diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/ssl3_record.c | 3 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 13 | ||||
-rw-r--r-- | ssl/statem/extensions.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 2 | ||||
-rw-r--r-- | ssl/t1_lib.c | 12 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 2 |
7 files changed, 16 insertions, 20 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index d5615d1b36..3d1bcc1f70 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -1662,8 +1662,7 @@ int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) } /* - * retrieve a buffered record that belongs to the current epoch, ie, - * processed + * Retrieve a buffered record that belongs to the current epoch, i.e. processed */ #define dtls1_get_processed_record(s) \ dtls1_retrieve_buffered_record((s), \ diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 482c810e1e..f169611c01 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -741,7 +741,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, { /* * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how - * we can "construct" a session to give us the desired check - ie. to + * we can "construct" a session to give us the desired check - i.e. to * find if there's a session in the hash table that would conflict with * any new session built out of this id/id_len and the ssl_version in use * by this SSL. @@ -2546,8 +2546,8 @@ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, } /* - * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from - * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name + * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|. + * On return it sets |*data| to point to |*len| bytes of protocol name * (not including the leading length-prefix byte). If the server didn't * respond with a negotiated protocol then |*len| will be zero. */ @@ -3147,10 +3147,7 @@ int SSL_get_error(const SSL *s, int i) } if (SSL_want_write(s)) { - /* - * Access wbio directly - in order to use the buffered bio if - * present - */ + /* Access wbio directly - in order to use the buffered bio if present */ bio = s->wbio; if (BIO_should_write(bio)) return (SSL_ERROR_WANT_WRITE); @@ -3893,7 +3890,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, /* * Allocates new EVP_MD_CTX and sets pointer to it into given pointer * variable, freeing EVP_MD_CTX previously stored in that variable, if any. - * If EVP_MD pointer is passed, initializes ctx with this md. + * If EVP_MD pointer is passed, initializes ctx with this |md|. * Returns the newly allocated ctx; */ diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 9cdb263ee3..043b8304eb 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -325,7 +325,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { * Verify whether we are allowed to use the extension |type| in the current * |context|. Returns 1 to indicate the extension is allowed or unknown or 0 to * indicate the extension is not allowed. If returning 1 then |*found| is set to - * 1 if we found a definition for the extension, and |*idx| is set to its index + * the definition for the extension we found. */ static int verify_extension(SSL *s, unsigned int context, unsigned int type, custom_ext_methods *meths, RAW_EXTENSION *rawexlist, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index c6b164147b..d4f8e0a0c3 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1983,7 +1983,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) goto err; } - /* test non-zero pupkey */ + /* test non-zero pubkey */ if (BN_is_zero(bnpub_key)) { *al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_SKE_DHE, SSL_R_BAD_DH_VALUE); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index e2c47994b8..1c6c35eb06 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -659,7 +659,7 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst) case TLS_ST_SW_SRVR_HELLO: if (SSL_IS_DTLS(s)) { /* - * Messages we write from now on should be bufferred and + * Messages we write from now on should be buffered and * retransmitted if necessary, so we need to use the timer now */ st->use_timer = 1; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 83e493eb7c..1c98b53e96 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1841,7 +1841,7 @@ static int ssl_check_ca_name(STACK_OF(X509_NAME) *names, X509 *x) * attempting to use them. */ -/* Flags which need to be set for a certificate when stict mode not set */ +/* Flags which need to be set for a certificate when strict mode not set */ #define CERT_PKEY_VALID_FLAGS \ (CERT_PKEY_EE_SIGNATURE|CERT_PKEY_EE_PARAM) @@ -2101,7 +2101,7 @@ void tls1_set_cert_validity(SSL *s) tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512); } -/* User level utiity function to check a chain is suitable */ +/* User level utility function to check a chain is suitable */ int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain) { return tls1_check_chain(s, x, pk, chain, -1); @@ -2205,8 +2205,8 @@ int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee) } /* - * Check security of a chain, if sk includes the end entity certificate then - * x is NULL. If vfy is 1 then we are verifying a peer chain and not sending + * Check security of a chain, if |sk| includes the end entity certificate then + * |x| is NULL. If |vfy| is 1 then we are verifying a peer chain and not sending * one to the peer. Return values: 1 if ok otherwise error code to use */ @@ -2257,7 +2257,7 @@ int tls_choose_sigalg(SSL *s, int *al) int curve = -1, skip_ec = 0; #endif - /* Look for a certificate matching shared sigaglgs */ + /* Look for a certificate matching shared sigalgs */ for (i = 0; i < s->cert->shared_sigalgslen; i++) { lu = s->cert->shared_sigalgs[i]; @@ -2304,7 +2304,7 @@ int tls_choose_sigalg(SSL *s, int *al) if (idx == -1) return 1; if (idx == SSL_PKEY_GOST_EC) { - /* Work out which GOST certificate is avaiable */ + /* Work out which GOST certificate is available */ if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) { idx = SSL_PKEY_GOST12_512; } else if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) { diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 3b783a74af..2ae4552843 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -454,7 +454,7 @@ int tls13_change_cipher_state(SSL *s, int which) labellen = sizeof(client_handshake_traffic) - 1; log_label = CLIENT_HANDSHAKE_LABEL; /* - * The hanshake hash used for the server read/client write handshake + * The handshake hash used for the server read/client write handshake * traffic secret is the same as the hash for the server * write/client read handshake traffic secret. However, if we * processed early data then we delay changing the server |