diff --git a/doc/crypto/BIO_connect.pod b/doc/crypto/BIO_connect.pod index 4edb8baf7c..4c908fba45 100644 --- a/doc/crypto/BIO_connect.pod +++ b/doc/crypto/BIO_connect.pod @@ -78,15 +78,15 @@ C<|> operator, for example: =head1 RETURN VALUES BIO_socket() returns the socket number on success or B -(-1) on error. When an error has occured, the OpenSSL error stack +(-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error. BIO_connect() and BIO_listen() return 1 on success or 0 on error. -When an error has occured, the OpenSSL error stack will hold the error +When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error. BIO_accept_ex() returns the accepted socket on success or -B (-1) on error. When an error has occured, the +B (-1) on error. When an error has occurred, the OpenSSL error stack will hold the error data and errno has the system error. diff --git a/doc/crypto/BIO_parse_hostserv.pod b/doc/crypto/BIO_parse_hostserv.pod index 56b7144683..df73ea72c7 100644 --- a/doc/crypto/BIO_parse_hostserv.pod +++ b/doc/crypto/BIO_parse_hostserv.pod @@ -21,7 +21,7 @@ BIO_parse_hostserv() will parse the information given in B, create strings with the host name and service name and give those back via B and B. Those will need to be freed after they are used. B helps determine if B shall -be interpreted primarly as a host name or a service name in ambiguous +be interpreted primarily as a host name or a service name in ambiguous cases. The syntax the BIO_parse_hostserv() recognises is: diff --git a/doc/crypto/BIO_s_accept.pod b/doc/crypto/BIO_s_accept.pod index e0877e0d8e..88877e4d27 100644 --- a/doc/crypto/BIO_s_accept.pod +++ b/doc/crypto/BIO_s_accept.pod @@ -49,7 +49,7 @@ If the close flag is set on an accept BIO then any active connection on that chain is shutdown and the socket closed when the BIO is freed. -Calling BIO_reset() on a accept BIO will close any active +Calling BIO_reset() on an accept BIO will close any active connection and reset the BIO into a state where it awaits another incoming connection. @@ -60,7 +60,7 @@ BIO_set_accept_port() uses the string B to set the accept port. The port is represented as a string of the form "host:port", where "host" is the interface to use and "port" is the port. The host can be "*" or empty which is interpreted as meaning -any interface. If the host is a IPv6 address, it has to be +any interface. If the host is an IPv6 address, it has to be enclosed in brackets, for example "[::1]:https". "port" has the same syntax as the port specified in BIO_set_conn_port() for connect BIOs, that is it can be a numerical port string or a diff --git a/doc/crypto/BIO_s_bio.pod b/doc/crypto/BIO_s_bio.pod index ce3cf6e383..438b5dd8f3 100644 --- a/doc/crypto/BIO_s_bio.pod +++ b/doc/crypto/BIO_s_bio.pod @@ -172,7 +172,7 @@ SSL_operation() can successfully be continued. =head1 WARNING -As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ +As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ condition, but there is still data in the write buffer. An application must not rely on the error value of SSL_operation() but must assure that the write buffer is always flushed first. Otherwise a deadlock may occur as diff --git a/doc/crypto/BIO_s_connect.pod b/doc/crypto/BIO_s_connect.pod index bd3cf81d5b..4c246e0be3 100644 --- a/doc/crypto/BIO_s_connect.pod +++ b/doc/crypto/BIO_s_connect.pod @@ -55,7 +55,7 @@ it also returns the socket . If B is not NULL it should be of type (int *). BIO_set_conn_hostname() uses the string B to set the hostname. -The hostname can be an IP address; if the address is a IPv6 one, it +The hostname can be an IP address; if the address is an IPv6 one, it must be enclosed with brackets. The hostname can also include the port in the form hostname:port. diff --git a/doc/crypto/BIO_s_fd.pod b/doc/crypto/BIO_s_fd.pod index 7c7cee9843..e9ebdbf062 100644 --- a/doc/crypto/BIO_s_fd.pod +++ b/doc/crypto/BIO_s_fd.pod @@ -23,7 +23,7 @@ round the platforms file descriptor routines such as read() and write(). BIO_read() and BIO_write() read or write the underlying descriptor. BIO_puts() is supported but BIO_gets() is not. -If the close flag is set then then close() is called on the underlying +If the close flag is set then close() is called on the underlying file descriptor when the BIO is freed. BIO_reset() attempts to change the file pointer to the start of file diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod index acc122085c..f539ae6c02 100644 --- a/doc/crypto/BN_BLINDING_new.pod +++ b/doc/crypto/BN_BLINDING_new.pod @@ -97,7 +97,7 @@ the B object, 0 otherwise. BN_BLINDING_set_current_thread() doesn't return anything. BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation -succeded or 0 on error. +succeeded or 0 on error. BN_BLINDING_get_flags() returns the currently set B flags (a B value). diff --git a/doc/crypto/EVP_CIPHER_meth_new.pod b/doc/crypto/EVP_CIPHER_meth_new.pod index b0076d596a..499133f647 100644 --- a/doc/crypto/EVP_CIPHER_meth_new.pod +++ b/doc/crypto/EVP_CIPHER_meth_new.pod @@ -193,7 +193,7 @@ The EVP routines will simply give them control and do nothing more. =item EVP_CIPH_FLAG_AEAD_CIPHER -This indicates that this is a AEAD cipher implementation. +This indicates that this is an AEAD cipher implementation. =item EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK diff --git a/doc/crypto/EVP_MD_meth_new.pod b/doc/crypto/EVP_MD_meth_new.pod index a6a17cd6df..0bab127007 100644 --- a/doc/crypto/EVP_MD_meth_new.pod +++ b/doc/crypto/EVP_MD_meth_new.pod @@ -96,13 +96,13 @@ combined with EVP_MD_FLAG_DIGALGID_ABSENT, the latter will override.> When setting up a DigestAlgorithmIdentifier, this flag will have the parameter be left absent by default. I +EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.> =item EVP_MD_FLAG_DIGALGID_CUSTOM Custom DigestAlgorithmIdentifier handling via ctrl, with B as default. I +EVP_MD_FLAG_DIGALGID_NULL, the latter will be overridden.> Currently unused. =back diff --git a/doc/crypto/OCSP_response_find_status.pod b/doc/crypto/OCSP_response_find_status.pod index 4baadfb47a..2a1418955a 100644 --- a/doc/crypto/OCSP_response_find_status.pod +++ b/doc/crypto/OCSP_response_find_status.pod @@ -1,6 +1,6 @@ =pod -OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity - OCSP reponse utility functions. +OCSP_resp_find_status, OCSP_resp_count, OCSP_resp_get0, OCSP_resp_find, OCSP_single_get0_status, OCSP_check_validity - OCSP response utility functions. =head1 SYNOPSIS diff --git a/doc/crypto/OCSP_response_status.pod b/doc/crypto/OCSP_response_status.pod index 5946734b43..5195b2a944 100644 --- a/doc/crypto/OCSP_response_status.pod +++ b/doc/crypto/OCSP_response_status.pod @@ -26,7 +26,7 @@ contained in B. OCSP_response_create() creates and returns an B structure for B and optionally including basic response B. -OCSP_RESPONSE_free() frees up OCSP reponse B. +OCSP_RESPONSE_free() frees up OCSP response B. =head1 RETURN VALUES diff --git a/doc/crypto/OCSP_sendreq_new.pod b/doc/crypto/OCSP_sendreq_new.pod index b0515120ef..1d5599a625 100644 --- a/doc/crypto/OCSP_sendreq_new.pod +++ b/doc/crypto/OCSP_sendreq_new.pod @@ -40,7 +40,7 @@ B. When the operation is complete it returns the response in B<*presp>. OCSP_REQ_CTX_free() frees up the OCSP context B. -OCSP_set_max_response_length() sets the maximum reponse length for B +OCSP_set_max_response_length() sets the maximum response length for B to B. If the response exceeds this length an error occurs. If not set a default value of 100k is used. diff --git a/doc/crypto/OPENSSL_secure_malloc.pod b/doc/crypto/OPENSSL_secure_malloc.pod index 3423eb0413..2a04931cec 100644 --- a/doc/crypto/OPENSSL_secure_malloc.pod +++ b/doc/crypto/OPENSSL_secure_malloc.pod @@ -100,8 +100,7 @@ OPENSSL_secure_malloc() and OPENSSL_secure_zalloc() return a pointer into the secure heap of the requested size, or C if memory could not be allocated. -CRYPTO_secure_allocated() returns 1 if the pointer is in the -the secure heap, or 0 if not. +CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not. CRYPTO_secure_malloc_done() and OPENSSL_secure_free() return no values. diff --git a/doc/crypto/RAND_load_file.pod b/doc/crypto/RAND_load_file.pod index debf06fa2e..6bc779aae9 100644 --- a/doc/crypto/RAND_load_file.pod +++ b/doc/crypto/RAND_load_file.pod @@ -24,7 +24,7 @@ too small for the path name, an error occurs. RAND_load_file() reads a number of bytes from file B and adds them to the PRNG. If B is non-negative, -up to to B are read; +up to B are read; if B is -1, the complete file is read. RAND_write_file() writes a number of random bytes (currently 1024) to diff --git a/doc/crypto/X509V3_get_d2i.pod b/doc/crypto/X509V3_get_d2i.pod index accc9f4907..b502e815a2 100644 --- a/doc/crypto/X509V3_get_d2i.pod +++ b/doc/crypto/X509V3_get_d2i.pod @@ -168,7 +168,7 @@ The following are CRL extensions from PKIX standards such as RFC5280. Delta CRL Indicator NID_delta_crl Freshest CRL NID_freshest_crl Invalidity Date NID_invalidity_date - Issuing Distrubution Point NID_issuing_distribution_point + Issuing Distribution Point NID_issuing_distribution_point The following are CRL entry extensions from PKIX standards such as RFC5280. diff --git a/doc/crypto/X509_verify_cert.pod b/doc/crypto/X509_verify_cert.pod index 1d0f1e23c8..a84ef00089 100644 --- a/doc/crypto/X509_verify_cert.pod +++ b/doc/crypto/X509_verify_cert.pod @@ -41,7 +41,7 @@ for <= 0 return value on error. =head1 BUGS This function uses the header B as opposed to most chain verification -functiosn which use B. +functions which use B. =head1 SEE ALSO diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod index 67ab536793..c2e786e894 100644 --- a/doc/crypto/ecdsa.pod +++ b/doc/crypto/ecdsa.pod @@ -123,7 +123,7 @@ The error codes can be obtained by L. Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256). -First step: create a EC_KEY object (note: this part is B ECDSA +First step: create an EC_KEY object (note: this part is B ECDSA specific) int ret; diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod index 99ed170321..c069fd778f 100644 --- a/doc/crypto/engine.pod +++ b/doc/crypto/engine.pod @@ -482,7 +482,7 @@ implemented by ENGINEs should be numbered from. Any command value lower than this symbol is considered a "generic" command is handled directly by the OpenSSL core routines. -It is using these "core" control commands that one can discover the the control +It is using these "core" control commands that one can discover the control commands implemented by a given ENGINE, specifically the commands; #define ENGINE_HAS_CTRL_FUNCTION 10 diff --git a/doc/crypto/pem.pod b/doc/crypto/pem.pod index 7ab8d67e74..5687375a61 100644 --- a/doc/crypto/pem.pod +++ b/doc/crypto/pem.pod @@ -399,7 +399,7 @@ The encryption key is derived using EVP_BytesToKey(). The cipher's initialization vector is passed to EVP_BytesToKey() as the B parameter. Internally, B bytes of the salt are used (regardless of the size of the initialization vector). The user's -password is passed to to EVP_BytesToKey() using the B and B +password is passed to EVP_BytesToKey() using the B and B parameters. Finally, the library uses an iteration count of 1 for EVP_BytesToKey(). diff --git a/doc/crypto/sk_X509_num.pod b/doc/crypto/sk_X509_num.pod index 79002d4a44..eebdeb343d 100644 --- a/doc/crypto/sk_X509_num.pod +++ b/doc/crypto/sk_X509_num.pod @@ -78,7 +78,7 @@ sk_X509_insert() inserts B into B at position B. Any existing elements at or after B are moved downwards. If B is out of range the new element is appended to B. sk_X509_insert() either returns the number of elements in B after the new element is inserted or zero if -an error occured: which will happen if there is a memory allocation failure. +an error occurred: which will happen if there is a memory allocation failure. sk_X509_push() appends B to B it is equivalent to: @@ -93,7 +93,7 @@ sk_X509_pop() returns and removes the last element from B. sk_X509_shift() returns and removes the first element from B. sk_X509_set() sets element B of B to B replacing the current -element. The new element value is returned or B if an error occured: +element. The new element value is returned or B if an error occurred: this will only happen if B is B or B is out of range. sk_X509_find() and int sk_X509_find_ex() search B using the supplied diff --git a/doc/openssl-c-indent.el b/doc/openssl-c-indent.el index cedf135d95..c28814a67d 100644 --- a/doc/openssl-c-indent.el +++ b/doc/openssl-c-indent.el @@ -12,7 +12,7 @@ ;;; M-x c-set-style (or C-c . for short), and enter "eay". ;;; To toggle the auto-newline feature of CC mode, type C-c C-a. ;;; -;;; If you're a OpenSSL developer, you might find it more comfortable +;;; If you're an OpenSSL developer, you might find it more comfortable ;;; to have this style be permanent in your OpenSSL development ;;; directory. To have that, please perform this: ;;; diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod index 36e969950b..f2cb99ed42 100644 --- a/doc/ssl/SSL_CTX_dane_enable.pod +++ b/doc/ssl/SSL_CTX_dane_enable.pod @@ -36,7 +36,7 @@ applications that override L via L are responsible to authenticate the peer chain in whatever manner they see fit. -SSL_CTX_dane_mtype_set() may then be called zero or more times to to adjust the +SSL_CTX_dane_mtype_set() may then be called zero or more times to adjust the supported digest algorithms. This must be done before any SSL handles are created for the context. diff --git a/doc/ssl/SSL_CTX_free.pod b/doc/ssl/SSL_CTX_free.pod index 22ce5505dc..70a63142a0 100644 --- a/doc/ssl/SSL_CTX_free.pod +++ b/doc/ssl/SSL_CTX_free.pod @@ -13,8 +13,7 @@ SSL_CTX_free - free an allocated SSL_CTX object =head1 DESCRIPTION SSL_CTX_free() decrements the reference count of B, and removes the -SSL_CTX object pointed to by B and frees up the allocated memory if the -the reference count has reached 0. +SSL_CTX object pointed to by B and frees up the allocated memory if the reference count has reached 0. It also calls the free()ing procedures for indirectly affected items, if applicable: the session cache, the list of ciphers, the list of Client CAs, diff --git a/doc/ssl/SSL_CTX_set_cipher_list.pod b/doc/ssl/SSL_CTX_set_cipher_list.pod index 338323290e..512ca81747 100644 --- a/doc/ssl/SSL_CTX_set_cipher_list.pod +++ b/doc/ssl/SSL_CTX_set_cipher_list.pod @@ -45,7 +45,7 @@ DSA ciphers always use DH key exchange and therefore need DH-parameters (see L). When these conditions are not met for any cipher in the list (e.g. a -client only supports export RSA ciphers with a asymmetric key length +client only supports export RSA ciphers with an asymmetric key length of 512 bits and the server is not configured to use temporary RSA keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will fail. diff --git a/doc/ssl/SSL_CTX_set_psk_client_callback.pod b/doc/ssl/SSL_CTX_set_psk_client_callback.pod index 573f89a922..b7f574bddf 100644 --- a/doc/ssl/SSL_CTX_set_psk_client_callback.pod +++ b/doc/ssl/SSL_CTX_set_psk_client_callback.pod @@ -59,7 +59,7 @@ The callback is set using functions SSL_CTX_set_psk_client_callback() or SSL_set_psk_client_callback(). The callback function is given the connection in parameter B, a B-terminated PSK identity hint sent by the server in parameter B, a buffer B of -length B bytes where the the resulting +length B bytes where the resulting B-terminated identity is to be stored, and a buffer B of length B bytes where the resulting pre-shared key is to be stored. diff --git a/doc/ssl/SSL_CTX_set_security_level.pod b/doc/ssl/SSL_CTX_set_security_level.pod index fd50614b7d..2b56472457 100644 --- a/doc/ssl/SSL_CTX_set_security_level.pod +++ b/doc/ssl/SSL_CTX_set_security_level.pod @@ -54,7 +54,7 @@ application specific value. =head1 DEFAULT CALLBACK BEHAVIOUR -If an application doesn't set it's own security callback the default +If an application doesn't set its own security callback the default callback is used. It is intended to provide sane defaults. The meaning of each level is described below. diff --git a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod index b660b21a9a..3502c1cd29 100644 --- a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod +++ b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod @@ -90,7 +90,7 @@ continue on those parameters. =item Z<>0 This indicates that it was not possible to set/retrieve a session ticket and -the SSL/TLS session will continue by by negotiating a set of cryptographic +the SSL/TLS session will continue by negotiating a set of cryptographic parameters or using the alternate SSL/TLS resumption mechanism, session ids. If called with enc equal to 0 the library will call the I again to get diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index b6d3334f5f..c875163248 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -76,7 +76,7 @@ links to mostly all other structures. =head1 HEADER FILES Currently the OpenSSL B library provides the following C header files -containing the prototypes for the data structures and and functions: +containing the prototypes for the data structures and functions: =over 4