diff options
85 files changed, 146 insertions, 146 deletions
@@ -9,7 +9,7 @@ For interested developers, we have a public repository. To check out and compile the code, you need the following tools: - Git - - a recent GNU C complier (>= 3.x) + - a recent GNU C compiler (>= 3.x) - automake - autoconf - libtool @@ -520,7 +520,7 @@ strongswan-4.3.1 CREATE_CHILD_SA request was sent. 2) Sending an IKE_AUTH request with either a missing TSi or TSr payload caused a null pointer derefence because the checks for TSi and TSr were interchanged. The IKEv2 fuzzer used was - developped by the Orange Labs vulnerability research team. The tool was + developed by the Orange Labs vulnerability research team. The tool was initially written by Gabriel Campana and is now maintained by Laurent Butti. - Added support for AES counter mode in ESP in IKEv2 using the proposal @@ -560,7 +560,7 @@ strongswan-4.2.14 ----------------- - The new server-side EAP RADIUS plugin (--enable-eap-radius) - relays EAP messages to and from a RADIUS server. Succesfully + relays EAP messages to and from a RADIUS server. Successfully tested with with a freeradius server using EAP-MD5 and EAP-SIM. - A vulnerability in the Dead Peer Detection (RFC 3706) code was found by @@ -588,7 +588,7 @@ strongswan-4.2.13 - Fixed a use-after-free bug in the DPD timeout section of the IKEv1 pluto daemon which sporadically caused a segfault. -- Fixed a crash in the IKEv2 charon daemon occuring with +- Fixed a crash in the IKEv2 charon daemon occurring with mixed RAM-based and SQL-based virtual IP address pools. - Fixed ASN.1 parsing of algorithmIdentifier objects where the @@ -678,7 +678,7 @@ strongswan-4.2.9 The installpolicy=no option allows peaceful cooperation with a dominant mip6d daemon and the new type=transport_proxy implements the special MIPv6 IPsec transport proxy mode where the IKEv2 daemon uses the Care-of-Address - but the IPsec SA is set up for the Home Adress. + but the IPsec SA is set up for the Home Address. - Implemented migration of Mobile IPv6 connections using the KMADDRESS field contained in XFRM_MSG_MIGRATE messages sent by the mip6d daemon @@ -841,7 +841,7 @@ strongswan-4.2.1 connection setups over new ones, where the value "replace" replaces existing connections. -- The crypto factory in libstrongswan additionaly supports random number +- The crypto factory in libstrongswan additionally supports random number generators, plugins may provide other sources of randomness. The default plugin reads raw random data from /dev/(u)random. @@ -1115,7 +1115,7 @@ strongswan-4.1.3 is provided and more advanced backends (using e.g. a database) are trivial to implement. - - Fixed a compilation failure in libfreeswan occuring with Linux kernel + - Fixed a compilation failure in libfreeswan occurring with Linux kernel headers > 2.6.17. @@ -1426,7 +1426,7 @@ strongswan-2.7.0 the successful setup and teardown of an IPsec SA, respectively. left|rightfirwall can be used with KLIPS under any Linux 2.4 kernel or with NETKEY under a Linux kernel version >= 2.6.16 - in conjuction with iptables >= 1.3.5. For NETKEY under a Linux + in conjunction with iptables >= 1.3.5. For NETKEY under a Linux kernel version < 2.6.16 which does not support IPsec policy matching yet, please continue to use a copy of the _updown_espmark template loaded via the left|rightupdown keyword. @@ -1932,7 +1932,7 @@ strongswan-2.2.2 and reduces the well-known four tunnel case on VPN gateways to a single tunnel definition (see README section 2.4). -- Fixed a bug occuring with NAT-Traversal enabled when the responder +- Fixed a bug occurring with NAT-Traversal enabled when the responder suddenly turns initiator and the initiator cannot find a matching connection because of the floated IKE port 4500. @@ -1948,11 +1948,11 @@ strongswan-2.2.1 - Introduced the ipsec auto --listalgs monitoring command which lists all currently registered IKE and ESP algorithms. -- Fixed a bug in the ESP algorithm selection occuring when the strict flag +- Fixed a bug in the ESP algorithm selection occurring when the strict flag is set and the first proposed transform does not match. - Fixed another deadlock in the use of the lock_certs_and_keys() mutex, - occuring when a smartcard is present. + occurring when a smartcard is present. - Prevented that a superseded Phase1 state can trigger a DPD_TIMEOUT event. @@ -138,7 +138,7 @@ interoperability with the Check Point VPN-1 NG gateway. In the following examples we assume for reasons of clarity that left designates the local host and that right is the remote host. Certificates for users, hosts -and gateways are issued by a ficticious strongSwan CA. How to generate private keys +and gateways are issued by a fictitious strongSwan CA. How to generate private keys and certificates using OpenSSL will be explained in section 3. The CA certificate "strongswanCert.pem" must be present on all VPN end points in order to be able to authenticate the peers. @@ -1959,7 +1959,7 @@ and the returned result might be a decrypted 128 bit AES key 000 8836362e030e6707c32ffaa0bdad5540 The leading three characters represent the return code of the whack channel -with 000 signifying that no error has occured. Here is another example showing +with 000 signifying that no error has occurred. Here is another example showing the use of the inbase and outbase attributes ipsec scdecrypt m/ewDnTs0k...woE= --inbase base64 --outbase text @@ -2195,7 +2195,7 @@ The command ipsec listpubkeys [--utc] lists all public keys currently installed in the chained list of public -keys. These keys were statically loaded from ipsec.conf or aquired either +keys. These keys were statically loaded from ipsec.conf or acquired either from received certificates or retrieved from secure DNS servers using opportunistic mode. diff --git a/doc/architecture.h b/doc/architecture.h index 14b99274c..47d8202c2 100644 --- a/doc/architecture.h +++ b/doc/architecture.h @@ -8,7 +8,7 @@ new keying daemon, which is called #charon. Daemon control is done over unix sockets. Pluto uses whack, as it did for years. Charon uses another socket interface, called stroke. Stroke uses another format as whack and therefore is not compatible to whack. The starter utility, -wich does fast configuration parsing, speaks both the protocols, whack and +which does fast configuration parsing, speaks both the protocols, whack and stroke. It also handles daemon startup and termination. Pluto uses starter for some commands, for other it uses the whack utility. To be as close to pluto as possible, charon has the same split up of commands to @@ -47,7 +47,7 @@ Since IKEv2 uses the same port as IKEv1, both daemons must listen to UDP port 500. Under Linux, there is no clean way to set up two sockets at the same port. To reslove this problem, charon uses a RAW socket, as they are used in network sniffers. An installed Linux Socket Filter (LSF) filters out all none-IKEv2 -traffic. Pluto receives any IKE message, independant of charons behavior. +traffic. Pluto receives any IKE message, independent of charons behavior. Therefore plutos behavior is changed to discard any IKEv2 traffic silently. To gain some reusability of the code, generic crypto and utility functions are diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index c80ad7fbf..f3eb86cee 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -298,7 +298,7 @@ and .B rightsubnet , a connection is established. .B start -loads a connection and brings it up immediatly. +loads a connection and brings it up immediately. .B ignore ignores the connection. This is equal to delete a connection from the config file. @@ -1172,7 +1172,7 @@ so a new (automatically-keyed) connection using the same ID is almost invariably intended to replace an old one. The IKEv2 daemon also accepts the value .B replace -wich is identical to +which is identical to .B yes and the value .B keep diff --git a/packages/maemo-applet/debian/rules b/packages/maemo-applet/debian/rules index d05be0506..bd5046c8d 100755 --- a/packages/maemo-applet/debian/rules +++ b/packages/maemo-applet/debian/rules @@ -110,11 +110,11 @@ binary-common: dh_gencontrol dh_md5sums dh_builddeb -# Build architecture independant packages using the common target. +# Build architecture independent packages using the common target. binary-indep: build-indep install $(MAKE) -f debian/rules DH_OPTIONS=-i binary-common -# Build architecture dependant packages using the common target. +# Build architecture dependent packages using the common target. binary-arch: build-arch install $(MAKE) -f debian/rules DH_OPTIONS=-s binary-common diff --git a/packages/maemo-strongswan/debian/rules b/packages/maemo-strongswan/debian/rules index 323b41340..adbb0cc6f 100755 --- a/packages/maemo-strongswan/debian/rules +++ b/packages/maemo-strongswan/debian/rules @@ -130,11 +130,11 @@ binary-common: dh_md5sums dh_builddeb -# Build architecture independant packages using the common target. +# Build architecture independent packages using the common target. binary-indep: build-indep install $(MAKE) -f debian/rules DH_OPTIONS=-i binary-common -# Build architecture dependant packages using the common target. +# Build architecture dependent packages using the common target. binary-arch: build-arch install $(MAKE) -f debian/rules DH_OPTIONS=-s binary-common diff --git a/packages/network-manager-strongswan/debian/control b/packages/network-manager-strongswan/debian/control index d3b35f431..f471d2b08 100644 --- a/packages/network-manager-strongswan/debian/control +++ b/packages/network-manager-strongswan/debian/control @@ -23,7 +23,7 @@ Depends: strongswan-nm, strongswan-eap-gtc, strongswan-eap-md5, strongswan-eap-m Description: network management framework (strongSwan plugin) NetworkManager attempts to keep an active network connection available at all times. It is intended primarily for laptops where it allows easy - switching betwen local wireless networks, it's also useful on desktops + switching between local wireless networks, it's also useful on desktops with a selection of different interfaces to use. It is not intended for usage on servers. . diff --git a/src/frontends/gnome/po/de.po b/src/frontends/gnome/po/de.po index e6649e581..8665a774f 100644 --- a/src/frontends/gnome/po/de.po +++ b/src/frontends/gnome/po/de.po @@ -89,7 +89,7 @@ msgstr "" #: ../properties/nm-strongswan-dialog.glade.h:12 msgid "" "IPComp compresses raw IP packets before they get encrypted. This saves some " -"bandwith, but uses more processing power." +"bandwidth, but uses more processing power." msgstr "" "IPComp komprimiert IP-Pakete, bevor sie verschlüsselt werden. Diese Option " "kann Bandbreite sparen, benötigt jedoch zusätzliche Rechenleistung." diff --git a/src/frontends/gnome/properties/nm-strongswan-dialog.glade b/src/frontends/gnome/properties/nm-strongswan-dialog.glade index 02c68888d..7bee6dc1b 100644 --- a/src/frontends/gnome/properties/nm-strongswan-dialog.glade +++ b/src/frontends/gnome/properties/nm-strongswan-dialog.glade @@ -319,7 +319,7 @@ <property name="can_focus">True</property> <property name="receives_default">False</property> <property name="has_tooltip">True</property> - <property name="tooltip" translatable="yes">IPComp compresses raw IP packets before they get encrypted. This saves some bandwith, but uses more processing power.</property> + <property name="tooltip" translatable="yes">IPComp compresses raw IP packets before they get encrypted. This saves some bandwidth, but uses more processing power.</property> <property name="use_underline">True</property> <property name="draw_indicator">True</property> </widget> diff --git a/src/include/linux/udp.h b/src/include/linux/udp.h index c213d2a51..b68a166f2 100644 --- a/src/include/linux/udp.h +++ b/src/include/linux/udp.h @@ -47,7 +47,7 @@ struct udp_sock { unsigned int corkflag; /* Cork is required */ __u16 encap_type; /* Is this an Encapsulation socket? */ /* - * Following member retains the infomation to create a UDP header + * Following member retains the information to create a UDP header * when the socket is uncorked. */ __u16 len; /* total length of pending frames */ diff --git a/src/libcharon/bus/bus.h b/src/libcharon/bus/bus.h index 6a306afcc..dacbac85a 100644 --- a/src/libcharon/bus/bus.h +++ b/src/libcharon/bus/bus.h @@ -177,7 +177,7 @@ struct bus_t { /** * Send a log message to the bus. * - * The signal specifies the type of the event occured. The format string + * The signal specifies the type of the event occurred. The format string * specifies an additional informational or error message with a * printf() like variable argument list. * Use the DBG() macros. diff --git a/src/libcharon/bus/listeners/listener.h b/src/libcharon/bus/listeners/listener.h index e7873ee8c..21caed064 100644 --- a/src/libcharon/bus/listeners/listener.h +++ b/src/libcharon/bus/listeners/listener.h @@ -84,7 +84,7 @@ struct listener_t { /** * Hook called for received/sent messages of an IKE_SA. * - * @param ike_sa IKE_SA sending/receving a message + * @param ike_sa IKE_SA sending/receiving a message * @param message message object * @param incoming TRUE for incoming messages, FALSE for outgoing * @return TRUE to stay registered, FALSE to unregister diff --git a/src/libcharon/config/child_cfg.h b/src/libcharon/config/child_cfg.h index 175ced76c..370ff9d58 100644 --- a/src/libcharon/config/child_cfg.h +++ b/src/libcharon/config/child_cfg.h @@ -73,7 +73,7 @@ struct child_cfg_t { * Add a proposal to the list. * * The proposals are stored by priority, first added - * is the most prefered. + * is the most preferred. * After add, proposal is owned by child_cfg. * * @param proposal proposal to add @@ -95,7 +95,7 @@ struct child_cfg_t { * * Returned propsal is newly created and must be destroyed after usage. * - * @param proposals list from from wich proposals are selected + * @param proposals list from which proposals are selected * @param strip_dh TRUE strip out diffie hellman groups * @param private accept algorithms from a private range * @return selected proposal, or NULL if nothing matches diff --git a/src/libcharon/config/peer_cfg.c b/src/libcharon/config/peer_cfg.c index 6f0c87279..f3843a0d4 100644 --- a/src/libcharon/config/peer_cfg.c +++ b/src/libcharon/config/peer_cfg.c @@ -110,7 +110,7 @@ struct private_peer_cfg_t { u_int32_t reauth_time; /** - * Time, which specifies the range of a random value substracted from above. + * Time, which specifies the range of a random value subtracted from above. */ u_int32_t jitter_time; diff --git a/src/libcharon/config/peer_cfg.h b/src/libcharon/config/peer_cfg.h index 723435cbb..ff33907f0 100644 --- a/src/libcharon/config/peer_cfg.h +++ b/src/libcharon/config/peer_cfg.h @@ -110,7 +110,7 @@ extern enum_name_t *unique_policy_names; * peer. Each config is enforced using the multiple authentication extension * (RFC4739). * The remote authentication configs are handled as constraints. The peer has - * to fullfill each of these rules (using multiple authentication, in any order) + * to fulfill each of these rules (using multiple authentication, in any order) * to gain access to the configuration. */ struct peer_cfg_t { @@ -328,14 +328,14 @@ struct peer_cfg_t { * (rekeylifetime - random(0, jitter)). * * @param name name of the peer_cfg - * @param ike_version which IKE version we sould use for this peer + * @param ike_version which IKE version we should use for this peer * @param ike_cfg IKE config to use when acting as initiator * @param cert_policy should we send a certificate payload? * @param unique uniqueness of an IKE_SA * @param keyingtries how many keying tries should be done before giving up * @param rekey_time timeout before starting rekeying * @param reauth_time timeout before starting reauthentication - * @param jitter_time timerange to randomly substract from rekey/reauth time + * @param jitter_time timerange to randomly subtract from rekey/reauth time * @param over_time maximum overtime before closing a rekeying/reauth SA * @param mobike use MOBIKE (RFC4555) if peer supports it * @param dpd DPD check interval, 0 to disable diff --git a/src/libcharon/config/proposal.h b/src/libcharon/config/proposal.h index 9337518bf..8f54d7e6e 100644 --- a/src/libcharon/config/proposal.h +++ b/src/libcharon/config/proposal.h @@ -120,7 +120,7 @@ struct proposal_t { * compared. If they have at least one algorithm of each type * in common, a resulting proposal of this kind is created. * - * @param other proposal to compair agains + * @param other proposal to compare against * @param private accepts algorithms allocated in a private range * @return selected proposal, NULL if proposals don't match */ @@ -180,7 +180,7 @@ struct proposal_t { * * @param protocol protocol, such as PROTO_ESP * @param number proposal number, as encoded in SA payload - * @return proposal_t object + * @return proposal_t object */ proposal_t *proposal_create(protocol_id_t protocol, u_int number); @@ -188,7 +188,7 @@ proposal_t *proposal_create(protocol_id_t protocol, u_int number); * Create a default proposal if nothing further specified. * * @param protocol protocol, such as PROTO_ESP - * @return proposal_t object + * @return proposal_t object */ proposal_t *proposal_create_default(protocol_id_t protocol); @@ -203,7 +203,7 @@ proposal_t *proposal_create_default(protocol_id_t protocol); * * @param protocol protocol, such as PROTO_ESP * @param algs algorithms as string - * @return proposal_t object + * @return proposal_t object */ proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs); diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c index 3893a617b..531797100 100644 --- a/src/libcharon/control/controller.c +++ b/src/libcharon/control/controller.c @@ -334,7 +334,7 @@ METHOD(controller_t, terminate_ike, status_t, else { charon->bus->listen(charon->bus, &job.listener.public, &job.public); - /* checkin of the ike_sa happend in the thread that executed the job */ + /* checkin of the ike_sa happened in the thread that executed the job */ charon->bus->set_sa(charon->bus, NULL); } return job.listener.status; @@ -425,7 +425,7 @@ METHOD(controller_t, terminate_child, status_t, else { charon->bus->listen(charon->bus, &job.listener.public, &job.public); - /* checkin of the ike_sa happend in the thread that executed the job */ + /* checkin of the ike_sa happened in the thread that executed the job */ charon->bus->set_sa(charon->bus, NULL); } return job.listener.status; diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index f99cb8006..e0fecef10 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -63,13 +63,13 @@ typedef struct { /* Payload type */ payload_type_t type; - /* Minimal occurence of this payload. */ + /* Minimal occurrence of this payload. */ size_t min_occurence; - /* Max occurence of this payload. */ + /* Max occurrence of this payload. */ size_t max_occurence; /* TRUE if payload must be encrypted */ bool encrypted; - /* If payload occurs, the message rule is fullfilled */ + /* If payload occurs, the message rule is fulfilled */ bool sufficient; } payload_rule_t; @@ -1405,7 +1405,7 @@ static status_t verify(private_message_t *this) if (found > rule->max_occurence) { DBG1(DBG_ENC, "payload of type %N more than %d times (%d) " - "occured in current message", payload_type_names, + "occurred in current message", payload_type_names, type, rule->max_occurence, found); enumerator->destroy(enumerator); return VERIFY_ERROR; @@ -1416,7 +1416,7 @@ static status_t verify(private_message_t *this) if (!complete && found < rule->min_occurence) { - DBG1(DBG_ENC, "payload of type %N not occured %d times (%d)", + DBG1(DBG_ENC, "payload of type %N not occurred %d times (%d)", payload_type_names, rule->type, rule->min_occurence, found); return VERIFY_ERROR; } diff --git a/src/libcharon/encoding/message.h b/src/libcharon/encoding/message.h index 51197308c..0e78ea436 100644 --- a/src/libcharon/encoding/message.h +++ b/src/libcharon/encoding/message.h @@ -321,7 +321,7 @@ struct message_t { /** * Find a payload of a specific type. * - * Returns the first occurance. + * Returns the first occurrence. * * @param type type of the payload to find * @return payload, or NULL if no such payload found diff --git a/src/libcharon/encoding/payloads/encryption_payload.c b/src/libcharon/encoding/payloads/encryption_payload.c index 3b23ea9fb..e7b8063b7 100644 --- a/src/libcharon/encoding/payloads/encryption_payload.c +++ b/src/libcharon/encoding/payloads/encryption_payload.c @@ -142,7 +142,7 @@ METHOD(payload_t, set_next_type, void, } /** - * Compute the lenght of the whole payload + * Compute the length of the whole payload */ static void compute_length(private_encryption_payload_t *this) { diff --git a/src/libcharon/encoding/payloads/proposal_substructure.c b/src/libcharon/encoding/payloads/proposal_substructure.c index f39c3b0e6..4753d574d 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.c +++ b/src/libcharon/encoding/payloads/proposal_substructure.c @@ -407,7 +407,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal( this = (private_proposal_substructure_t*)proposal_substructure_create(); - /* encryption algorithm is only availble in ESP */ + /* encryption algorithm is only available in ESP */ enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM); while (enumerator->enumerate(enumerator, &alg, &key_size)) { diff --git a/src/libcharon/encoding/payloads/transform_substructure.c b/src/libcharon/encoding/payloads/transform_substructure.c index 0428da726..3f04b3539 100644 --- a/src/libcharon/encoding/payloads/transform_substructure.c +++ b/src/libcharon/encoding/payloads/transform_substructure.c @@ -84,7 +84,7 @@ encoding_rule_t transform_substructure_encodings[] = { { U_INT_8, offsetof(private_transform_substructure_t, transform_type) }, /* 1 Reserved Byte */ { RESERVED_BYTE, offsetof(private_transform_substructure_t, reserved[1]) }, - /* tranform ID is a number of 8 bit */ + /* transform ID is a number of 8 bit */ { U_INT_16, offsetof(private_transform_substructure_t, transform_id) }, /* Attributes are stored in a transform attribute, offset points to a linked_list_t pointer */ diff --git a/src/libcharon/encoding/payloads/transform_substructure.h b/src/libcharon/encoding/payloads/transform_substructure.h index c961700a4..102dbb3d3 100644 --- a/src/libcharon/encoding/payloads/transform_substructure.h +++ b/src/libcharon/encoding/payloads/transform_substructure.h @@ -118,7 +118,7 @@ transform_substructure_t *transform_substructure_create(void); * * @param type type of transform to create * @param id transform id specifc for the transform type - * @param key_length key length for key lenght attribute, 0 to omit + * @param key_length key length for key length attribute, 0 to omit * @return transform_substructure_t object */ transform_substructure_t *transform_substructure_create_type( diff --git a/src/libcharon/network/receiver.h b/src/libcharon/network/receiver.h index 690d8dbab..1d9d4871e 100644 --- a/src/libcharon/network/receiver.h +++ b/src/libcharon/network/receiver.h @@ -30,7 +30,7 @@ typedef struct receiver_t receiver_t; /** * Receives packets from the socket and adds them to the job queue. * - * The receiver starts a thread, wich reads on the blocking socket. A received + * The receiver starts a thread, which reads on the blocking socket. A received * packet is preparsed and a process_message_job is queued in the job queue. * * To endure DoS attacks, cookies are enabled when to many IKE_SAs are half @@ -38,7 +38,7 @@ typedef struct receiver_t receiver_t; * method in RFC4306. We do not include a nonce, because we think the advantage * we gain does not justify the overhead to parse the whole message. * Instead of VersionIdOfSecret, we include a timestamp. This allows us to - * find out wich key was used for cookie creation. Further, we can set a + * find out which key was used for cookie creation. Further, we can set a * lifetime for the cookie, which allows us to reuse the secret for a longer * time. * COOKIE = time | sha1( IPi | SPIi | time | secret ) diff --git a/src/libcharon/plugins/android/android_logger.c b/src/libcharon/plugins/android/android_logger.c index 43c56e656..fe4dbd227 100644 --- a/src/libcharon/plugins/android/android_logger.c +++ b/src/libcharon/plugins/android/android_logger.c @@ -52,7 +52,7 @@ METHOD(listener_t, log_, bool, snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group); vsnprintf(buffer, sizeof(buffer), format, args); while (current) - { /* log each line seperately */ + { /* log each line separately */ next = strchr(current, '\n'); if (next) { diff --git a/src/libcharon/plugins/load_tester/load_tester_plugin.c b/src/libcharon/plugins/load_tester/load_tester_plugin.c index 243e6e1ab..f27402260 100644 --- a/src/libcharon/plugins/load_tester/load_tester_plugin.c +++ b/src/libcharon/plugins/load_tester/load_tester_plugin.c @@ -68,7 +68,7 @@ struct private_load_tester_plugin_t { int initiators; /** - * currenly running initiators + * currently running initiators */ int running; diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c index b5672dba9..52bbd6dac 100644 --- a/src/libcharon/plugins/medcli/medcli_config.c +++ b/src/libcharon/plugins/medcli/medcli_config.c @@ -345,7 +345,7 @@ static job_requeue_t initiate_config(peer_cfg_t *peer_cfg) } /** - * schedule initation of all "active" connections + * schedule initiation of all "active" connections */ static void schedule_autoinit(private_medcli_config_t *this) { diff --git a/src/libcharon/plugins/smp/schema.xml b/src/libcharon/plugins/smp/schema.xml index 66a51117e..e83961406 100644 --- a/src/libcharon/plugins/smp/schema.xml +++ b/src/libcharon/plugins/smp/schema.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- strongSwan Managment Protocol (SMP) V1.0 --> +<!-- strongSwan Management Protocol (SMP) V1.0 --> <!-- Copyright (C) 2007 Martin Willi diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index ba26369ca..da429c884 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -871,7 +871,7 @@ METHOD(ike_sa_t, update_hosts, void, if (!other->equals(other, this->other_host)) { - /* update others adress if we are NOT NATed */ + /* update others address if we are NOT NATed */ if (force || !has_condition(this, COND_NAT_HERE)) { set_other_host(this, other->clone(other)); diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h index 5e3c34a7b..703f38474 100644 --- a/src/libcharon/sa/ike_sa.h +++ b/src/libcharon/sa/ike_sa.h @@ -689,7 +689,7 @@ struct ike_sa_t { * * Message processing may fail. If a critical failure occurs, * process_message() return DESTROY_ME. Then the caller must - * destroy the IKE_SA immediatly, as it is unusable. + * destroy the IKE_SA immediately, as it is unusable. * * @param message message to process * @return diff --git a/src/libcharon/sa/ike_sa_id.h b/src/libcharon/sa/ike_sa_id.h index a833aa9d6..065c2a897 100644 --- a/src/libcharon/sa/ike_sa_id.h +++ b/src/libcharon/sa/ike_sa_id.h @@ -30,7 +30,7 @@ typedef struct ike_sa_id_t ike_sa_id_t; * An object of type ike_sa_id_t is used to identify an IKE_SA. * * An IKE_SA is identified by its initiator and responder spi's. - * Additionaly it contains the role of the actual running IKEv2-Daemon + * Additionally it contains the role of the actual running IKEv2-Daemon * for the specific IKE_SA (original initiator or responder). */ struct ike_sa_id_t { @@ -40,28 +40,28 @@ struct ike_sa_id_t { * * This function is called when a request or reply of a IKE_SA_INIT is received. * - * @param responder_spi SPI of responder to set + * @param responder_spi SPI of responder to set */ void (*set_responder_spi) (ike_sa_id_t *this, u_int64_t responder_spi); /** * Set the SPI of the initiator. * - * @param initiator_spi SPI to set + * @param initiator_spi SPI to set */ void (*set_initiator_spi) (ike_sa_id_t *this, u_int64_t initiator_spi); /** * Get the initiator SPI. * - * @return SPI of the initiator + * @return SPI of the initiator */ u_int64_t (*get_initiator_spi) (ike_sa_id_t *this); /** * Get the responder SPI. * - * @return SPI of the responder + * @return SPI of the responder */ u_int64_t (*get_responder_spi) (ike_sa_id_t *this); @@ -70,8 +70,8 @@ struct ike_sa_id_t { * * Two ike_sa_id_t objects are equal if both SPI values and the role matches. * - * @param other ike_sa_id_t object to check if equal - * @return TRUE if given ike_sa_id_t are equal, FALSE otherwise + * @param other ike_sa_id_t object to check if equal + * @return TRUE if given ike_sa_id_t are equal, FALSE otherwise */ bool (*equals) (ike_sa_id_t *this, ike_sa_id_t *other); @@ -81,28 +81,28 @@ struct ike_sa_id_t { * * After calling this function, both objects are equal. * - * @param other ike_sa_id_t object from which values will be taken + * @param other ike_sa_id_t object from which values will be taken */ void (*replace_values) (ike_sa_id_t *this, ike_sa_id_t *other); /** * Get the initiator flag. * - * @return TRUE if we are the original initator + * @return TRUE if we are the original initator */ bool (*is_initiator) (ike_sa_id_t *this); /** * Switche the original initiator flag. * - * @return TRUE if we are the original initator after switch, FALSE otherwise + * @return TRUE if we are the original initator after switch, FALSE otherwise */ bool (*switch_initiator) (ike_sa_id_t *this); /** * Clones a given ike_sa_id_t object. * - * @return cloned ike_sa_id_t object + * @return cloned ike_sa_id_t object */ ike_sa_id_t *(*clone) (ike_sa_id_t *this); diff --git a/src/libcharon/sa/tasks/child_rekey.c b/src/libcharon/sa/tasks/child_rekey.c index 05db057fb..3ca2b157a 100644 --- a/src/libcharon/sa/tasks/child_rekey.c +++ b/src/libcharon/sa/tasks/child_rekey.c @@ -317,7 +317,7 @@ static status_t process_i(private_child_rekey_t *this, message_t *message) if (message->get_payload(message, SECURITY_ASSOCIATION) == NULL) { /* establishing new child failed, reuse old. but not when we - * recieved a delete in the meantime */ + * received a delete in the meantime */ if (!(this->collision && this->collision->get_type(this->collision) == CHILD_DELETE)) { diff --git a/src/libcharon/sa/tasks/ike_natd.c b/src/libcharon/sa/tasks/ike_natd.c index 7839b52eb..add2c480d 100644 --- a/src/libcharon/sa/tasks/ike_natd.c +++ b/src/libcharon/sa/tasks/ike_natd.c @@ -353,7 +353,7 @@ static status_t build_r(private_ike_natd_t *this, message_t *message) notify_payload_t *notify; host_t *me, *other; - /* only add notifies on successfull responses. */ + /* only add notifies on successful responses. */ if (message->get_exchange_type(message) == IKE_SA_INIT && message->get_payload(message, SECURITY_ASSOCIATION) == NULL) { diff --git a/src/libcharon/sa/tasks/task.h b/src/libcharon/sa/tasks/task.h index 4468f2ebe..d57085954 100644 --- a/src/libcharon/sa/tasks/task.h +++ b/src/libcharon/sa/tasks/task.h @@ -89,7 +89,7 @@ extern enum_name_t *task_type_names; * A responder does the opposite; it calls process() first to handle an incoming * request and secondly calls build() to build an appropriate response. * Both methods return either SUCCESS, NEED_MORE or FAILED. A SUCCESS indicates - * that the task completed, even when the task completed unsuccesfully. The + * that the task completed, even when the task completed unsuccessfully. The * manager then removes the task from the list. A NEED_MORE is returned when * the task needs further build()/process() calls to complete, the manager * leaves the taks in the queue. A returned FAILED indicates a critical failure. @@ -102,7 +102,7 @@ struct task_t { * * @param message message to add payloads to * @return - * - FAILED if a critical error occured + * - FAILED if a critical error occurred * - DESTROY_ME if IKE_SA has been properly deleted * - NEED_MORE if another call to build/process needed * - SUCCESS if task completed @@ -114,7 +114,7 @@ struct task_t { * * @param message message to read payloads from * @return - * - FAILED if a critical error occured + * - FAILED if a critical error occurred * - DESTROY_ME if IKE_SA has been properly deleted * - NEED_MORE if another call to build/process needed * - SUCCESS if task completed diff --git a/src/libhydra/kernel/kernel_listener.h b/src/libhydra/kernel/kernel_listener.h index 6f2dbd23b..5db297b6f 100644 --- a/src/libhydra/kernel/kernel_listener.h +++ b/src/libhydra/kernel/kernel_listener.h @@ -84,7 +84,7 @@ struct kernel_listener_t { policy_dir_t direction, host_t *local, host_t *remote); /** - * Hook called if changes in the networking layer occured (interfaces + * Hook called if changes in the networking layer occurred (interfaces * up/down, routes added/deleted etc.). * * @param address TRUE if address list, FALSE if routing changed diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c index 380be1580..aca00ddb4 100644 --- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c +++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c @@ -2507,7 +2507,7 @@ static void init_ipsec_devices(private_kernel_klips_ipsec_t *this) } /** - * Register a socket for AQUIRE/EXPIRE messages + * Register a socket for ACQUIRE/EXPIRE messages */ static status_t register_pfkey_socket(private_kernel_klips_ipsec_t *this, u_int8_t satype) { diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 78726c2a6..efdf9c928 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -2327,7 +2327,7 @@ METHOD(kernel_ipsec_t, del_policy, status_t, } /** - * Register a socket for AQUIRE/EXPIRE messages + * Register a socket for ACQUIRE/EXPIRE messages */ static status_t register_pfkey_socket(private_kernel_pfkey_ipsec_t *this, u_int8_t satype) diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c index 9a4152145..bb879002e 100644 --- a/src/libstrongswan/chunk.c +++ b/src/libstrongswan/chunk.c @@ -57,7 +57,7 @@ chunk_t chunk_create_clone(u_char *ptr, chunk_t chunk) } /** - * Decribed in header. + * Described in header. */ size_t chunk_length(const char* mode, ...) { @@ -87,7 +87,7 @@ size_t chunk_length(const char* mode, ...) } /** - * Decribed in header. + * Described in header. */ chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...) { @@ -133,7 +133,7 @@ chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...) } /** - * Decribed in header. + * Described in header. */ void chunk_split(chunk_t chunk, const char *mode, ...) { @@ -313,7 +313,7 @@ chunk_t chunk_from_hex(chunk_t hex, char *buf) /* subtract the number of optional ':' separation characters */ len = hex.len; ptr = hex.ptr; - for (i = 0; i < hex.len; i++) + for (i = 0; i < hex.len; i++) { if (*ptr++ == ':') { diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h index 63644ac78..672664874 100644 --- a/src/libstrongswan/chunk.h +++ b/src/libstrongswan/chunk.h @@ -254,7 +254,7 @@ static inline bool chunk_equals(chunk_t a, chunk_t b) * Increment a chunk, as it would reprensent a network order integer. * * @param chunk chunk to increment - * @return TRUE if an overflow occured + * @return TRUE if an overflow occurred */ bool chunk_increment(chunk_t chunk); diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h index 489ce1134..7e747c37d 100644 --- a/src/libstrongswan/credentials/auth_cfg.h +++ b/src/libstrongswan/credentials/auth_cfg.h @@ -31,7 +31,7 @@ typedef enum auth_class_t auth_class_t; /** * Class of authentication to use. This is different to auth_method_t in that * it does not specify a method, but a class of acceptable methods. The found - * certificate finally dictates wich method is used. + * certificate finally dictates which method is used. */ enum auth_class_t { /** any class acceptable */ @@ -57,7 +57,7 @@ extern enum_name_t *auth_class_names; * - For configs specifying local authentication behavior, the rules define * which authentication method in which way. * - For configs specifying remote peer authentication, the rules define - * constraints the peer has to fullfill. + * constraints the peer has to fulfill. * * Additionally to the rules, there is a set of helper items. These are used * to transport credentials during the authentication process. diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h index bad509111..4bc41e3c9 100644 --- a/src/libstrongswan/credentials/certificates/certificate.h +++ b/src/libstrongswan/credentials/certificates/certificate.h @@ -176,7 +176,7 @@ struct certificate_t { /** * Check if two certificates are equal. * - * @param other certificate to compair against this + * @param other certificate to compare against this * @return TRUE if certificates are equal */ bool (*equals)(certificate_t *this, certificate_t *other); diff --git a/src/libstrongswan/crypto/aead.h b/src/libstrongswan/crypto/aead.h index d560381d9..3f6abb4f9 100644 --- a/src/libstrongswan/crypto/aead.h +++ b/src/libstrongswan/crypto/aead.h @@ -111,7 +111,7 @@ struct aead_t { * Create a aead instance using traditional transforms. * * @param crypter encryption transform for this aead - * @param signer integrity tranform for this aead + * @param signer integrity transform for this aead * @return aead transform */ aead_t *aead_create(crypter_t *crypter, signer_t *signer); diff --git a/src/libstrongswan/plugins/blowfish/COPYRIGHT b/src/libstrongswan/plugins/blowfish/COPYRIGHT index 685722350..7e9ccda4b 100644 --- a/src/libstrongswan/plugins/blowfish/COPYRIGHT +++ b/src/libstrongswan/plugins/blowfish/COPYRIGHT @@ -37,7 +37,7 @@ SUCH DAMAGE. The license and distribution terms for any publically available version or derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distrubution license +copied and put under another distribution license [including the GNU Public License.] The reason behind this being stated in this direct manner is past diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c index 7fee2b3c4..0d2a56a49 100644 --- a/src/libstrongswan/plugins/ccm/ccm_aead.c +++ b/src/libstrongswan/plugins/ccm/ccm_aead.c @@ -67,7 +67,7 @@ typedef struct __attribute__((packed)) { u_char salt[SALT_SIZE]; u_char iv[IV_SIZE]; } nonce; - /* lenght of plain text, q */ + /* length of plain text, q */ u_char q[Q_SIZE]; } b0_t; diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index 695e7e4c4..bc399ef8a 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -80,7 +80,7 @@ struct private_des_crypter_t { des_crypter_t public; /** - * Key size, depends on algoritm... + * Key size, depends on algorithm... */ size_t key_size; @@ -127,7 +127,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif @@ -316,7 +316,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! * bytes, probably an issue of accessing non-word aligned objects :-( */ #ifdef DES_PTR -/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there +/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there * is no reason to not xor all the sub items together. This potentially * saves a register since things can be xored directly into L */ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c index feda05bca..eb38eea3b 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -68,7 +68,7 @@ chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name, gcry_sexp_t key) if (key) { /* gcrypt might return more bytes than necessary. Truncate - * to key lenght if key given, or prepend zeros if needed */ + * to key length if key given, or prepend zeros if needed */ len = gcry_pk_get_nbits(key); len = len / 8 + (len % 8 ? 1 : 0); if (len > data.len) diff --git a/src/libstrongswan/plugins/hmac/hmac.h b/src/libstrongswan/plugins/hmac/hmac.h index be1bce66d..4e53ddf1f 100644 --- a/src/libstrongswan/plugins/hmac/hmac.h +++ b/src/libstrongswan/plugins/hmac/hmac.h @@ -30,7 +30,7 @@ typedef struct hmac_t hmac_t; * Message authentication using hash functions. * * This class implements the message authenticaion algorithm - * described in RFC2104. It uses a hash function, wich must + * described in RFC2104. It uses a hash function, which must * be implemented as a hasher_t class. */ struct hmac_t { diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c index fa2f3c1ba..1f1628148 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c @@ -495,7 +495,7 @@ typedef struct { CK_SESSION_HANDLE session; /* pkcs11 library */ pkcs11_library_t *lib; - /* attributes to retreive */ + /* attributes to retrieve */ CK_ATTRIBUTE_PTR attr; /* number of attributes */ CK_ULONG count; diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.h b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.h index b80d67324..60b13aeb5 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.h @@ -32,7 +32,7 @@ typedef struct pkcs11_manager_t pkcs11_manager_t; * * @param data user supplied data, as passed to pkcs11_manager_create() * @param p11 loaded PKCS#11 library token belongs to - * @param slot slot number the event occured in + * @param slot slot number the event occurred in * @param add TRUE if token was added to the slot, FALSE if removed */ typedef void (*pkcs11_manager_token_event_t)(void *data, pkcs11_library_t *p11, diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h index 5c92fd1d8..6bed43dee 100644 --- a/src/libstrongswan/plugins/plugin.h +++ b/src/libstrongswan/plugins/plugin.h @@ -52,7 +52,7 @@ struct plugin_t { /** - * Plugin constructor function definiton. + * Plugin constructor function definition. * * Each plugin has a constructor function. This function is called on daemon * startup to initialize each plugin. diff --git a/src/libstrongswan/processing/jobs/callback_job.c b/src/libstrongswan/processing/jobs/callback_job.c index 26afea319..13f22e69c 100644 --- a/src/libstrongswan/processing/jobs/callback_job.c +++ b/src/libstrongswan/processing/jobs/callback_job.c @@ -62,7 +62,7 @@ struct private_callback_job_t { mutex_t *mutex; /** - * list of asociated child jobs + * list of associated child jobs */ linked_list_t *children; diff --git a/src/libstrongswan/processing/scheduler.h b/src/libstrongswan/processing/scheduler.h index f2c72550f..abbf74e2c 100644 --- a/src/libstrongswan/processing/scheduler.h +++ b/src/libstrongswan/processing/scheduler.h @@ -35,7 +35,7 @@ typedef struct scheduler_t scheduler_t; * based data structure that satisfies the following property: if B is a child * node of A, then key(A) >= (or <=) key(B). So either the element with the * greatest (max-heap) or the smallest (min-heap) key is the root of the heap. - * We use a min-heap whith the key being the absolute unix time at which an + * We use a min-heap with the key being the absolute unix time at which an * event is scheduled. So the root is always the event that will fire next. * * An earlier implementation of the scheduler used a sorted linked list to store diff --git a/src/libstrongswan/settings.h b/src/libstrongswan/settings.h index 9ccd02327..a864779f1 100644 --- a/src/libstrongswan/settings.h +++ b/src/libstrongswan/settings.h @@ -110,7 +110,7 @@ u_int32_t settings_value_as_time(char *value, u_int32_t def); * already existing values are replaced. * * All settings included from files are added relative to the section the - * include statment is in. + * include statement is in. * * The following files result in the same final config as above: * diff --git a/src/libstrongswan/utils/enumerator.h b/src/libstrongswan/utils/enumerator.h index e9693a5b6..12b5712ae 100644 --- a/src/libstrongswan/utils/enumerator.h +++ b/src/libstrongswan/utils/enumerator.h @@ -36,7 +36,7 @@ struct enumerator_t { * The enumerate function takes a variable argument list containing * pointers where the enumerated values get written. * - * @param ... variable list of enumerated items, implementation dependant + * @param ... variable list of enumerated items, implementation dependent * @return TRUE if pointers returned */ bool (*enumerate)(enumerator_t *this, ...); diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c index 615d85c95..2895d620c 100644 --- a/src/libstrongswan/utils/host.c +++ b/src/libstrongswan/utils/host.c @@ -40,7 +40,7 @@ struct private_host_t { host_t public; /** - * low-lewel structure, wich stores the address + * low-lewel structure, which stores the address */ union { /** generic type */ diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h index c463b0274..af0804f32 100644 --- a/src/libstrongswan/utils/identification.h +++ b/src/libstrongswan/utils/identification.h @@ -293,7 +293,7 @@ struct identification_t { * * In favour of pluto, domainnames are prepended with an @, since * pluto resolves domainnames without an @ to IPv4 addresses. Since - * we use a seperate host_t class for addresses, this doesn't + * we use a separate host_t class for addresses, this doesn't * make sense for us. * * A distinguished name may contain one or more of the following RDNs: diff --git a/src/libtls/tls_alert.h b/src/libtls/tls_alert.h index 95ba4d91b..8ce50f83d 100644 --- a/src/libtls/tls_alert.h +++ b/src/libtls/tls_alert.h @@ -98,7 +98,7 @@ struct tls_alert_t { /** * Did a fatal alert occur?. * - * @return TRUE if a fatal alert has occured + * @return TRUE if a fatal alert has occurred */ bool (*fatal)(tls_alert_t *this); diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c index b5fd6a3f1..b9a5d6627 100644 --- a/src/libtls/tls_crypto.c +++ b/src/libtls/tls_crypto.c @@ -603,7 +603,7 @@ static suite_algs_t suite_algs[] = { }; /** - * Look up algoritms by a suite + * Look up algorithms by a suite */ static suite_algs_t *find_suite(tls_cipher_suite_t suite) { diff --git a/src/libtls/tls_fragmentation.c b/src/libtls/tls_fragmentation.c index 72a7ce80a..c42c16fb8 100644 --- a/src/libtls/tls_fragmentation.c +++ b/src/libtls/tls_fragmentation.c @@ -242,7 +242,7 @@ METHOD(tls_fragmentation_t, process, status_t, { case ALERT_SENDING: case ALERT_SENT: - /* don't accept more input, fatal error ocurred */ + /* don't accept more input, fatal error occurred */ return NEED_MORE; case ALERT_NONE: break; diff --git a/src/libtls/tls_protection.c b/src/libtls/tls_protection.c index d823bae04..e85ded016 100644 --- a/src/libtls/tls_protection.c +++ b/src/libtls/tls_protection.c @@ -112,7 +112,7 @@ METHOD(tls_protection_t, process, status_t, private_tls_protection_t *this, tls_content_type_t type, chunk_t data) { if (this->alert->fatal(this->alert)) - { /* don't accept more input, fatal error ocurred */ + { /* don't accept more input, fatal error occurred */ return NEED_MORE; } diff --git a/src/manager/templates/static/jquery.js b/src/manager/templates/static/jquery.js index 0728760b5..7cb68d02f 100644 --- a/src/manager/templates/static/jquery.js +++ b/src/manager/templates/static/jquery.js @@ -2110,7 +2110,7 @@ var jsc = (new Date).getTime(); jQuery.extend({ get: function( url, data, callback, type ) { - // shift arguments if data argument was ommited + // shift arguments if data argument was omitted if ( jQuery.isFunction( data ) ) { callback = data; data = null; diff --git a/src/medsrv/controller/user_controller.c b/src/medsrv/controller/user_controller.c index 0f25799d8..6e1b7a249 100755 --- a/src/medsrv/controller/user_controller.c +++ b/src/medsrv/controller/user_controller.c @@ -44,7 +44,7 @@ struct private_user_controller_t { user_t *user; /** - * minimum required password lenght + * minimum required password length */ u_int password_length; }; diff --git a/src/pluto/constants.h b/src/pluto/constants.h index 075579d6d..c931f1782 100644 --- a/src/pluto/constants.h +++ b/src/pluto/constants.h @@ -658,7 +658,7 @@ extern const char *prettypolicy(lset_t policy); #define POLICY_COMPRESS LELEM(4) /* must be third */ #define POLICY_TUNNEL LELEM(5) #define POLICY_PFS LELEM(6) -#define POLICY_DISABLEARRIVALCHECK LELEM(7) /* supress tunnel egress address checking */ +#define POLICY_DISABLEARRIVALCHECK LELEM(7) /* suppress tunnel egress address checking */ #define POLICY_IPSEC_SHIFT 2 /* log2(POLICY_ENCRYPT) */ #define POLICY_IPSEC_MASK LRANGES(POLICY_ENCRYPT, POLICY_DISABLEARRIVALCHECK) diff --git a/src/pluto/demux.c b/src/pluto/demux.c index 294601295..612e0813c 100644 --- a/src/pluto/demux.c +++ b/src/pluto/demux.c @@ -544,7 +544,7 @@ init_demux(void) * - ip(7) describes IP_RECVERR * - recvmsg(2) describes MSG_ERRQUEUE * - readv(2) describes iovec - * - cmsg(3) describes how to process auxilliary messages + * - cmsg(3) describes how to process auxiliary messages * * ??? we should link this message with one we've sent * so that the diagnostic can refer to that negotiation. @@ -1580,7 +1580,7 @@ process_packet(struct msg_digest **mdp) /* * okay, now we have to figure out if we are receiving a bogus - * new message in an oustanding XAUTH server conversation + * new message in an outstanding XAUTH server conversation * (i.e. a reply to our challenge) * (this occurs with some broken other implementations). * diff --git a/src/pluto/kernel_alg.c b/src/pluto/kernel_alg.c index eab2a8f06..b4b18fd80 100644 --- a/src/pluto/kernel_alg.c +++ b/src/pluto/kernel_alg.c @@ -205,7 +205,7 @@ bool kernel_alg_esp_ok_final(u_int ealg, u_int key_len, u_int aalg, /* * key_len passed comes from esp_attrs read from peer - * For many older algoritms (eg 3DES) this key_len is fixed + * For many older algorithms (eg 3DES) this key_len is fixed * and get passed as 0. * ... then get default key_len */ diff --git a/src/pluto/lex.h b/src/pluto/lex.h index f16769144..aa0be7829 100644 --- a/src/pluto/lex.h +++ b/src/pluto/lex.h @@ -22,7 +22,7 @@ struct file_lex_position int lino; /* line number in file */ char buffer[MAX_TOK_LEN + 1]; /* note: one extra char for our use (jamming '"') */ char *cur; /* cursor */ - char under; /* except in shift(): character orignally at *cur */ + char under; /* except in shift(): character originally at *cur */ struct file_lex_position *previous; }; diff --git a/src/pluto/nat_traversal.c b/src/pluto/nat_traversal.c index 5e9353b72..28be76825 100644 --- a/src/pluto/nat_traversal.c +++ b/src/pluto/nat_traversal.c @@ -232,7 +232,7 @@ void nat_traversal_natd_lookup(struct msg_digest *md) if (i < 2) { loglog(RC_LOG_SERIOUS, - "NAT-Traversal: Only %d NAT-D - Aborting NAT-Traversal negociation", i); + "NAT-Traversal: Only %d NAT-D - Aborting NAT-Traversal negotiation", i); st->nat_traversal = 0; return; } diff --git a/src/pluto/pluto.8 b/src/pluto/pluto.8 index 9ac537bd9..ed6f78050 100644 --- a/src/pluto/pluto.8 +++ b/src/pluto/pluto.8 @@ -1437,7 +1437,7 @@ Phase 1. \fBPluto\fP responds to \fBSIGHUP\fP by issuing a suggestion that ``\fBwhack\fP \-\-listen'' might have been intended. .LP -\fBPluto\fP exits when it recieves \fBSIGTERM\fP. +\fBPluto\fP exits when it receives \fBSIGTERM\fP. .SH EXIT STATUS .LP \fBpluto\fP normally forks a daemon process, so the exit status is @@ -1558,7 +1558,7 @@ There is no good way for a connection to be automatically terminated. This is a problem for Road Warrior and Opportunistic connections. The \fB\-\-dontrekey\fP option does prevent the SAs from being rekeyed on expiry. -Additonally, if a Road Warrior connection has a client subnet with a fixed IP +Additionally, if a Road Warrior connection has a client subnet with a fixed IP address, a negotiation with that subnet will cause any other connection instantiations with that same subnet to be unoriented (deleted, in effect). diff --git a/src/pluto/rcv_whack.c b/src/pluto/rcv_whack.c index c140095f0..8db8a965e 100644 --- a/src/pluto/rcv_whack.c +++ b/src/pluto/rcv_whack.c @@ -282,7 +282,7 @@ void whack_handle(int whackctlfd) { if (msg.magic == WHACK_BASIC_MAGIC) { - /* Only shutdown command. Simpler inter-version compatability. */ + /* Only shutdown command. Simpler inter-version compatibility. */ if (msg.whack_shutdown) { plog("shutting down"); diff --git a/src/pluto/spdb.c b/src/pluto/spdb.c index 48585432b..06fe7d7c8 100644 --- a/src/pluto/spdb.c +++ b/src/pluto/spdb.c @@ -1300,7 +1300,7 @@ notification_t parse_isakmp_sa_body(u_int32_t ipsecdoisit, * proposal is emitted into it. * * If "selection" is true, the SA is supposed to represent the - * single tranform that the peer has accepted. + * single transform that the peer has accepted. * ??? We only check that it is acceptable, not that it is one that we offered! * * Only IPsec DOI is accepted (what is the ISAKMP DOI?). diff --git a/src/pluto/spdb.h b/src/pluto/spdb.h index 221cc00bb..8a0bffbbd 100644 --- a/src/pluto/spdb.h +++ b/src/pluto/spdb.h @@ -100,7 +100,7 @@ extern notification_t parse_ipsec_sa_body( pb_stream *sa_pbs, /* body of input SA Payload */ const struct isakmp_sa *sa, /* header of input SA Payload */ pb_stream *r_sa_pbs, /* if non-NULL, where to emit winning SA */ - bool selection, /* if this SA is a selection, only one tranform can appear */ + bool selection, /* if this SA is a selection, only one