Fixed some typos, courtesy of codespell

laforge/swu
Tobias Brunner 4 years ago
parent 82cd511cc9
commit 17c9972252
  1. 2
      NEWS
  2. 4
      scripts/hash_burn.c
  3. 2
      src/libcharon/encoding/payloads/ike_header.c
  4. 2
      src/libcharon/plugins/sql/sql_config.h
  5. 2
      src/libcharon/plugins/sql/sql_cred.h
  6. 2
      src/libcharon/plugins/sql/sql_logger.h
  7. 2
      src/libcharon/sa/keymat.h
  8. 2
      src/libimcv/plugins/imv_scanner/imv_scanner_state.c
  9. 2
      src/libstrongswan/credentials/certificates/ocsp_response.h
  10. 2
      src/libstrongswan/credentials/credential_set.h
  11. 2
      src/libstrongswan/plugins/openssl/openssl_pkcs7.c
  12. 2
      src/libstrongswan/utils/utils/tty.h
  13. 6
      testing/scripts/build-certs-chroot

@ -1966,7 +1966,7 @@ strongswan-4.3.1
fuzzing techniques: 1) Sending a malformed IKE_SA_INIT request leaved an
incomplete state which caused a null pointer dereference if a subsequent
CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either
a missing TSi or TSr payload caused a null pointer derefence because the
a missing TSi or TSr payload caused a null pointer dereference because the
checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was
developed by the Orange Labs vulnerability research team. The tool was
initially written by Gabriel Campana and is now maintained by Laurent Butti.

@ -45,13 +45,13 @@ int main(int argc, char *argv[])
if (!enum_from_name(hash_algorithm_short_names, argv[1], &alg))
{
fprintf(stderr, "unknown hash algorthm: %s\n", argv[1]);
fprintf(stderr, "unknown hash algorithm: %s\n", argv[1]);
return 1;
}
hasher = lib->crypto->create_hasher(lib->crypto, alg);
if (!hasher)
{
fprintf(stderr, "hash algorthm not supported: %N\n",
fprintf(stderr, "hash algorithm not supported: %N\n",
hash_algorithm_names, alg);
return 1;
}

@ -172,7 +172,7 @@ static encoding_rule_t encodings[] = {
{ FLAG, offsetof(private_ike_header_t, flags.encryption)},
/* 4 Byte message id, stored in the field message_id */
{ U_INT_32, offsetof(private_ike_header_t, message_id) },
/* 4 Byte length fied, stored in the field length */
/* 4 Byte length field, stored in the field length */
{ HEADER_LENGTH, offsetof(private_ike_header_t, length) }
};

@ -37,7 +37,7 @@ struct sql_config_t {
backend_t backend;
/**
* Destry the backend.
* Destroy the backend.
*/
void (*destroy)(sql_config_t *this);
};

@ -37,7 +37,7 @@ struct sql_cred_t {
credential_set_t set;
/**
* Destry the backend.
* Destroy the backend.
*/
void (*destroy)(sql_cred_t *this);
};

@ -37,7 +37,7 @@ struct sql_logger_t {
logger_t logger;
/**
* Destry the backend.
* Destroy the backend.
*/
void (*destroy)(sql_logger_t *this);
};

@ -98,7 +98,7 @@ struct keymat_t {
*
* @param version requested IKE version
* @param initiator TRUE if we are initiator
* @return keymat_t implmenetation
* @return keymat_t implementation
*/
keymat_t *keymat_create(ike_version_t version, bool initiator);

@ -66,7 +66,7 @@ struct private_imv_scanner_state_t {
uint32_t action_flags;
/**
* IMV database session associatied with TNCCS connection
* IMV database session associated with TNCCS connection
*/
imv_session_t *session;

@ -62,7 +62,7 @@ struct ocsp_response_t {
* @param revocation_time receives time of revocation, if revoked
* @param revocation_reason receives reason of revocation, if revoked
* @param this_update creation time of revocation list
* @param next_update exptected time of next revocation list
* @param next_update expected time of next revocation list
* @return certificate revocation status
*/
cert_validation_t (*get_status)(ocsp_response_t *this,

@ -37,7 +37,7 @@ typedef struct credential_set_t credential_set_t;
*
* A credential set enumerator may not block the credential set, i.e. multiple
* threads must be able to hold multiple enumerators, as the credential manager
* is higly parallelized. The best way to achieve this is by using shared
* is highly parallelized. The best way to achieve this is by using shared
* read locks for the enumerators only. Otherwise deadlocks will occur.
* The writing cache_cert() routine is called by the manager only if no
* enumerator is alive, so it is save to use a write lock there.

@ -441,7 +441,7 @@ METHOD(pkcs7_t, get_attribute, bool,
return FALSE;
}
/* "i" gets incremeneted after enumerate(), hence read from previous */
/* "i" gets incremented after enumerate(), hence read from previous */
si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
for (i = 0; i < CMS_signed_get_attr_count(si); i++)
{

@ -25,7 +25,7 @@
typedef enum tty_escape_t tty_escape_t;
/**
* Excape codes for tty colors
* Escape codes for tty colors
*/
enum tty_escape_t {
/** text properties */

@ -129,7 +129,7 @@ cp ${CA_CERT} ${DIR}/hosts/alice/etc/raddb/certs
# Convert strongSwan Root CA certificate into DER format
openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
# Gernerate a stale CRL
# Generate a stale CRL
pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
--this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
@ -857,7 +857,7 @@ pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
--in ${CA_DIR}/certs/01.pem --group sales \
--not-before "${SH_END}" --not-after "${EE_END}" --outform pem > ${ACERT_CS}
# Put a copy into the ikev2/acert-inline scenarion
# Put a copy into the ikev2/acert-inline scenario
TEST="${TEST_DIR}/ikev2/acert-inline"
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/aacerts
@ -880,7 +880,7 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
--outform pem > ${TEST_CERT}
cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
# Genrate dave's attribute certificate for sales from expired AA
# Generate dave's attribute certificate for sales from expired AA
ACERT=${TEST}/hosts/dave/${IPSEC_DIR}/acerts/dave-expired-aa.pem
mkdir -p ${TEST}/hosts/dave/${IPSEC_DIR}/acerts
pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \

Loading…
Cancel
Save