Correct comment spelling errors detected using codespell.
Reported by Jens Schleusener.
* host (r) the target host name
* port (r) the target port, in host byte order
*
- * Returns: the established socket file desciptor, or -1 on failure
+ * Returns: the established socket file descriptor, or -1 on failure
*
* Effects:
*
* Effects:
*
* The GSS-API messages associated with maj_stat and min_stat are
- * displayed on stderr, each preceeded by "GSS-API error <msg>: " and
+ * displayed on stderr, each preceded by "GSS-API error <msg>: " and
* followed by a newline.
*/
void
/*
* Function: display_ctx_flags
*
- * Purpose: displays the flags returned by context initation in
+ * Purpose: displays the flags returned by context initiation in
* a human-readable form
*
* Arguments:
* Effects:
*
* The service name is imported with gss_import_name, and service
- * credentials are acquired with gss_acquire_cred. If either opertion
+ * credentials are acquired with gss_acquire_cred. If either operation
* fails, an error message is displayed and -1 is returned; otherwise,
* 0 is returned. If mech is given, credentials are acquired for the
* specified mechanism.
InitInfo& info
)
{
- // This funciton will not do automatic initialization.
+ // This function will not do automatic initialization.
CcAutoLock AL(s_lock);
if (!s_init) {
memset(&info, 0, sizeof(info));
InitInfo& info
)
{
- // This funciton will not do automatic initialization.
+ // This function will not do automatic initialization.
CcAutoLock AL(s_lock);
if (!s_init) {
memset(&info, 0, sizeof(info));
extern "C" DWORD alloc_textual_sid(
PSID pSid, // binary Sid
- LPSTR *pTextualSid // buffer for Textual representaion of Sid
+ LPSTR *pTextualSid // buffer for Textual representation of Sid
) {
PSID_IDENTIFIER_AUTHORITY psia;
DWORD dwSubAuthorities;
// On Win9x/Me, the RPC exception will not be caught.
// However, Win9x ignores exceptions during process shutdown,
// so the exception will never be seen unless a debugger is
- // attached to the proccess.
+ // attached to the process.
//
- // A good potential woraround would be to have a global
+ // A good potential workaround would be to have a global
// variable that denotes whether the DLL is attached to the
// process. If it is not, all entrypoints into the DLL should
// return failure.
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "ksu.h"
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "ksu.h"
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "ksu.h"
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "ksu.h"
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "k5-int.h"
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
- * KSU was writen by: Ari Medvinsky, ari@isi.edu
+ * KSU was written by: Ari Medvinsky, ari@isi.edu
*/
#include "ksu.h"
#endif /* GET_TGT_VIA_PASSWD */
}
- /* if the user is root or same uid then authentication is not neccesary,
+ /* if the user is root or same uid then authentication is not necessary,
root gets in automatically */
if (source_uid && (source_uid != target_uid)) {
#ifdef HAVE_GETUSERSHELL
- /* insist that the target login uses a standard shell (root is omited) */
+ /* insist that the target login uses a standard shell (root is omitted) */
if (!standard_shell(target_pwd->pw_shell) && source_uid) {
fprintf(stderr, _("ksu: permission denied (shell).\n"));
/*****************************************************************
get_params is to be called for the -a option or -e option to
collect all params passed in for the shell or for
- cmd. An aray is returned containing all params.
+ cmd. An array is returned containing all params.
optindex is incremented accordingly and the first
element in the returned array is reserved for the
name of the command to be executed or the name of the
int RE_errno; /* realated system error */
enum auth_stat RE_why; /* why the auth error occurred */
struct {
- rpcvers_t low; /* lowest verion supported */
- rpcvers_t high; /* highest verion supported */
+ rpcvers_t low; /* lowest version supported */
+ rpcvers_t high; /* highest version supported */
} RE_vers;
struct { /* maybe meaningful if RPC_FAILED */
int32_t s1;
/*
- * RPCTEST is a test program which is accessable on every rpc
+ * RPCTEST is a test program which is accessible on every rpc
* transport/port. It is used for testing, performance evaluation,
* and network administration.
*/
/*
* Bottom up definition of an rpc message.
- * NOTE: call and reply use the same overall stuct but
+ * NOTE: call and reply use the same overall struct but
* different parts of unions within it.
*/
#endif
u_short xp_port; /* associated port number */
struct xp_ops {
- /* receive incomming requests */
+ /* receive incoming requests */
bool_t (*xp_recv)(struct SVCXPRT *, struct rpc_msg *);
/* get transport status */
enum xprt_stat (*xp_stat)(struct SVCXPRT *);
SVCAUTH *xp_auth; /* auth flavor of current req */
void *xp_p1; /* private */
void *xp_p2; /* private */
- int xp_laddrlen; /* lenght of local address */
+ int xp_laddrlen; /* length of local address */
struct sockaddr_in xp_laddr; /* local address */
} SVCXPRT;
enum auth_stat gssrpc__svcauth_none(struct svc_req *,
struct rpc_msg *, bool_t *);
/* unix style (uid, gids) */
-/* RENAMED: shoudl be _svcauth_unix. */
+/* RENAMED: should be _svcauth_unix. */
enum auth_stat gssrpc__svcauth_unix(struct svc_req *,
struct rpc_msg *, bool_t *);
/* short hand unix style */
/*
* The XDR handle.
* Contains operation which is being applied to the stream,
- * an operations vector for the paticular implementation (e.g. see xdr_mem.c),
+ * an operations vector for the particular implementation (e.g. see xdr_mem.c),
* and two private fields for the use of the particular impelementation.
*/
typedef struct XDR {
};
/*
- * In-line routines for fast encode/decode of primitve data types.
+ * In-line routines for fast encode/decode of primitive data types.
* Caveat emptor: these use single memory cycles to get the
* data from the underlying buffer, and will fail to operate
* properly if the data is not aligned. The standard way to use these
* A pluggable interface should have one or more currently supported major
* versions, starting at 1. Each major version should have a current minor
* version, also starting at 1. If new methods are added to a vtable, the
- * minor version should be incremented and the vtable stucture should document
+ * minor version should be incremented and the vtable structure should document
* where each minor vtable version ends. If method signatures for a vtable are
* changed, the major version should be incremented.
*
krb5_data **code);
modifies *code
effects Returns the ASN.1 encoding of *rep in **code.
- Returns ASN1_MISSING_FIELD if a required field is emtpy in *rep.
+ Returns ASN1_MISSING_FIELD if a required field is empty in *rep.
Returns ENOMEM if memory runs out.
