Fixed some typos, courtesy of codespell
This commit is contained in:
parent
432e2a72b2
commit
784d96e031
|
@ -294,7 +294,7 @@ For public key authentication, the responder uses the
|
|||
identity. For the initiator, each connection attempt uses a different identity
|
||||
in the form
|
||||
.BR "\(dqCN=c1-r1, OU=load-test, O=strongSwan\(dq" ,
|
||||
where the first number inidicates the client number, the second the
|
||||
where the first number indicates the client number, the second the
|
||||
authentication round (if multiple authentication rounds are used).
|
||||
.PP
|
||||
For PSK authentication, FQDN identities are used. The server uses
|
||||
|
|
|
@ -100,7 +100,7 @@ The IKE_SA configuration uses the following options (as key/value pairs):
|
|||
scenario
|
||||
rsa_strength: Connection requires a trustchain with RSA keys of given bits
|
||||
ecdsa_strength: Connection requires a trustchain with ECDSA keys of given bits
|
||||
cert_policy: Connection requries a certificate with the given OID policy
|
||||
cert_policy: Connection requires a certificate with the given OID policy
|
||||
named_pool: Name of an IP pool defined e.g. in a database backend
|
||||
|
||||
The following CHILD_SA specific configuration options are supported:
|
||||
|
|
|
@ -323,7 +323,7 @@ IPSEC_CONFDIR directory containing configuration files
|
|||
IPSEC_PIDDIR directory containing PID/socket files
|
||||
IPSEC_SCRIPT name of the ipsec script
|
||||
IPSEC_NAME name of ipsec distribution
|
||||
IPSEC_VERSION version numer of ipsec userland and kernel
|
||||
IPSEC_VERSION version number of ipsec userland and kernel
|
||||
IPSEC_STARTER_PID PID file for ipsec starter
|
||||
IPSEC_CHARON_PID PID file for IKE keying daemon
|
||||
.ad
|
||||
|
|
|
@ -31,7 +31,7 @@ typedef enum mem_pool_op_t mem_pool_op_t;
|
|||
* In-memory IP pool acquire operation.
|
||||
*/
|
||||
enum mem_pool_op_t {
|
||||
/** Check for an exsiting lease */
|
||||
/** Check for an existing lease */
|
||||
MEM_POOL_EXISTING,
|
||||
/** Get a new lease */
|
||||
MEM_POOL_NEW,
|
||||
|
|
|
@ -126,12 +126,12 @@ struct private_peer_cfg_t {
|
|||
uint32_t over_time;
|
||||
|
||||
/**
|
||||
* DPD check intervall
|
||||
* DPD check interval
|
||||
*/
|
||||
uint32_t dpd;
|
||||
|
||||
/**
|
||||
* DPD timeout intervall (used for IKEv1 only)
|
||||
* DPD timeout interval (used for IKEv1 only)
|
||||
*/
|
||||
uint32_t dpd_timeout;
|
||||
|
||||
|
|
|
@ -240,7 +240,7 @@ static void enable_disable(private_ha_kernel_t *this, u_int segment,
|
|||
}
|
||||
|
||||
/**
|
||||
* Get the currenlty active segments in the kernel for a clusterip file
|
||||
* Get the currently active segments in the kernel for a clusterip file
|
||||
*/
|
||||
static segment_mask_t get_active(private_ha_kernel_t *this, char *file)
|
||||
{
|
||||
|
|
|
@ -2739,7 +2739,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
|
|||
if (update && current_sa)
|
||||
{ /* check if there are actually any relevant changes, if not, we don't
|
||||
* send an update to the kernel as e.g. FreeBSD doesn't do that
|
||||
* atomically, causing unecessary traffic loss during rekeyings */
|
||||
* atomically, causing unnecessary traffic loss during rekeyings */
|
||||
update = policy_update_required(current_sa, assigned_sa);
|
||||
}
|
||||
|
||||
|
@ -2948,7 +2948,7 @@ METHOD(kernel_ipsec_t, del_policy, status_t,
|
|||
if (is_installed)
|
||||
{ /* check if there are actually any relevant changes, if not, we do
|
||||
* not send an update to the kernel as e.g. FreeBSD doesn't do that
|
||||
* atomically, causing unecessary traffic loss during rekeyings */
|
||||
* atomically, causing unnecessary traffic loss during rekeyings */
|
||||
policy->used_by->get_first(policy->used_by, (void**)&mapping);
|
||||
is_installed = policy_update_required(mapping, to_remove);
|
||||
}
|
||||
