mirror of https://github.com/openssl/openssl
Spelling... and more spelling
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1245)
This commit is contained in:
parent
1d8b4eb2b4
commit
f430ba31ac
|
@ -62,7 +62,7 @@ the acceptance and review process faster:
|
||||||
|
|
||||||
4. Patches should follow our coding style (see
|
4. Patches should follow our coding style (see
|
||||||
https://www.openssl.org/policies/codingstyle.html) and compile without
|
https://www.openssl.org/policies/codingstyle.html) and compile without
|
||||||
warnings. Where gcc or clang is availble you should use the
|
warnings. Where gcc or clang is available you should use the
|
||||||
--strict-warnings Configure option. OpenSSL compiles on many varied
|
--strict-warnings Configure option. OpenSSL compiles on many varied
|
||||||
platforms: try to ensure you only use portable features.
|
platforms: try to ensure you only use portable features.
|
||||||
|
|
||||||
|
|
|
@ -87,7 +87,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
|
||||||
# DEBUG_UNUSED enables __owur (warn unused result) checks.
|
# DEBUG_UNUSED enables __owur (warn unused result) checks.
|
||||||
my $gcc_devteam_warn = "-DDEBUG_UNUSED"
|
my $gcc_devteam_warn = "-DDEBUG_UNUSED"
|
||||||
# -DPEDANTIC complements -pedantic and is meant to mask code that
|
# -DPEDANTIC complements -pedantic and is meant to mask code that
|
||||||
# is not strictly standard-compliant and/or implementation-specifc,
|
# is not strictly standard-compliant and/or implementation-specific,
|
||||||
# e.g. inline assembly, disregards to alignment requirements, such
|
# e.g. inline assembly, disregards to alignment requirements, such
|
||||||
# that -pedantic would complain about. Incidentally -DPEDANTIC has
|
# that -pedantic would complain about. Incidentally -DPEDANTIC has
|
||||||
# to be used even in sanitized builds, because sanitizer too is
|
# to be used even in sanitized builds, because sanitizer too is
|
||||||
|
@ -144,7 +144,7 @@ my $strict_warnings = 0;
|
||||||
our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
|
our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
|
||||||
|
|
||||||
#
|
#
|
||||||
# API compability name to version number mapping.
|
# API compatibility name to version number mapping.
|
||||||
#
|
#
|
||||||
my $maxapi = "1.1.0"; # API for "no-deprecated" builds
|
my $maxapi = "1.1.0"; # API for "no-deprecated" builds
|
||||||
my $apitable = {
|
my $apitable = {
|
||||||
|
@ -1059,7 +1059,7 @@ unless ($disabled{asan}) {
|
||||||
}
|
}
|
||||||
|
|
||||||
unless ($disabled{ubsan}) {
|
unless ($disabled{ubsan}) {
|
||||||
# -DPEDANTIC or -fnosanitize=aligmnent may also be required on some
|
# -DPEDANTIC or -fnosanitize=alignment may also be required on some
|
||||||
# platforms.
|
# platforms.
|
||||||
$config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all ";
|
$config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all ";
|
||||||
}
|
}
|
||||||
|
|
8
INSTALL
8
INSTALL
|
@ -151,7 +151,7 @@
|
||||||
on a platform that does not support AFALG.
|
on a platform that does not support AFALG.
|
||||||
|
|
||||||
enable-asan
|
enable-asan
|
||||||
Build with the Address sanitser. This is a developer option
|
Build with the Address sanitiser. This is a developer option
|
||||||
only. It may not work on all platforms and should never be
|
only. It may not work on all platforms and should never be
|
||||||
used in production environments. It will only work when used
|
used in production environments. It will only work when used
|
||||||
with gcc or clang and should be used in conjunction with the
|
with gcc or clang and should be used in conjunction with the
|
||||||
|
@ -326,7 +326,7 @@
|
||||||
"illegal instruction" exception. There might be a way
|
"illegal instruction" exception. There might be a way
|
||||||
to enable support in kernel, e.g. FreeBSD kernel can be
|
to enable support in kernel, e.g. FreeBSD kernel can be
|
||||||
compiled with CPU_ENABLE_SSE, and there is a way to
|
compiled with CPU_ENABLE_SSE, and there is a way to
|
||||||
disengage SSE2 code pathes upon application start-up,
|
disengage SSE2 code paths upon application start-up,
|
||||||
but if you aim for wider "audience" running such kernel,
|
but if you aim for wider "audience" running such kernel,
|
||||||
consider no-sse2. Both the 386 and no-asm options imply
|
consider no-sse2. Both the 386 and no-asm options imply
|
||||||
no-sse2.
