Fixed some typos, courtesy of codespell
This commit is contained in:
parent
82cd511cc9
commit
17c9972252
2
NEWS
2
NEWS
|
@ -1966,7 +1966,7 @@ strongswan-4.3.1
|
||||||
fuzzing techniques: 1) Sending a malformed IKE_SA_INIT request leaved an
|
fuzzing techniques: 1) Sending a malformed IKE_SA_INIT request leaved an
|
||||||
incomplete state which caused a null pointer dereference if a subsequent
|
incomplete state which caused a null pointer dereference if a subsequent
|
||||||
CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either
|
CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either
|
||||||
a missing TSi or TSr payload caused a null pointer derefence because the
|
a missing TSi or TSr payload caused a null pointer dereference because the
|
||||||
checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was
|
checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was
|
||||||
developed by the Orange Labs vulnerability research team. The tool was
|
developed by the Orange Labs vulnerability research team. The tool was
|
||||||
initially written by Gabriel Campana and is now maintained by Laurent Butti.
|
initially written by Gabriel Campana and is now maintained by Laurent Butti.
|
||||||
|
|
|
@ -45,13 +45,13 @@ int main(int argc, char *argv[])
|
||||||
|
|
||||||
if (!enum_from_name(hash_algorithm_short_names, argv[1], &alg))
|
if (!enum_from_name(hash_algorithm_short_names, argv[1], &alg))
|
||||||
{
|
{
|
||||||
fprintf(stderr, "unknown hash algorthm: %s\n", argv[1]);
|
fprintf(stderr, "unknown hash algorithm: %s\n", argv[1]);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
hasher = lib->crypto->create_hasher(lib->crypto, alg);
|
hasher = lib->crypto->create_hasher(lib->crypto, alg);
|
||||||
if (!hasher)
|
if (!hasher)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "hash algorthm not supported: %N\n",
|
fprintf(stderr, "hash algorithm not supported: %N\n",
|
||||||
hash_algorithm_names, alg);
|
hash_algorithm_names, alg);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
@ -172,7 +172,7 @@ static encoding_rule_t encodings[] = {
|
||||||
{ FLAG, offsetof(private_ike_header_t, flags.encryption)},
|
{ FLAG, offsetof(private_ike_header_t, flags.encryption)},
|
||||||
/* 4 Byte message id, stored in the field message_id */
|
/* 4 Byte message id, stored in the field message_id */
|
||||||
{ U_INT_32, offsetof(private_ike_header_t, message_id) },
|
{ U_INT_32, offsetof(private_ike_header_t, message_id) },
|
||||||
/* 4 Byte length fied, stored in the field length */
|
/* 4 Byte length field, stored in the field length */
|
||||||
{ HEADER_LENGTH, offsetof(private_ike_header_t, length) }
|
{ HEADER_LENGTH, offsetof(private_ike_header_t, length) }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,7 @@ struct sql_config_t {
|
||||||
backend_t backend;
|
backend_t backend;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Destry the backend.
|
* Destroy the backend.
|
||||||
*/
|
*/
|
||||||
void (*destroy)(sql_config_t *this);
|
void (*destroy)(sql_config_t *this);
|
||||||
};
|
};
|
||||||
|
|
|
@ -37,7 +37,7 @@ struct sql_cred_t {
|
||||||
credential_set_t set;
|
credential_set_t set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Destry the backend.
|
* Destroy the backend.
|
||||||
*/
|
*/
|
||||||
void (*destroy)(sql_cred_t *this);
|
void (*destroy)(sql_cred_t *this);
|
||||||
};
|
};
|
||||||
|
|
|
@ -37,7 +37,7 @@ struct sql_logger_t {
|
||||||
logger_t logger;
|
logger_t logger;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Destry the backend.
|
* Destroy the backend.
|
||||||
*/
|
*/
|
||||||
void (*destroy)(sql_logger_t *this);
|
void (*destroy)(sql_logger_t *this);
|
||||||
};
|
};
|
||||||
|
|
|
@ -98,7 +98,7 @@ struct keymat_t {
|
||||||
*
|
*
|
||||||
* @param version requested IKE version
|
* @param version requested IKE version
|
||||||
* @param initiator TRUE if we are initiator
|
* @param initiator TRUE if we are initiator
|
||||||
* @return keymat_t implmenetation
|
* @return keymat_t implementation
|
||||||
*/
|
*/
|
||||||
keymat_t *keymat_create(ike_version_t version, bool initiator);
|
keymat_t *keymat_create(ike_version_t version, bool initiator);
|
||||||
|
|
||||||
|
|
|
@ -66,7 +66,7 @@ struct private_imv_scanner_state_t {
|
||||||
uint32_t action_flags;
|
uint32_t action_flags;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* IMV database session associatied with TNCCS connection
|
* IMV database session associated with TNCCS connection
|
||||||
*/
|
*/
|
||||||
imv_session_t *session;
|
imv_session_t *session;
|
||||||
|
|
||||||
|
|
|
@ -62,7 +62,7 @@ struct ocsp_response_t {
|
||||||
* @param revocation_time receives time of revocation, if revoked
|
* @param revocation_time receives time of revocation, if revoked
|
||||||
* @param revocation_reason receives reason of revocation, if revoked
|
* @param revocation_reason receives reason of revocation, if revoked
|
||||||
* @param this_update creation time of revocation list
|
* @param this_update creation time of revocation list
|
||||||
* @param next_update exptected time of next revocation list
|
* @param next_update expected time of next revocation list
|
||||||
* @return certificate revocation status
|
* @return certificate revocation status
|
||||||
*/
|
*/
|
||||||
cert_validation_t (*get_status)(ocsp_response_t *this,
|
cert_validation_t (*get_status)(ocsp_response_t *this,
|
||||||
|
|
|
@ -37,7 +37,7 @@ typedef struct credential_set_t credential_set_t;
|
||||||
*
|
*
|
||||||
* A credential set enumerator may not block the credential set, i.e. multiple
|
* A credential set enumerator may not block the credential set, i.e. multiple
|
||||||
* threads must be able to hold multiple enumerators, as the credential manager
|
* threads must be able to hold multiple enumerators, as the credential manager
|
||||||
* is higly parallelized. The best way to achieve this is by using shared
|
* is highly parallelized. The best way to achieve this is by using shared
|
||||||
* read locks for the enumerators only. Otherwise deadlocks will occur.
|
* read locks for the enumerators only. Otherwise deadlocks will occur.
|
||||||
* The writing cache_cert() routine is called by the manager only if no
|
* The writing cache_cert() routine is called by the manager only if no
|
||||||
* enumerator is alive, so it is save to use a write lock there.
|
* enumerator is alive, so it is save to use a write lock there.
|
||||||
|
|
|
@ -441,7 +441,7 @@ METHOD(pkcs7_t, get_attribute, bool,
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* "i" gets incremeneted after enumerate(), hence read from previous */
|
/* "i" gets incremented after enumerate(), hence read from previous */
|
||||||
si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
|
si = sk_CMS_SignerInfo_value(e->signers, e->i - 1);
|
||||||
for (i = 0; i < CMS_signed_get_attr_count(si); i++)
|
for (i = 0; i < CMS_signed_get_attr_count(si); i++)
|
||||||
{
|
{
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
typedef enum tty_escape_t tty_escape_t;
|
typedef enum tty_escape_t tty_escape_t;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Excape codes for tty colors
|
* Escape codes for tty colors
|
||||||
*/
|
*/
|
||||||
enum tty_escape_t {
|
enum tty_escape_t {
|
||||||
/** text properties */
|
/** text properties */
|
||||||
|
|
|
@ -129,7 +129,7 @@ cp ${CA_CERT} ${DIR}/hosts/alice/etc/raddb/certs
|
||||||
# Convert strongSwan Root CA certificate into DER format
|
# Convert strongSwan Root CA certificate into DER format
|
||||||
openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
|
openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
|
||||||
|
|
||||||
# Gernerate a stale CRL
|
# Generate a stale CRL
|
||||||
pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
|
pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
|
||||||
--this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
|
--this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
|
||||||
|
|
||||||
|
@ -857,7 +857,7 @@ pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
|
||||||
--in ${CA_DIR}/certs/01.pem --group sales \
|
--in ${CA_DIR}/certs/01.pem --group sales \
|
||||||
--not-before "${SH_END}" --not-after "${EE_END}" --outform pem > ${ACERT_CS}
|
--not-before "${SH_END}" --not-after "${EE_END}" --outform pem > ${ACERT_CS}
|
||||||
|
|
||||||
# Put a copy into the ikev2/acert-inline scenarion
|
# Put a copy into the ikev2/acert-inline scenario
|
||||||
TEST="${TEST_DIR}/ikev2/acert-inline"
|
TEST="${TEST_DIR}/ikev2/acert-inline"
|
||||||
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
|
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
|
||||||
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/aacerts
|
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/aacerts
|
||||||
|
@ -880,7 +880,7 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
|
||||||
--outform pem > ${TEST_CERT}
|
--outform pem > ${TEST_CERT}
|
||||||
cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
|
cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
|
||||||
|
|
||||||
# Genrate dave's attribute certificate for sales from expired AA
|
# Generate dave's attribute certificate for sales from expired AA
|
||||||
ACERT=${TEST}/hosts/dave/${IPSEC_DIR}/acerts/dave-expired-aa.pem
|
ACERT=${TEST}/hosts/dave/${IPSEC_DIR}/acerts/dave-expired-aa.pem
|
||||||
mkdir -p ${TEST}/hosts/dave/${IPSEC_DIR}/acerts
|
mkdir -p ${TEST}/hosts/dave/${IPSEC_DIR}/acerts
|
||||||
pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
|
pki --acert --issuerkey ${TEST_KEY} --issuercert ${TEST_CERT} \
|
||||||
|
|
Loading…
Reference in New Issue