*/
krb5_error_code KRB5_CALLCONV
krb5int_cc_default(krb5_context, krb5_ccache *);
-/* Fill in the buffer with random alpha-numeric data. */
+/* Fill in the buffer with random alphanumeric data. */
krb5_error_code
krb5int_random_string(krb5_context, char *string, unsigned int length);
size_t krb5int_utf8_strcspn( const char* str, const char *set);
/* span characters in set, return bytes spanned */
size_t krb5int_utf8_strspn( const char* str, const char *set);
-/* return first occurance of character in string */
+/* return first occurrence of character in string */
char *krb5int_utf8_strchr( const char* str, const char *chr);
/* return first character of set in string */
char *krb5int_utf8_strpbrk( const char* str, const char *set);
/*
* Optional: For each principal entry in the database, invoke func with the
- * argments func_arg and the entry data. If match_entry is specified, the
+ * arguments func_arg and the entry data. If match_entry is specified, the
* module may narrow the iteration to principal names matching that regular
* expression; a module may alternatively ignore match_entry.
*/
/*
* Optional: For each password policy entry in the database, invoke func
- * with the argments data and the entry data. If match_entry is specified,
- * the module may narrow the iteration to policy names matching that
- * regular expression; a module may alternatively ignore match_entry.
+ * with the arguments data and the entry data. If match_entry is
+ * specified, the module may narrow the iteration to policy names matching
+ * that regular expression; a module may alternatively ignore match_entry.
*/
krb5_error_code (*iter_policy)(krb5_context kcontext, char *match_entry,
osa_adb_iter_policy_func func,
#define PROT_CONSTRAINT 1 /**< Protocol constraint */
#define LOCAL_POLICY 2 /**< Local policy violation */
-#define REQID_LEN 32 /* Size of the alpha-numeric request ID */
+#define REQID_LEN 32 /* Size of the alphanumeric request ID */
/** KDC audit state structure and declarations */
typedef struct _krb5_audit_state {
#include <verto.h>
-/* The delimeter characters supported by the addresses string. */
+/* The delimiter characters supported by the addresses string. */
#define ADDRESSES_DELIM ",; "
typedef struct _krb5_fulladdr {
* Contexts are needed in lots of places. Opaque application-provided
* handles are passed around in lots of place, but contexts are not.
* For now, we'll require that the application provide us an easy way
- * to get at a context; eventually it should probably be explicity.
+ * to get at a context; eventually it should probably be explicitly.
*/
krb5_context get_context(void *handle);
/*
* If no principal name is specified: If authenticating anonymously, use
- * the anonymouse principal for the local realm, else if a ccache was
+ * the anonymous principal for the local realm, else if a ccache was
* specified and its primary principal name can be read, it is used, else
* if a keytab was specified, the principal name is host/hostname,
* otherwise append "/admin" to the primary name of the default ccache,
&global_params, &global_params);
if (retval) {
com_err(progname, retval,
- _("while retreiving configuration parameters"));
+ _("while retrieving configuration parameters"));
exit(1);
}
/*
* Function: kadm_1
*
- * Purpose: RPC proccessing procedure.
+ * Purpose: RPC processing procedure.
* originally generated from rpcgen
*
* Arguments:
krb5_ret = krb5_unparse_name(context, princ->principal, &tmp);
if (krb5_ret) {
/* XXX Do we want to return an error? Not sure. */
- Tcl_DStringAppendElement(str, "[unparseable principal]");
+ Tcl_DStringAppendElement(str, "[unparsable principal]");
}
else {
Tcl_DStringAppendElement(str, tmp);
if (mask & KADM5_MOD_NAME) {
if ((krb5_ret = krb5_unparse_name(context, princ->mod_name, &tmp))) {
/* XXX */
- Tcl_DStringAppendElement(str, "[unparseable principal]");
+ Tcl_DStringAppendElement(str, "[unparsable principal]");
}
else {
Tcl_DStringAppendElement(str, tmp);
char *sname;
if (krb5_unparse_name(context, p, &sname)) {
krb5_klog_syslog(LOG_INFO,
- _("TGS_REQ: issuing alternate <un-unparseable> TGT"));
+ _("TGS_REQ: issuing alternate <un-unparsable> TGT"));
} else {
limit_string(sname);
krb5_klog_syslog(LOG_INFO, _("TGS_REQ: issuing TGT %s"), sname);
* data doesn't correspond to the replaced reply key, and RFC 4120 section
* 5.2.7.5 forbids us from sending etype-info describing the initial reply
* key in an AS-REP if it doesn't have the same enctype as the replaced
- * reply key. For all current and forseeable preauth mechs, we can assume
+ * reply key. For all current and foreseeable preauth mechs, we can assume
* the client received etype-info2 in an earlier step and already computed
* the initial reply key if it needed it. The client can determine the
* enctype of the replaced reply key from the etype field of the enc-part
/*
* Setup our signal handlers which will forward to the children.
- * These handlers will be overriden in the child processes.
+ * These handlers will be overridden in the child processes.
*/
#ifdef POSIX_SIGNALS
(void) sigemptyset(&s_action.sa_mask);
inbuf.length = sizeof(database_size);
retval = krb5_mk_safe(context,auth_context,&inbuf,confmsg,NULL);
if (retval) {
- com_err(progname, retval, "while encoding # of receieved bytes");
+ com_err(progname, retval, "while encoding # of received bytes");
send_error(context, fd, retval, "while encoding # of received bytes");
exit(1);
}
*
* - addresses
* A string for the addresses. Pass NULL to use the wildcard address.
- * Supported delimeters can be found in ADDRESSES_DELIM. Addresses are
+ * Supported delimiters can be found in ADDRESSES_DELIM. Addresses are
* parsed with k5_parse_host_name().
* - default_port
* What port the socket should be set to if not specified in addresses.
if (!to || !tolen || !r)
return recvfrom(sock, buf, len, flags, from, fromlen);
- /* Clobber with something recognizeable in case we can't extract the
- * address but try to use it anyways. */
+ /* Clobber with something recognizable in case we can't extract the address
+ * but try to use it anyways. */
memset(to, 0x40, *tolen);
iov.iov_base = buf;
aux_addressing_info *auxaddr)
{
if (to && tolen) {
- /* Clobber with something recognizeable in case we try to use the
+ /* Clobber with something recognizable in case we try to use the
* address. */
memset(to, 0x40, *tolen);
*tolen = 0;
by "*key", then after getting a new key, call the des_set_key()
routine when needed.
