A little spell checking.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11644)
If a certificate is specified on the command line using the B<-cert>
option it will not be used unless the server specifically requests
-a client certificate. Therefor merely including a client certificate
+a client certificate. Therefore merely including a client certificate
on the command line is no guarantee that the certificate works.
If there are problems verifying a server certificate then the
If a certificate is specified on the command line using the B<-cert>
option it will not be used unless the server specifically requests
-a client certificate. Therefor merely including a client certificate
+a client certificate. Therefore merely including a client certificate
on the command line is no guarantee that the certificate works.
=head1 BUGS
Escapes some characters by surrounding the entire string with quotation
marks, C<">.
-Without this option, individual special characters are preceeded with
+Without this option, individual special characters are preceded with
a backslash character, C<\>.
=item B<utf8>
=item On the client, during or after the handshake and a TLSv1.2 (or below)
resumption occurred
-If the session from the orignal handshake had a servername accepted by the
+If the session from the original handshake had a servername accepted by the
server then it will return that servername.
Otherwise it returns the servername set via SSL_set_tlsext_host_name() or NULL
Prior to 1.1.1e, when the client requested a servername in an initial TLSv1.2
handshake, the server accepted it, and then the client successfully resumed but
-set a different explict servername in the second handshake then when called by
+set a different explicit servername in the second handshake then when called by
the client it returned the servername from the second handshake. This has now
been changed to return the servername requested in the original handshake.
Also prior to 1.1.1e, if the client sent a servername in the first handshake but
-the server did not accept it, and then a second handshake occured where TLSv1.2
+the server did not accept it, and then a second handshake occurred where TLSv1.2
resumption was successful then when called by the server it returned the
servername requested in the original handshake. This has now been changed to
NULL.
Invalid non-CA certificate has CA markings.
-=item B<X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: proxy path length contraint exceeded>
+=item B<X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: proxy path length constraint exceeded>
Proxy path length constraint exceeded.
Proxy certificates not allowed unless the B<-allow_proxy_certs> option is used.
-=item B<X509_V_ERR_UNNESTED_RESOURCE: RFC 3779 resource not subset of parent's resrouces>
+=item B<X509_V_ERR_UNNESTED_RESOURCE: RFC 3779 resource not subset of parent's resources>
See RFC 3779 for details.
The issuer certificate does not have a public key.
-=item B<X509_V_ERROR_SIGNATURE_ALGORITHM_MISMATCH, Subject signature algorithm and issuer public key algoritm mismatch>
+=item B<X509_V_ERROR_SIGNATURE_ALGORITHM_MISMATCH, Subject signature algorithm and issuer public key algorithm mismatch>
The issuer's public key is not of the type required by the signature in
the subject's certificate.
respectively, in ASN.1 format using HTTP from the given B<url>.
If B<bio> is given and B<rbio> is NULL then this BIO is used instead of an
-interal one for connecting, writing the request, and reading the response.
+internal one for connecting, writing the request, and reading the response.
If both B<bio> and B<rbio> are given (which may be memory BIOs, for instance)
then no explicit connection is attempted,
B<bio> is used for writing the request, and B<rbio> for reading the response.
X509_http_nbio() and X509_CRL_http_nbio() are macros for backward compatibility
that have the same effect as the functions above but with infinite timeout
-and without the possiblity to specify custom BIOs.
+and without the possibility to specify custom BIOs.
=head1 RETURN VALUES
=head1 DESCRIPTION
These functions convert OpenSSL objects to and from their ASN.1/string
-representation. This function is used for B<X509v3> extentions.
+representation. This function is used for B<X509v3> extensions.
=head1 NOTES
OP_signature_digest_sign_update() provides data to be signed in the I<data>
parameter which should be of length I<datalen>. A previously initialised
signature context is passed in the I<ctx> parameter. This function may be called
-multiple times to cummulatively add data to be signed.
+multiple times to cumulatively add data to be signed.
OP_signature_digest_sign_final() finalises a signature operation previously
started through OP_signature_digest_sign_init() and
OP_signature_digest_verify_update() provides data to be verified in the I<data>
parameter which should be of length I<datalen>. A previously initialised
verification context is passed in the I<ctx> parameter. This function may be
-called multiple times to cummulatively add data to be verified.
+called multiple times to cumulatively add data to be verified.
OP_signature_digest_verify_final() finalises a verification operation previously
started through OP_signature_digest_verify_init() and
Setting the value to 0 causes the sign operation to retry,
otherwise the sign operation is only tried once and returns whether or not it
was successful.
-Known answer tests can be performed if the random generator is overriden to
+Known answer tests can be performed if the random generator is overridden to
supply known values that either pass or fail.
=back