Fixed some typos, courtesy of codespell

NEWS

@@ -1966,7 +1966,7 @@ strongswan-4.3.1
   fuzzing techniques: 1) Sending a malformed IKE_SA_INIT request leaved an
   incomplete state which caused a null pointer dereference if a subsequent
   CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either
-  a missing TSi or TSr payload caused a null pointer derefence because the
+  a missing TSi or TSr payload caused a null pointer dereference because the
   checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was
   developed by the Orange Labs vulnerability research team. The tool was
   initially written by Gabriel Campana and is now maintained by Laurent Butti.

scripts/hash_burn.c

@@ -45,13 +45,13 @@ int main(int argc, char *argv[])
 
 	if (!enum_from_name(hash_algorithm_short_names, argv[1], &alg))
 	{
-		fprintf(stderr, "unknown hash algorthm: %s\n", argv[1]);
+		fprintf(stderr, "unknown hash algorithm: %s\n", argv[1]);
 		return 1;
 	}
 	hasher = lib->crypto->create_hasher(lib->crypto, alg);
 	if (!hasher)
 	{
-		fprintf(stderr, "hash algorthm not supported: %N\n",
+		fprintf(stderr, "hash algorithm not supported: %N\n",
 				hash_algorithm_names, alg);
 		return 1;
 	}

src/libcharon/encoding/payloads/ike_header.c

@@ -172,7 +172,7 @@ static encoding_rule_t encodings[] = {
 	{ FLAG,			offsetof(private_ike_header_t, flags.encryption)},
 	/* 4 Byte message id, stored in the field message_id */
 	{ U_INT_32,		offsetof(private_ike_header_t, message_id)		},
-	/* 4 Byte length fied, stored in the field length */
+	/* 4 Byte length field, stored in the field length */
 	{ HEADER_LENGTH,	offsetof(private_ike_header_t, length)			}
 };
 

src/libcharon/plugins/sql/sql_config.h

@@ -37,7 +37,7 @@ struct sql_config_t {
 	backend_t backend;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_config_t *this);
 };

src/libcharon/plugins/sql/sql_cred.h

@@ -37,7 +37,7 @@ struct sql_cred_t {
 	credential_set_t set;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_cred_t *this);
 };

src/libcharon/plugins/sql/sql_logger.h

@@ -37,7 +37,7 @@ struct sql_logger_t {
 	logger_t logger;
 
 	/**
-	 * Destry the backend.
+	 * Destroy the backend.
 	 */
 	void (*destroy)(sql_logger_t *this);
 };

src/libcharon/sa/keymat.h

@@ -98,7 +98,7 @@ struct keymat_t {
  *
  * @param version			requested IKE version
  * @param initiator			TRUE if we are initiator
- * @return					keymat_t implmenetation
+ * @return					keymat_t implementation
  */
 keymat_t *keymat_create(ike_version_t version, bool initiator);
 

src/libimcv/plugins/imv_scanner/imv_scanner_state.c

@@ -66,7 +66,7 @@ struct private_imv_scanner_state_t {
 	uint32_t action_flags;
 
 	/**
-	 * IMV database session associatied with TNCCS connection
+	 * IMV database session associated with TNCCS connection
 	 */
 	imv_session_t *session;
 

src/libstrongswan/credentials/certificates/ocsp_response.h

@@ -62,7 +62,7 @@ struct ocsp_response_t {
 	 * @param revocation_time	receives time of revocation, if revoked
 	 * @param revocation_reason	receives reason of revocation, if revoked
 	 * @param this_update		creation time of revocation list
-	 * @param next_update		exptected time of next revocation list
+	 * @param next_update		expected time of next revocation list
 	 * @return					certificate revocation status
 	 */
 	cert_validation_t (*get_status)(ocsp_response_t *this,

src/libstrongswan/credentials/credential_set.h

@@ -37,7 +37,7 @@ typedef struct credential_set_t credential_set_t;
  *
  * A credential set enumerator may not block the credential set, i.e. multiple
  * threads must be able to hold multiple enumerators, as the credential manager
- * is higly parallelized. The best way to achieve this is by using shared
+ * is highly parallelized. The best way to achieve this is by using shared
  * read locks for the enumerators only. Otherwise deadlocks will occur.
  * The writing cache_cert() routine is called by the manager only if no
  * enumerator is alive, so it is save to use a write lock there.

src/libstrongswan/plugins/openssl/openssl_pkcs7.c

@@ -441,7 +441,7 @@ METHOD(pkcs7_t, get_attribute, bool,
 		return FALSE;
 	}
 
-	/* "i" gets incremeneted after enumerate(), hence read from previous */
+	/* "i" gets incremented after enumerate(), hence read from previous */
 	si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
 	for (i = 0; i < CMS_signed_get_attr_count(si); i++)
 	{

src/libstrongswan/utils/utils/tty.h

@@ -25,7 +25,7 @@
 typedef enum tty_escape_t tty_escape_t;
 
 /**
- * Excape codes for tty colors
+ * Escape codes for tty colors
  */
 enum tty_escape_t {
 	/** text properties */

testing/scripts/build-certs-chroot

@@ -129,7 +129,7 @@ cp ${CA_CERT} ${DIR}/hosts/alice/etc/raddb/certs
 # Convert strongSwan Root CA certificate into DER format
 openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
 
-# Gernerate a stale CRL
+# Generate a stale CRL
 pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
     --this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
 
@@ -857,7 +857,7 @@ pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
     --in ${CA_DIR}/certs/01.pem --group sales \
     --not-before "${SH_END}" --not-after "${EE_END}" --outform pem > ${ACERT_CS}
 
-# Put a copy into the ikev2/acert-inline scenarion
+# Put a copy into the ikev2/acert-inline scenario
 TEST="${TEST_DIR}/ikev2/acert-inline"
 mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
 mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/aacerts
@@ -880,7 +880,7 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
     --outform pem > ${TEST_CERT}
 cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
 
-# Genrate dave's attribute certificate for sales from expired AA
+# Generate dave's attribute certificate for sales from expired AA
 ACERT=${TEST}/hosts/dave/${IPSEC_DIR}/acerts/dave-expired-aa.pem
 mkdir -p ${TEST}/hosts/dave/${IPSEC_DIR}/acerts
 pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \