf8only # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/demos/certs/ca.cnf b/demos/certs/ca.cnf index c45fcfd61e..5a8a5f29ef 100644 --- a/demos/certs/ca.cnf +++ b/demos/certs/ca.cnf @@ -16,7 +16,7 @@ default_keyfile = privkey.pem # Don't prompt for fields: use those in section directly prompt = no distinguished_name = req_distinguished_name -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert string_mask = utf8only # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c index 9cd8314c3e..864017d2d9 100644 --- a/demos/easy_tls/easy-tls.c +++ b/demos/easy_tls/easy-tls.c @@ -971,7 +971,7 @@ tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p) /* loop finishes as soon as we detect that one side closed; * when all (program and OS) buffers have enough space, - * the data from the last succesful read in each direction is transferred + * the data from the last successful read in each direction is transferred * before close */ do { int clear_read_select = 0, clear_write_select = 0, diff --git a/demos/engines/zencod/hw_zencod.h b/demos/engines/zencod/hw_zencod.h index 415c9a6be8..2b1b8fa6ea 100644 --- a/demos/engines/zencod/hw_zencod.h +++ b/demos/engines/zencod/hw_zencod.h @@ -135,7 +135,7 @@ typedef int t_zencod_sha1_do_final ( ZEN_MD_DATA *data, KEY *output ) ; /* key : rc4 key data */ /* index_1 : value of index x from RC4 key structure */ /* index_2 : value of index y from RC4 key structure */ -/* Be carefull : RC4 key should be expanded before calling this method (Should we provide an expand function ??) */ +/* Be careful : RC4 key should be expanded before calling this method (Should we provide an expand function ??) */ typedef int t_zencod_rc4_cipher ( KEY *output, const KEY *input, const KEY *key, unsigned char *index_1, unsigned char *index_2, int mode ) ; @@ -146,7 +146,7 @@ typedef int t_zencod_rc4_cipher ( KEY *output, const KEY *input, const KEY *key, /* key_3 : des third key data */ /* iv : initial vector */ /* mode : xdes mode (encrypt or decrypt) */ -/* Be carefull : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */ +/* Be careful : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */ typedef int t_zencod_xdes_cipher ( KEY *output, const KEY *input, const KEY *key_1, const KEY *key_2, const KEY *key_3, const KEY *iv, int mode ) ; diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod index 64a160c20a..b2e2719f86 100644 --- a/doc/apps/openssl.pod +++ b/doc/apps/openssl.pod @@ -153,7 +153,7 @@ Generation of Private Key or Parameters. =item L|genrsa(1)> -Generation of RSA Private Key. Superceded by L|genpkey(1)>. +Generation of RSA Private Key. Superseded by L|genpkey(1)>. =item L|nseq(1)> diff --git a/doc/apps/req.pod b/doc/apps/req.pod index ff48bbdf28..7823490b5f 100644 --- a/doc/apps/req.pod +++ b/doc/apps/req.pod @@ -159,7 +159,7 @@ B generates a key using the parameter file or certificate B, the algorithm is determined by the parameters. B use algorithm B and parameter file B: the two algorithms must match or an error occurs. B just uses algorithm B, and parameters, -if neccessary should be specified via B<-pkeyopt> parameter. +if necessary should be specified via B<-pkeyopt> parameter. B generates a DSA key using the parameters in the file B. B generates EC key (usable both with diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod index 0450067cf1..06d8467fa6 100644 --- a/doc/apps/x509v3_config.pod +++ b/doc/apps/x509v3_config.pod @@ -174,7 +174,7 @@ The IP address used in the B options can be in either IPv4 or IPv6 format. The value of B should point to a section containing the distinguished name to use as a set of name value pairs. Multi values AVAs can be formed by -preceeding the name with a B<+> character. +preceding the name with a B<+> character. otherName can include arbitrary data associated with an OID: the value should be the OID followed by a semicolon and the content in standard diff --git a/doc/crypto/ASN1_generate_nconf.pod b/doc/crypto/ASN1_generate_nconf.pod index 542fd1579a..f21f189a38 100644 --- a/doc/crypto/ASN1_generate_nconf.pod +++ b/doc/crypto/ASN1_generate_nconf.pod @@ -61,7 +61,7 @@ Encode the B type, the B string must not be present. =item B, B Encodes an ASN1 B type. The B string represents -the value of