|
no-sse2.
|
||||||
|
@ -361,7 +361,7 @@
|
||||||
Don't build Time Stamping Authority support.
|
Don't build Time Stamping Authority support.
|
||||||
|
|
||||||
enable-ubsan
|
enable-ubsan
|
||||||
Build with the Undefined Behaviour sanitser. This is a
|
Build with the Undefined Behaviour sanitiser. This is a
|
||||||
developer option only. It may not work on all platforms and
|
developer option only. It may not work on all platforms and
|
||||||
should never be used in production environments. It will only
|
should never be used in production environments. It will only
|
||||||
work when used with gcc or clang and should be used in
|
work when used with gcc or clang and should be used in
|
||||||
|
@ -566,7 +566,7 @@
|
||||||
$ nmake test # Windows
|
$ nmake test # Windows
|
||||||
|
|
||||||
NOTE: you MUST run the tests from an unprivileged account (or
|
NOTE: you MUST run the tests from an unprivileged account (or
|
||||||
disable your privileges temporarly if your platform allows it).
|
disable your privileges temporarily if your platform allows it).
|
||||||
|
|
||||||
If some tests fail, look at the output. There may be reasons for
|
If some tests fail, look at the output. There may be reasons for
|
||||||
the failure that isn't a problem in OpenSSL itself (like a
|
the failure that isn't a problem in OpenSSL itself (like a
|
||||||
|
|
6
NEWS
6
NEWS
|
@ -430,8 +430,8 @@
|
||||||
o New STORE structure and library to provide an interface to all
|
o New STORE structure and library to provide an interface to all
|
||||||
sorts of data repositories. Supports storage of public and
|
sorts of data repositories. Supports storage of public and
|
||||||
private keys, certificates, CRLs, numbers and arbitrary blobs.
|
private keys, certificates, CRLs, numbers and arbitrary blobs.
|
||||||
This library is unfortunately unfinished and unused withing
|
This library is unfortunately unfinished and unused within
|
||||||
OpenSSL.
|
OpenSSL.
|
||||||
o New control functions for the error stack.
|
o New control functions for the error stack.
|
||||||
o Changed the PKCS#7 library to support one-pass S/MIME
|
o Changed the PKCS#7 library to support one-pass S/MIME
|
||||||
processing.
|
processing.
|
||||||
|
@ -447,7 +447,7 @@
|
||||||
o Major overhaul of RC4 performance on Intel P4, IA-64 and
|
o Major overhaul of RC4 performance on Intel P4, IA-64 and
|
||||||
AMD64.
|
AMD64.
|
||||||
o Changed the Configure script to have some algorithms disabled
|
o Changed the Configure script to have some algorithms disabled
|
||||||
by default. Those can be explicitely enabled with the new
|
by default. Those can be explicitly enabled with the new
|
||||||
argument form 'enable-xxx'.
|
argument form 'enable-xxx'.
|
||||||
o Change the default digest in 'openssl' commands from MD5 to
|
o Change the default digest in 'openssl' commands from MD5 to
|
||||||
SHA-1.
|
SHA-1.
|
||||||
|
|
|
@ -97,7 +97,7 @@
|
||||||
"Matching Perl" refers to chosen "shell environment", i.e. if built
|
"Matching Perl" refers to chosen "shell environment", i.e. if built
|
||||||
under MSYS, then Perl compiled for MSYS must be used.
|
under MSYS, then Perl compiled for MSYS must be used.
|
||||||
|
|
||||||
Alternativelly, one can use MSYS2 from https://msys2.github.io/,
|
Alternatively, one can use MSYS2 from https://msys2.github.io/,
|
||||||
which includes MingW (32-bit and 64-bit).
|
which includes MingW (32-bit and 64-bit).
|
||||||
|
|
||||||
* It is also possible to cross-compile it on Linux by configuring
|
* It is also possible to cross-compile it on Linux by configuring
|
||||||
|
|
2
README
2
README
|
@ -82,7 +82,7 @@
|
||||||
|
|
||||||
In order to avoid spam, this is a moderated mailing list, and it might
|
In order to avoid spam, this is a moderated mailing list, and it might
|
||||||
take a couple of days for the ticket to show up. (We also scan posts to make
|
take a couple of days for the ticket to show up. (We also scan posts to make
|
||||||
sure that security disclosures aren't publically posted by mistake.) Mail
|
sure that security disclosures aren't publicly posted by mistake.) Mail
|
||||||
to this address is recorded in the public RT (request tracker) database
|
to this address is recorded in the public RT (request tracker) database
|
||||||
(see https://www.openssl.org/community/index.html#bugs for details) and
|
(see https://www.openssl.org/community/index.html#bugs for details) and
|
||||||
also forwarded the public openssl-dev mailing list. Confidential mail
|
also forwarded the public openssl-dev mailing list. Confidential mail
|
||||||
|
|
|
@ -31,7 +31,7 @@ int ASN1_buf_print(BIO *bp, unsigned char *buf, size_t buflen, int indent)
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
* Use colon separators for each octet for compatibility as
|
* Use colon separators for each octet for compatibility as
|
||||||
* this fuction is used to print out key components.
|
* this function is used to print out key components.
|
||||||
*/
|
*/
|
||||||
if (BIO_printf(bp, "%02x%s", buf[i],
|
if (BIO_printf(bp, "%02x%s", buf[i],
|
||||||
(i == buflen - 1) ? "" : ":") <= 0)
|
(i == buflen - 1) ? "" : ":") <= 0)
|
||||||
|
|
|
@ -169,7 +169,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
|
||||||
return 0;
|
return 0;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
/* fall thru */
|
/* fall through */
|
||||||
case ASN1_ITYPE_MSTRING:
|
case ASN1_ITYPE_MSTRING:
|
||||||
if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
|
if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -199,7 +199,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
||||||
ao[i]->type = i;
|
ao[i]->type = i;
|
||||||
ao[i]->obj = o;
|
ao[i]->obj = o;
|
||||||
aop = lh_ADDED_OBJ_insert(added, ao[i]);
|
aop = lh_ADDED_OBJ_insert(added, ao[i]);
|
||||||
/* memory leak, buit should not normally matter */
|
/* memory leak, but should not normally matter */
|
||||||
OPENSSL_free(aop);
|
OPENSSL_free(aop);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -156,7 +156,7 @@ Generation of RSA Private Key. Superseded by L<B<genpkey>|genpkey(1)>.
|
||||||
|
|
||||||
=item L<B<nseq>|nseq(1)>
|
=item L<B<nseq>|nseq(1)>
|
||||||
|
|
||||||
Create or examine a netscape certificate sequence
|
Create or examine a Netscape certificate sequence
|
||||||
|
|
||||||
=item L<B<ocsp>|ocsp(1)>
|
=item L<B<ocsp>|ocsp(1)>
|
||||||
|
|
||||||
|
|
|
@ -66,7 +66,7 @@ any remainder). This gives the number of blocks of data that will be processed.
|
||||||
Ensure the output buffer contains 65 bytes of storage for each block, plus an
|
Ensure the output buffer contains 65 bytes of storage for each block, plus an
|
||||||
additional byte for a NUL terminator. EVP_EncodeUpdate() may be called
|
additional byte for a NUL terminator. EVP_EncodeUpdate() may be called
|
||||||
repeatedly to process large amounts of input data. In the event of an error
|
repeatedly to process large amounts of input data. In the event of an error
|
||||||
EVP_EncodeUpdate() will set B<*outl> to 0 and return 0. On success 1 wil be
|
EVP_EncodeUpdate() will set B<*outl> to 0 and return 0. On success 1 will be
|
||||||
returned.
|
returned.
|
||||||
|
|
||||||
EVP_EncodeFinal() must be called at the end of an encoding operation. It will
|
EVP_EncodeFinal() must be called at the end of an encoding operation. It will
|
||||||
|
@ -116,7 +116,7 @@ in this case. Otherwise the function returns 1 on success.
|
||||||
EVP_DecodeBlock() will decode the block of B<n> characters of base 64 data
|
EVP_DecodeBlock() will decode the block of B<n> characters of base 64 data
|
||||||
contained in B<f> and store the result in B<t>. Any leading whitespace will be
|
contained in B<f> and store the result in B<t>. Any leading whitespace will be
|
||||||
trimmed as will any trailing whitespace, newlines, carriage returns or EOF
|
trimmed as will any trailing whitespace, newlines, carriage returns or EOF
|
||||||
characters. After such trimming the length of the data in B<f> must be divisbile
|
characters. After such trimming the length of the data in B<f> must be divisible
|
||||||
by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
|
by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
|
||||||
output will be padded with 0 bits if necessary to ensure that the output is
|
output will be padded with 0 bits if necessary to ensure that the output is
|
||||||
always 3 bytes for every 4 input bytes. This function will return the length of
|
always 3 bytes for every 4 input bytes. This function will return the length of
|
||||||
|
|
|
@ -752,7 +752,7 @@ int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
|
||||||
int dump);
|
int dump);
|
||||||
const char *ASN1_tag2str(int tag);
|
const char *ASN1_tag2str(int tag);
|
||||||
|
|
||||||
/* Used to load and write netscape format cert */
|
/* Used to load and write Netscape format cert */
|
||||||
|
|
||||||
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
|
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
|
||||||
|
|
||||||
|
|
|
@ -2335,7 +2335,7 @@ void ERR_load_SSL_strings(void);
|
||||||
# define SSL_R_NO_RENEGOTIATION 339
|
# define SSL_R_NO_RENEGOTIATION 339
|
||||||
# define SSL_R_NO_REQUIRED_DIGEST 324
|
# define SSL_R_NO_REQUIRED_DIGEST 324
|
||||||
# define SSL_R_NO_SHARED_CIPHER 193
|
# define SSL_R_NO_SHARED_CIPHER 193
|
||||||
# define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 376
|
# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS 376
|
||||||
# define SSL_R_NO_SRTP_PROFILES 359
|
# define SSL_R_NO_SRTP_PROFILES 359
|
||||||
# define SSL_R_NO_VALID_SCTS 216
|
# define SSL_R_NO_VALID_SCTS 216
|
||||||
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
|
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
|
||||||
|
|
|
@ -278,7 +278,7 @@ struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If remaining time is less than 15 ms, set it to 0 to prevent issues
|
* If remaining time is less than 15 ms, set it to 0 to prevent issues
|
||||||
* because of small devergences with socket timeouts.
|
* because of small divergences with socket timeouts.
|
||||||
*/
|
*/
|
||||||
if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
|
if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
|
||||||
memset(timeleft, 0, sizeof(*timeleft));
|
memset(timeleft, 0, sizeof(*timeleft));
|
||||||
|
@ -952,7 +952,7 @@ int dtls1_heartbeat(SSL *s)
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* Create HeartBeat message, we just use a sequence number
|
* Create HeartBeat message, we just use a sequence number
|
||||||
* as payload to distuingish different messages and add
|
* as payload to distinguish different messages and add
|
||||||
* some random stuff.
|
* some random stuff.
|
||||||
*/
|
*/
|
||||||
size = HEARTBEAT_SIZE(payload, padding);
|
size = HEARTBEAT_SIZE(payload, padding);
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* structure holding name tables. This is used for pemitted elements in lists
|
* structure holding name tables. This is used for permitted elements in lists
|
||||||
* such as TLSv1.
