From 17c9972252cf4af5fed6a0752f1cc2c388705dcd Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 28 Aug 2019 14:03:41 +0200
Subject: [PATCH] Fixed some typos, courtesy of codespell

---
 NEWS                                                       | 2 +-
 scripts/hash_burn.c                                        | 4 ++--
 src/libcharon/encoding/payloads/ike_header.c               | 2 +-
 src/libcharon/plugins/sql/sql_config.h                     | 2 +-
 src/libcharon/plugins/sql/sql_cred.h                       | 2 +-
 src/libcharon/plugins/sql/sql_logger.h                     | 2 +-
 src/libcharon/sa/keymat.h                                  | 2 +-
 src/libimcv/plugins/imv_scanner/imv_scanner_state.c        | 2 +-
 src/libstrongswan/credentials/certificates/ocsp_response.h | 2 +-
 src/libstrongswan/credentials/credential_set.h             | 2 +-
 src/libstrongswan/plugins/openssl/openssl_pkcs7.c          | 2 +-
 src/libstrongswan/utils/utils/tty.h                        | 2 +-
 testing/scripts/build-certs-chroot                         | 6 +++---
 13 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/NEWS b/NEWS
index f9c249918..68537bb6a 100644
--- a/NEWS
+++ b/NEWS
@@ -1966,7 +1966,7 @@ strongswan-4.3.1
   fuzzing techniques: 1) Sending a malformed IKE_SA_INIT request leaved an
   incomplete state which caused a null pointer dereference if a subsequent
   CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either
-  a missing TSi or TSr payload caused a null pointer derefence because the
+  a missing TSi or TSr payload caused a null pointer dereference because the
   checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was
   developed by the Orange Labs vulnerability research team. The tool was
   initially written by Gabriel Campana and is now maintained by Laurent Butti.
diff --git a/scripts/hash_burn.c b/scripts/hash_burn.c
index 0aa9bf121..49a29cfd9 100644
--- a/scripts/hash_burn.c
+++ b/scripts/hash_burn.c
@@ -45,13 +45,13 @@ int main(int argc, char *argv[])
 
 	if (!enum_from_name(hash_algorithm_short_names, argv[1], &alg))
 	{
-		fprintf(stderr, "unknown hash algorthm: %s\n", argv[1]);
+		fprintf(stderr, "unknown hash algorithm: %s\n", argv[1]);
 		return 1;
 	}
 	hasher = lib->crypto->create_hasher(lib->crypto, alg);
 	if (!hasher)
 	{
-		fprintf(stderr, "hash algorthm not supported: %N\n",
+		fprintf(stderr, "hash algorithm not supported: %N\n",
 				hash_algorithm_names, alg);
 		return 1;
 	}
diff --git a/src/libcharon/encoding/payloads/ike_header.c b/src/libcharon/encoding/payloads/ike_header.c
index 6a39dc892..85e11a2f0 100644
--- a/src/libcharon/encoding/payloads/ike_header.c
+++ b/src/libcharon/encoding/payloads/ike_header.c
@@ -172,7 +172,7 @@ static encoding_rule_t encodings[] = {
 	{ FLAG,			offsetof(private_ike_header_t, flags.encryption)},
 	/* 4 Byte message id, stored in the field message_id */
 	{ U_INT_32,		offsetof(private_ike_header_t, message_id)		},
-	/* 4 Byte length fied, stored in the field length */
+	/* 4 Byte length field, stored in the field length */
 	{ HEADER_LENGTH,	offsetof(private_ike_header_t, length)			}
 };
 
diff --git a/src/libcharon/plugins/sql/sql_config.h b/src/libcharon/plugins/sql/sql_config.h
index e385ed88f..2b1103719 100644
--- a/src/libcharon/plugins/sql/sql_config.h
+++ b/src/libcharon/plugins/sql/sql_config.h
@@ -37,7 +37,7 @@ struct sql_config_t {
 	backend_t backend;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_config_t *this);
 };
diff --git a/src/libcharon/plugins/sql/sql_cred.h b/src/libcharon/plugins/sql/sql_cred.h
index 697c981b2..98161fa2c 100644
--- a/src/libcharon/plugins/sql/sql_cred.h
+++ b/src/libcharon/plugins/sql/sql_cred.h
@@ -37,7 +37,7 @@ struct sql_cred_t {
 	credential_set_t set;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_cred_t *this);
 };
diff --git a/src/libcharon/plugins/sql/sql_logger.h b/src/libcharon/plugins/sql/sql_logger.h
index a43d726a8..165098407 100644
--- a/src/libcharon/plugins/sql/sql_logger.h
+++ b/src/libcharon/plugins/sql/sql_logger.h
@@ -37,7 +37,7 @@ struct sql_logger_t {
 	logger_t logger;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_logger_t *this);
 };
diff --git a/src/libcharon/sa/keymat.h b/src/libcharon/sa/keymat.h
index 3fbb75880..c05dcb35b 100644
--- a/src/libcharon/sa/keymat.h
+++ b/src/libcharon/sa/keymat.h
@@ -98,7 +98,7 @@ struct keymat_t {
  *
  * @param version			requested IKE version
  * @param initiator			TRUE if we are initiator
- * @return					keymat_t implmenetation
+ * @return					keymat_t implementation
  */
 keymat_t *keymat_create(ike_version_t version, bool initiator);
 
diff --git a/src/libimcv/plugins/imv_scanner/imv_scanner_state.c b/src/libimcv/plugins/imv_scanner/imv_scanner_state.c
index 64ab5c4eb..2429733a5 100644
--- a/src/libimcv/plugins/imv_scanner/imv_scanner_state.c
+++ b/src/libimcv/plugins/imv_scanner/imv_scanner_state.c
@@ -66,7 +66,7 @@ struct private_imv_scanner_state_t {
 	uint32_t action_flags;
 
 	/**
-	 * IMV database session associatied with TNCCS connection
+	 * IMV database session associated with TNCCS connection
 	 */
 	imv_session_t *session;
 
diff --git a/src/libstrongswan/credentials/certificates/ocsp_response.h b/src/libstrongswan/credentials/certificates/ocsp_response.h
index 9e699aef6..e701061d7 100644
--- a/src/libstrongswan/credentials/certificates/ocsp_response.h
+++ b/src/libstrongswan/credentials/certificates/ocsp_response.h
@@ -62,7 +62,7 @@ struct ocsp_response_t {
 	 * @param revocation_time	receives time of revocation, if revoked
 	 * @param revocation_reason	receives reason of revocation, if revoked
 	 * @param this_update		creation time of revocation list
-	 * @param next_update		exptected time of next revocation list
+	 * @param next_update		expected time of next revocation list
 	 * @return					certificate revocation status
 	 */
 	cert_validation_t (*get_status)(ocsp_response_t *this,
diff --git a/src/libstrongswan/credentials/credential_set.h b/src/libstrongswan/credentials/credential_set.h
index d0b2c574d..9c4db704f 100644
--- a/src/libstrongswan/credentials/credential_set.h
+++ b/src/libstrongswan/credentials/credential_set.h
@@ -37,7 +37,7 @@ typedef struct credential_set_t credential_set_t;
  *
  * A credential set enumerator may not block the credential set, i.e. multiple
  * threads must be able to hold multiple enumerators, as the credential manager
- * is higly parallelized. The best way to achieve this is by using shared
+ * is highly parallelized. The best way to achieve this is by using shared
  * read locks for the enumerators only. Otherwise deadlocks will occur.
  * The writing cache_cert() routine is called by the manager only if no
  * enumerator is alive, so it is save to use a write lock there.
diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
index f94767cf5..0bd85456b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
@@ -441,7 +441,7 @@ METHOD(pkcs7_t, get_attribute, bool,
 		return FALSE;
 	}
 
-	/* "i" gets incremeneted after enumerate(), hence read from previous */
+	/* "i" gets incremented after enumerate(), hence read from previous */
 	si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
 	for (i = 0; i < CMS_signed_get_attr_count(si); i++)
 	{
diff --git a/src/libstrongswan/utils/utils/tty.h b/src/libstrongswan/utils/utils/tty.h
index f45d62e49..40bc3321b 100644
--- a/src/libstrongswan/utils/utils/tty.h
+++ b/src/libstrongswan/utils/utils/tty.h
@@ -25,7 +25,7 @@
 typedef enum tty_escape_t tty_escape_t;
 
 /**
- * Excape codes for tty colors
+ * Escape codes for tty colors
  */
 enum tty_escape_t {
 	/** text properties */
diff --git a/testing/scripts/build-certs-chroot b/testing/scripts/build-certs-chroot
index 9243d4d9d..acc742e37 100755
--- a/testing/scripts/build-certs-chroot
+++ b/testing/scripts/build-certs-chroot
@@ -129,7 +129,7 @@ cp ${CA_CERT} ${DIR}/hosts/alice/etc/raddb/certs
 # Convert strongSwan Root CA certificate into DER format
 openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
 
-# Gernerate a stale CRL
+# Generate a stale CRL
 pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
     --this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
 
@@ -857,7 +857,7 @@ pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
     --in ${CA_DIR}/certs/01.pem --group sales \
     --not-before "${SH_END}" --not-after "${EE_END}" --outform pem > ${ACERT_CS}
 
-# Put a copy into the ikev2/acert-inline scenarion
+# Put a copy into the ikev2/acert-inline scenario
 TEST="${TEST_DIR}/ikev2/acert-inline"
 mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
 mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/aacerts
@@ -880,7 +880,7 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
     --outform pem > ${TEST_CERT}
 cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
 
-# Genrate dave's attribute certificate for sales from expired AA
+# Generate dave's attribute certificate for sales from expired AA
 ACERT=${TEST}/hosts/dave/${IPSEC_DIR}/acerts/dave-expired-aa.pem
 mkdir -p ${TEST}/hosts/dave/${IPSEC_DIR}/acerts
 pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \