[Openvpn-devel] Fix various spelling mistakes

Message ID 1cfa91c6-2c77-1d82-812b-269c941eba4d@reliablehosting.com
State Changes Requested
Headers show
Series
  • [Openvpn-devel] Fix various spelling mistakes
Related show

Commit Message

Jonathan Tooker Jan. 23, 2019, 3:31 a.m.
Fork @ github: https://github.com/JDTX/openvpn (76ab12606155f51aaaf376a46f4a52a459af105c)

From: Jonathan Tooker <jonathan@reliablehosting.com>
Date: Tue, 22 Jan 2019 18:27:39 -0600
Subject: [PATCH] Fix various spelling mistakes

Fix spelling mistakes in code/headers/manpages/etc.
---
distro/rpm/openvpn.init.d.rhel            |  2 +-
distro/rpm/openvpn.init.d.suse            |  4 ++--
doc/keying-material-exporter.txt          |  2 +-
doc/openvpn.8                             | 14 +++++++-------
sample/sample-config-files/client.conf    |  2 +-
sample/sample-keys/openssl.cnf            |  4 ++--
src/openvpn/buffer.c                      |  2 +-
src/openvpn/console.h                     |  6 +++---
src/openvpn/crypto.h                      |  2 +-
src/openvpn/crypto_backend.h              |  2 +-
src/openvpn/fragment.c                    |  2 +-
src/openvpn/init.c                        | 18 +++++++++---------
src/openvpn/mss.c                         |  2 +-
src/openvpn/options.c                     | 14 +++++++-------
src/openvpn/packet_id.h                   |  2 +-
src/openvpn/route.c                       |  2 +-
src/openvpn/run_command.c                 |  4 ++--
src/openvpn/socket.c                      | 12 ++++++------
src/openvpn/socket.h                      |  2 +-
src/openvpn/ssl.c                         |  2 +-
src/openvpn/tun.c                         |  8 ++++----
src/openvpn/win32.c                       |  2 +-
src/openvpn/win32.h                       |  2 +-
src/openvpnmsica/msica_op.h               |  2 +-
src/plugins/auth-pam/README.auth-pam      |  4 ++--
src/plugins/auth-pam/utils.h              |  6 +++---
src/tapctl/tap.c                          |  2 +-
tests/t_client.sh.in                      |  2 +-
tests/unit_tests/openvpn/test_tls_crypt.c |  2 +-
29 files changed, 65 insertions(+), 65 deletions(-)

Comments

Simon Rozman via Openvpn-devel Jan. 23, 2019, 3:51 a.m. | #1
Hi,

> diff --git a/src/openvpn/console.h b/src/openvpn/console.h
> index 0ffd6683..62beacae 100644
> --- a/src/openvpn/console.h
> +++ b/src/openvpn/console.h
> @@ -33,9 +33,9 @@
>   */
> struct _query_user {
>      char *prompt;             /**< Prompt to present to the user */
> -    size_t prompt_len;        /**< Lenght of the prompt string */
> +    size_t prompt_len;        /**< Length of the prompt string */
>      char *response;           /**< The user's response */
> -    size_t response_len;      /**< Lenght the of the user reposone */
> +    size_t response_len;      /**< Length the of the user reposone */
                                                             ^^^^^^^^
response

Regards,
Simon
Jonathan Tooker Jan. 23, 2019, 5:15 a.m. | #2
Looks like I missed that and a few others! I fixed some more spelling
errors across other things. Follow up patch/commit below. If I just need
to re-make the original patch let me know.

From: Jonathan Tooker <jonathan@reliablehosting.com>
Date: Tue, 22 Jan 2019 23:10:33 -0600
Subject: [PATCH] Another set of spelling fixes

---
 COPYING                          |   6 +-
 ChangeLog                        | 140 +++++++++++++++----------------
 Changes.rst                      |   6 +-
 INSTALL                          |   2 +-
 TODO.IPv6                        |   6 +-
 configure.ac                     |   2 +-
 m4/pkg.m4                        |   2 +-
 src/openvpn/console.h            |   2 +-
 src/openvpn/ssl_verify_backend.h |   2 +-
 9 files changed, 84 insertions(+), 84 deletions(-)

diff --git a/COPYING b/COPYING
index 9c21c177..54cc9f24 100644
--- a/COPYING
+++ b/COPYING
@@ -157,7 +157,7 @@ OpenSSL License:
  * The implementation was written so as to conform with Netscapes SSL.
  * 
  * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
+ * the following conditions are adhered to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
@@ -182,7 +182,7 @@ OpenSSL License:
  *    must display the following acknowledgement:
  *    "This product includes cryptographic software written by
  *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
+ *    The word 'cryptographic' can be left out if the routines from the library
  *    being used are not cryptographic related :-).
  * 4. If you include any Windows specific code (or a derivative thereof) from 
  *    the apps directory (application code) you must include an acknowledgement:
@@ -200,7 +200,7 @@ OpenSSL License:
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  * 
- * The licence and distribution terms for any publically available version or
+ * The licence and distribution terms for any publicly available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
diff --git a/ChangeLog b/ChangeLog
index 1c06c7f1..077d7063 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -128,7 +128,7 @@ Gert Doering (10):
 
 Heiko Hund (4):
       put argv_* functions into own file, add unit tests
-      Remove unused and unecessary argv interfaces
+      Remove unused and unnecessary argv interfaces
       remove unused system_str from struct argv
       Factor out %sc handling from argv_printf()
 
@@ -230,7 +230,7 @@ Arne Schwabe (100):
       Split the PROTO_UDP_xx options into AF_INET/AF_INET6 and PROTO_TCP/PROTO_UDP part.
       Fix two instances of asserting AF_INET
       Fix assertion when SIGUSR1 is received while getaddrinfo is successful
-      Split link_socket_init_phase1 and link_socket_init_phase2 into smaller more managable/readable functions. No functional changes
+      Split link_socket_init_phase1 and link_socket_init_phase2 into smaller more manageable/readable functions. No functional changes
       Change proto_remote() function to return a constant string
       Remove the ip-remote-hint option.
       change the type of 'remote' to addrinfo*, and rename to 'remote_list'.
@@ -252,7 +252,7 @@ Arne Schwabe (100):
       Add gateway and device to android control messages
       Clean up of socket code.
       Fix assert when using port-share
-      Work around Solaris getaddrinfo() returing ai_protocol=0
+      Work around Solaris getaddrinfo() returning ai_protocol=0
       Fix man page and OSCP script: tls_serial_{n} is decimal
       Remove ENABLE_BUFFER_LIST
       Fix server routes not working in topology subnet with --server [v3]
@@ -335,7 +335,7 @@ David Sommerseth (44):
       autoconf: Fix typo
       t_client.sh: Check for fping/fping6 availability
       t_client.sh: Write errors to stderr and document requirements
-      t_client.sh: Add prepare/cleanup possibilties for each test case
+      t_client.sh: Add prepare/cleanup possibilities for each test case
       Fix file checks when --chroot is being used
       Adjusted autotools files to build more cleanly on newer autoconf/automake versions
       Improve error reporting on file access to --client-config-dir and --ccd-exclusive
@@ -382,7 +382,7 @@ Dorian Harmans (1):
       Add CHACHA20-POLY1305 ciphersuite IANA name translations.
 
 Felix Janda (1):
-      Use OPENVPN_ETH_P_* so that <netinet/if_ether.h> is unecessary
+      Use OPENVPN_ETH_P_* so that <netinet/if_ether.h> is unnecessary
 
 Fish (1):
       Add lz4 support to MSVC.
@@ -531,7 +531,7 @@ Holger Kummert (1):
       Del ipv6 addr on close of linux tun interface
 
 Hubert Kario (2):
-      ocsp_check - signature verification and cert staus results are separate
+      ocsp_check - signature verification and cert status results are separate
       ocsp_check - double check if ocsp didn't report any errors in execution
 
 Ilya Shipitsin (3):
@@ -796,7 +796,7 @@ Steffan Karger (180):
       Don't exit daemon if opening or parsing the CRL fails.
       Define dummy SSL_OP_NO_TICKET flag if not present in OpenSSL.
       Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.
-      Fix some unintialized variable warnings
+      Fix some uninitialized variable warnings
       Fix clang warning in options.c
       Fix compiler warnings in ssl_polarssl.c.
       Fix regression with password protected private keys (polarssl)
@@ -1181,7 +1181,7 @@ Adriaan de Jong (127):
       Refactored get_highest_preference_tls_cipher
       Refactored root SSL context initialisation
       Refactored new external key code
-      Refactored DH paramater loading
+      Refactored DH parameter loading
       Refactored root TLS option settings
       Refactored PKCS#12 key loading
       Refactored PKCS#11 loading
@@ -1192,7 +1192,7 @@ Adriaan de Jong (127):
       Refactored CA and extra certs code
       Refactored cipher restriction code
       Refactored tls_options, key_state, and key_source data structures
-      Refactored initalisation of key_states
+      Refactored initialisation of key_states
       Refactored key_state free code
       Refactored print_details
       Refactored key_state read code (including bio_read())
@@ -1275,7 +1275,7 @@ Adriaan de Jong (127):
       Moved out of memory prototype to error.h, as the definition is in error.c
       Removed support for calling gc_malloc with a NULL gc_arena struct
 