|
* such as TLSv1.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
|
@ -443,8 +443,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
|
||||||
{ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
|
{ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
|
||||||
{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST), "no required digest"},
|
{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST), "no required digest"},
|
||||||
{ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
|
{ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
|
||||||
{ERR_REASON(SSL_R_NO_SHARED_SIGATURE_ALGORITHMS),
|
{ERR_REASON(SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS),
|
||||||
"no shared sigature algorithms"},
|
"no shared signature algorithms"},
|
||||||
{ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
|
{ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
|
||||||
{ERR_REASON(SSL_R_NO_VALID_SCTS), "no valid scts"},
|
{ERR_REASON(SSL_R_NO_VALID_SCTS), "no valid scts"},
|
||||||
{ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK),
|
{ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK),
|
||||||
|
|
|
@ -2041,7 +2041,7 @@ int SSL_get_servername_type(const SSL *s)
|
||||||
* is indicated to the callback. In this case, the client application has to
|
* is indicated to the callback. In this case, the client application has to
|
||||||
* abort the connection or have a default application level protocol. 2) If
|
* abort the connection or have a default application level protocol. 2) If
|
||||||
* the server supports NPN, but advertises an empty list then the client
|
* the server supports NPN, but advertises an empty list then the client
|
||||||
* selects the first protcol in its list, but indicates via the API that this
|
* selects the first protocol in its list, but indicates via the API that this
|
||||||
* fallback case was enacted. 3) Otherwise, the client finds the first
|
* fallback case was enacted. 3) Otherwise, the client finds the first
|
||||||
* protocol in the server's list that it supports and selects this protocol.
|
* protocol in the server's list that it supports and selects this protocol.
|
||||||
* This is because it's assumed that the server has better information about
|
* This is because it's assumed that the server has better information about
|
||||||
|
@ -4116,7 +4116,7 @@ int ssl_validate_ct(SSL *s)
|
||||||
* value is negative.
|
* value is negative.
|
||||||
*
|
*
|
||||||
* XXX: One might well argue that the return value of this function is an
|
* XXX: One might well argue that the return value of this function is an
|
||||||
* unforunate design choice. Its job is only to determine the validation
|
* unfortunate design choice. Its job is only to determine the validation
|
||||||
* status of each of the provided SCTs. So long as it correctly separates
|
* status of each of the provided SCTs. So long as it correctly separates
|
||||||
* the wheat from the chaff it should return success. Failure in this case
|
* the wheat from the chaff it should return success. Failure in this case
|
||||||
* ought to correspond to an inability to carry out its duties.
|
* ought to correspond to an inability to carry out its duties.
|
||||||
|
|
|
@ -141,7 +141,7 @@ int tls1_change_cipher_state(SSL *s, int which)
|
||||||
goto err;
|
goto err;
|
||||||
else
|
else
|
||||||
/*
|
/*
|
||||||
* make sure it's intialized in case we exit later with an error
|
* make sure it's initialised in case we exit later with an error
|
||||||
*/
|
*/
|
||||||
EVP_CIPHER_CTX_reset(s->enc_read_ctx);
|
EVP_CIPHER_CTX_reset(s->enc_read_ctx);
|
||||||
dd = s->enc_read_ctx;
|
dd = s->enc_read_ctx;
|
||||||
|
|
|
@ -2648,7 +2648,7 @@ int tls1_set_server_sigalgs(SSL *s)
|
||||||
/* Fatal error is no shared signature algorithms */
|
/* Fatal error is no shared signature algorithms */
|
||||||
if (!s->cert->shared_sigalgs) {
|
if (!s->cert->shared_sigalgs) {
|
||||||
SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
|
SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
|
||||||
SSL_R_NO_SHARED_SIGATURE_ALGORITHMS);
|
SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS);
|
||||||
al = SSL_AD_ILLEGAL_PARAMETER;
|
al = SSL_AD_ILLEGAL_PARAMETER;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue