GH601: Various spelling fixes.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

4 files changed, 5 insertions, 5 deletions

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 2e3fd6a62e..69a3fb39a2 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -458,7 +458,7 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
             i--;
         /*
          * If we have LOS error and flags changed then we are signing P-384
-         * with P-256. Use more meaninggul error.
+         * with P-256. Use more meaningful error.
          */
         if (rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED && flags != tflags)
             rv = X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256;
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index f16be8a924..113c116ef6 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -2474,7 +2474,7 @@ static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)
 
     /*
      * If we've previously matched a PKIX-?? record, no need to test any
-     * furher PKIX-?? records,  it remains to just build the PKIX chain.
+     * further PKIX-?? records,  it remains to just build the PKIX chain.
      * Had the match been a DANE-?? record, we'd be done already.
      */
     if (dane->mdpth >= 0)
@@ -2505,7 +2505,7 @@ static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)
      *
      * As soon as we find a match at any given depth, we stop, because either
      * we've matched a DANE-?? record and the peer is authenticated, or, after
-     * exhausing all DANE-?? records, we've matched a PKIX-?? record, which is
+     * exhausting all DANE-?? records, we've matched a PKIX-?? record, which is
      * sufficient for DANE, and what remains to do is ordinary PKIX validation.
      */
     recnum = (dane->umask & mask) ? sk_danetls_record_num(dane->trecs) : 0;
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 475f5bcb32..2a5e1ce064 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -109,7 +109,7 @@ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
     return (X509_NAME_get_index_by_OBJ(name, obj, lastpos));
 }
 
-/* NOTE: you should be passsing -1, not 0 as lastpos */
+/* NOTE: you should be passing -1, not 0 as lastpos */
 int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos)
 {
     int n;
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index 9133e3cb82..5e6abebbea 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -324,7 +324,7 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
  * it all strings are converted to UTF8, leading, trailing and multiple
  * spaces collapsed, converted to lower case and the leading SEQUENCE header
  * removed. In future we could also normalize the UTF8 too. By doing this
- * comparison of Name structures can be rapidly perfomed by just using
+ * comparison of Name structures can be rapidly performed by just using
  * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
  * constraints of type dirName can also be checked with a simple memcmp().
  */