- No meaningfull value is returned. Void is not used for compatibility
+ No meaningful value is returned. Void is not used for compatibility
with other compilers.
printf("%02x ",cipher_text[j]);
printf("\n\n");
if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
- printf("verify: error in CBC cheksum\n");
+ printf("verify: error in CBC checksum\n");
exit(-1);
}
else
#else
- /* Heavy mangling, in 4 sub-rounds of 20 interations each. */
+ /* Heavy mangling, in 4 sub-rounds of 20 iterations each. */
subRound( A, B, C, D, E, f1, K1, eData[ 0 ] );
subRound( E, A, B, C, D, f1, K1, eData[ 1 ] );
subRound( D, E, A, B, C, f1, K1, eData[ 2 ] );
/* When run on a little-endian CPU we need to perform byte reversal on an
array of longwords. It is possible to make the code endianness-
- independant by fiddling around with data at the byte level, but this
+ independent by fiddling around with data at the byte level, but this
makes for very slow code, so we rely on the user to sort out endianness
at compile time */
/* Interface layer to krb5 crypto layer */
/* The workhorse of the arcfour system,
- * this impliments the cipher
+ * this implements the cipher
*/
/* In-place IOV crypto */
goto fail;
}
- /* Always read the clients bindings - eventhough we might ignore them */
+ /* Always read the client's bindings, even though we might ignore
+ * them. */
TREAD_STR(ptr, ptr2, reqcksum.length);
if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS ) {
} gss_krb5_lucid_key_t;
typedef struct gss_krb5_rfc1964_keydata {
- OM_uint32 sign_alg; /* signing algorthm */
+ OM_uint32 sign_alg; /* signing algorithm */
OM_uint32 seal_alg; /* seal/encrypt algorithm */
gss_krb5_lucid_key_t ctx_key;
/* Context key
* the padding length.
*
* If the caller manages the padding length, then relative_padlength
- * wil be zero.
+ * will be zero.
*
* eg. if the buffers are structured as follows:
*
/*
* if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
* appropriate default. We use the first mechanism in the
- * mechansim list as the default. This set is created with
+ * mechanism list as the default. This set is created with
* statics thus needs not be freed
*/
if(desired_mechs == GSS_C_NULL_OID_SET) {
/*
* if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
* appropriate default. We use the first mechanism in the
- * mechansim list as the default. This set is created with
+ * mechanism list as the default. This set is created with
* statics thus needs not be freed
*/
if(desired_mechs == GSS_C_NULL_OID_SET) {
dest_union->name_type = 0;
dest_union->external_name = 0;
- /* Now copy the external representaion */
+ /* Now copy the external representation. */
if (gssint_create_copy_buffer(src_union->external_name,
&dest_union->external_name, 0))
goto allocation_failure;
* the unwrapped name. Presumably the exported name had,
* prior to being exported been obtained in such a way
* that it has been properly perpared ("canonicalized," in
- * GSS-API terms) accroding to some name type; we cannot
+ * GSS-API terms) according to some name type; we cannot
* tell what that name type was now, but the name should
* need no further preparation other than the lowest
* common denominator afforded by the mech to names
#include "mglueP.h"
/*
- * gss_release_oid has been moved to g_initialize, becasue it requires access
+ * gss_release_oid has been moved to g_initialize, because it requires access
* to the mechanism list. All functions requiring direct access to the
* mechanism list are now in g_initialize.c
*/
* access mechanism specific versions of the gssapi routines through
* the routines in the glue module (gssd_mech_glue.c)
*
- * This contants all of the functions defined in gssapi.h except for
+ * This contains all of the functions defined in gssapi.h except for
* gss_release_buffer() and gss_release_oid_set(), which I am
* assuming, for now, to be equal across mechanisms.
*/
* In the user space we use a wrapper structure to encompass the
* mechanism entry points. The wrapper contain the mechanism
* entry points and other data which is only relevant to the gss-api
- * layer. In the kernel we use only the gss_config strucutre because
- * the kernal does not cantain any of the extra gss-api specific data.
+ * layer. In the kernel we use only the gss_config structure because
+ * the kernel does not cantain any of the extra gss-api specific data.
*/
typedef struct gss_mech_config {
char *kmodName; /* kernel module name */
}
/*
- * This routine compares the recieved mechset to the mechset that
+ * This routine compares the received mechset to the mechset that
* this server can support. It looks sequentially through the mechset
* and the first one that matches what the server can support is
* chosen as the negotiated mechanism. If one is found, negResult
goto error;
/*
- * Bypass the remainder of the code and return straightaway
+ * Bypass the remainder of the code and return straight away
* if the gss service requested is kiprop
*/
if (iprop_enable) {
error_code KADM5_BAD_LENGTH, "Invalid password length"
error_code KADM5_BAD_POLICY, "Illegal policy name"
error_code KADM5_BAD_PRINCIPAL, "Illegal principal name"
-error_code KADM5_BAD_AUX_ATTR, "Invalid auxillary attributes"
+error_code KADM5_BAD_AUX_ATTR, "Invalid auxiliary attributes"
error_code KADM5_BAD_HISTORY, "Invalid password history count"
error_code KADM5_BAD_MIN_PASS_LIFE, "Password minimum life is greater than password maximum life"
error_code KADM5_PASS_Q_TOOSHORT, "Password is too short"
bool_t xdr_krb5_key_data_nocontents(XDR *xdrs, krb5_key_data *objp)
{
/*
- * Note that this function intentionally DOES NOT tranfer key
+ * Note that this function intentionally DOES NOT transfer key
* length or contents! xdr_krb5_key_data in adb_xdr.c does, but
* that is only for use within the server-side library.
*/
* success.
*
* Modifies:
- * word_list to point to a chunck of allocated memory containing
+ * word_list to point to a chunk of allocated memory containing
* pointers to words
* word_block to contain the dictionary.
*
* kvnop (w) kvno to fill in, or NULL
*
* Effects: Searches the key_data array of entry, which must have been
- * retrived with kadm5_get_principal with the KADM5_KEY_DATA mask, to
+ * retrieved with kadm5_get_principal with the KADM5_KEY_DATA mask, to
* find a key with a specified enctype, salt type, and kvno in a
* principal entry. If not found, return ENOENT. Otherwise, decrypt
* it with the master key, and return the key in keyblock, the salt
#
# admin with changepw service tickets try to change other principals
-# password, failes with AUTH error
+# password, fails with AUTH error
test "chpass-principal 180.625"
proc test180625 {} {
global test
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return
}
send "lindex \$principal 10\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 1\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
if { ! [cmd {kadm5_get_policy $server_handle test-pol policy} ]} {
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 3\n"
if {! [cmd [format {
kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
} $test]]} {
- fail "$test: can not retreive principal"
+ fail "$test: can not retrieve principal"
return;
}
send "lindex \$principal 4\n"
$KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
server_handle
}]} {
- perror "$test unexecpted failure in init"
+ perror "$test unexpected failure in init"
return
}
if {! [cmd [format {
kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
{KADM5_PW_EXPIRATION}
} $test]]} {
- fail "$test: modifiy failed"
+ fail "$test: modify failed"
return
}
if {! [cmd [format {
kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
{KADM5_PW_EXPIRATION}
} $test]]} {
- fail "$test: modifiy failed"
+ fail "$test: modify failed"
return
}
if {! [cmd [format {
kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
{KADM5_POLICY_CLR}
} $test]]} {
- fail "$test: modifiy failed"
+ fail "$test: modify failed"
return
}
if {! [cmd [format {
send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set current_api_version \[expr \$KADM5_API_VERSION_3 &~ \$KADM5_API_VERSION_MASK\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set bad_struct_version_mask \[expr 0x65432100 | \$current_struct_version\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set bad_api_version_mask \[expr 0x65432100 | \$current_api_version\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set no_api_version_mask \$current_api_version\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set no_struct_version_mask \$current_struct_version\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n"
expect {
-re "$prompt$" {}
- eof { perror "EOF setting API varibles"}
- timeout { perror "timeout setting API varibles"}
+ eof { perror "EOF setting API variables"}
+ timeout { perror "timeout setting API variables"}
}
set api_pid $pid
* The timeout parameter is the total timeout across all retries in
* milliseconds.