transform can appear */ struct state *st); /* current state object */ extern void backup_pbs(pb_stream *pbs); diff --git a/src/pluto/state.c b/src/pluto/state.c index e4234bc87..f5185888e 100644 --- a/src/pluto/state.c +++ b/src/pluto/state.c @@ -216,7 +216,7 @@ struct state *state_with_serialno(so_serial_t sn) } /* Insert a state object in the hash table. The object is inserted - * at the begining of list. + * at the beginning of list. * Needs cookies, connection, and msgid. */ void insert_state(struct state *st) diff --git a/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf b/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf index 8b5511e9d..c73872d15 100644 --- a/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/duckKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -78,7 +78,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf index 7f1a4d70b..0e29dcf79 100644 --- a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/strongswan_ecKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -79,7 +79,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/monster/openssl.cnf b/testing/hosts/winnetou/etc/openssl/monster/openssl.cnf index 12cc5d078..77474c129 100644 --- a/testing/hosts/winnetou/etc/openssl/monster/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/monster/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/strongswanKey-monster.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 10950 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -79,7 +79,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/openssl.cnf b/testing/hosts/winnetou/etc/openssl/openssl.cnf index 6433c7a24..a614ff640 100644 --- a/testing/hosts/winnetou/etc/openssl/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/strongswanKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -79,7 +79,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/research/openssl.cnf b/testing/hosts/winnetou/etc/openssl/research/openssl.cnf index 23f120b29..6ccf3c2f8 100644 --- a/testing/hosts/winnetou/etc/openssl/research/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/research/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/researchKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -78,7 +78,7 @@ default_bits = 2048 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf b/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf index 133b2ea71..9ec4b01a8 100644 --- a/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/strongswanKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -79,7 +79,7 @@ default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/hosts/winnetou/etc/openssl/sales/openssl.cnf b/testing/hosts/winnetou/etc/openssl/sales/openssl.cnf index 547b2edbc..0e3a45292 100644 --- a/testing/hosts/winnetou/etc/openssl/sales/openssl.cnf +++ b/testing/hosts/winnetou/etc/openssl/sales/openssl.cnf @@ -36,9 +36,9 @@ crlnumber = $dir/crlnumber # The current CRL serial number private_key = $dir/salesKey.pem # The private key RANDFILE = $dir/.rand # private random number file -x509_extensions = host_ext # The extentions to add to the cert +x509_extensions = host_ext # The extensions to add to the cert -crl_extensions = crl_ext # The extentions to add to the CRL +crl_extensions = crl_ext # The extensions to add to the CRL default_days = 1825 # how long to certify for default_crl_days= 30 # how long before next CRL @@ -78,7 +78,7 @@ default_bits = 2048 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes -x509_extensions = ca_ext # The extentions to add to the self signed cert +x509_extensions = ca_ext # The extensions to add to the self signed cert # req_extensions = v3_req # The extensions to add to a certificate request diff --git a/testing/tests/ikev2/rw-eap-aka-rsa/description.txt b/testing/tests/ikev2/rw-eap-aka-rsa/description.txt index b4f766d6f..1277081b9 100644 --- a/testing/tests/ikev2/rw-eap-aka-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-aka-rsa/description.txt @@ -3,5 +3,5 @@ The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>. in association with the <i>Authentication and Key Agreement</i> protocol (<b>EAP-AKA</b>) to authenticate against the gateway. This protocol is used in UMTS, but here a secret from <b>ipsec.secrets</b> is used instead of a USIM/(R)UIM. -Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> to authenticate itself +Gateway <b>moon</b> additionally uses an <b>RSA signature</b> to authenticate itself against <b>carol</b>. diff --git a/testing/tests/ikev2/rw-eap-md5-rsa/description.txt b/testing/tests/ikev2/rw-eap-md5-rsa/description.txt index a2ac00d80..d376ee5a8 100644 --- a/testing/tests/ikev2/rw-eap-md5-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-md5-rsa/description.txt @@ -3,5 +3,5 @@ The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>. in association with an <i>MD5</i> challenge and response protocol (<b>EAP-MD5</b>) to authenticate against the gateway. The user password is kept in <b>ipsec.secrets</b> on both gateway and client -Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> to authenticate itself +Gateway <b>moon</b> additionally uses an <b>RSA signature</b> to authenticate itself against <b>carol</b>. diff --git a/testing/tests/ikev2/rw-eap-mschapv2-id-rsa/description.txt b/testing/tests/ikev2/rw-eap-mschapv2-id-rsa/description.txt index df7041a97..4feadff4c 100644 --- a/testing/tests/ikev2/rw-eap-mschapv2-id-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-mschapv2-id-rsa/description.txt @@ -4,5 +4,5 @@ in association with the <i>Microsoft CHAP version 2</i> protocol (<b>EAP-MSCHAPV2</b>) to authenticate against the gateway. This protocol is used e.g. by the Windows 7 Agile VPN client. In addition to her IKEv2 identity <b>PH_IP_CAROL</b>, roadwarrior <b>carol</b> -uses the EAP identy <b>carol</b>. Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> +uses the EAP identy <b>carol</b>. Gateway <b>moon</b> additionally uses an <b>RSA signature</b> to authenticate itself against <b>carol</b>. diff --git a/testing/tests/ikev2/rw-eap-sim-rsa/description.txt b/testing/tests/ikev2/rw-eap-sim-rsa/description.txt index 5fc75e1b1..686241809 100644 --- a/testing/tests/ikev2/rw-eap-sim-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-sim-rsa/description.txt @@ -3,5 +3,5 @@ The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>. in association with a GSM <i>Subscriber Identity Module</i> (<b>EAP-SIM</b>) to authenticate against the gateway. In this scenario triplets from the file <b>/etc/ipsec.d/triplets.dat</b> are used instead of a physical SIM card. -Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> to authenticate +Gateway <b>moon</b> additionally uses an <b>RSA signature</b> to authenticate itself against <b>carol</b>. diff --git a/testing/tests/sql/rw-eap-aka-rsa/description.txt b/testing/tests/sql/rw-eap-aka-rsa/description.txt index b4f766d6f..1277081b9 100644 --- a/testing/tests/sql/rw-eap-aka-rsa/description.txt +++ b/testing/tests/sql/rw-eap-aka-rsa/description.txt @@ -3,5 +3,5 @@ The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>. in association with the <i>Authentication and Key Agreement</i> protocol (<b>EAP-AKA</b>) to authenticate against the gateway. This protocol is used in UMTS, but here a secret from <b>ipsec.secrets</b> is used instead of a USIM/(R)UIM. -Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> to authenticate itself +Gateway <b>moon</b> additionally uses an <b>RSA signature</b> to authenticate itself against <b>carol</b>. |