the integer, it can be preceeded by a minus sign and +the value of the integer, it can be preceded by a minus sign and is normally interpreted as a decimal value unless the prefix B<0x> is included. diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod index b96c56b376..1fa7eb0924 100644 --- a/doc/crypto/BN_BLINDING_new.pod +++ b/doc/crypto/BN_BLINDING_new.pod @@ -84,7 +84,7 @@ or NULL in case of an error. BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on -success and 0 if an error occured. +success and 0 if an error occurred. BN_BLINDING_thread_id() returns a pointer to the thread id object within a B object. diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod index 1ef69ec54b..5d2970e281 100644 --- a/doc/crypto/EVP_DigestInit.pod +++ b/doc/crypto/EVP_DigestInit.pod @@ -267,7 +267,7 @@ and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7. EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were -changed to return truely const EVP_MD * in OpenSSL 0.9.7. +changed to return truly const EVP_MD * in OpenSSL 0.9.7. The link between digests and signing algorithms was fixed in OpenSSL 1.0 and later, so now EVP_sha1() can be used with RSA and DSA, there is no need to diff --git a/doc/crypto/EVP_PKEY_cmp.pod b/doc/crypto/EVP_PKEY_cmp.pod index 4f8185e36c..0ff027c0d5 100644 --- a/doc/crypto/EVP_PKEY_cmp.pod +++ b/doc/crypto/EVP_PKEY_cmp.pod @@ -23,10 +23,10 @@ doesn't use parameters. The function EVP_PKEY_copy_parameters() copies the parameters from key B to key B. -The funcion EVP_PKEY_cmp_parameters() compares the parameters of keys +The function EVP_PKEY_cmp_parameters() compares the parameters of keys B and B. -The funcion EVP_PKEY_cmp() compares the public key components and paramters +The function EVP_PKEY_cmp() compares the public key components and paramters (if present) of keys B and B. =head1 NOTES diff --git a/doc/crypto/X509_NAME_add_entry_by_txt.pod b/doc/crypto/X509_NAME_add_entry_by_txt.pod index 1afd008cb3..9a59033917 100644 --- a/doc/crypto/X509_NAME_add_entry_by_txt.pod +++ b/doc/crypto/X509_NAME_add_entry_by_txt.pod @@ -44,7 +44,7 @@ B. The deleted entry is returned and must be freed up. =head1 NOTES The use of string types such as B or B -is strongly recommened for the B parameter. This allows the +is strongly recommend for the B parameter. This allows the internal code to correctly determine the type of the field and to apply length checks according to the relevant standards. This is done using ASN1_STRING_set_by_NID(). diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod index 60e8332ae9..be00ff1fec 100644 --- a/doc/crypto/X509_STORE_CTX_get_error.pod +++ b/doc/crypto/X509_STORE_CTX_get_error.pod @@ -32,7 +32,7 @@ checks. X509_STORE_CTX_get_error_depth() returns the B of the error. This is a non-negative integer representing where in the certificate chain the error -occurred. If it is zero it occured in the end entity certificate, one if +occurred. If it is zero it occurred in the end entity certificate, one if it is the certificate which signed the end entity certificate and so on. X509_STORE_CTX_get_current_cert() returns the certificate in B which @@ -246,11 +246,11 @@ Some feature of a certificate extension is not supported. Unused. =item B -A name constraint violation occured in the permitted subtrees. +A name constraint violation occurred in the permitted subtrees. =item B -A name constraint violation occured in the excluded subtrees. +A name constraint violation occurred in the excluded subtrees. =item B @@ -270,7 +270,7 @@ a garbage extension or some new feature not currently supported. =item B -An error occured when attempting to verify the CRL path. This error can only +An error occurred when attempting to verify the CRL path. This error can only happen if extended CRL checking is enabled. =item B diff --git a/doc/crypto/rand.pod b/doc/crypto/rand.pod index 1c068c85b3..922b8c1c8e 100644 --- a/doc/crypto/rand.pod +++ b/doc/crypto/rand.pod @@ -39,7 +39,7 @@ Since the introduction of the ENGINE API, the recommended way of controlling default implementations is by using the ENGINE API functions. The default B, as set by RAND_set_rand_method() and returned by RAND_get_rand_method(), is only used if no ENGINE has been set as the default -"rand" implementation. Hence, these two functions are no longer the recommened +"rand" implementation. Hence, these two functions are no longer the recommend way to control defaults. If an alternative B implementation is being used (either set diff --git a/doc/ssleay.txt b/doc/ssleay.txt index 4d2e714868..868a4a610b 100644 --- a/doc/ssleay.txt +++ b/doc/ssleay.txt @@ -539,13 +539,13 @@ int X509_verify_cert( The applications Ok, where to begin.... -In the begining, when SSLeay was small (April 1995), there +In the beginning, when SSLeay was small (April 1995), there were but few applications, they did happily cohabit in the one bin directory. Then over time, they did multiply and grow, and they started to look like microsoft software; 500k to print 'hello world'. A new approach was needed. They were coalessed into one 'Monolithic' application, ssleay. This one program is composed of many programs that -can all be compiled independantly. +can all be compiled independently. ssleay has 3 modes of operation. 1) If the ssleay binary has the name of one of its component programs, it @@ -1733,7 +1733,7 @@ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b); int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); Multiply a by a and return the result in 'r'. 'r' must not be - 'a'. This function is alot faster than BN_mul(r,a,a). This is r=a*a. + 'a'. This function is a lot faster than BN_mul(r,a,a). This is r=a*a. int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); Divide 'm' by 'd' and return the result in 'dv' and the remainder @@ -3797,7 +3797,7 @@ patent law and ITAR restrictions. Inside the USA there is also the unresolved issue of RC4/RC2 which were made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2). I have -copies of the origional postings if people are interested. RSA I believe +copies of the original postings if people are interested. RSA I believe claim that they were 'trade-secrets' and that some-one broke an NDA in revealing them. Other claim they reverse engineered the algorithms from compiled binaries. If the algorithms were reverse engineered, I believe @@ -4143,7 +4143,7 @@ CRYPTO_malloc(), CRYPTO_free() and CRYPTO_realloc(). If it is not defined, they are #defined to malloc(), free() and realloc(). the CRYPTO_malloc() routines by default just call the underlying library -functons. +functions. If CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) is called, memory leak detection is turned on. CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) turns it off. @@ -4185,7 +4185,7 @@ The ca program uses the ssleay.conf file for most of its configuration ./ca -help - -verbose - Talk alot while doing things + -verbose - Talk a lot while doing things -config file - A config file. If you don't want to use the default config file -name arg - The particular CA definition to use @@ -4336,7 +4336,7 @@ login password. 2.) The practical usage ----------------------- -Unfortunatly since CAPI is a system API you can't access its functions from +Unfortunately since CAPI is a system API you can't access its functions from HTML code directly. For this purpose Microsoft provides a wrapper called certenr3.dll. This DLL accesses the CAPI functions and provides an interface usable from Visual Basic Script. One needs to install that library on the @@ -4390,7 +4390,7 @@ AcceptCredentials(sessionID, credentials, 0, FALSE) CRL's and CA certs are not required simply just the client cert. (It seems to me that both are not even checked somehow.) The only format of the base64 -encoded object I succesfully used was all characters in a very long string +encoded object I successfully used was all characters in a very long string without line feeds or carriage returns. (Hey, it doesn't matter, only a computer reads it!) @@ -4537,7 +4537,7 @@ text. I use two templates to have a clearer script. site. Grab it from http://www.easterngraphics.com/certs/IX9704/postit2.c. You need utils.c from there too. -2nd note: I'm note quite sure wether the gawk script really handles all +2nd note: I'm note quite sure whether the gawk script really handles all possible inputs for the request right! Today I don't use this construction anymore myself. @@ -5103,7 +5103,7 @@ It is of a