*
- * If the cb is called with a retval of ETIMEDOUT it indicates that the alloted
- * time has elapsed. However, in the case of a timeout, we continue to listen
- * for the packet until krad_remote_cancel() is called or a response is
+ * If the cb is called with a retval of ETIMEDOUT it indicates that the
+ * allotted time has elapsed. However, in the case of a timeout, we continue to
+ * listen for the packet until krad_remote_cancel() is called or a response is
* received. This means that cb will always be called twice in the event of a
* timeout. This permits you to pursue other remotes while still listening for
* a response from the first one.
}
/* Add the specified flags to the remote. This automatically manages the
- * lifecyle of the underlying event. Also connects if disconnected. */
+ * lifecycle of the underlying event. Also connects if disconnected. */
static krb5_error_code
remote_add_flags(krad_remote *remote, verto_ev_flag flags)
{
}
/* Remove the specified flags to the remote. This automatically manages the
- * lifecyle of the underlying event. */
+ * lifecycle of the underlying event. */
static void
remote_del_flags(krad_remote *remote, verto_ev_flag flags)
{
}
}
-/* Handle when packets receive no response within their alloted time. */
+/* Handle when packets receive no response within their allotted time. */
static void
on_timeout(verto_ctx *ctx, verto_ev *ev)
{
* If KRB5_GENEROUS_LR_TYPE is defined, then we are generous about
* accepting a one byte negative lr_type - which is not sign
* extended. Prior to July 2000, we were sending a negative lr_type as
- * a positve single byte value - instead of a signed integer. This
+ * a positive single byte value - instead of a signed integer. This
* allows us to receive the old value and deal
*/
#define KRB5_GENEROUS_LR_TYPE
* cursor is a krb5_cc_cursor originally obtained from
* krb5_mcc_start_seq_get.
*
- * Modifes:
+ * Modifies:
* cursor, creds
*
* Effects:
* id
*
* Effects:
- * Acccess the MS Kerberos LSA cache in the current logon session
+ * Access the MS Kerberos LSA cache in the current logon session
* Ignore the residual.
*
* Returns:
* cursor is a krb5_cc_cursor originally obtained from
* krb5_lcc_start_seq_get.
*
- * Modifes:
+ * Modifies:
* cursor
*
* Effects:
/*
* end seq
*
- * just free up the storage assoicated with the cursor (if we can)
+ * just free up the storage associated with the cursor (if we can)
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_end_seq_get (krb5_context context,
/*
- * retreive
+ * retrieve
*
* - try to find a matching credential in the cache
*/
/*
* end seq
*
- * just free up the storage assoicated with the cursor (if we could)
+ * just free up the storage associated with the cursor (if we could)
*/
krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get
(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor)
free(id);
/* If the cache does not exist when we tried to destroy it,
- that's fine. That means someone else destryoed it since
+ that's fine. That means someone else destroyed it since
we resolved it. */
if (retval == KRB5_FCC_NOFILE)
return 0;
} stdccCacheData, *stdccCacheDataPtr;
-/* function protoypes */
+/* function prototypes */
void krb5_stdcc_shutdown(void);
/*
* copy_krb5_creds_to_cc_credentials
- * - analagous to above but in the reverse direction
+ * - analogous to above but in the reverse direction
*/
krb5_error_code
copy_krb5_creds_to_cc_cred_union (krb5_context in_context,
/*
* copyK5DataArrayToCC
- * - analagous to above, but in the other direction
+ * - analogous to above, but in the other direction
*/
int copyK5DataArrayToCC(krb5_creds *v5Creds, cc_creds *ccCreds, char whichArray)
{
/*
* dupK5toCC
- * - analagous to above but in the reverse direction
+ * - analogous to above but in the reverse direction
*/
void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
{
(in dupK5toCC() above) with its own memory allocation routines - which
may be different than how the CCache allocates memory - the Kerb5 library
must have its own version of cc_free_creds() to deallocate it. These
- functions do that. The top-level function to substitue for cc_free_creds()
+ functions do that. The top-level function to substitute for cc_free_creds()
is krb5_free_cc_cred_union().
If the CCache library wants to use a cred_union structure created by
#include "krb5.h"
-/* protoypes for private functions declared in stdcc_util.c */
+/* prototypes for private functions declared in stdcc_util.c */
#ifdef USE_CCAPI_V3
krb5_error_code
copy_cc_cred_union_to_krb5_creds (krb5_context in_context,
if (check_registered(context, "KEYRING:process:"))
do_test(context, "KEYRING:process:");
else
- printf("Skiping KEYRING: test - unregistered type\n");
+ printf("Skipping KEYRING: test - unregistered type\n");
do_test(context, "MEMORY:");
do_test(context, "FILE:");
* resolve to the generated caches and appear in the collection. (They
* might appear before being initialized; that's not currently considered
* important). The primary cache for the collection should remain as the
- * unitialized cache from the previous step.
+ * uninitialized cache from the previous step.
*/
typename = krb5_cc_get_type(ctx, ccinitial);
check(krb5_cc_new_unique(ctx, typename, NULL, &ccu1));
/*
* Displays a list of caches returned by the cccol cursor. The first argument,
* if given, is set to the default cache name for the context before iterating.
- * Any remaining argments are resolved as caches and kept open during the
+ * Any remaining arguments are resolved as caches and kept open during the
* iteration. If the argument "CONTENT" is given as one of the cache names,
* immediately exit with status 0 if the collection contains credentials and 1
* if it does not.
/* Version 4 header */
16,
"\x05\x04\x00\x0C\x00\x01\x00\x08\x00\x00\x01\x2C\x00\x00\xD4\x31",
- /* Verion 4 principal */
+ /* Version 4 principal */
37,
"\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0B\x4B\x52\x42\x54"
"\x45\x53\x54\x2E\x43\x4F\x4D\x00\x00\x00\x0A\x74\x65\x73\x74\x63"
* There are no separators between fields of an entry.
* A principal is a length-encoded array of length-encoded strings. The
* length is a krb5_int16 in each case. The specific format, then, is
- * multiple entries concatinated with no separators. An entry has this
+ * multiple entries concatenated with no separators. An entry has this
* exact format:
*
* sizeof(krb5_int16) bytes for number of components in the principal;
* Find and reserve a slot in the file for an entry of the needed size.
* The commit point will be set to the position in the file where the
* the length (sizeof(krb5_int32) bytes) of this node should be written
- * when commiting the write. The file position left as a result of this
+ * when committing the write. The file position left as a result of this
* call is the position where the actual data should be written.
*
* The size_needed argument may be adjusted if we find a hole that is
kret = krb5_kt_get_entry(context, kt, princ, 0, 0, &kent);
- CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting non-existant entry");
+ CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting nonexistent entry");
krb5_free_principal(context, princ);
/* PAC */
/*
- * A PAC consists of a sequence of PAC_INFO_BUFFERs, preceeded by
+ * A PAC consists of a sequence of PAC_INFO_BUFFERs, preceded by
* a PACTYPE header. Decoding the contents of the buffers is left
* to the application (notwithstanding signature verification).
*/
* NOTE: This is highly site specific, and is only really necessary
* for sites who need to convert from V4 to V5. It is used by both
* the KDC and the kdb5_convert program. Since its use is highly
- * specialized, the necesary information is just going to be
+ * specialized, the necessary information is just going to be
* hard-coded in this file.
*/
* also note that the reason why we are passing it in a structure
* instead of as an argument to encode_krb5_enc_kdc_rep_part (the
* way we should) is for compatibility with the ISODE version of
- * this fuction. Ah, compatibility....
+ * this function. Ah, compatibility....
*/
tmp_encpart = *encpart;
tmp_encpart.msg_type = type;
/* see if we can extract a number */
l = strtol(p, &q, 10);
if ((q != NULL) && (q > p)) {
- /* got a valid number; search for a matchin entry */
+ /* got a valid number; search for a matching entry */
for (i = base; padata[i] != NULL; i++) {
/* bubble the matching entry to the front of the list */
if (padata[i]->pa_type == l) {
If password is passed as NULL, the password is read from the terminal,
and then converted into a key.
- A succesful call will place the ticket in the credentials cache ccache.
+ A successful call will place the ticket in the credentials cache ccache.
returns system errors, encryption errors
*/
the system key store (e.g. /etc/krb5.keytab). If keyblock is non-NULL, it
is used as the decryption key.
- A succesful call will place the ticket in the credentials cache ccache.
+ A successful call will place the ticket in the credentials cache ccache.
returns system errors, encryption errors
if (list == NULL)
goto cleanup;
- /* For each credential, create a strcture in the list of credentials and
+ /* For each credential, create a structure in the list of credentials and
* copy the information. */
for (i = 0; i < count; i++) {
list[i] = k5alloc(sizeof(*list[i]), &ret);
if (ret)
goto cleanup;
- /* Verify the checkum over the re-encoded message. */
+ /* Verify the checksum over the re-encoded message. */
ret = krb5_k_verify_checksum(context, key, KRB5_KEYUSAGE_KRB_SAFE_CKSUM,
der_zerosafe, safe_cksum, &valid);
if (!valid) {
/*
* If there was a problem, send back a krb5_error message,
- * preceeded by the length of the krb5_error message. If
+ * preceded by the length of the krb5_error message. If
* everything's ok, send back 0 for the length.
*/
if (problem) {
/* ANL - Modified to allow Configurable Authentication Paths.
* This modification removes the restriction on the choice of realm
* names, i.e. they nolonger have to be hierarchical. This
- * is allowed by RFC 1510: "If a hierarchical orginization is not used
+ * is allowed by RFC 1510: "If a hierarchical organization is not used
* it may be necessary to consult some database in order to construct
* an authentication path between realms." The database is contained
* in the [capaths] section of the krb5.conf file.
* entries if the same krb5.conf is used for clients and servers)
*
* for example: ESnet will be running a KDC which will share
- * inter-realm keys with its many orginizations which include among
- * other ANL, NERSC and PNL. Each of these orginizations wants to
+ * inter-realm keys with its many organizations which include among
+ * other ANL, NERSC and PNL. Each of these organizations wants to
* use its DNS name in the realm, ANL.GOV. In addition ANL wants
* to authenticatite to HAL.COM via a K5.MOON and K5.JUPITER
* A [capaths] section of the krb5.conf file for the ANL.GOV clients
*
* This version of the Configurable Authentication Path modification
* differs from the previous versions prior to K5 beta 5 in that
- * the profile routines are used, and the explicite path from
- * client's realm to server's realm must be given. The modifications
- * will work together.
+ * the profile routines are used, and the explicit path from client's
+ * realm to server's realm must be given. The modifications will work
+ * together.
* DEE - 5/23/95
*/
/* Set the profile paths in the context. If secure is set to TRUE
then do not include user paths (from environment variables, etc).
- If kdc is TRUE, include kdc.conf from whereever we expect to find
+ If kdc is TRUE, include kdc.conf from wherever we expect to find
it. */
static krb5_error_code
os_init_paths(krb5_context ctx, krb5_boolean kdc)
} else {
PRINTF(("gssapi_create: processing signed isn\n"));
- /* don't check conf (integ only) or qop (accpet default) */
+ /* don't check conf (integ only) or qop (accept default) */
*gssstat = gss_unseal(minor_stat,
AUTH_PRIVATE(auth)->context,
&call_res.signed_isn,
* Memory based rpc for simple testing and timing.
* Interface to create an rpc client and server in the same process.
* This lets us similate rpc and get round trip overhead, without
- * any interference from the kernal.
+ * any interference from the kernel.
*/
#include <gssrpc/rpc.h>
* Caller may wish to set this something more useful.
*
* wait is the amount of time used between retransmitting a call if
- * no response has been heard; retransmition occurs until the actual
+ * no response has been heard; retransmission occurs until the actual
* rpc call times out.
*
* sendsz and recvsz are the maximum allowable packet sizes that can be
* The services list
* Each entry represents a set of procedures (an rpc program).
* The dispatch routine takes request structs and runs the
- * apropriate procedure.
+ * appropriate procedure.
*/
static struct svc_callout {
struct svc_callout *sc_next;
/*
* If the client's server_creds is already set, use it.
* Otherwise, try each credential in server_creds_list until
- * one of them succeedes, then set the client server_creds
+ * one of them succeeds, then set the client server_creds
* to that. If all fail, the client's server_creds isn't
* set (which is fine, because the client will be gc'ed
* anyway).
* svc_raw.c, This a toy for simple testing and timing.
* Interface to create an rpc client and server in the same UNIX process.
* This lets us similate rpc and get rpc (round trip) overhead, without
- * any interference from the kernal.
+ * any interference from the kernel.
*/
#include <gssrpc/rpc.h>
* svc_tcp.c, Server side for TCP/IP based RPC.
*
* Actually implements two flavors of transporter -
- * a tcp rendezvouser (a listner and connection establisher)
+ * a tcp rendezvouser (a listener and connection establisher)
* and a record/tcp stream.
*/
xprt->xp_verf.oa_base = cd->verf_body;
xprt->xp_addrlen = 0;
xprt->xp_laddrlen = 0;
- xprt->xp_ops = &svctcp_op; /* truely deals with calls */
+ xprt->xp_ops = &svctcp_op; /* truly deals with calls */
xprt->xp_port = 0; /* this is a connection, not a rendezvouser */
xprt->xp_sock = fd;
xprt_register(xprt);
static struct timeval wait_per_try = { 35, 0 };
/*
- * reads data from the tcp conection.
+ * reads data from the tcp connection.
* any error is fatal and the connection is closed.
* (And a read of zero bytes is a half closed stream => error.)
*/
}
/*
- * XDR a descriminated union
+ * XDR a discriminated union
* Support routine for discriminated unions.
* You create an array of xdrdiscrim structures, terminated with
* an entry with a null procedure pointer. The routine gets
}
/*
- * Look ahead fuction.
+ * Look ahead function.
* Returns TRUE iff there is no more input in the buffer
* after consuming the rest of the current record.
*/
/*
* The client must tell the package when an end-of-record has occurred.
* The second paraemters tells whether the record should be flushed to the
- * (output) tcp stream. (This let's the package support batched or
- * pipelined procedure calls.) TRUE => immmediate flush to tcp connection.
+ * (output) tcp stream. (This lets the package support batched or
+ * pipelined procedure calls.) TRUE => immediate flush to tcp connection.
*/
bool_t
xdrrec_endofrecord(XDR *xdrs, bool_t sendnow)
* referenced by a pointer inside the structure that is currently being
* translated. pp references a pointer to storage. If *pp is null
* the necessary storage is allocated.
- * size is the sizeof the referneced structure.
+ * size is the sizeof the referenced structure.
* proc is the routine to handle the referenced structure.
*/
bool_t
*
* Arguments:
* db (input) db handle
- * func (input) fucntion pointer to call
+ * func (input) function pointer to call
* data opaque data type
* <return value> 0 on success error code on failure
*
* time of this file is the "version number" of the database.
* At the start of a read operation, the reader checks the version
* number; at the end of the read operation, it checks again. If the
- * version number changed, or if the semaphore was nonexistant at
+ * version number changed, or if the semaphore was nonexistent at
* either time, the reader sleeps for a second to let things
* stabilize, and then tries again; if it does not succeed after
* KRB5_DBM_MAX_RETRY attempts, it gives up.
*
* If the system crashes in the middle of an update, the semaphore
* file is not automatically created on reboot; this is a feature, not
- * a bug, since the database may be inconsistant. Note that the
+ * a bug, since the database may be inconsistent. Note that the
* absence of a semaphore file does not prevent another _update_ from
* taking place later. Database replacements take place automatically
* only on replica servers; a crash in the middle of an update will be
(void) memcpy(nextloc, unparse_princ, unparse_princ_size);
nextloc += unparse_princ_size;
- /* tl_data is a linked list, of type, legth, contents */
+ /* tl_data is a linked list, of type, length, contents */
for (tl_data = entry->tl_data; tl_data; tl_data = tl_data->tl_data_next) {
krb5_kdb_encode_int16(tl_data->tl_data_type, nextloc);
nextloc += 2;
krb5_kdb_decode_int16(nextloc, key_data->key_data_kvno);
nextloc += 2;
- /* key_data_ver determins number of elements and how to unparse them. */
+ /* key_data_ver determines number of elements and how to unparse
+ * them. */
if (key_data->key_data_ver >= 0 &&
key_data->key_data_ver <= KRB5_KDB_V1_KEY_DATA_ARRAY) {
for (j = 0; j < key_data->key_data_ver; j++) {
/* We need to add every entry present in the source list to
* the destination list */
if (mode == LIST_MODE_ADD) {
- /* Traverse throught the end of destlist for appending */
+ /* Traverse through the end of destlist for appending */
for (dlist = *destlist, dcount = 0; *dlist != NULL;
dlist++, dcount++) {
; /* NULL statement */
/* We need to add every entry present in the source list to the
* destination list */
if (mode == LIST_MODE_ADD) {
- /* Traverse throught the end of destlist for appending */
+ /* Traverse through the end of destlist for appending */
for (dlist = destlist, dcount = 0; *dlist != END_OF_LIST;
dlist++, dcount++)
; /* NULL statement */
int i = 0;
/* Check for number of arguments -- minimum is 3
- since atleast one parameter should be given in
+ since at least one parameter should be given in
addition to 'modify_policy' and policy DN */
if ((argc < 3) || (argc > 16)) {
goto err_usage;
goto cleanup;
}
- /* TODO: file lock for the service passowrd file */
+ /* TODO: file lock for the service password file */
fclose(pfile);
fclose(newfile);
&global_params, &global_params);
if (retval) {
com_err(progname, retval,
- _("while retreiving configuration parameters"));
+ _("while retrieving configuration parameters"));
exit_status++;
goto cleanup;
}
}
/*
- * This is called incase krb5_get_ldap_handle returns NULL.
+ * This is called in case krb5_get_ldap_handle returns NULL.
* Try getting a single connection (handle) and return the same by
* calling krb5_get_ldap_handle function.
* Do not lock the mutex here. The caller should lock it
*container_dn = NULL;
SETUP_CONTEXT();
- /* read kerberos containter location from [dbmodules] section of krb5.conf file */
+ /* read kerberos container location from [dbmodules] section of krb5.conf file */
if (ldap_context->conf_section) {
if ((st=profile_get_string(context->profile, KDB_MODULE_SECTION, ldap_context->conf_section,
KRB5_CONF_LDAP_KERBEROS_CONTAINER_DN, NULL,
}
}
- /* read kerberos containter location from [dbdefaults] section of krb5.conf file */
+ /* read kerberos container location from [dbdefaults] section of krb5.conf file */
if (dn == NULL) {
if ((st=profile_get_string(context->profile, KDB_MODULE_DEF_SECTION,
KRB5_CONF_LDAP_KERBEROS_CONTAINER_DN, NULL,
* From the attrsetmask value, identify the attributes set on the directory user
* object and delete them.
* NOTE: krbsecretkey attribute has per principal entries. There can be chances that the
- * other principals' keys are exisiting/left-over. So delete all the values.
+ * other principals' keys are existing/left-over. So delete all the values.
*/
while (attrsetmask) {
if (attrsetmask & 1) {
/*
* Function: krb5_ldap_unparse_principal_name
*
- * Purpose: Removes '\\' that comes before every occurence of '@'
+ * Purpose: Removes '\\' that comes before every occurrence of '@'
* in the principal name component.
*
* Arguments:
/*
* Function: krb5_ldap_parse_principal_name
*
- * Purpose: Inserts '\\' before every occurence of '@'
+ * Purpose: Inserts '\\' before every occurrence of '@'
* in the principal name component.
*
* Arguments:
}
- /* Realm modify opearation */
+ /* Realm modify operation */
if (mods != NULL) {
if ((st=ldap_modify_ext_s(ld, rparams->realmdn, mods, NULL, NULL)) != LDAP_SUCCESS) {
st = set_ldap_error (context, st, OP_MOD);
* check the existence of the object. This serves one major purpose,
* i.e., if the object to be is anything other than the ticket policy
* object then the krb5_ldap_read_policy returns an error and thus is
- * not accidently deleted in this function.
+ * not accidentally deleted in this function.
*
* NOTE: Other kerberos objects (user/realm object) might be having
* references to the policy object to be deleted. This situation is
break;
default:
- pkiDebug("unknow as_rep type %d\n", kdc_reply->choice);
+ pkiDebug("unknown as_rep type %d\n", kdc_reply->choice);
goto cleanup;
}
krb5_data *dh_params, /* IN
???? */
int minbits); /* IN
- the mininum number of key bits acceptable */
+ the minimum number of key bits acceptable */
/*
* this function completes the KDC's DH protocol. The KDC generates
rc->kwval_type = kwval_type;
/*
- * Before procesing the value for this keyword,
+ * Before processing the value for this keyword,
* (compiling the regular expression or processing the list)
* we need to find the end of it. That means parsing for the
* beginning of the next keyword (or the end of the rule).
* returns: 0 on success
* KRB5 error codes otherwise
*
- * builds pricipal name with final instance of "SECURID" and
+ * builds principal name with final instance of "SECURID" and
* finds the database entry, decrypts the key out of the database
* and passes the key back to the calling process
*/
(memcmp(passcode, trackp->passcode, pin1_len) != 0)) {
retval = KRB5KDC_ERR_PREAUTH_FAILED;
krb5_klog_syslog(LOG_INFO, "New SecurID PIN Failed for user "
- "%s: PIN mis-match", user);
+ "%s: PIN mismatch", user);
break;
}
retval = SD_Pin(trackp->handle, passcode);
# Use kinit to get a ticket.
#
# For now always get forwardable tickets. Later when we need to make
- # tests that distiguish between forwardable tickets and otherwise
+ # tests that distinguish between forwardable tickets and otherwise
# we should but another option to this proc. --proven
#
spawn $KINIT -5 -f $name@$REALMNAME
# Use kinit to get a ticket.
#
# For now always get forwardable tickets. Later when we need to make
- # tests that distiguish between forwardable tickets and otherwise
+ # tests that distinguish between forwardable tickets and otherwise
# we should but another option to this proc. --proven
#
spawn $KINIT -5 -f -k -t $keytab $name@$REALMNAME
# Use kinit to get a ticket.
#
# For now always get forwardable tickets. Later when we need to make
- # tests that distiguish between forwardable tickets and otherwise
+ # tests that distinguish between forwardable tickets and otherwise
# we should but another option to this proc. --proven
#
spawn $KINIT -5 -f $name@$REALMNAME
# Use kinit to get a ticket.
#
# For now always get forwardable tickets. Later when we need to make
- # tests that distiguish between forwardable tickets and otherwise
+ # tests that distinguish between forwardable tickets and otherwise
# we should but another option to this proc. --proven
#
spawn $KINIT -5 -f $name@$REALMNAME
* host (r) the target host name
* port (r) the target port, in host byte order
*
- * Returns: the established socket file desciptor, or -1 on failure
+ * Returns: the established socket file descriptor, or -1 on failure
*
* Effects:
*
* Effects:
*
* The GSS-API messages associated with maj_stat and min_stat are
- * displayed on stderr, each preceeded by "GSS-API error <msg>: " and
+ * displayed on stderr, each preceded by "GSS-API error <msg>: " and
* followed by a newline.
*/
void
/*
* Function: display_ctx_flags
*
- * Purpose: displays the flags returned by context initation in
+ * Purpose: displays the flags returned by context initiation in
* a human-readable form
*
* Arguments:
* Effects:
*
* The service name is imported with gss_import_name, and service
- * credentials are acquired with gss_acquire_cred. If either opertion
+ * credentials are acquired with gss_acquire_cred. If either operation
* fails, an error message is displayed and -1 is returned; otherwise,
* 0 is returned.
*/
realm.kinit(realm.user_princ, password('user'), ['-X', 'indicators=one two'])
out = realm.run(['./t_srcattrs', 'p:service/2'])
-# Hexademical "one" and "two"
+# Hexadecimal "one" and "two"
if '6f6e65' not in out or '74776f' not in out:
fail('Expected auth indicator not seen in name attributes')
/*
- * Test program for inquiring about a security context, intented to be run from
+ * Test program for inquiring about a security context, intended to be run from
* a Python test script. Partially establishes a context to test inquiring
* about an incomplete context, and then establishes full contexts and inquires
* them. Exits with status 0 if all operations are successful, or 1 if not.
* (since krb5 1.3 we ordinarily ensure that there's only one). With the
* "swap" argument, the two history keys are swapped in order; we use this
* operation to simulate the case where krb5 1.7 or earlier chose something
- * other than the first history key to create pasword history entries.
+ * other than the first history key to create password history entries.
*/
#include <k5-int.h>
def flatten(self, defaults):
"""
- Flattens pathes to attributes.
+ Flattens paths to attributes.
Parameters
----------
static krb5_data result_ad_length = {
0, 30,
"\0\0" /* zero bytes */
- "\0\0\0\x0d" /* min length, 13 charaters */
+ "\0\0\0\x0d" /* min length, 13 characters */
"\0\0\0\0" /* history */
"\0\0\0\0" /* properties */
"\0\0\0\0\0\0\0\0" /* expire */
###
# The test2 module returns a fatal error on hosts beginning with 'z',
-# and an answer on hosts begining with 'a'.
+# and an answer on hosts beginning with 'a'.
mark('test2 module')
testh_error(realm, 'zoo', 'service not available', 'host_realm test2 z')
testh(realm, 'abacus', ['a'], 'host_realm test2 a')
mod = realm.special_env('mod', False, conf)
# test1's untyped an2ln method should come before the names method, mapping
-# test/a/b@X to its realm name (superceding auth_to_local_names).
+# test/a/b@X to its realm name (superseding auth_to_local_names).
test_an2ln(mod, 'test/a/b@X', 'X', 'mod untyped an2ln')
# Match the auth_to_local values in order. test2's TYPEA should map
# Get the K/M principal. Verify that it has the expected mkvno. Each
-# remaining argment must be a sequence of two elements: an expected
+# remaining argument must be a sequence of two elements: an expected
# key version and an expected enctype.
keyline_re = re.compile(r'^Key: vno (\d+), (\S+)$')
def check_master_dbent(expected_mkvno, *expected_keys):
# oprinc now exists, but we still get the fprinc ticket from the cache.
realm.run(['./gcred', 'srv-hst', oprinc], env=fallback_canon,
expected_msg=fprinc)
-# Without the cached result, we sould get oprinc in preference to fprinc.
+# Without the cached result, we should get oprinc in preference to fprinc.
os.rename(realm.ccache + '.save', realm.ccache)
realm.run(['./gcred', 'srv-hst', oprinc], env=fallback_canon,
expected_msg=oprinc)
In general, it is not in the domain of non user-interface library
routines to write error messages to the user's terminal, or halt the
process. Such forms of ``error handling'' should be reserved for
-failures of internal invariants and consistancy checks only, as it
+failures of internal invariants and consistency checks only, as it
provides the user of the library no way to clean up for himself in the
event of total failure.
error_code PROF_SECTION_WITH_VALUE,
"A profile section header has a non-zero value"
error_code PROF_BAD_LINK_LIST, "Bad linked list in profile structures"
-error_code PROF_BAD_GROUP_LVL, "Bad group level in profile strctures"
+error_code PROF_BAD_GROUP_LVL, "Bad group level in profile structures"
error_code PROF_BAD_PARENT_PTR,
- "Bad parent pointer in profile strctures"
+ "Bad parent pointer in profile structures"
error_code PROF_MAGIC_ITERATOR, "Bad magic value in profile iterator"
error_code PROF_SET_SECTION_VALUE, "Can't set value on section node"
error_code PROF_EINVAL, "Invalid argument passed to profile library"
}
/*
- * This function verifies that all of the representation invarients of
+ * This function verifies that all of the representation invariants of
* the profile are true. If not, we have a programming bug somewhere,
* probably in this file.
*/
/*
* Iterate through the section, returning the nodes which match
- * the given name. If name is NULL, then interate through all the
+ * the given name. If name is NULL, then iterate through all the
* nodes in the section. If section_flag is non-zero, only return the
* section which matches the name; don't return relations. If value
* is non-NULL, then only return relations which match the requested
/*
* Iterate through the section, returning the relations which match
- * the given name. If name is NULL, then interate through all the
+ * the given name. If name is NULL, then iterate through all the
* relations in the section. The first time this routine is called,
* the state pointer must be null. When this profile_find_node_relation()
* returns, if the state pointer is non-NULL, then this routine should
/*
* Iterate through the section, returning the subsections which match
- * the given name. If name is NULL, then interate through all the
+ * the given name. If name is NULL, then iterate through all the
* subsections in the section. The first time this routine is called,
* the state pointer must be null. When this profile_find_node_subsection()
* returns, if the state pointer is non-NULL, then this routine should
-->
<Include xmlns="http://schemas.microsoft.com/wix/2003/01/wi">
- <!-- include site sepecific customizations -->
+ <!-- include site-specific customizations -->
<?include site-local.wxi?>
<!-- Sanity checks -->
1) "Kerberos for Windows" 32-bit i386 MSI package
Upgrade code {61211594-AAA1-4A98-A299-757326763CC7}
- Upto current release
+ Up to current release
2) "Kerberos for Windows" 64-bit amd64 MSI package
Upgrade code {6DA9CD86-6028-4852-8C94-452CAC229244}
- Upto current release
+ Up to current release
2) "MIT Project Pismere Kerberos for Windows" MSI package and
"MIT SWRT Kerberos for Windows" MSI
END_FUNC_INFO
};
-// com_err funcitons
+// com_err functions
DECL_FUNC_PTR(error_message);
FUNC_INFO ce_fi[] = {
MAKE_FUNC_INFO(error_message),
NumOfAddrs = GetNumOfIpAddrs();
if ( NumOfAddrs != prevNumOfAddrs ) {
- // wait for the network state to stablize
+ // wait for the network state to stabilize
Sleep(2000);
// this call should probably be mutex protected
ObtainTicketsViaUserIfNeeded((HWND)hWnd);
// It looks like this is called by the framework when the window with the
// ribbon is going away, to give the application a chance to free any
-// application-specific resources (not from the framwork) that were bound
+// application-specific resources (not from the framework) that were bound
// to a command in OnCreateUICommand.
//
// We do not have any such resources, so we do not need to implement this
// ribbon.) Just proxy these commands through to the existing MFC
// handlers by sendding the appropriate message to the main window.
// Action only needs to be taken on the EXECUTE verb, so we can
-// ignore the additional properties surrouding the action, which would
+// ignore the additional properties surrounding the action, which would
// be relevant for other verbs.
//
// The commandIds are taken from the XML ribbon description.
}
- // Check all possible 'KRB' system varables, then reset (delete) debug file
+ // Check all possible 'KRB' system variables, then delete debug file
CHAR* Env[] = {"TEMP", "TMP", "HOME", NULL};
CHAR** pEnv = Env;
CHAR debugFilePath[MAX_PATH];
if (CMainFrame::m_isMinimum)
{
- // minimized dispay
+ // minimized display
ticketStatusKrb5.Format("Kerb-5: %02d:%02d Left",
(m_ticketTimeLeft / 60L / 60L),
(m_ticketTimeLeft / 60L % 60L));
#endif
- // TODO: Remove this if you don't want tool tips or a resizeable toolbar
+ // TODO: Remove this if you don't want tool tips or a resizable toolbar
//m_wndToolBar.SetPaneStyle(m_wndToolBar.GetPaneStyle() |
// CBRS_TOOLTIPS | CBRS_FLYBY | CBRS_SIZE_DYNAMIC);
/* The following definitions are summarized from KRB5, Leash32, and
* Leashw32 modules. They are current as of KfW 2.6.2. There is no
- * guarrantee that changes to other modules will be updated in this list.
+ * guarantee that changes to other modules will be updated in this list.
*/
/* Must match the values used in Leash32.exe */
/* These little utils are taken from lshutil.c
- they are added here for the Call back funtion.
+ they are added here for the Call back function.
****** beginning of added utils from lshutil.c ******/
BOOL IsDlgItem(HWND hWnd, WORD id)
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c - <<< One-line description of file >>> */
-/* leashdll/lshutil.cpp - text maniuplation for principal entry */
+/* leashdll/lshutil.cpp - text manipulation for principal entry */
/*
* Copyright (C) 2012 by the Massachusetts Institute of Technology.
* All rights reserved.
{
if (rc && !*tmpstr)
{
- strcpy(tmpstr, "Unable to syncronize time!\n\n");
+ strcpy(tmpstr, "Unable to synchronize time!\n\n");
if (*hostname)
{
char tmpstr1[2048];
return(LSH_SETTIMEOFDAY);
}
- sprintf(tmpstr, "The time has been syncronized with the server: %s\n\n", hostname);
+ sprintf(tmpstr, "The time has been synchronized with the server: %s\n\n", hostname);
strcat(tmpstr, "To be able to use the Kerberos server, it was necessary to \nset the system time to: ") ;
strcat(tmpstr, ctime((time_t *)&hosttime));
strcat(tmpstr, "\n");
// LoadFuncs:
//
// This function try to load the functions for a DLL. It returns 0 on failure
-// and non-zero on success. The parameters are descibed below.
+// and non-zero on success. The parameters are described below.
//
int
projects / thirdparty / krb5.git / commitdiff