-      (The follwing patches from Adriaan was mistakenly merged with
+      (The following patches from Adriaan was mistakenly merged with
        the wrong commit author in the git tree)
       Doxygen: Added data channel crypto docs
       Added control channel crypto docs
@@ -1342,7 +1342,7 @@ David Sommerseth (50):
       Revamp check_file_access() checks in stdin scenarios
 
 Davide Guerri (1):
-      New feauture: Add --stale-routes-check
+      New feature: Add --stale-routes-check
 
 Frank de Brabander (1):
       Fixed wrong return type of cipher_kt_mode
@@ -1357,7 +1357,7 @@ Gert Doering (45):
       NetBSD fixes - on 4.0 and up, use multi-af mode.
       new feature: "ifconfig-ipv6-push" (from ccd/ config)
       add some TODOs to TODO.IPv6
-      undo accidential duplication of existing "--iroute" line in the help text
+      undo accidental duplication of existing "--iroute" line in the help text
       basic documentation of IPv6 related options and their syntax
       Enable IPv6 Payload in OpenVPN p2mp tun server mode.
       remove NOTES file from commit - private scribbling
@@ -1502,7 +1502,7 @@ JuanJo Ciarlante (40):
       * document ipv6 milestone status
       * doc update w/unittests results
       * make possible to x-compile openvpn/win32 in Linux
-      * correctly setup hints.ai_socktype for getaddrinfo(), althought sorta hacky, see TODO.ipv6.
+      * correctly setup hints.ai_socktype for getaddrinfo(), although sorta hacky, see TODO.ipv6.
       * renamed README.ipv6{.txt,}
       * updated {README,TODO}.ipv6 from feedback at openvpn-devel mlist
       * init.c: document the ENABLE_MANAGEMENT place to work on
@@ -1645,7 +1645,7 @@ Samuli Seppänen (15):
       Added a nmake makefile for openvpnserv.exe building
       Moved TAP-driver version info to version.m4. Cleaned up win/settings.in.
       Added helper functionality to win/wb.py
-      Added support for viewing config-win32.h paramters to win/show.py
+      Added support for viewing config-win32.h parameters to win/show.py
       Added comments and made small modifications to win/msvc.mak.in
       Added command-line switch to win/build_all.py to skip TAP driver building
       Added configure.h and version.m4 variable parsing to win/config.py
@@ -1712,7 +1712,7 @@ Samuli Seppänen (2):
 
 * Community patches
   David Sommerseth (2):
-      Test framework improvment - Do not FAIL if t_client.rc is missing
+      Test framework improvement - Do not FAIL if t_client.rc is missing
       More t_client.sh updates - exit with SKIP when we want to skip
 
   Gert Doering (4):
@@ -1872,7 +1872,7 @@ Samuli Seppänen (2):
   renegotiation capabilities that are built into the SSL/TLS protocol,
   therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation
   completely) will not adversely affect OpenVPN mid-session SSL/TLS
-  renegotation or any other OpenVPN capabilities.
+  renegotiation or any other OpenVPN capabilities.
 
 * Added additional session renegotiation hardening.  OpenVPN has always
   required that mid-session renegotiations build up a new SSL/TLS
@@ -1921,7 +1921,7 @@ Samuli Seppänen (2):
 
 * Added the ability for the server to provide a custom reason string
   when an AUTH_FAILED message is returned to the client.  This
-  string can be set by the server-side managment interface and read
+  string can be set by the server-side management interface and read
   by the client-side management interface.
 
 * client-kill management interface command, when issued on server, will
@@ -1966,7 +1966,7 @@ Samuli Seppänen (2):
 * Minor tweaks to Windows build system.
 
 * Added "redirect-private" option which allows private subnets
-  to be pushed to the client in such a way that they don't accidently
+  to be pushed to the client in such a way that they don't accidentally
   obscure critical local addresses such as the DHCP server address and
   DNS server addresses.
 
@@ -1993,7 +1993,7 @@ Samuli Seppänen (2):
   functionality (Alon Bar-Lev).
 
 * Fixed bug where the remote_X environmental variables were not being
-  set correctly when the 'local' option is specifed.
+  set correctly when the 'local' option is specified.
 
 2009.05.17 -- Version 2.1_rc16
 
@@ -2396,7 +2396,7 @@ Samuli Seppänen (2):
   files might elicit the error: "Options error: Parameter pkcs11_private_mode
   can only be specified in TLS-mode, i.e. where --tls-server or --tls-client
   is also specified."
-	
+      
 2008.01.23 -- Version 2.1_rc5
 
 * Fixed Win2K TAP driver bug that was introduced by Vista fixes,
@@ -2469,7 +2469,7 @@ Samuli Seppänen (2):
 
 * Added --management-forget-disconnect option -- forget
   passwords when management session disconnects (Alon Bar-Lev).
-	
+      
 2007.04.25 -- Version 2.1_rc4
 
 * Worked out remaining issues with TAP driver signing
@@ -2484,7 +2484,7 @@ Samuli Seppänen (2):
 * Additional fixes to TAP driver for Windows x64.  Driver
   now runs successfully on Vista x64 if driver signing
   enforcement is disabled.
-	
+      
 * The Windows Installer and TAP driver are now signed by
   OpenVPN Solutions LLC (in addition to the usual GnuPG
   signatures).
@@ -2502,7 +2502,7 @@ Samuli Seppänen (2):
   with password-protected keys; also add -extensions server
   option when generating server cert via
   build-key-server-pass.bat (Daniel Zauft).
-	
+      
 2007.02.27 -- Version 2.1_rc2
 
 * auth-pam change:  link with -lpam rather
@@ -2581,10 +2581,10 @@ Samuli Seppänen (2):
 
 * Fixed TAP-Win32 bug that caused BSOD on Windows Vista
   (Henry Nestler).
-	
+      
 * Autodetect 32/64 bit Windows in installer and install
   appropriate TAP driver (Mathias Sundman, Hypherion).
-	
+      
 * Fixed bug in loopback self-test introduced
   in 2.1-beta15 where self test as invoked by
   "make check" would not properly exit after
@@ -2608,7 +2608,7 @@ Samuli Seppänen (2):
 * PKCS#11 changes: (Alon Bar-Lev) 
   - Modified ssl.c to not FATAL and return to init.c
     so auth-retry will work.
-  - Modifed pkcs11-helper.c to fix some problem with
+  - Modified pkcs11-helper.c to fix some problem with
     multiple providers.
   - Added retry counter to PKCS#11 PIN hook.
   - Modified PKCS#11 PIN retry loop to return correct error
@@ -2645,10 +2645,10 @@ Samuli Seppänen (2):
 
 * Fixed Windows server bug in time backtrack handling code which
   could cause TLS negotiation failures on legitimate clients.
-	
+      
 * Rewrote gettimeofday function for Windows to be
   simpler and more efficient.
-	
+      
 * Merged PKCS#11 extensions to easy-rsa/2.0  (Alon Bar-Lev).
 
 * Added --route-metric option to set a default route metric
@@ -2662,7 +2662,7 @@ Samuli Seppänen (2):
 * Code added in 2.1-beta7 and 2.0.6-rc1 to extend byte counters
   to 64 bits caused a bug in the Windows version which has now
   been fixed.  The bug could cause intermittent crashes.
-	
+      
 2006.04.05 -- Version 2.1-beta12
 
 * Security Vulnerability -- An OpenVPN client connecting to a
@@ -2674,7 +2674,7 @@ Samuli Seppänen (2):
   directives to it by including "pull" or the macro "client" in
   its configuration file, (b) the client configuration file uses
   a scripting directive such as "up" or "down", (c) the client
-  succesfully authenticates the server, (d) the server is
+  successfully authenticates the server, (d) the server is
   malicious or has been compromised and is under the control of
   the attacker, and (e) the attacker has at least some level of
   pre-existing control over files on the client (this might be
@@ -2691,7 +2691,7 @@ Samuli Seppänen (2):
 
 * PKCS11 fixes (Alon Bar-Lev).  For full description:
   svn log -r990 http://svn.openvpn.net/projects/openvpn/branches/BETA21
-	
+      
 * When deleting routes under Linux, use the route metric
   as a differentiator to ensure that the route teardown
   process only deletes the identical route which was originally
@@ -2759,7 +2759,7 @@ Samuli Seppänen (2):
   which tries IP helper API first, then falls back to
   route.exe.
 * Made --route-method adaptive the default.
-	
+      
 2005.11.12 -- Version 2.1-beta7
 
 * Allow blank passwords to be passed via the management
@@ -2783,7 +2783,7 @@ Samuli Seppänen (2):
   reference an explicit file.
   For example:
   <ca>
-	data here...
+      data here...
   </ca>
 * Allow plugin and push directives to have multi-line
   parameter lists such as:
@@ -2801,7 +2801,7 @@ Samuli Seppänen (2):
   attributes (Alon Bar-Lev).
 * For Windows, reverted --ip-win32 default back to "dynamic".
   To use new adaptive mode, set explicitly.
-	
+      
 2005.11.01 -- Version 2.1-beta6
 
 * Security fix (merged from 2.0.4) -- Affects non-Windows
@@ -2860,7 +2860,7 @@ Samuli Seppänen (2):
 * Added ".PHONY: plugin" to Makefile.am, reverted
   location of "plugin" directory (thanks to
   Matthias Andree for figuring this out).
-	
+      
 2005.10.16 -- Version 2.1-beta3
 
 * Added PKCS#11 support (Alon Bar-Lev).
@@ -2928,7 +2928,7 @@ Samuli Seppänen (2):
   per-client constructor and destructor functions, to make
   it simpler for plugins to maintain per-client state.
 
-2005.09.25 -- Version 2.0.3-rc1	
+2005.09.25 -- Version 2.0.3-rc1     
 
 * openvpn_plugin_abort_v1 function wasn't being properly
   registered on Windows.
@@ -2956,7 +2956,7 @@ Samuli Seppänen (2):
 * Modified pkitool script to be /bin/sh compatible (Johnny Lam).
 
 2005.08.16 -- Version 2.0.1
-	
+      
 * Security Fix -- DoS attack against server when run with "verb 0" and
   without "tls-auth".  If a client connection to the server fails
   certificate verification, the OpenSSL error queue is not properly
@@ -3130,7 +3130,7 @@ Samuli Seppänen (2):
   ifconfig-push static addresses for some subset of clients
   which directly reference the server IP address as the
   remote endpoint.
-	
+      
 2005.03.28 -- Version 2.0-rc18
 
 * Packaged Windows installer with OpenSSL 0.9.7f.
@@ -3152,7 +3152,7 @@ Samuli Seppänen (2):
   Require the appropriately named 'lzo' (liblzo1 / lzo).
   (Tom Walsh - http://openhardware.net)
 
-	
+      
 2005.02.20 -- Version 2.0-rc16
 
 * Fixed bug introduced in rc13 where Windows service wrapper
@@ -3183,7 +3183,7 @@ Samuli Seppänen (2):
   (c) verify that revocation succeeded.
 * Renamed easy-rsa/Windows/revoke-key to revoke-full so
   that both *nix and Windows scripts are equivalent.
-	
+      
 2005.02.11 -- Version 2.0-rc13
 
 * Improve human-readability of local/remote options
@@ -3269,7 +3269,7 @@ Samuli Seppänen (2):
 * To increase the push list capacity (must be done on both
   client and server), increase TLS_CHANNEL_BUF_SIZE in
   common.h (default=1024).
-	
+      
 2005.01.15 -- Version 2.0-rc8
 
 * Fixed bug introduced in rc7 where options error
@@ -3288,7 +3288,7 @@ Samuli Seppänen (2):
   option or missing parameter" error message.
 * Added "-extensions server" to "openssl req" command
   in easy-rsa/build-key-server (Nir Yeffet).
-	
+      
 2005.01.10 -- Version 2.0-rc7
 
 * Fixed bug in management interface which could cause
@@ -3400,7 +3400,7 @@ Samuli Seppänen (2):
   in a hibernating state until released by the
   management interface.  Also added "hold" command
   to the management interface.
- 	
+      
 2004.12.07 -- Version 2.0-rc1
 
 * openvpn.spec workaround for SuSE confusion regarding
@@ -3421,7 +3421,7 @@ Samuli Seppänen (2):
   are now prepended with an integer unix timestamp.
 * Added --http-proxy-timeout option, previously
   the timeout was hardcoded to 5 seconds.
-	
+      
 2004.12.02 -- Version 2.0-beta19
 
 * Fixed bug in management interface line termination
@@ -3611,7 +3611,7 @@ Samuli Seppänen (2):
   daemon instantiations.
 * --user and --group privilege downgrades as well as
   --chroot now also work in client mode (the
-  dowgrade/chroot will be delayed until the initialization
+  downgrade/chroot will be delayed until the initialization
   sequence is completed).
 * Added --show-engines standalone directive to show
   available OpenSSL crypto accelerator engine support.
@@ -3677,7 +3677,7 @@ Samuli Seppänen (2):
   (Peter 'Luna' Runestig).
 * Added experimental --fast-io flag which optimizes
   TUN/TAP/UDP writes on non-Windows systems.
-	
+      
 2004.08.18 -- Version 2.0-beta11
 
 * Added --server, --server-bridge, --client, and
@@ -3907,7 +3907,7 @@ Samuli Seppänen (2):
 * Fixed bug in event timer queue which could cause
   recurring timer events such as --ping to not
   correctly schedule again after firing.  This in
-  turn would cause spurrious ping restarts and possible
+  turn would cause spurious ping restarts and possible
   connection outages.  Thanks to Denis Vlasenko for
   tracking this down.
 * Possible fix to reported bug where --daemon argument
@@ -3977,7 +3977,7 @@ Samuli Seppänen (2):
   on VPN packets coming from a particular client must
   be associated with that client in the OpenVPN internal
   routing table.
-	
+      
 2004.04.28 -- Version 2.0-test26
 
 * Optimized broadcast path in multi-client mode.
@@ -4011,7 +4011,7 @@ Samuli Seppänen (2):
 * Reworked multi-client broadcast handling.
 
 2004.04.13 -- Version 2.0-test23
-	
+      
 * Fixed bug in --dev tun --client-to-client routing.
 * Fixed a potential deadlock in --pull.
 * Fixed a problem with select() usage which could
@@ -4026,7 +4026,7 @@ Samuli Seppänen (2):
   (Jeremy Apple).
 * Minor changes to TAP-Win32 driver based on feedback
   from the NDISTest tool.
-	
+      
 2004.04.11 -- Version 2.0-test21
 
 * Optimizations in multi-client server event loop.
@@ -4078,7 +4078,7 @@ Samuli Seppänen (2):
   Linux 2.4 and clients on Linux and Windows.
 
 2004.03.25 -- Version 2.0-test15
-	
+      
 * Implemented hash-table lookup of client instances
   based either on remote UDP address/port or remote
   ifconfig endpoint.
@@ -4170,7 +4170,7 @@ Samuli Seppänen (2):
 
 * Initial work on UDP multi-client server.
 * Branch merge of 1.6-beta7
-	
+      
 2004.02.14 -- Version 2.0-test2
 
 * Refactorization of openvpn.c into openvpn.[ch]
@@ -4185,7 +4185,7 @@ Samuli Seppänen (2):
 * Initial testbed for 2.0.
 
 2004.05.09 -- Version 1.6.0
-	
+      
 * Unchanged from 1.6-rc4 except for version number
   upgrade.
 
@@ -4196,7 +4196,7 @@ Samuli Seppänen (2):
 * Fixed "storage size of `iv' isn't known" build
   problem on FreeBSD.
 * OpenSSL 0.9.7d bundled with Windows self-install.
-	
+      
 2004.03.13 -- Version 1.6-rc3
 
 * Minor Windows fixes for --ip-win32 dynamic, relating to
@@ -4207,7 +4207,7 @@ Samuli Seppänen (2):
 * Added code to determine the default gateway on FreeBSD,
   allowing the --redirect-gateway option to work
   (Juan Rodriguez Hervella).
-	
+      
 2004.03.04 -- Version 1.6-rc2
 
 * Fixed bug in Windows version where the NetBIOS node-type
@@ -4226,9 +4226,9 @@ Samuli Seppänen (2):
   is explicitly specified.
 * L_TLS mutex could have been left in a locked state
   for certain kinds of TLS errors.
-	
+      
 2004.02.22 -- Version 1.6-beta7
-	
+      
 * Allow scheduling priority increase (--nice) together
   with UID/GID downgrade (--user/--group).
 * Code that causes SIGUSR1 restart on TLS errors in TCP
@@ -4243,7 +4243,7 @@ Samuli Seppänen (2):
 * Bug fix in new FreeBSD IPv6 over TUN code which was
   originally added in 1.6-beta5 (Nathanael Rensen).
 * More Socks5 fixes -- extended the struct frame
-  infrastructure to accomodate proxy-based encapsulation
+  infrastructure to accommodate proxy-based encapsulation
   overhead.
 * Added --dhcp-option to Windows version for setting
   adapter properties such as WINS & DNS servers.
@@ -4258,7 +4258,7 @@ Samuli Seppänen (2):
 
 2004.02.05 -- Version 1.6-beta6
 
-* UDP over Socks5 fix to accomodate Socks5 encapsulation
+* UDP over Socks5 fix to accommodate Socks5 encapsulation
   overhead (Christof Meerwald).
 * Minor --ip-win32 dynamic tweaks (use long lease time,
   invalidate existing lease with DHCPNAK).
@@ -4298,7 +4298,7 @@ Samuli Seppänen (2):
 * Added renewal-time and rebind-time to set of
   DHCP options returned by the TAP-Win32 driver when
   "--ip-win32 dynamic" is used.
-	
+      
 2004.01.14 -- Version 1.6-beta1
 
 * Fixed --proxy bug that sometimes caused plaintext
@@ -4365,7 +4365,7 @@ Samuli Seppänen (2):
   and backward compatibility is maintained.  See --secret option
   documentation on the man page for more info.
 * Added --tls-remote option (Teemu Kiviniemi).
-* Fixed --tls-cipher documention regarding correct delimiter
+* Fixed --tls-cipher documentation regarding correct delimiter
   usage (Teemu Kiviniemi).
 * Added --key-method option for selecting alternative data
   channel key negotiation methods.  Method 1 is the default.
@@ -4385,7 +4385,7 @@ Samuli Seppänen (2):
   the pre-existing default gateway address from the routing table
   (there's no standard API for getting the default gateway, so
   right now this feature only works on Windows or Linux).
-* Renamed the "route_default_gateway" enviromental variable to
+* Renamed the "route_default_gateway" environmental variable to
   "route_vpn_gateway" -- this is the remote VPN endpoint.
 * The special keywords vpn_gateway, net_gateway, and remote_host
   can now be used for the network or gateway components of the
@@ -4408,7 +4408,7 @@ Samuli Seppänen (2):
   message reordering when in TCP mode.
 * Changed beta naming convention to use '_' (underscore)
   rather than '-' (dash) to pacify rpmbuild.
-	
+      
 2003.10.08 -- Version 1.5-beta11
 
 * Modified code in the Windows version which sets the IP address
@@ -4509,7 +4509,7 @@ Samuli Seppänen (2):
   immediately after tun/tap device open.  When --route-delay is
   specified, routes will be added n seconds after connection
   initiation, where n is the --route-delay parameter (which
-  can be set to 0).	
+  can be set to 0).     
 * Made TCP framing error into a non-fatal error that triggers a
   connection reset.
 
@@ -4555,9 +4555,9 @@ Samuli Seppänen (2):
 
 * Extra refinements and error checking added to Windows
   NSIS install script.
-	
+      
 2003.08.05 -- Version 1.5-beta3
-	
+      
 * Added md5.h include to crypto.c to fix build problem on
   OpenBSD.
 * Created a Win32 installer using NSIS.
@@ -4568,7 +4568,7 @@ Samuli Seppänen (2):
   files to add and delete TAP-Win32 adapter instances.
 
 2003.07.31 -- Version 1.5-beta2
-	
+      
 * Renamed INSTALL.w32 to INSTALL-win32.txt and reformatted
   in Windows ASCII so it's easier to click and view.
 * Added postscript and PDF versions of the HOWTO to the web
@@ -4586,7 +4586,7 @@ Samuli Seppänen (2):
   version, see the window title bar for descriptions.
 
 2003.07.24 -- Version 1.5-beta1
-	
+      
 * Added TCP support via the new --proto option.
 * Renamed udp-centric options such as --udp-mtu to
   --link-mtu (old option names preserved for compatibility).
@@ -4656,7 +4656,7 @@ Samuli Seppänen (2):
   OpenBSD build.
 * Added --enable-mtu-dynamic configure option
   to enable --mtu-dynamic experimental option.
-	
+      
 2003.05.07 -- Version 1.4.0
 
 * Added --replay-persist feature to allow replay
@@ -4924,7 +4924,7 @@ Samuli Seppänen (2):
   with 1.1.1 and 1.1.0.
 
 2002.04.22 -- Version 1.1.1
-	
+      
 * Added --ifconfig option to automatically configure
   TUN device.
 * Added inactivity disconnect (--inactive
diff --git a/Changes.rst b/Changes.rst
index a7429b11..00dd6ed8 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -26,7 +26,7 @@ Seamless client IP/port floating
     the new format. When a data packet arrives, the server identifies peer
     by peer-id. If peer's ip/port has changed, server assumes that
     client has floated, verifies HMAC and updates ip/port in internal structs.
-    This allows the connection to be immediatly restored, instead of requiring
+    This allows the connection to be immediately restored, instead of requiring
     a TLS handshake before the server accepts packets from the new client
     ip/port.
 
@@ -223,7 +223,7 @@ User-visible Changes
   of a field get _$N appended to it's field name, starting at N=1.  For the
   example above, that would result in e.g. X509_0_OU=one, X509_0_OU_1=two.
   Note that this breaks setups that rely on the fact that OpenVPN would
-  previously (incorrectly) only export the last occurence of a field.
+  previously (incorrectly) only export the last occurrence of a field.
 
 - ``proto udp`` and ``proto tcp`` now use both IPv4 and IPv6. The new
   options ``proto udp4`` and ``proto tcp4`` use IPv4 only.
@@ -371,7 +371,7 @@ Security
 
 - CVE-2017-7521: Fix post-authentication remote-triggerable memory leaks
   A client could cause a server to leak a few bytes each time it connects to the
-  server.  That can eventuall cause the server to run out of memory, and thereby
+  server.  That can eventually cause the server to run out of memory, and thereby
   causing the server process to terminate. Discovered and reported to the
   OpenVPN security team by Guido Vranken.  (OpenSSL builds only.)
 
diff --git a/INSTALL b/INSTALL
index 0f12a636..d0c7dfa6 100644
--- a/INSTALL
+++ b/INSTALL
@@ -200,7 +200,7 @@ OPTIONS for ./configure:
   --enable-strict-options enable strict options check between peers (debugging
                           option) [default=no]
   --enable-selinux        enable SELinux support [default=no]
-  --enable-systemd        enable systemd suppport [default=no]
+  --enable-systemd        enable systemd support [default=no]
 
 ENVIRONMENT for ./configure:
 
diff --git a/TODO.IPv6 b/TODO.IPv6
index 24bf865a..465eaa66 100644
--- a/TODO.IPv6
+++ b/TODO.IPv6
@@ -21,7 +21,7 @@ TODO for IPv6 payload support
 
 4.) do "ifconfig tun0 inet6 unplumb"  or "ifconfig tun0 destroy" for
     Solaris, *BSD, ... at program termination time, to clean up leftovers
-    (unless tunnel persistance is desired).
+    (unless tunnel persistence is desired).
 
     For Solaris, only the "ipv6 tun0" is affected, for the *BSDs all tun0
     stay around.
@@ -47,7 +47,7 @@ tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
 4b.) verify this - on FreeBSD, tun0 is auto-destroyed if created by
      opening /dev/tun (and lingers if created by "ifconfig tun0 create")
 
-     -> use for persistant tunnels on not-linux?
+     -> use for persistent tunnels on not-linux?
 
     * 2012-06-10 tun interface behaviour is documented in "man tun(4)"
 
@@ -201,7 +201,7 @@ TODO for IPv6 transport support
     downstream.
     - Still done by flags, seems clean enough.
 
-  o implement comparison for mapped addesses: server in dual stack
+  o implement comparison for mapped addresses: server in dual stack
     listening IPv6 must permit incoming streams from allowed IPv4 peer,
     currently you need to pass eg:  --remote ffff::1.2.3.4
     - OpenVPN will compare all address of a remote
diff --git a/configure.ac b/configure.ac
index 192c15c5..84f12edc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -244,7 +244,7 @@ AC_ARG_ENABLE(
 
 AC_ARG_ENABLE(
 	[systemd],
-	[AS_HELP_STRING([--enable-systemd], [enable systemd suppport @<:@default=no@:>@])],
+	[AS_HELP_STRING([--enable-systemd], [enable systemd support @<:@default=no@:>@])],
 	,
 	[enable_systemd="no"]
 )
diff --git a/m4/pkg.m4 b/m4/pkg.m4
index 12d2a587..cca47a71 100644
--- a/m4/pkg.m4
+++ b/m4/pkg.m4
@@ -53,7 +53,7 @@ fi[]dnl
 # to PKG_CHECK_MODULES(), but does not set variables or print errors.
 #
 # Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
-# only at the first occurence in configure.ac, so if the first place
+# only at the first occurrence in configure.ac, so if the first place
 # it's called might be skipped (such as if it is within an "if", you
 # have to call PKG_CHECK_EXISTS manually
 # --------------------------------------------------------------
diff --git a/src/openvpn/console.h b/src/openvpn/console.h
index 62beacae..f9481684 100644
--- a/src/openvpn/console.h
+++ b/src/openvpn/console.h
@@ -35,7 +35,7 @@ struct _query_user {
     char *prompt;             /**< Prompt to present to the user */
     size_t prompt_len;        /**< Length of the prompt string */
     char *response;           /**< The user's response */
-    size_t response_len;      /**< Length the of the user reposone */
+    size_t response_len;      /**< Length the of the user response */
     bool echo;                /**< True: The user should see what is being typed, otherwise mask it */
 };
 
diff --git a/src/openvpn/ssl_verify_backend.h b/src/openvpn/ssl_verify_backend.h
index f4cc2c54..d6b31bfa 100644
--- a/src/openvpn/ssl_verify_backend.h
+++ b/src/openvpn/ssl_verify_backend.h
@@ -176,7 +176,7 @@ void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert);
  *
  * The tracked attributes are stored in ll_head.
  *
- * @param ll_head       The x509_track to store tracked atttributes in
+ * @param ll_head       The x509_track to store tracked attributes in
  * @param name          Name of the attribute to track
  * @param msglevel      Message level for errors
  * @param gc            Garbage collection arena for temp data
Arne Schwabe Jan. 23, 2019, 2:01 p.m. | #3
Am 23.01.19 um 06:15 schrieb Jonathan Tooker:
> Looks like I missed that and a few others! I fixed some more spelling
> errors across other things. Follow up patch/commit below. If I just need
> to re-make the original patch let me know.
> 
> From: Jonathan Tooker <jonathan@reliablehosting.com>
> Date: Tue, 22 Jan 2019 23:10:33 -0600
> Subject: [PATCH] Another set of spelling fixes
> 
> ---
>  COPYING                          |   6 +-
>  ChangeLog                        | 140 +++++++++++++++----------------
>  Changes.rst                      |   6 +-
>  INSTALL                          |   2 +-
>  TODO.IPv6                        |   6 +-
>  configure.ac                     |   2 +-
>  m4/pkg.m4                        |   2 +-
>  src/openvpn/console.h            |   2 +-
>  src/openvpn/ssl_verify_backend.h |   2 +-
>  9 files changed, 84 insertions(+), 84 deletions(-)
> 
> diff --git a/COPYING b/COPYING
> index 9c21c177..54cc9f24 100644
> --- a/COPYING
> +++ b/COPYING
> @@ -157,7 +157,7 @@ OpenSSL License:
>   * The implementation was written so as to conform with Netscapes SSL.
>   * 
>   * This library is free for commercial and non-commercial use as long as
> - * the following conditions are aheared to.  The following conditions
> + * the following conditions are adhered to.  The following conditions
>   * apply to all code found in this distribution, be it the RC4, RSA,
>   * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
>   * included with this distribution is covered by the same copyright terms
> @@ -182,7 +182,7 @@ OpenSSL License:
>   *    must display the following acknowledgement:
>   *    "This product includes cryptographic software written by
>   *     Eric Young (eay@cryptsoft.com)"
> - *    The word 'cryptographic' can be left out if the rouines from the library
> + *    The word 'cryptographic' can be left out if the routines from the library
>   *    being used are not cryptographic related :-).
>   * 4. If you include any Windows specific code (or a derivative thereof) from 
>   *    the apps directory (application code) you must include an acknowledgement:
> @@ -200,7 +200,7 @@ OpenSSL License:
>   * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
>   * SUCH DAMAGE.
>   * 
> - * The licence and distribution terms for any publically available version or
> + * The licence and distribution terms for any publicly available version or
>   * derivative of this code cannot be changed.  i.e. this code cannot simply be
>   * copied and put under another distribution licence
>   * [including the GNU Public Licence.]


Yes there are spelling mistakes in the license but changing someone
else's license is an absolute nogo, no matter how wrong it is spelt.

Even the current OpenSSL version (1.1.1a) has the text with the spelling
mistakes in it.

[Changelog entries]

I am not sure about the changelog. Changes.rst can be spell checked but
Changelog also doubles as a list of the git commit, so I feel it should
be the same as the commits.


> diff --git a/src/openvpn/console.h b/src/openvpn/console.h
> index 62beacae..f9481684 100644
> --- a/src/openvpn/console.h
> +++ b/src/openvpn/console.h
> @@ -35,7 +35,7 @@ struct _query_user {
>      char *prompt;             /**< Prompt to present to the user */
>      size_t prompt_len;        /**< Length of the prompt string */
>      char *response;           /**< The user's response */
> -    size_t response_len;      /**< Length the of the user reposone */
> +    size_t response_len;      /**< Length the of the user response */
>      bool echo;                /**< True: The user should see what is being typed, otherwise mask it */
>  };
>  
> diff --git a/src/openvpn/ssl_verify_backend.h b/src/openvpn/ssl_verify_backend.h
> index f4cc2c54..d6b31bfa 100644
> --- a/src/openvpn/ssl_verify_backend.h
> +++ b/src/openvpn/ssl_verify_backend.h
> @@ -176,7 +176,7 @@ void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert);
>   *
>   * The tracked attributes are stored in ll_head.
>   *
> - * @param ll_head       The x509_track to store tracked atttributes in
> + * @param ll_head       The x509_track to store tracked attributes in
>   * @param name          Name of the attribute to track
>   * @param msglevel      Message level for errors
>   * @param gc            Garbage collection arena for temp data
> -- 
> 2.20.1.windows.1
> 
> 
> 
> On 1/22/2019 9:51 PM, Simon Matter wrote:
>> Hi,
>>
>>> diff --git a/src/openvpn/console.h b/src/openvpn/console.h
>>> index 0ffd6683..62beacae 100644
>>> --- a/src/openvpn/console.h
>>> +++ b/src/openvpn/console.h
>>> @@ -33,9 +33,9 @@
>>>   */
>>> struct _query_user {
>>>      char *prompt;             /**< Prompt to present to the user */
>>> -    size_t prompt_len;        /**< Lenght of the prompt string */
>>> +    size_t prompt_len;        /**< Length of the prompt string */
>>>      char *response;           /**< The user's response */
>>> -    size_t response_len;      /**< Lenght the of the user reposone */
>>> +    size_t response_len;      /**< Length the of the user reposone */
>>                                                              ^^^^^^^^
>> response
>>
These changes are fine.

Arne
Arne Schwabe Jan. 23, 2019, 2:13 p.m. | #4
Am 23.01.19 um 04:31 schrieb Jonathan Tooker:
> Fork @ github: https://github.com/JDTX/openvpn (76ab12606155f51aaaf376a46f4a52a459af105c)
> 
> From: Jonathan Tooker <jonathan@reliablehosting.com>
> Date: Tue, 22 Jan 2019 18:27:39 -0600
> Subject: [PATCH] Fix various spelling mistakes
> 

I have gone through all of the correction and they are all correct and
some of them are my fault.

Acked-By: Arne Schwabe <arne@rfc2549.org>

Arne
Gert Doering Jan. 23, 2019, 7:14 p.m. | #5
Hi,

On Tue, Jan 22, 2019 at 09:31:03PM -0600, Jonathan Tooker wrote:
> Fork @ github: https://github.com/JDTX/openvpn (76ab12606155f51aaaf376a46f4a52a459af105c)
> 
> From: Jonathan Tooker <jonathan@reliablehosting.com>
> Date: Tue, 22 Jan 2019 18:27:39 -0600
> Subject: [PATCH] Fix various spelling mistakes
> 
> Fix spelling mistakes in code/headers/manpages/etc.

While I'm always happy to receive spelling/documentation fixes, *this*
patch got mangled by your mail client and git refuses to apply it - your
mail client removed leading blanks in *some* lines, so pieces like this:

> diff --git a/distro/rpm/openvpn.init.d.suse b/distro/rpm/openvpn.init.d.suse
> index 270024e8..1b4bcf06 100644
> --- a/distro/rpm/openvpn.init.d.suse
> +++ b/distro/rpm/openvpn.init.d.suse
> @@ -72,7 +72,7 @@
> #                            - removed sourcing "network"
> #                            - removed network checking. it seemed not to work with SuSE.
> #                            - added sourcing "rc.status", comments and "rc_reset" command
> -#                            - removed "succes; echo" and "failure; echo" lines
> +#                           - removed "success; echo" and "failure; echo" lines

... are no longer a valid patch.

Can you please re-send with "git send-email", which normally gets things
right even though everything out there is intent on massacring mails 
these days?

thanks,

gert

Patch

diff --git a/distro/rpm/openvpn.init.d.rhel b/distro/rpm/openvpn.init.d.rhel
index bfde2216..04125ca6 100755
--- a/distro/rpm/openvpn.init.d.rhel
+++ b/distro/rpm/openvpn.init.d.rhel
@@ -113,7 +113,7 @@  case "$1" in

                # From a security perspective, I think it makes
               # sense to remove this, and have users who need
-              # it explictly enable in their --up scripts or
+             # it explicitly enable in their --up scripts or
               # firewall setups.

                #echo 1 > /proc/sys/net/ipv4/ip_forward
diff --git a/distro/rpm/openvpn.init.d.suse b/distro/rpm/openvpn.init.d.suse
index 270024e8..1b4bcf06 100644
--- a/distro/rpm/openvpn.init.d.suse
+++ b/distro/rpm/openvpn.init.d.suse
@@ -72,7 +72,7 @@ 
#                            - removed sourcing "network"
#                            - removed network checking. it seemed not to work with SuSE.
#                            - added sourcing "rc.status", comments and "rc_reset" command
-#                            - removed "succes; echo" and "failure; echo" lines
+#                           - removed "success; echo" and "failure; echo" lines
#                            - added "rc_status" lines at the end of each section
#                            - changed "service" to "/etc/init.d/" in "In addition to start/stop"
#                              section above.
@@ -126,7 +126,7 @@  case "$1" in

                # From a security perspective, I think it makes
               # sense to remove this, and have users who need
-              # it explictly enable in their --up scripts or
+             # it explicitly enable in their --up scripts or
               # firewall setups.

                #echo 1 > /proc/sys/net/ipv4/ip_forward
diff --git a/doc/keying-material-exporter.txt b/doc/keying-material-exporter.txt
index 4187d828..4c1addc8 100644
--- a/doc/keying-material-exporter.txt
+++ b/doc/keying-material-exporter.txt
@@ -48,7 +48,7 @@  to application layer using well-defined mechanism.
    [DerivedAAABindingKey]                            [DerivedAAABindingKey]
                                                   [AuthenticateBindingKeys]
    Client                           ------->                         Server
-                             [Confidental channel]
+                             [Confidential channel]

 
 TLS Message flow for a full handshake
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 7abcaf1e..e5c0626a 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -696,7 +696,7 @@  are used.

 If the
.B ipv6only
-keyword is present OpenVPN will bind only to IPv6 (as oposed
+keyword is present OpenVPN will bind only to IPv6 (as opposed
to IPv6 and IPv4) when a IPv6 socket is opened.

 .\"*********************************************************
@@ -2221,7 +2221,7 @@  that
is parsed on the command line even though
the daemonization point occurs later.  If one of the
.B \-\-log
-options is present, it will supercede syslog
+options is present, it will supersede syslog
redirection.

 The optional
@@ -2332,7 +2332,7 @@  If
already exists it will be truncated.
This option takes effect
immediately when it is parsed in the command line
-and will supercede syslog output if
+and will supersede syslog output if
.B \-\-daemon
or
.B \-\-inetd
@@ -2817,7 +2817,7 @@  or outside this directory.
DEFAULT_DIR is replaced by the default plug\-in directory,
which is configured at the build time of OpenVPN.  CWD is the
current directory where OpenVPN was started or the directory
-OpenVPN have swithed into via the
+OpenVPN have switched into via the
.B \-\-cd
option before the
.B \-\-plugin
@@ -3104,7 +3104,7 @@  IV_LZO_STUB=1 \-\- if client was built with LZO stub capability

 IV_LZ4=1 \-\- if the client supports LZ4 compressions.

-IV_PROTO=2 \-\- if the client supports peer\-id floating mechansim
+IV_PROTO=2 \-\- if the client supports peer\-id floating mechanism

 IV_NCP=2 \-\- negotiable ciphers, client supports
.B \-\-cipher
@@ -4934,7 +4934,7 @@  Warning!
.B \-\-tls\-cipher
and
.B \-\-tls\-ciphersuites
-are expert features, which \- if used correcly \- can improve the security of
+are expert features, which \- if used correctly \- can improve the security of
your VPN connection.  But it is also easy to unwittingly use them to carefully
align a gun with your foot, or just break your connection.  Use with care!

@@ -5415,7 +5415,7 @@  UNIQUE_TOKEN_VALUE.

 Newer clients (2.4.7+) will fall back to the original password method
after a failed auth. Older clients will keep using the token value
-and react acording to
+and react according to
.B \-\-auth-retry
.
.\"*********************************************************
diff --git a/sample/sample-config-files/client.conf b/sample/sample-config-files/client.conf
index 5fd4a948..7f2f30a3 100644
--- a/sample/sample-config-files/client.conf
+++ b/sample/sample-config-files/client.conf
@@ -90,7 +90,7 @@  cert client.crt
key client.key

 # Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
#  http://openvpn.net/howto.html#mitm
diff --git a/sample/sample-keys/openssl.cnf b/sample/sample-keys/openssl.cnf
index aabfd48f..02bf8ac6 100644
--- a/sample/sample-keys/openssl.cnf
+++ b/sample/sample-keys/openssl.cnf
@@ -19,7 +19,7 @@  crl                                = $dir/crl.pem                   # The current CRL
private_key       = $dir/ca.key                      # The private key
RANDFILE           = $dir/.rand                        # private random number file

-x509_extensions            = basic_exts                       # The extentions to add to the cert
+x509_extensions           = basic_exts                       # The extensions to add to the cert

 # This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
# is designed for will. In return, we get the Issuer attached to CRLs.
@@ -54,7 +54,7 @@  default_bits                            = 2048
default_keyfile                = privkey.pem
default_md                       = sha256
distinguished_name      = cn_only
-x509_extensions                            = easyrsa_ca      # The extentions to add to the self signed cert
+x509_extensions                           = easyrsa_ca      # The extensions to add to the self signed cert

 # A placeholder to handle the $EXTRA_EXTS feature:
#%EXTRA_EXTS%            # Do NOT remove or change this line as $EXTRA_EXTS support requires it
diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c
index 2aae5c4c..8575e295 100644
--- a/src/openvpn/buffer.c
+++ b/src/openvpn/buffer.c
@@ -46,7 +46,7 @@  array_mult_safe(const size_t m1, const size_t m2, const size_t extra)
     unsigned long long res = (unsigned long long)m1 * (unsigned long long)m2 + (unsigned long long)extra;
     if (unlikely(m1 > limit) || unlikely(m2 > limit) || unlikely(extra > limit) || unlikely(res > (unsigned long long)limit))
     {
-        msg(M_FATAL, "attemped allocation of excessively large array");
+        msg(M_FATAL, "attempted allocation of excessively large array");
     }
     return (size_t) res;
}
diff --git a/src/openvpn/console.h b/src/openvpn/console.h
index 0ffd6683..62beacae 100644
--- a/src/openvpn/console.h
+++ b/src/openvpn/console.h
@@ -33,9 +33,9 @@ 
  */
struct _query_user {
     char *prompt;             /**< Prompt to present to the user */
-    size_t prompt_len;        /**< Lenght of the prompt string */
+    size_t prompt_len;        /**< Length of the prompt string */
     char *response;           /**< The user's response */
-    size_t response_len;      /**< Lenght the of the user reposone */
+    size_t response_len;      /**< Length the of the user reposone */
     bool echo;                /**< True: The user should see what is being typed, otherwise mask it */
};

@@ -55,7 +55,7 @@  void query_user_clear(void);
  * @param prompt     Prompt to display to the user
  * @param prompt_len Length of the prompt string
  * @param resp       String containing the user response
- * @param resp_len   Lenght of the response string
+ * @param resp_len   Length of the response string
  * @param echo       Should the user input be echoed to the user?  If False, input will be masked
  *
  */
diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 09f7bb25..c5947483 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -299,7 +299,7 @@  int read_key(struct key *key, const struct key_type *kt, struct buffer *buf);
  * @param authname    The name of the HMAC digest to use
  * @param keysize     The length of the cipher key to use, in bytes.  Only valid
  *                    for ciphers that support variable length keys.
- * @param tls_mode    Specifies wether we are running in TLS mode, which allows
+ * @param tls_mode    Specifies whether we are running in TLS mode, which allows
  *                    more ciphers than static key mode.
  * @param warn        Print warnings when null cipher / auth is used.
  */
diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h
index a04e01f4..7e9a4bd2 100644
--- a/src/openvpn/crypto_backend.h
+++ b/src/openvpn/crypto_backend.h
@@ -634,7 +634,7 @@  void hmac_ctx_free(hmac_ctx_t *ctx);
  * Initialises the given HMAC context, using the given digest
  * and key.
  *
- * @param ctx           HMAC context to intialise
+ * @param ctx           HMAC context to initialise
  * @param key           The key to use for the HMAC
  * @param key_len       The key length to use
  * @param kt            Static message digest parameters
diff --git a/src/openvpn/fragment.c b/src/openvpn/fragment.c
index 3f0ec2fa..6df71d07 100644
--- a/src/openvpn/fragment.c
+++ b/src/openvpn/fragment.c
@@ -178,7 +178,7 @@  fragment_incoming(struct fragment_master *f, struct buffer *buf,

             if (flags & (FRAG_SEQ_ID_MASK | FRAG_ID_MASK))
             {
-                FRAG_ERR("spurrious FRAG_WHOLE flags");
+                FRAG_ERR("spurious FRAG_WHOLE flags");
             }
         }
         else if (frag_type == FRAG_YES_NOTLAST || frag_type == FRAG_YES_LAST)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 560d87db..3c449678 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1005,7 +1005,7 @@  init_options_dev(struct options *options)
{
     if (!options->dev && options->dev_node)
     {
-        char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementaions may modify its arguments */
+        char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementations may modify its arguments */
         options->dev = basename(dev_node);
     }
}
@@ -1134,7 +1134,7 @@  do_persist_tuntap(const struct options *options)
              "options --mktun and --rmtun are not available on your operating "
              "system.  Please check 'man tun' (or 'tap'), whether your system "
              "supports using 'ifconfig %s create' / 'destroy' to create/remove "
-             "persistant tunnel interfaces.", options->dev );
+             "persistent tunnel interfaces.", options->dev );
#endif
     }
     return false;
@@ -2391,7 +2391,7 @@  socket_restart_pause(struct context *c)
     }
     c->persist.restart_sleep_seconds = 0;

-    /* do managment hold on context restart, i.e. second, third, fourth, etc. initialization */
+    /* do management hold on context restart, i.e. second, third, fourth, etc. initialization */
     if (do_hold(sec))
     {
         sec = 0;
@@ -3066,7 +3066,7 @@  do_init_frame(struct context *c)
     /* packets with peer-id (P_DATA_V2) need 3 extra bytes in frame (on client)
      * and need link_mtu+3 bytes on socket reception (on server).
      *
-     * accomodate receive path in f->extra_link, which has the side effect of
+     * accommodate receive path in f->extra_link, which has the side effect of
      * also increasing send buffers (BUF_SIZE() macro), which need to be
      * allocated big enough before receiving peer-id option from server.
      *
@@ -3193,7 +3193,7 @@  do_option_warnings(struct context *c)
         msg(M_WARN, "WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.");
     }

-    /* If a script is used, print appropiate warnings */
+    /* If a script is used, print appropriate warnings */
     if (o->user_script_used)
     {
         if (script_security() >= SSEC_SCRIPTS)
@@ -3562,7 +3562,7 @@  do_close_link_socket(struct context *c)
}

 /*
- * Close packet-id persistance file
+ * Close packet-id persistence file
  */
static void
do_close_packet_id(struct context *c)
@@ -3657,7 +3657,7 @@  do_close_status_output(struct context *c)
}

 /*
- * Handle ifconfig-pool persistance object.
+ * Handle ifconfig-pool persistence object.
  */
static void
do_open_ifconfig_pool_persist(struct context *c)
@@ -4269,7 +4269,7 @@  init_instance(struct context *c, const struct env_set *env, const unsigned int f
         do_init_traffic_shaper(c);
     }

-    /* do one-time inits, and possibily become a daemon here */
+    /* do one-time inits, and possibly become a daemon here */
     do_init_first_time(c);

 #ifdef ENABLE_PLUGIN
@@ -4399,7 +4399,7 @@  close_instance(struct context *c)
         do_close_plugins(c);
#endif

-        /* close packet-id persistance file */
+        /* close packet-id persistence file */
         do_close_packet_id(c);

         /* close --status file */
diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c
index b0e2c42b..f15c656e 100644
--- a/src/openvpn/mss.c
+++ b/src/openvpn/mss.c
@@ -110,7 +110,7 @@  mss_fixup_ipv6(struct buffer *buf, int maxmss)
      * before the final header (TCP, UDP, ...), so we'd need to walk that
      * chain (see RFC 2460 and RFC 6564 for details).
      *
-     * In practice, "most typically used" extention headers (AH, routing,
+     * In practice, "most typically used" extension headers (AH, routing,
      * fragment, mobility) are very unlikely to be seen inside an OpenVPN
      * tun, so for now, we only handle the case of "single next header = TCP"
      */
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index bebd3005..e34b65b1 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -451,7 +451,7 @@  static const char usage_message[] =
     "                  user/pass via environment, if method='via-file', pass\n"
     "                  user/pass via temporary file.\n"
     "--auth-gen-token  [lifetime] Generate a random authentication token which is pushed\n"
-    "                  to each client, replacing the password.  Usefull when\n"
+    "                  to each client, replacing the password.  Useful when\n"
     "                  OTP based two-factor auth mechanisms are in use and\n"
     "                  --reneg-* options are enabled. Optionally a lifetime in seconds\n"
     "                  for generated tokens can be set.\n"
@@ -675,7 +675,7 @@  static const char usage_message[] =
     "--pkcs11-protected-authentication [0|1] ... : Use PKCS#11 protected authentication\n"
     "                              path. Set for each provider.\n"
     "--pkcs11-private-mode hex ...   : PKCS#11 private key mode mask.\n"
-    "                              0       : Try  to determind automatically (default).\n"
+    "                              0       : Try  to determine automatically (default).\n"
     "                              1       : Use Sign.\n"
     "                              2       : Use SignRecover.\n"
     "                              4       : Use Decrypt.\n"
@@ -898,7 +898,7 @@  init_options(struct options *o, const bool init_gc)

     /* Set default --tmp-dir */
#ifdef _WIN32
-    /* On Windows, find temp dir via enviroment variables */
+    /* On Windows, find temp dir via environment variables */
     o->tmp_dir = win_get_tempdir();
#else
     /* Non-windows platforms use $TMPDIR, and if not set, default to '/tmp' */
@@ -3084,8 +3084,8 @@  options_postprocess_mutate(struct options *o)
  */
#ifndef ENABLE_SMALL  /** Expect people using the stripped down version to know what they do */

-#define CHKACC_FILE (1<<0)       /** Check for a file/directory precense */
-#define CHKACC_DIRPATH (1<<1)    /** Check for directory precense where a file should reside */
+#define CHKACC_FILE (1<<0)       /** Check for a file/directory presence */
+#define CHKACC_DIRPATH (1<<1)    /** Check for directory presence where a file should reside */
#define CHKACC_FILEXSTWR (1<<2)  /** If file exists, is it writable? */
#define CHKACC_INLINE (1<<3)     /** File is present if it's an inline file */
#define CHKACC_ACPTSTDIN (1<<4)  /** If filename is stdin, it's allowed and "exists" */
@@ -3119,7 +3119,7 @@  check_file_access(const int type, const char *file, const int mode, const char *
     /* Is the directory path leading to the given file accessible? */
     if (type & CHKACC_DIRPATH)
     {
-        char *fullpath = string_alloc(file, NULL); /* POSIX dirname() implementaion may modify its arguments */
+        char *fullpath = string_alloc(file, NULL); /* POSIX dirname() implementation may modify its arguments */
         char *dirpath = dirname(fullpath);

         if (platform_access(dirpath, mode|X_OK) != 0)
@@ -3169,7 +3169,7 @@  check_file_access(const int type, const char *file, const int mode, const char *
         msg(M_NOPREFIX | M_OPTERR | M_ERRNO, "%s fails with '%s'", opt, file);
     }

-    /* Return true if an error occured */
+    /* Return true if an error occurred */
     return (errcode != 0 ? true : false);
}

diff --git a/src/openvpn/packet_id.h b/src/openvpn/packet_id.h
index 26b07975..3b58da22 100644
--- a/src/openvpn/packet_id.h
+++ b/src/openvpn/packet_id.h
@@ -258,7 +258,7 @@  bool packet_id_read(struct packet_id_net *pin, struct buffer *buf, bool long_for
  * @param p             Packet ID state.
  * @param buf           Buffer to write the packet ID too
  * @param long_form     If true, also update and write time_t to buf
- * @param prepend       If true, prepend to buffer, otherwise apppend.
+ * @param prepend       If true, prepend to buffer, otherwise append.
  *
  * @return true if successful, false otherwise.
  */
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 2836d532..376e2673 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -1820,7 +1820,7 @@  route_ipv6_clear_host_bits( struct route_ipv6 *r6 )
{
     /* clear host bit parts of route
      * (needed if routes are specified improperly, or if we need to
-     * explicitely setup/clear the "connected" network routes on some OSes)
+     * explicitly setup/clear the "connected" network routes on some OSes)
      */
     int byte = 15;
     int bits_to_clear = 128 - r6->netbits;
diff --git a/src/openvpn/run_command.c b/src/openvpn/run_command.c
index 04ad2312..2d75a3e9 100644
--- a/src/openvpn/run_command.c
+++ b/src/openvpn/run_command.c
@@ -113,7 +113,7 @@  openvpn_execve_allowed(const unsigned int flags)
/*
  * Run execve() inside a fork().  Designed to replicate the semantics of system() but
  * in a safer way that doesn't require the invocation of a shell or the risks
- * assocated with formatting and parsing a command line.
+ * associated with formatting and parsing a command line.
  */
int
openvpn_execve(const struct argv *a, const struct env_set *es, const unsigned int flags)
@@ -199,7 +199,7 @@  openvpn_execve_check(const struct argv *a, const struct env_set *es, const unsig
/*
  * Run execve() inside a fork(), duping stdout.  Designed to replicate the semantics of popen() but
  * in a safer way that doesn't require the invocation of a shell or the risks
- * assocated with formatting and parsing a command line.
+ * associated with formatting and parsing a command line.
  */
int
openvpn_popen(const struct argv *a,  const struct env_set *es)
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index db944245..c472cf1b 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -992,7 +992,7 @@  link_socket_update_buffer_sizes(struct link_socket *ls, int rcvbuf, int sndbuf)
}

 /*
- * SOCKET INITALIZATION CODE.
+ * SOCKET INITIALIZATION CODE.
  * Create a TCP/UDP socket
  */

@@ -2535,7 +2535,7 @@  link_socket_current_remote(const struct link_socket_info *info)
  * by now just ignore it
  *
  * For --remote entries with multiple addresses this
- * only return the actual endpoint we have sucessfully connected to
+ * only return the actual endpoint we have successfully connected to
  */
     if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
     {
@@ -2566,7 +2566,7 @@  link_socket_current_remote_ipv6(const struct link_socket_info *info)
  * for PF_INET6 routes over PF_INET6 endpoints
  *
  * For --remote entries with multiple addresses this
- * only return the actual endpoint we have sucessfully connected to
+ * only return the actual endpoint we have successfully connected to
  */
     if (lsa->actual.dest.addr.sa.sa_family != AF_INET6)
     {
@@ -3279,7 +3279,7 @@  addr_family_name(int af)
  *
  * IPv6 and IPv4 protocols are comptabile but OpenVPN
  * has always sent UDPv4, TCPv4 over the wire. Keep these
- * strings for backward compatbility
+ * strings for backward compatibility
  */
const char *
proto_remote(int proto, bool remote)
@@ -3364,7 +3364,7 @@  link_socket_read_tcp(struct link_socket *sock,

 #if ENABLE_IP_PKTINFO

-/* make the buffer large enough to handle ancilliary socket data for
+/* make the buffer large enough to handle ancillary socket data for
  * both IPv4 and IPv6 destination addresses, plus padding (see RFC 2292)
  */
#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
@@ -3879,7 +3879,7 @@  socket_finalize(SOCKET s,
         if (ret >= 0 && io->addr_defined)
         {
             /* TODO(jjo): streamline this mess */
-            /* in this func we dont have relevant info about the PF_ of this
+            /* in this func we don't have relevant info about the PF_ of this
              * endpoint, as link_socket_actual will be zero for the 1st received packet
              *
              * Test for inets PF_ possible sizes
diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h
index 17801418..e95547d1 100644
--- a/src/openvpn/socket.h
+++ b/src/openvpn/socket.h
@@ -99,7 +99,7 @@  struct link_socket_actual
#endif
};

-/* IP addresses which are persistant across SIGUSR1s */
+/* IP addresses which are persistent across SIGUSR1s */
struct link_socket_addr
{
     struct addrinfo *bind_local;
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index e9927eb8..4c81ae72 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2308,7 +2308,7 @@  push_peer_info(struct buffer *buf, struct tls_session *session)
         /* support for P_DATA_V2 */
         buf_printf(&out, "IV_PROTO=2\n");

-        /* support for Negotiable Crypto Paramters */
+        /* support for Negotiable Crypto Parameters */
         if (session->opt->ncp_enabled
             && (session->opt->mode == MODE_SERVER || session->opt->pull))
         {
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 196f7c1a..48a8fdf7 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -958,7 +958,7 @@  do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu,

 #if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \
     || defined(TARGET_DARWIN)
-    /* and, hooray, we explicitely need to add a route... */
+    /* and, hooray, we explicitly need to add a route... */
     add_route_connected_v6_net(tt, es);
#endif
#elif defined(TARGET_AIX)
@@ -1894,7 +1894,7 @@  open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun
     ASSERT(0);
}

-#endif /* !PENDANTIC */
+#endif /* !PEDANTIC */

 #ifdef ENABLE_FEATURE_TUN_PERSIST

@@ -2510,7 +2510,7 @@  open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun

 /* the current way OpenVPN handles tun devices on NetBSD leads to
  * lingering tunX interfaces after close -> for a full cleanup, they
- * need to be explicitely destroyed
+ * need to be explicitly destroyed
  */
void
close_tun(struct tuntap *tt)
@@ -2937,7 +2937,7 @@  open_darwin_utun(const char *dev, const char *dev_type, const char *dev_node, st
         {
             fd = utun_open_helper(ctlInfo, utunnum);
             /* Break if the fd is valid,
-             * or if early initalization failed (-2) */
+             * or if early initialization failed (-2) */
             if (fd !=-1)
             {
                 break;
diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c
index be526945..463ac072 100644
--- a/src/openvpn/win32.c
+++ b/src/openvpn/win32.c
@@ -22,7 +22,7 @@ 
  */

 /*
- * Win32-specific OpenVPN code, targetted at the mingw
+ * Win32-specific OpenVPN code, targeted at the mingw
  * development environment.
  */

diff --git a/src/openvpn/win32.h b/src/openvpn/win32.h
index 4b4524f1..4814bbc5 100644
--- a/src/openvpn/win32.h
+++ b/src/openvpn/win32.h
@@ -37,7 +37,7 @@ 
#define WIN_NET_PATH_SUFFIX "\\system32\\net.exe"

 /*
- * Win32-specific OpenVPN code, targetted at the mingw
+ * Win32-specific OpenVPN code, targeted at the mingw
  * development environment.
  */

diff --git a/src/openvpnmsica/msica_op.h b/src/openvpnmsica/msica_op.h
index 910a6e51..7ce80519 100644
--- a/src/openvpnmsica/msica_op.h
+++ b/src/openvpnmsica/msica_op.h
@@ -390,7 +390,7 @@  struct msica_session
/**
  * Initializes execution session
  *
- * @param session       Pointer to an unitialized execution session
+ * @param session       Pointer to an uninitialized execution session
  *
  * @param hInstall      Installer handle
  *
diff --git a/src/plugins/auth-pam/README.auth-pam b/src/plugins/auth-pam/README.auth-pam
index 90815654..4d3d4ecc 100644
--- a/src/plugins/auth-pam/README.auth-pam
+++ b/src/plugins/auth-pam/README.auth-pam
@@ -7,7 +7,7 @@  authentication via PAM, and essentially allows any authentication
method supported by PAM (such as LDAP, RADIUS, or Linux Shadow
passwords) to be used with OpenVPN.  While PAM supports
username/password authentication, this can be combined with X509
-certificates to provide two indepedent levels of authentication.
+certificates to provide two independent levels of authentication.

 This module uses a split privilege execution model which will
function even if you drop openvpn daemon privileges using the user,
@@ -65,7 +65,7 @@  the operation of this plugin:
   static-challenge

 Use of --static challenege is required to pass a pin (represented by "OTP" in
-parameter substituion) or a second password.
+parameter substitution) or a second password.

 Run OpenVPN with --verb 7 or higher to get debugging output from
this plugin, including the list of queries presented by the
diff --git a/src/plugins/auth-pam/utils.h b/src/plugins/auth-pam/utils.h
index 90fff668..c876dcc4 100644
--- a/src/plugins/auth-pam/utils.h
+++ b/src/plugins/auth-pam/utils.h
@@ -25,7 +25,7 @@ 
#define _PLUGIN_AUTH_PAM_UTILS__H

 /**
- *  Read 'tosearch', replace all occurences of 'searchfor' with 'replacewith' and return
+ *  Read 'tosearch', replace all occurrences of 'searchfor' with 'replacewith' and return
  *  a pointer to the NEW string.  Does not modify the input strings.  Will not enter an
  *  infinite loop with clever 'searchfor' and 'replacewith' strings.
  *
@@ -35,7 +35,7 @@ 
  *  @param searchfor     needle to search for in the haystack
  *  @param replacewith   when a match is found, replace needle with this string
  *
- *  @return Retuns NULL when any parameter is NULL or the worst-case result is to large ( >= SIZE_MAX).
+ *  @return Returns NULL when any parameter is NULL or the worst-case result is to large ( >= SIZE_MAX).
  *          Otherwise it returns a pointer to a new buffer containing the modified input
  */
char *
@@ -48,7 +48,7 @@  searchandreplace(const char *tosearch, const char *searchfor, const char *replac
  * @param name  Environment variable to look up
  * @param envp  Environment variable table with all key/value pairs
  *
- * @return Returns a pointer to the value of the enviroment variable if found, otherwise NULL is returned.
+ * @return Returns a pointer to the value of the environment variable if found, otherwise NULL is returned.
  */
const char *
get_env(const char *name, const char *envp[]);
diff --git a/src/tapctl/tap.c b/src/tapctl/tap.c
index ed3c6e0b..db724e03 100644
--- a/src/tapctl/tap.c
+++ b/src/tapctl/tap.c
@@ -322,7 +322,7 @@  get_net_interface_guid(
  *                       property that is being retrieved. This is one of the standard
  *                       registry data types. This parameter is optional and can be NULL.
  *
- * @param ppData         A pointer to pointer to data that receives the device propery. The
+ * @param ppData         A pointer to pointer to data that receives the device property. The
  *                       data must be released with free() after use.
  *
  * @return ERROR_SUCCESS on success; Win32 error code otherwise
diff --git a/tests/t_client.sh.in b/tests/t_client.sh.in
index b92cb65d..69866fb5 100755
--- a/tests/t_client.sh.in
+++ b/tests/t_client.sh.in
@@ -417,7 +417,7 @@  done

 if [ -z "$SUMMARY_OK" ] ; then SUMMARY_OK=" none"; fi
if [ -z "$SUMMARY_FAIL" ] ; then SUMMARY_FAIL=" none"; fi
-echo "Test sets succeded:$SUMMARY_OK."
+echo "Test sets succeeded:$SUMMARY_OK."
echo "Test sets failed:$SUMMARY_FAIL."

 # remove trap handler
diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c
index 17f7d899..b9e3a7a6 100644
--- a/tests/unit_tests/openvpn/test_tls_crypt.c
+++ b/tests/unit_tests/openvpn/test_tls_crypt.c
@@ -328,7 +328,7 @@  test_tls_crypt_v2_setup(void **state) {

     ctx->gc = gc_new();

-    /* Sligthly longer buffers to be able to test too-long data */
+    /* Slightly longer buffers to be able to test too-long data */
     ctx->metadata = alloc_buf_gc(TLS_CRYPT_V2_MAX_METADATA_LEN+16, &ctx->gc);
     ctx->unwrapped_metadata = alloc_buf_gc(TLS_CRYPT_V2_MAX_METADATA_LEN+16,
                                            &ctx->gc);