|
|
|
@ -69,7 +69,7 @@ struct init_listener_t {
|
|||
hashtable_t *initiated;
|
||||
|
||||
/**
|
||||
* IKE_SAs we have completed to initate (success or failure)
|
||||
* IKE_SAs we have completed to initiate (success or failure)
|
||||
*/
|
||||
hashtable_t *completed;
|
||||
|
||||
|
|
|
@ -311,7 +311,7 @@ static void save_auth_cfg(private_phase1_t *this,
|
|||
return;
|
||||
}
|
||||
auth = auth_cfg_create();
|
||||
/* for local config, we _copy_ entires from the config, as it contains
|
||||
/* for local config, we _copy_ entries from the config, as it contains
|
||||
* certificates we must send later. */
|
||||
auth->merge(auth, this->ike_sa->get_auth_cfg(this->ike_sa, local), local);
|
||||
this->ike_sa->add_auth_cfg(this->ike_sa, local, auth);
|
||||
|
|
|
@ -59,7 +59,7 @@ struct private_isakmp_vendor_t {
|
|||
ike_sa_t *ike_sa;
|
||||
|
||||
/**
|
||||
* Are we the inititator of this task
|
||||
* Are we the initiator of this task
|
||||
*/
|
||||
bool initiator;
|
||||
|
||||
|
|
|
@ -109,7 +109,7 @@ struct private_task_manager_t {
|
|||
array_t *packets;
|
||||
|
||||
/**
|
||||
* type of the initated exchange
|
||||
* type of the initiated exchange
|
||||
*/
|
||||
exchange_type_t type;
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ struct ike_auth_lifetime_t {
|
|||
* Create a new TASK_IKE_AUTH_LIFETIME task.
|
||||
*
|
||||
* @param ike_sa IKE_SA this task works for
|
||||
* @param initiator TRUE if taks is initiated by us
|
||||
* @param initiator TRUE if task is initiated by us
|
||||
* @return ike_auth_lifetime task to handle by the task_manager
|
||||
*/
|
||||
ike_auth_lifetime_t *ike_auth_lifetime_create(ike_sa_t *ike_sa, bool initiator);
|
||||
|
|
|
@ -91,7 +91,7 @@ struct ike_mobike_t {
|
|||
* Create a new ike_mobike task.
|
||||
*
|
||||
* @param ike_sa IKE_SA this task works for
|
||||
* @param initiator TRUE if taks is initiated by us
|
||||
* @param initiator TRUE if task is initiated by us
|
||||
* @return ike_mobike task to handle by the task_manager
|
||||
*/
|
||||
ike_mobike_t *ike_mobike_create(ike_sa_t *ike_sa, bool initiator);
|
||||
|
|
|
@ -59,7 +59,7 @@ struct private_ike_vendor_t {
|
|||
ike_sa_t *ike_sa;
|
||||
|
||||
/**
|
||||
* Are we the inititator of this task
|
||||
* Are we the initiator of this task
|
||||
*/
|
||||
bool initiator;
|
||||
};
|
||||
|
|
|
@ -115,7 +115,7 @@ extern enum_name_t *task_type_names;
|
|||
/**
|
||||
* Interface for a task, an operation handled within exchanges.
|
||||
*
|
||||
* A task is an elemantary operation. It may be handled by a single or by
|
||||
* A task is an elementary operation. It may be handled by a single or by
|
||||
* multiple exchanges. An exchange may even complete multiple tasks.
|
||||
* A task has a build() and an process() operation. The build() operation
|
||||
* creates payloads and adds it to the message. The process() operation
|
||||
|
@ -128,7 +128,7 @@ extern enum_name_t *task_type_names;
|
|||
* that the task completed, even when the task completed unsuccessfully. The
|
||||
* manager then removes the task from the list. A NEED_MORE is returned when
|
||||
* the task needs further build()/process() calls to complete, the manager
|
||||
* leaves the taks in the queue. A returned FAILED indicates a critical failure.
|
||||
* leaves the task in the queue. A returned FAILED indicates a critical failure.
|
||||
* The manager closes the IKE_SA whenever a task returns FAILED.
|
||||
*/
|
||||
struct task_t {
|
||||
|
@ -180,7 +180,7 @@ struct task_t {
|
|||
* Migrate a task to a new IKE_SA.
|
||||
*
|
||||
* After migrating a task, it goes back to a state where it can be
|
||||
* used again to initate an exchange. This is useful when a task
|
||||
* used again to initiate an exchange. This is useful when a task
|
||||
* has to get migrated to a new IKE_SA.
|
||||
* A special usage is when a INVALID_KE_PAYLOAD is received. A call
|
||||
* to reset resets the task, but uses another DH group for the next
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#include <collections/linked_list.h>
|
||||
#include <collections/hashtable.h>
|
||||
|
||||
/** Intervall to check for expired sessions, in seconds */
|
||||
/** Interval to check for expired sessions, in seconds */
|
||||
#define CLEANUP_INTERVAL 30
|
||||
|
||||
typedef struct private_fast_dispatcher_t private_fast_dispatcher_t;
|
||||
|
|
|
@ -83,7 +83,7 @@ struct fast_dispatcher_t {
|
|||
* The first controller added serves as default controller. Client's
|
||||
* get redirected to it if no other controller matches.
|
||||
*
|
||||
* @param constructor constructor function to the conntroller
|
||||
* @param constructor constructor function to the controller
|
||||
* @param param param to pass to constructor
|
||||
*/
|
||||
void (*add_controller)(fast_dispatcher_t *this,
|
||||
|
|
|
@ -69,7 +69,7 @@ enum pt_tls_message_type_t {
|
|||
extern enum_name_t *pt_tls_message_type_names;
|
||||
|
||||
/**
|
||||
* Result code for a single SASL mechansim, as sent in PT_TLS_SASL_RESULT
|
||||
* Result code for a single SASL mechanism, as sent in PT_TLS_SASL_RESULT
|
||||
*/
|
||||
enum pt_tls_sasl_result_t {
|
||||
PT_TLS_SASL_RESULT_SUCCESS = 0,
|
||||
|
|
|
@ -142,7 +142,7 @@ struct bio_reader_t {
|
|||
* Read a chunk of len bytes from the end of the buffer, reduce remaining.
|
||||
*
|
||||
* @param len number of bytes to read
|
||||
* @param res ponter to result, not cloned
|
||||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data_end)(bio_reader_t *this, uint32_t len, chunk_t *res);
|
||||
|
|
|
@ -141,7 +141,7 @@ extern enum_name_t *auth_rule_names;
|
|||
* RFC4739 defines multiple authentication rounds. This class defines such
|
||||
* a round from a configuration perspective, either for the local or the remote
|
||||
* peer. Local configs are called "rulesets". They define how we authenticate.
|
||||
* Remote peer configs are called "constraits". They define what is needed to
|
||||
* Remote peer configs are called "constraints". They define what is needed to
|
||||
* complete the authentication round successfully.
|
||||
*
|
||||
* @verbatim
|
||||
|
|
|
@ -62,7 +62,7 @@ struct certificate_printer_t {
|
|||
*
|
||||
* @param f file where print output is directed to (usually stdout)
|
||||
* @param detailed print more detailed certificate information
|
||||
* @param utc print time inforamtion in UTC
|
||||
* @param utc print time information in UTC
|
||||
*/
|
||||
certificate_printer_t* certificate_printer_create(FILE *f, bool detailed,
|
||||
bool utc);
|
||||
|
|
|
@ -177,7 +177,7 @@ struct crypto_factory_t {
|
|||
* Register a crypter constructor.
|
||||
*
|
||||
* @param algo algorithm to constructor
|
||||
* @param key size key size to peform benchmarking for
|
||||
* @param key size key size to perform benchmarking for
|
||||
* @param plugin_name plugin that registered this algorithm
|
||||
* @param create constructor function for that algorithm
|
||||
* @return TRUE if registered, FALSE if test vector failed
|
||||
|
@ -204,7 +204,7 @@ struct crypto_factory_t {
|
|||
* Register a aead constructor.
|
||||
*
|
||||
* @param algo algorithm to constructor
|
||||
* @param key size key size to peform benchmarking for
|
||||
* @param key size key size to perform benchmarking for
|
||||
* @param plugin_name plugin that registered this algorithm
|
||||
* @param create constructor function for that algorithm
|
||||
* @return TRUE if registered, FALSE if test vector failed
|
||||
|
|
|
@ -62,7 +62,7 @@ struct private_gcm_aead_t {
|
|||
};
|
||||
|
||||
/**
|
||||
* Find a suiteable word size and network order conversion functions
|
||||
* Find a suitable word size and network order conversion functions
|
||||
*/
|
||||
#if ULONG_MAX == 18446744073709551615UL && defined(htobe64)
|
||||
# define htobeword htobe64
|
||||
|
|
|
@ -306,7 +306,7 @@ METHOD(diffie_hellman_t, get_my_public_value, bool,
|
|||
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
|
||||
if (!rng)
|
||||
{
|
||||
DBG1(DBG_LIB, "could not instatiate random source");
|
||||
DBG1(DBG_LIB, "could not instantiate random source");
|
||||
return FALSE;
|
||||
}
|
||||
if (!rng->get_bytes(rng, seed_len, a_seed.ptr))
|
||||
|
@ -463,7 +463,7 @@ METHOD(diffie_hellman_t, set_other_public_value, bool,
|
|||
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
|
||||
if (!rng)
|
||||
{
|
||||
DBG1(DBG_LIB, "could not instatiate random source");
|
||||
DBG1(DBG_LIB, "could not instantiate random source");
|
||||
goto end;
|
||||
}
|
||||
if (!rng->get_bytes(rng, seed_len, noise_seed.ptr))
|
||||
|
|
|
@ -71,7 +71,7 @@ struct ntru_drbg_t {
|
|||
};
|
||||
|
||||
/**
|
||||
* Create and instantiate a new DRBG objet.