similar speed to DES and IDEA, so unless it is required for meeting some standard (SSLv2, perhaps S/MIME), it would probably be advisable to stick to IDEA, or for the paranoid, Tripple DES. -Mind you, having said all that, I should mention that I just read alot and +Mind you, having said all that, I should mention that I just read a lot and implement ciphers, I'm a 'babe in the woods' when it comes to evaluating ciphers :-). @@ -6389,7 +6389,7 @@ implementation. I have tried to make all the routines as general purpose as possible. So you should not think of this library as an SSL implemtation, but rather as a library of cryptographic functions that also contains SSL. I refer to each of these function groupings as -libraries since they are often capable of functioning as independant +libraries since they are often capable of functioning as independent libraries First up, the general ciphers and message digests supported by the library. @@ -6441,7 +6441,7 @@ DH This is an implementation of the to using numbers suplied by others. I conform to the PKCS#3 standard where required. -You may have noticed the preceeding section mentions the 'generation' of +You may have noticed the preceding section mentions the 'generation' of prime numbers. Now this requries the use of 'random numbers'. RAND This psuedo-random number library is based on MD5 at it's core @@ -6812,7 +6812,7 @@ all include e_os.h which contains OS/environment specific information. If you need to add something todo with a particular environment, add it to this file. It is worth remembering that quite a few libraries, like lhash, des, md, sha etc etc do not include crypto/cryptlib.h. This -is because these libraries should be 'independantly compilable' and so I +is because these libraries should be 'independently compilable' and so I try to keep them this way. e_os.h is not so much a part of SSLeay, as the placing in one spot all the evil OS dependant muck. @@ -6834,7 +6834,7 @@ everthing will work as expected. Don't edit progs.h by hand. make links re-generates the symbolic links that are used. The reason why I keep everything in its own directory, and don't put all the test programs and header files in 'test' and 'include' is because I want -to keep the 'sub-libraries' independant. I still 'pull' out +to keep the 'sub-libraries' independent. I still 'pull' out indervidual libraries for use in specific projects where the code is required. I have used the 'lhash' library in just about every software project I have worked on :-). diff --git a/e_os.h b/e_os.h index 364eb3778b..f737ae8547 100644 --- a/e_os.h +++ b/e_os.h @@ -82,7 +82,7 @@ extern "C" { #define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" #endif #ifndef DEVRANDOM_EGD -/* set this to a comma-seperated list of 'egd' sockets to try out. These +/* set this to a comma-separated list of 'egd' sockets to try out. These * sockets will be tried in the order listed in case accessing the device files * listed in DEVRANDOM did not return enough entropy. */ #define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy" diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost index c96cccc7b4..abc5a9b7ca 100644 --- a/engines/ccgost/README.gost +++ b/engines/ccgost/README.gost @@ -193,7 +193,7 @@ Russian clients and RSA/DSA ciphersuites for foreign clients. openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile - Note absense of an option that specifies digest algorithm. gost-mac + Note absence of an option that specifies digest algorithm. gost-mac algorithm supports only one digest (which is actually part of implementation of this mac) and OpenSSL is clever enough to find out this. diff --git a/fips/fips_post.c b/fips/fips_post.c index 8cd2334362..5a002db7da 100644 --- a/fips/fips_post.c +++ b/fips/fips_post.c @@ -300,7 +300,7 @@ int fips_pkey_signature_test(int id, EVP_PKEY *pkey, if (pkey == NULL) { ret = 1; - /* Well actually sucess as we've set ret to 1 */ + /* Well actually success as we've set ret to 1 */ goto error; } if (!FIPS_digestinit(&mctx, digest)) diff --git a/openssl.spec b/openssl.spec index 06d4dea439..6f7b784312 100644 --- a/openssl.spec +++ b/openssl.spec @@ -165,7 +165,7 @@ ldconfig - Make sure symlinks are created by using -f flag to