Typo and comment fix

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)

6 files changed, 14 insertions, 13 deletions

diff --git a/apps/cms.c b/apps/cms.c
index ad771d2d85..5899760a90 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -480,7 +480,7 @@ int cms_main(int argc, char **argv)
             signerfile = opt_arg();
             break;
         case OPT_INKEY:
-            /* If previous -inkey arument add signer to list */
+            /* If previous -inkey argument add signer to list */
             if (keyfile) {
                 if (signerfile == NULL) {
                     BIO_puts(bio_err, "Illegal -inkey without -signer\n");
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 1886504880..1cb11b289b 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -105,7 +105,7 @@ OPTIONS ocsp_options[] = {
     {"timeout", OPT_TIMEOUT, 'p',
      "Connection timeout (in seconds) to the OCSP responder"},
     {"url", OPT_URL, 's', "Responder URL"},
-    {"host", OPT_HOST, 's', "host:prot top to connect to"},
+    {"host", OPT_HOST, 's', "TCP/IP hostname:port to connect to"},
     {"port", OPT_PORT, 'p', "Port to run responder on"},
     {"ignore_err", OPT_IGNORE_ERR, '-'},
     {"noverify", OPT_NOVERIFY, '-', "Don't verify response at all"},
@@ -114,7 +114,7 @@ OPTIONS ocsp_options[] = {
     {"resp_no_certs", OPT_RESP_NO_CERTS, '-',
      "Don't include any certificates in response"},
     {"resp_key_id", OPT_RESP_KEY_ID, '-',
-     "Identify reponse by signing certificate key ID"},
+     "Identify response by signing certificate key ID"},
     {"no_certs", OPT_NO_CERTS, '-',
      "Don't include any certificates in signed request"},
     {"no_signature_verify", OPT_NO_SIGNATURE_VERIFY, '-',
diff --git a/apps/s_server.c b/apps/s_server.c
index 35813d408f..36ad266386 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -740,7 +740,7 @@ OPTIONS s_server_options[] = {
     {"Verify", OPT_UPPER_V_VERIFY, 'n',
      "Turn on peer certificate verification, must have a cert"},
     {"cert", OPT_CERT, '<', "Certificate file to use; default is " TEST_CERT},
-    {"naccept", OPT_NACCEPT, 'p', "Terminate after pnum connections"},
+    {"naccept", OPT_NACCEPT, 'p', "Terminate after #num connections"},
     {"serverinfo", OPT_SERVERINFO, 's',
      "PEM serverinfo file for certificate"},
     {"certform", OPT_CERTFORM, 'F',
@@ -788,7 +788,7 @@ OPTIONS s_server_options[] = {
      "-Private Key file to use for servername if not in -cert2"},
     {"tlsextdebug", OPT_TLSEXTDEBUG, '-',
      "Hex dump of all TLS extensions received"},
-    {"HTTP", OPT_HTTP, '-', "Like -WWW but ./path incluedes HTTP headers"},
+    {"HTTP", OPT_HTTP, '-', "Like -WWW but ./path includes HTTP headers"},
     {"id_prefix", OPT_ID_PREFIX, 's',
      "Generate SSL/TLS session IDs prefixed by arg"},
     {"rand", OPT_RAND, 's',
diff --git a/apps/smime.c b/apps/smime.c
index f9f3d23787..dd065bba51 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -275,7 +275,7 @@ int smime_main(int argc, char **argv)
                 goto opthelp;
             break;
         case OPT_INKEY:
-            /* If previous -inkey arument add signer to list */
+            /* If previous -inkey argument add signer to list */
             if (keyfile) {
                 if (signerfile == NULL) {
                     BIO_printf(bio_err,
diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c
index 9cf7c51be3..80bd45e2d9 100644
--- a/crypto/ct/ct_b64.c
+++ b/crypto/ct/ct_b64.c
@@ -116,9 +116,10 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
 }
 
 /*
- * This methods returns: 1 on Success,
- * 0 on decoding failure,
- * -1 on internal (malloc) failure, or invalid parameter if any.
+ * Allocate, build and returns a new |ct_log| from input |pkey_base64|
+ * It returns 1 on success,
+ * 0 on decoding failure, or invalid parameter if any
+ * -1 on internal (malloc) failure
  */
 int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name)
 {
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1533daa4b7..3628cd5881 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -319,7 +319,7 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
 # define SSL_OP_SINGLE_ECDH_USE                          0x0
 /* Does nothing: retained for compatibility */
 # define SSL_OP_SINGLE_DH_USE                            0x0
-/* Does nothing: retained for compatibiity */
+/* Does nothing: retained for compatibility */
 # define SSL_OP_EPHEMERAL_RSA                            0x0
 /*
  * Set on servers to choose the cipher according to the server's preferences
@@ -407,7 +407,7 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
 /* Cert related flags */
 /*
  * Many implementations ignore some aspects of the TLS standards such as
- * enforcing certifcate chain algorithms. When this is set we enforce them.
+ * enforcing certificate chain algorithms. When this is set we enforce them.
  */
 # define SSL_CERT_FLAG_TLS_STRICT                0x00000001U
 
@@ -1541,7 +1541,7 @@ void SSL_certs_clear(SSL *s);
 void SSL_free(SSL *ssl);
 # ifdef OSSL_ASYNC_FD
 /*
- * Windows applcation developer has to include windows.h to use these.
+ * Windows application developer has to include windows.h to use these.
  */
 __owur int SSL_waiting_for_async(SSL *s);
 __owur int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fds, size_t *numfds);
@@ -1752,8 +1752,8 @@ __owur int SSL_get_ex_data_X509_STORE_CTX_idx(void);
 void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
 void SSL_set_default_read_buffer_len(SSL *s, size_t len);
 
-     /* NB: the keylength is only applicable when is_export is true */
 # ifndef OPENSSL_NO_DH
+/* NB: the |keylength| is only applicable when is_export is true */
 void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
                                  DH *(*dh) (SSL *ssl, int is_export,
                                             int keylength));