diff options
| -rw-r--r-- | PROTOCOL.certkeys | 4 | ||||
| -rw-r--r-- | PROTOCOL.chacha20poly1305 | 4 | ||||
| -rw-r--r-- | PROTOCOL.krl | 4 | ||||
| -rw-r--r-- | auth.h | 4 | ||||
| -rw-r--r-- | authfd.c | 4 | ||||
| -rw-r--r-- | channels.c | 8 | ||||
| -rw-r--r-- | clientloop.c | 4 | ||||
| -rw-r--r-- | kexdhs.c | 4 | ||||
| -rw-r--r-- | kexgexs.c | 4 | ||||
| -rw-r--r-- | scp.c | 4 | ||||
| -rw-r--r-- | servconf.c | 6 | ||||
| -rw-r--r-- | sftp.c | 4 | ||||
| -rw-r--r-- | ssh-agent.c | 4 | ||||
| -rw-r--r-- | ssh.c | 4 | ||||
| -rw-r--r-- | ssh_api.h | 4 | ||||
| -rw-r--r-- | ssh_config.5 | 6 | ||||
| -rw-r--r-- | sshbuf.h | 4 | ||||
| -rw-r--r-- | sshconnect.c | 4 | ||||
| -rw-r--r-- | sshd.c | 4 | ||||
| -rw-r--r-- | sshkey-xmss.c | 6 | ||||
| -rw-r--r-- | umac.c | 14 | ||||
| -rw-r--r-- | xmss_wots.c | 4 |
22 files changed, 54 insertions, 54 deletions
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys index 64cb1870..65f11f53 100644 --- a/PROTOCOL.certkeys +++ b/PROTOCOL.certkeys @@ -174,7 +174,7 @@ certificate. Each represents a time in seconds since 1970-01-01 valid after <= current time < valid before -criticial options is a set of zero or more key options encoded as +critical options is a set of zero or more key options encoded as below. All such options are "critical" in the sense that an implementation must refuse to authorise a key that has an unrecognised option. @@ -291,4 +291,4 @@ permit-user-rc empty Flag indicating that execution of of this script will not be permitted if this option is not present. -$OpenBSD: PROTOCOL.certkeys,v 1.13 2017/11/03 02:32:19 djm Exp $ +$OpenBSD: PROTOCOL.certkeys,v 1.14 2018/04/10 00:10:49 djm Exp $ diff --git a/PROTOCOL.chacha20poly1305 b/PROTOCOL.chacha20poly1305 index 4857d385..9ce2a1e3 100644 --- a/PROTOCOL.chacha20poly1305 +++ b/PROTOCOL.chacha20poly1305 @@ -16,7 +16,7 @@ that computes a 128 bit integrity tag given a message and a single-use The chacha20-poly1305@openssh.com combines these two primitives into an authenticated encryption mode. The construction used is based on that proposed for TLS by Adam Langley in [3], but differs in the layout of -data passed to the MAC and in the addition of encyption of the packet +data passed to the MAC and in the addition of encryption of the packet lengths. Negotiation @@ -103,5 +103,5 @@ References [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 -$OpenBSD: PROTOCOL.chacha20poly1305,v 1.3 2016/05/03 13:10:24 djm Exp $ +$OpenBSD: PROTOCOL.chacha20poly1305,v 1.4 2018/04/10 00:10:49 djm Exp $ diff --git a/PROTOCOL.krl b/PROTOCOL.krl index b9695107..f319bad2 100644 --- a/PROTOCOL.krl +++ b/PROTOCOL.krl @@ -145,7 +145,7 @@ This section may appear multiple times. 5. KRL signature sections The KRL_SECTION_SIGNATURE section serves a different purpose to the -preceeding ones: to provide cryptographic authentication of a KRL that +preceding ones: to provide cryptographic authentication of a KRL that is retrieved over a channel that does not provide integrity protection. Its format is slightly different to the previously-described sections: in order to simplify the signature generation, it includes as a "body" @@ -166,4 +166,4 @@ Implementations that retrieve KRLs over untrusted channels must verify signatures. Signature sections are optional for KRLs distributed by trusted means. -$OpenBSD: PROTOCOL.krl,v 1.3 2015/01/30 01:10:33 djm Exp $ +$OpenBSD: PROTOCOL.krl,v 1.4 2018/04/10 00:10:49 djm Exp $ @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.95 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: auth.h,v 1.96 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -89,7 +89,7 @@ struct Authctxt { struct sshkey **prev_keys; u_int nprev_keys; - /* Last used key and ancilliary information from active auth method */ + /* Last used key and ancillary information from active auth method */ struct sshkey *auth_method_key; char *auth_method_info; @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.108 2018/02/23 15:58:37 markus Exp $ */ +/* $OpenBSD: authfd.c,v 1.109 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -323,7 +323,7 @@ ssh_free_identitylist(struct ssh_identitylist *idl) */ -/* encode signature algoritm in flag bits, so we can keep the msg format */ +/* encode signature algorithm in flag bits, so we can keep the msg format */ static u_int agent_encode_alg(const struct sshkey *key, const char *alg) { @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.379 2018/02/05 05:36:49 tb Exp $ */ +/* $OpenBSD: channels.c,v 1.380 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2599,7 +2599,7 @@ channel_output_poll(struct ssh *ssh) * SSH_CHANNEL_MUX_PROXY channel and replace the mux clients ID * with the newly allocated channel ID. * 2) Upstream messages are received by matching SSH_CHANNEL_MUX_PROXY - * channels and procesed by channel_proxy_upstream(). The local channel ID + * channels and processed by channel_proxy_upstream(). The local channel ID * is then translated back to the original mux client ID. * 3) In both cases we need to keep track of matching SSH2_MSG_CHANNEL_CLOSE * messages so we can clean up SSH_CHANNEL_MUX_PROXY channels. @@ -2610,7 +2610,7 @@ channel_output_poll(struct ssh *ssh) * channel. E.g. client_request_forwarded_tcpip() needs to figure * out whether the request is addressed to the local client or a * specific downstream client based on the listen-address/port. - * 6) Agent and X11-Forwarding have a similar problem and are currenly + * 6) Agent and X11-Forwarding have a similar problem and are currently * not supported as the matching session/channel cannot be identified * easily. */ @@ -2787,7 +2787,7 @@ channel_proxy_upstream(Channel *c, int type, u_int32_t seq, struct ssh *ssh) /* * When receiving packets from the peer we need to check whether we * need to forward the packets to the mux client. In this case we - * restore the orignal channel id and keep track of CLOSE messages, + * restore the original channel id and keep track of CLOSE messages, * so we can cleanup the channel. */ if (c == NULL || c->type != SSH_CHANNEL_MUX_PROXY) diff --git a/clientloop.c b/clientloop.c index 7bcf22e3..4801f4a7 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.311 2018/02/11 21:16:56 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.312 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -664,7 +664,7 @@ client_status_confirm(struct ssh *ssh, int type, Channel *c, void *ctx) options.request_tty == REQUEST_TTY_YES)) cr->action = CONFIRM_CLOSE; - /* XXX supress on mux _client_ quietmode */ + /* XXX suppress on mux _client_ quietmode */ tochan = options.log_level >= SYSLOG_LEVEL_ERROR && c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE; @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.26 2018/02/07 02:06:51 jsing Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.27 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -194,7 +194,7 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh) /* destroy_sensitive_data(); */ - /* send server hostkey, DH pubkey 'f' and singed H */ + /* send server hostkey, DH pubkey 'f' and signed H */ if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 || (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.32 2018/02/07 02:06:51 jsing Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.33 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -224,7 +224,7 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh) /* destroy_sensitive_data(); */ - /* send server hostkey, DH pubkey 'f' and singed H */ + /* send server hostkey, DH pubkey 'f' and signed H */ if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 || (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 || (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 || /* f */ @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.196 2018/04/10 00:10:49 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -311,7 +311,7 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) } /* - * This functions executes a command simlar to do_cmd(), but expects the + * This function executes a command similar to do_cmd(), but expects the * input and output descriptors to be setup by a previous call to do_cmd(). * This way the input and output of two commands can be connected. */ @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.327 2018/04/04 15:12:17 job Exp $ */ +/* $OpenBSD: servconf.c,v 1.328 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1951,7 +1951,7 @@ process_server_config_line(ServerOptions *options, char *line, case sAuthenticationMethods: if (options->num_auth_methods == 0) { value = 0; /* seen "any" pseudo-method */ - value2 = 0; /* sucessfully parsed any method */ + value2 = 0; /* successfully parsed any method */ while ((arg = strdelim(&cp)) && *arg != '\0') { if (strcmp(arg, "any") == 0) { if (options->num_auth_methods > 0) { @@ -2135,7 +2135,7 @@ int parse_server_match_testspec(struct connection_info *ci, char *spec) * * If the preauth flag is set, we do not bother copying the string or * array values that are not used pre-authentication, because any that we - * do use must be explictly sent in mm_getpwnamallow(). + * do use must be explicitly sent in mm_getpwnamallow(). */ void copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.182 2017/11/03 03:46:52 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.183 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * @@ -1844,7 +1844,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote, return 0; } - /* Complete ambigious command */ + /* Complete ambiguous command */ tmp = complete_ambiguous(cmd, list, count); if (count > 1) complete_display(list, 0); diff --git a/ssh-agent.c b/ssh-agent.c index 68de56ce..cd028913 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.229 2018/04/09 23:54:49 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.230 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -709,7 +709,7 @@ process_message(u_int socknum) debug("%s: socket %u (fd=%d) type %d", __func__, socknum, e->fd, type); - /* check wheter agent is locked */ + /* check whether agent is locked */ if (locked && type != SSH_AGENTC_UNLOCK) { sshbuf_reset(e->request); switch (type) { @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.475 2018/02/23 15:58:38 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.476 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1485,7 +1485,7 @@ main(int ac, char **av) /* load options.identity_files */ load_public_identity_files(pw); - /* optionally set the SSH_AUTHSOCKET_ENV_NAME varibale */ + /* optionally set the SSH_AUTHSOCKET_ENV_NAME variable */ if (options.identity_agent && strcmp(options.identity_agent, SSH_AUTHSOCKET_ENV_NAME) != 0) { if (strcmp(options.identity_agent, "none") == 0) { @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.h,v 1.1 2015/01/19 20:30:23 markus Exp $ */ +/* $OpenBSD: ssh_api.h,v 1.2 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -81,7 +81,7 @@ int ssh_set_verify_host_key_callback(struct ssh *ssh, * ssh_packet_next() sets typep if there is no new packet available. * in this case the caller must fill the input byte-stream by passing * the data received over network to ssh_input_append(). - * additinally, the caller needs to send the resulting output + * additionally, the caller needs to send the resulting output * byte-stream back over the network. otherwise the key exchange * would not proceed. the output byte-stream is accessed through * ssh_output_ptr(). diff --git a/ssh_config.5 b/ssh_config.5 index 1ca0862b..bcd18a87 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.272 2018/04/07 13:50:10 jmc Exp $ -.Dd $Mdocdate: April 7 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.273 2018/04/10 00:10:49 djm Exp $ +.Dd $Mdocdate: April 10 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1308,7 +1308,7 @@ section. .It Cm RemoteForward Specifies that a TCP port on the remote machine be forwarded over the secure channel. -The remote port may either be fowarded to a specified host and port +The remote port may either be forwarded to a specified host and port from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote client to connect to arbitrary destinations from the local machine. The first argument must be @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.9 2017/09/12 06:32:07 djm Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.10 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -53,7 +53,7 @@ struct sshbuf { #ifndef SSHBUF_NO_DEPREACTED /* * NB. Please do not use sshbuf_init() in new code. Please use sshbuf_new() - * instead. sshbuf_init() is deprectated and will go away soon (it is + * instead. sshbuf_init() is deprecated and will go away soon (it is * only included to allow compat with buffer_* in OpenSSH) */ void sshbuf_init(struct sshbuf *buf); diff --git a/sshconnect.c b/sshconnect.c index 3805d35d..32f9c8b3 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.297 2018/02/23 15:58:38 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.298 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -277,7 +277,7 @@ ssh_kill_proxy_command(void) #ifdef HAVE_IFADDRS_H /* * Search a interface address list (returned from getifaddrs(3)) for an - * address that matches the desired address family on the specifed interface. + * address that matches the desired address family on the specified interface. * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. */ static int @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.506 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.507 2018/04/10 00:10:49 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1336,7 +1336,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) * return an error if any are found). Basically we are worried about * source