|
||||
* Create and instantiate a new DRBG object.
|
||||
*
|
||||
* @param strength security strength in bits
|
||||
* @param pers_str personalization string
|
||||
|
|
|
@ -49,7 +49,7 @@ struct ntru_poly_t {
|
|||
void (*get_array)(ntru_poly_t *this, uint16_t *array);
|
||||
|
||||
/**
|
||||
* Multiply polynomial a with ntru_poly_t object b having sparse coeffients
|
||||
* Multiply polynomial a with ntru_poly_t object b having sparse coefficients
|
||||
* to form result polynomial c = a * b
|
||||
*
|
||||
* @param a input polynomial a
|
||||
|
|
|
@ -395,7 +395,7 @@ traffic_selector_t *traffic_selector_create_from_subnet(
|
|||
* greater or equal to 256 they are assumed to be type and code as defined
|
||||
* for traffic_selector_t.
|
||||
*
|
||||
* @param protocol upper layer protocl to allow
|
||||
* @param protocol upper layer protocol to allow
|
||||
* @param from_port start of allowed port range
|
||||
* @param to_port end of range
|
||||
* @return
|
||||
|
|
|
@ -29,7 +29,7 @@ static void include_files(parser_helper_t *ctx);
|
|||
/* use start conditions stack */
|
||||
%option stack
|
||||
|
||||
/* do not declare unneded functions */
|
||||
/* do not declare unneeded functions */
|
||||
%option noinput noyywrap
|
||||
|
||||
/* don't use global variables, and interact properly with bison */
|
||||
|
|
|
@ -204,7 +204,7 @@ Suite *printf_suite_create()
|
|||
tcase_add_test(tc, test_printf_err);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
tc = tcase_create("unsiged");
|
||||
tc = tcase_create("unsigned");
|
||||
tcase_add_test(tc, test_printf_unsigned);
|
||||
suite_add_tcase(s, tc);
|
||||
|
||||
|
|
|
@ -112,7 +112,7 @@ METHOD(condvar_t, timed_wait, bool,
|
|||
thread_set_active_condvar(&this->cv);
|
||||
|
||||
/* while a CriticalSection is recursive, waiting in a condvar releases
|
||||
* only one mutex. So release (and reaquire) all locks except the last. */
|
||||
* only one mutex. So release (and reacquire) all locks except the last. */
|
||||
times = mutex->times;
|
||||
while (mutex->times-- > 1)
|
||||
{
|
||||
|
|
|
@ -104,7 +104,7 @@ struct tls_socket_t {
|
|||
* @param peer client identity, NULL for no client authentication
|
||||
* @param fd socket to read/write from
|
||||
* @param cache session cache to use, or NULL
|
||||
* @param max_version maximun TLS version to negotiate
|
||||
* @param max_version maximum TLS version to negotiate
|
||||
* @param nullok accept NULL encryption ciphers
|
||||
* @return TLS socket wrapper
|
||||
*/
|
||||
|
|
|
@ -30,7 +30,7 @@ static void include_files(parser_helper_t *ctx);
|
|||
/* use start conditions stack */
|
||||
%option stack
|
||||
|
||||
/* do not declare unneded functions */
|
||||
/* do not declare unneeded functions */
|
||||
%option noinput noyywrap
|
||||
|
||||
/* don't use global variables, and interact properly with bison */
|
||||
|
|
|
@ -131,7 +131,7 @@ static void __attribute__ ((constructor))reg()
|
|||
{"--child <name> [--ike <name>] [--timeout <s>] [--raw|--pretty]"},
|
||||
{
|
||||
{"help", 'h', 0, "show usage information"},
|
||||
{"child", 'c', 1, "initate a CHILD_SA configuration"},
|
||||
{"child", 'c', 1, "initiate a CHILD_SA configuration"},
|
||||
{"ike", 'i', 1, "name of the connection to which the child belongs"},
|
||||
{"timeout", 't', 1, "timeout in seconds before detaching"},
|
||||
{"raw", 'r', 0, "dump raw response message"},
|
||||
|
|
Loading…
Reference in New Issue