ln. Otherwise some .so libraries are copied rather than linked in the resulting binary RPM. This causes the package - to be larger than neccessary and makes ldconfig complain. + to be larger than necessary and makes ldconfig complain. * Fri Oct 13 2000 Horms - Make defattr is set for files in all packages so packages built as non-root will still be installed with files owned by root. diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index 712c4647f2..d242dcad42 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -133,7 +133,7 @@ * short etc). * 1: if the record's padding is valid / the encryption was successful. * -1: if the record's padding/AEAD-authenticator is invalid or, if sending, - * an internal error occured. */ + * an internal error occurred. */ int dtls1_enc(SSL *s, int send) { SSL3_RECORD *rec; diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index ea46c3989e..73e12b6799 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -419,7 +419,7 @@ char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx) * md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written. * md_out_size: if non-NULL, the number of output bytes is written here. * header: the 13-byte, TLS record header. - * data: the record data itself, less any preceeding explicit IV. + * data: the record data itself, less any preceding explicit IV. * data_plus_mac_size: the secret, reported length of the data and MAC * once the padding has been removed. * data_plus_mac_plus_padding_size: the public length of the whole diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 018a9f590c..21e09b9394 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1753,7 +1753,7 @@ int ssl3_get_key_exchange(SSL *s) * and the ECParameters in this case is just three bytes. */ param_len=3; - /* Check curve is one of our prefrences, if not server has + /* Check curve is one of our preferences, if not server has * sent an invalid curve. */ if (!tls1_check_curve(s, p, param_len)) diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 0282ef4620..b334aba5d3 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -494,7 +494,7 @@ void ssl3_cleanup_key_block(SSL *s) * short etc). * 1: if the record's padding is valid / the encryption was successful. * -1: if the record's padding is invalid or, if sending, an internal error - * occured. + * occurred. */ int ssl3_enc(SSL *s, int send) { diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index e589409906..65b742c119 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -485,7 +485,7 @@ printf("\n"); /* A separate 'decryption_failed' alert was introduced with TLS 1.0, * SSL 3.0 only has 'bad_record_mac'. But unless a decryption * failure is directly visible from the ciphertext anyway, - * we should not reveal which kind of error occured -- this + * we should not reveal which kind of error occurred -- this * might become visible to an attacker (e.g. via a logfile) */ al=SSL_AD_BAD_RECORD_MAC; SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index fdd20d9009..9b707938ba 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -698,7 +698,7 @@ err: * short etc). * 1: if the record's padding is valid / the encryption was successful. * -1: if the record's padding/AEAD-authenticator is invalid or, if sending, - * an internal error occured. + * an internal error occurred. */ int tls1_enc(SSL *s, int send) { diff --git a/test/CAss.cnf b/test/CAss.cnf index 546e660626..1ec96af332 100644 --- a/test/CAss.cnf +++ b/test/CAss.cnf @@ -45,7 +45,7 @@ crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key RANDFILE = $dir/private/.rand # private random number file -x509_extensions = v3_ca # The extentions to add to the cert +x509_extensions = v3_ca # The extensions to add to the cert name_opt = ca_default # Subject Name options cert_opt = ca_default # Certificate field options diff --git a/test/CAtsa.cnf b/test/CAtsa.cnf index f5a275bfc2..b497b50452 100644 --- a/test/CAtsa.cnf +++ b/test/CAtsa.cnf @@ -57,7 +57,7 @@ distinguished_name = $ENV::TSDNSECT encrypt_rsa_key = no prompt = no # attributes = req_attributes -x509_extensions = v3_ca # The extentions to add to the self signed cert +x509_extensions = v3_ca # The extensions to add to the self signed cert string_mask = nombstr -- 2.34.1