routing; it can be used to pretend you are somebody * (ip-address) you are not. That itself may be "almost acceptable" - * under certain circumstances, but rhosts autentication is useless + * under certain circumstances, but rhosts authentication is useless * if source routing is accepted. Notice also that if we just dropped * source routing here, the other side could use IP spoofing to do * rest of the interaction and could still bypass security. So we diff --git a/sshkey-xmss.c b/sshkey-xmss.c index 5d66ee79..2c50f75f 100644 --- a/sshkey-xmss.c +++ b/sshkey-xmss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $ */ +/* $OpenBSD: sshkey-xmss.c,v 1.2 2018/04/10 00:10:49 djm Exp $ */ /* * Copyright (c) 2017 Markus Friedl. All rights reserved. * @@ -66,7 +66,7 @@ struct ssh_xmss_state { treehash_inst *treehash; u_int32_t idx; /* state read from file */ - u_int32_t maxidx; /* resticted # of signatures */ + u_int32_t maxidx; /* restricted # of signatures */ int have_state; /* .state file exists */ int lockfd; /* locked in sshkey_xmss_get_state() */ int allow_update; /* allow sshkey_xmss_update_state() */ @@ -583,7 +583,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) } idx = PEEK_U32(k->xmss_sk); if (idx == state->idx) { - /* no signature happend, no need to update */ + /* no signature happened, no need to update */ ret = 0; goto done; } else if (idx != state->idx + 1) { @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.16 2017/12/12 15:06:12 naddy Exp $ */ +/* $OpenBSD: umac.c,v 1.17 2018/04/10 00:10:49 djm Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -65,7 +65,7 @@ /* #define AES_IMPLEMENTAION 1 1 = OpenSSL, 2 = Barreto, 3 = Gladman */ /* #define SSE2 0 Is SSE2 is available? */ /* #define RUN_TESTS 0 Run basic correctness/speed tests */ -/* #define UMAC_AE_SUPPORT 0 Enable auhthenticated encrytion */ +/* #define UMAC_AE_SUPPORT 0 Enable authenticated encryption */ /* ---------------------------------------------------------------------- */ /* -- Global Includes --------------------------------------------------- */ @@ -295,9 +295,9 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) * Before beginning another hash calculation the nh_reset() routine * must be called. The single-buffer routine, nh(), is equivalent to * the sequence of calls nh_update() and nh_final(); however it is - * optimized and should be prefered whenever the multiple-buffer interface + * optimized and should be preferred whenever the multiple-buffer interface * is not necessary. When using either interface, it is the client's - * responsability to pass no more than L1_KEY_LEN bytes per hash result. + * responsibility to pass no more than L1_KEY_LEN bytes per hash result. * * The routine nh_init() initializes the nh_ctx data structure and * must be called once, before any other PDF routine. @@ -319,8 +319,8 @@ static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) typedef struct { UINT8 nh_key [L1_KEY_LEN + L1_KEY_SHIFT * (STREAMS - 1)]; /* NH Key */ UINT8 data [HASH_BUF_BYTES]; /* Incoming data buffer */ - int next_data_empty; /* Bookeeping variable for data buffer. */ - int bytes_hashed; /* Bytes (out of L1_KEY_LEN) incorperated. */ + int next_data_empty; /* Bookkeeping variable for data buffer. */ + int bytes_hashed; /* Bytes (out of L1_KEY_LEN) incorporated. */ UINT64 state[STREAMS]; /* on-line state */ } nh_ctx; @@ -851,7 +851,7 @@ static void poly_hash(uhash_ctx_t hc, UINT32 data_in[]) /* The final step in UHASH is an inner-product hash. The poly hash - * produces a result not neccesarily WORD_LEN bytes long. The inner- + * produces a result not necessarily WORD_LEN bytes long. The inner- * product hash breaks the polyhash output into 16-bit chunks and * multiplies each with a 36 bit key. */ diff --git a/xmss_wots.c b/xmss_wots.c index b4702ed8..ed904cd7 100644 --- a/xmss_wots.c +++ b/xmss_wots.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmss_wots.c,v 1.2 2018/02/26 03:56:44 dtucker Exp $ */ +/* $OpenBSD: xmss_wots.c,v 1.3 2018/04/10 00:10:49 djm Exp $ */ /* wots.c version 20160722 Andreas Hülsing @@ -65,7 +65,7 @@ static void expand_seed(unsigned char *outseeds, const unsigned char *inseed, co * Computes the chaining function. * out and in have to be n-byte arrays * - * interpretes in as start-th value of the chain + * interprets in as start-th value of the chain * addr has to contain the address of the chain */ static void gen_chain(unsigned char *out, const unsigned char *in, unsigned int start, unsigned int steps, const wots_params *params, const unsigned char *pub_seed, uint32_t addr[8]) |