Spotted by codespell.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Anyone is welcome to contribute to GnuTLS. You can either take up
tasks from our [planned list](https://gitlab.com/gnutls/gnutls/milestones),
-or suprise us with enhancement we didn't plan for. In all cases be prepared
+or surprise us with enhancement we didn't plan for. In all cases be prepared
to defend and justify your enhancements, and get through few rounds
of changes.
certificate parsing part of gnutls. Some of the used prefixes are the
following.
* ```gnutls_x509_crt_``` for the X.509 certificate part
- * ```gnutls_session_``` for the TLS session part (but this may be omited)
+ * ```gnutls_session_``` for the TLS session part (but this may be omitted)
* ```gnutls_handshake_``` for the TLS handshake part
* ```gnutls_record_``` for the TLS record protocol part
* ```gnutls_alert_``` for the TLS alert protocol part
reasonable way. If the existing function allows flags, then a new flag
should be introduced to enable the new behavior.
-When it is necessary, or desireable to enable the new features by default
+When it is necessary, or desirable to enable the new features by default
(e.g., TLS1.3 introduction), the "next" releases should be used (and
introduced if necessary), to allow the modification to be tested for an
extended amount of time (see the [Release policy](RELEASES.md)).
# Committing a fix
-The fix when is made available, preferrably within 1 month of the report,
+The fix when is made available, preferably within 1 month of the report,
is pushed to the repository using a detailed message on all supported
branches which are affected. The commit message must refer to the bug
report addressed (e.g., our issue tracker or some external issue tracker).
# Releasing
Currently our releases are time-based, thus there are no special releases
-targetting security fixes. At release time the NEWS entries must reflect
+targeting security fixes. At release time the NEWS entries must reflect
the issues addressed (also referring to the relevant issue trackers), and
security-related entries get assigned a GNUTLS-SA (gnutls security advisory
number). The assignment is done at release time at the web repository, in
@cindex Raw public-keys
There are situations in which a rather large certificate / certificate chain is undesirable or impractical.
-An example could be a resource contrained sensor network in which you do want to use authentication of and
+An example could be a resource constrained sensor network in which you do want to use authentication of and
encryption between your devices but where your devices lack loads of memory or processing power. Furthermore,
there are situations in which you don't want to or can't rely on a PKIX. TLS is, next to a PKIX environment,
also commonly used with self-signed certificates in smaller deployments where the self-signed certificates
set to 1, where it would cause the library to exit on unknown options.
The location of the default configuration file is @code{/etc/gnutls/config},
-but its actual location may be overriden during compile time or at run-time
+but its actual location may be overridden during compile time or at run-time
using the @code{GNUTLS_SYSTEM_PRIORITY_FILE} environment variable. The file
used can be queried using @funcref{gnutls_get_system_config_file}.
on configuration files, or other UI. Following such a principle,
makes the GnuTLS library as the default settings provider. That is
necessary and a good practice, because TLS protocol hardening and
-phasing out of legacy algorithms, is easier to co-ordinate when happens
+phasing out of legacy algorithms, is easier to coordinate when happens
in a single library.
@showfuncC{gnutls_set_default_priority,gnutls_set_default_priority_append,gnutls_priority_set_direct}
The registered keys (that are stored in the TPM) can be listed using one of
the following functions. Those keys are unfortunately only identified by
their UUID and have no label or other human friendly identifier.
-Keys can be deleted from permament storage using @funcref{gnutls_tpm_privkey_delete}.
+Keys can be deleted from permanent storage using @funcref{gnutls_tpm_privkey_delete}.
@showfuncC{gnutls_tpm_get_registered,gnutls_tpm_key_list_deinit,gnutls_tpm_key_list_get_url}
A TLS client or server proxy
Options:
- -c, --connect ADDRRESS Connect to ADDRESS
+ -c, --connect ADDRESS Connect to ADDRESS
-l, --listen ADDRESS Listen on ADDRESS
-K, --key FILE Use FILE as private key
-C, --cert FILE Use FILE as public key
License
=======
-MIT
\ No newline at end of file
+MIT
* exchange (CryptoPro-XchA = CryptoPro-A and CryptoPro-XchB =
* CryptoPro-C).
*
- * Then TC26 (Standard comitee working on cryptographic standards) has
+ * Then TC26 (Standard comittee working on cryptographic standards) has
* defined one 256-bit curve (TC26-256-A) and three 512-bit curves
* (TC26-512-A, -B, -C).
*
/* This file contains common stuff in Ephemeral Diffie-Hellman (DHE)
* and Anonymous DH key exchange(DHA). These are used in the handshake
- * procedure of the certificate and anoymous authentication.
+ * procedure of the certificate and anonymous authentication.
*/
#include "gnutls_int.h"
* This function will return the set size in bytes of the overhead
* due to TLS (or DTLS) per record.
*
- * Note that this function may provide inacurate values when TLS
+ * Note that this function may provide inaccurate values when TLS
* extensions that modify the record format are negotiated. In these
* cases a more accurate value can be obtained using gnutls_record_overhead_size()
* after a completed handshake.
if (ret >= 0)
priv = epriv;
- /* no previous data. Just advertize it */
+ /* no previous data. Just advertise it */
if (ret < 0)
return GNUTLS_E_INT_RET_0;
- /* previous data had session tickets disabled. Don't advertize. Ignore. */
+ /* previous data had session tickets disabled. Don't advertise. Ignore. */
if (session->internals.flags & GNUTLS_NO_TICKETS)
return 0;
/* do not parse this extension when we haven't TLS1.3
* enabled. That is because we cannot handle earlier protocol
- * negotiotation (such as SSL3.0) with this */
+ * negotiation (such as SSL3.0) with this */
if (vers && !vers->tls13_sem)
return 0;
uint8_t ap_rms[MAX_HASH_SIZE]; /* resumption_master_secret */
} tls13; /* tls1.3 */
- /* Folow the SSL3.0 and TLS1.2 key exchanges */
+ /* Follow the SSL3.0 and TLS1.2 key exchanges */
struct {
/* For ECDH KX */
struct {
}
if (session->internals.priorities->min_record_version != 0) {
- /* Advertize the lowest supported (SSL 3.0) record packet
+ /* Advertise the lowest supported (SSL 3.0) record packet
* version in record packets during the handshake.
* That is to avoid confusing implementations
* that do not support TLS 1.2 and don't know
* is received by the client. To ensure that such a ticket has been received use
* gnutls_session_get_flags() and check for flag %GNUTLS_SFLAGS_SESSION_TICKET;
* if this flag is not set, this function will wait for a new ticket within
- * an estimated rountrip, and if not received will return dummy data which
+ * an estimated roundtrip, and if not received will return dummy data which
* cannot lead to resumption.
*
* To get notified when new tickets are received by the server
/* For compatibility per R 1323565.1.023—2018 provide digest OID only
* for GOST-2001 keys or GOST-2012 keys with CryptoPro curves. Do not
- * set this optional paramter for TC26 curves */
+ * set this optional parameter for TC26 curves */
if (params->algo == GNUTLS_PK_GOST_01)
oid = HASH_OID_GOST_R_3411_94_CRYPTOPRO_PARAMS;
else if (params->algo == GNUTLS_PK_GOST_12_256 &&
/*-
* _gnutls_name_constraints_node_free:
- * @node: name constriants node
+ * @node: name constraints node
*
* Deallocate a list of name constraints nodes starting at the given node.
-*/
* This function will return a human readable description of the
* PKCS12 or PBES2 schema.
*
- * Returns: a constrant string or %NULL on error.
+ * Returns: a constraint string or %NULL on error.
*
* Since: 3.4.0
*/
* This function will return the object identifier of the
* PKCS12 or PBES2 schema.
*
- * Returns: a constrant string or %NULL on error.
+ * Returns: a constraint string or %NULL on error.
*
* Since: 3.4.0
*/
#honor_crq_ext = 2.5.29.17
#honor_crq_ext = 2.5.29.15
-# Path length contraint. Sets the maximum number of
+# Path length constraint. Sets the maximum number of
# certificates that can be used to certify this certificate.
# (i.e. the certificate chain length)
#path_len = -1
name = recordsize;
arg-type = number;
arg-range = "0->4096";
- descrip = "The maximum record size to advertize";
+ descrip = "The maximum record size to advertise";
doc = "";
};
slow because these operations search all the way
through the list.
- queues: whats the difference between a queue and a list?
+ queues: what's the difference between a queue and a list?
very little really.
The system implemented here is a doubly linked list with previous
return TEST_SUCCEED;
}
-/* Advertize both TLS 1.0 and SSL 3.0. If the connection fails,
+/* Advertise both TLS 1.0 and SSL 3.0. If the connection fails,
* but the previous SSL 3.0 test succeeded then disable TLS 1.0.
*/
test_code_t test_tls_disable0(gnutls_session_t session)
test_code_t test_rsa_pms_version_check(gnutls_session_t session)
{
int ret;
- /* here we use an arbitary version in the RSA PMS
+ /* here we use an arbitrary version in the RSA PMS
* to see whether to server will check this version.
*
* A normal server would abort this handshake.
wait
if ! test -f ${TMPFILE1};then
- echo "Logfile shoule be created!"
+ echo "Logfile should be created!"
exit 1
fi
if test -s ${TMPFILE2};then
wait
if ! test -f ${TMPFILE1};then
- echo "Logfile shoule be created!"
+ echo "Logfile should be created!"
exit 1
fi
if test -s ${TMPFILE2};then
projects / thirdparty / gnutls.git / commitdiff
