Fix some typos.

appl/ftp/ftp/cmds.c

@@ -192,7 +192,7 @@ setpeer(int argc, char **argv)
 			if (overbose &&
 			    !strncmp(reply_string, "215 TOPS20", 10))
 				printf(
-"Remember to set tenex mode when transfering binary files from this machine.\n");
+"Remember to set tenex mode when transferring binary files from this machine.\n");
 		}
 		verbose = overbose;
 #endif /* unix */

appl/ftp/ftp/ftp.1

@@ -206,7 +206,7 @@ current remote machine working directory.
 Change the permission modes of the file
 .Ar file-name
 on the remote
-sytem to
+system to
 .Ar mode  .
 .It Ic close
 Terminate the

appl/login/login.access.5

@@ -31,7 +31,7 @@ or
 .It
 The second field is a comma separated list of users or groups for
 which the current entry applies. NIS netgroups can used (if
-configured) if preceeded by @. The magic string ALL matches all users.
+configured) if preceded by @. The magic string ALL matches all users.
 A group will match if the user is a member of that group, or it is the
 user's primary group.
 .It

appl/otp/otp.c

@@ -350,7 +350,7 @@ main (int argc, char **argv)
 	    errx (1, "Only root can set an initial OTP");
 	} else { /* Check the next OTP (RFC 1938/8.0: SHOULD) */
 	    if (verify_user_otp(user) != 0) {
-		errx (1, "User authentification failed");
+		errx (1, "User authentication failed");
 	    }
 	}
     }

appl/su/su.c

@@ -458,7 +458,7 @@ main(int argc, char **argv)
 	    for (j = 0; j < i; j++) {
 		char *p = strchr(newenv[j], '=');
 		if (p == NULL)
-		    errx(1, "enviroment '%s' missing '='", newenv[j]);
+		    errx(1, "environment '%s' missing '='", newenv[j]);
 		*p++ = 0;
 		esetenv (newenv[j], p, 1);
 	    }

doc/setup.texi

@@ -108,7 +108,7 @@ SRV-record for your realm, or your Kerberos server has DNS CNAME
 
 @cindex KRB5_CONFIG
 If you want to use a different configuration file then the default you
-can point a file with the enviroment variable @samp{KRB5_CONFIG}.
+can point a file with the environment variable @samp{KRB5_CONFIG}.
 
 @example
 env KRB5_CONFIG=$HOME/etc/krb5.conf kinit user@@REALM
@@ -1295,21 +1295,21 @@ the mapping in the principals entry in the kerberos database.
 
 This and following subsection documents the requirements on the KDC
 and client certificates and the format used in the id-pkinit-san
-OtherName extention.
+OtherName extension.
 
 On how to create certificates, you should read @ref{Use OpenSSL to
 create certificates}.
 
 @subsection KDC certificate
 
-The certificate for the KDC has serveral requirements.
+The certificate for the KDC has several requirements.
 
 First, the certificate should have an Extended Key Usage (EKU)
 id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second, there must be a
 subjectAltName otherName using OID id-pkinit-san (1.3.6.1.5.2.2) in
 the type field and a DER encoded KRB5PrincipalName that matches the
 name of the TGS of the target realm.  Also, if the certificate has a
-nameConstraints extention with a Generalname with dNSName or iPAdress,
+nameConstraints extension with a Generalname with dNSName or iPAdress,
 it must match the hostname or adress of the KDC.
 
 The client is not required by the standard to check the server
@@ -1343,7 +1343,7 @@ This behavior is controlled by KDC configuration option:
 
 @subsubsection Using KRB5PrincipalName in id-pkinit-san
 
-The OtherName extention in the GeneralName is used to do the mapping
+The OtherName extension in the GeneralName is used to do the mapping
 between certificate and principal.  For the KDC certificate, this
 stores the krbtgt principal name for that KDC.  For the client
 certificate, this stores the principal for which that certificate is

kcm/kcm.8

@@ -95,7 +95,7 @@
 is a process based credential cache.
 To use it, set the
 .Ev KRB5CCNAME
-enviroment variable to
+environment variable to
 .Ql KCM: Ns Ar uid
 or add the stanza
 .Bd -literal

lib/gssapi/gss_acquire_cred.3

@@ -554,7 +554,7 @@ the default syntax is used for all mechanism the GSS-API
 implementation supports.
 When compare the imported name of
 .Dv GSS_C_NO_OID
-it may match serveral mechanism names (MN).
+it may match several mechanism names (MN).
 .Pp
 The resulting name from
 .Fn gss_display_name
@@ -584,7 +584,7 @@ Information is available even after the context have expired.
 .Fa lifetime_rec
 argument is set to
 .Dv GSS_C_INDEFINITE
-(dont expire) or the number of seconds that the context is still valid.
+(don't expire) or the number of seconds that the context is still valid.
 A value of 0 means that the context is expired.
 .Fa mech_type
 argument should be considered readonly and must not be released.

lib/gssapi/test_context.c

@@ -546,7 +546,7 @@ main(int argc, char **argv)
     else if (strcmp(type_string, "krb5-principal-name") == 0)
 	nameoid = GSS_KRB5_NT_PRINCIPAL_NAME;
     else
-	errx(1, "%s not suppported", type_string);
+	errx(1, "%s not supported", type_string);
 
     if (mech_string == NULL)
 	mechoid = GSS_KRB5_MECHANISM;

lib/hcrypto/test_crypto.in

@@ -92,7 +92,7 @@ done
 
 #
 # Last time we run is w/o HOME and RANDFILE to make sure we can do
-# RAND_file_name() when the enviroment is lacking those.
+# RAND_file_name() when the environment is lacking those.
 #
 
 if [ -r /dev/random -o -r /dev/urandom -o -r /dev/srandom -o -r /dev/arandom ] ; then

lib/hdb/ext.c

@@ -101,7 +101,7 @@ hdb_replace_extension(krb5_context context,
 	ext2 = hdb_find_extension(entry, ext->data.element);
     } else {
 	/*
-	 * This is an unknown extention, and we are asked to replace a
+	 * This is an unknown extension, and we are asked to replace a
 	 * possible entry in `entry' that is of the same type. This
 	 * might seem impossible, but ASN.1 CHOICE comes to our
 	 * rescue. The first tag in each branch in the CHOICE is
@@ -120,7 +120,7 @@ hdb_replace_extension(krb5_context context,
 			  &size);
 	if (ret) {
 	    krb5_set_error_message(context, ret, "hdb: failed to decode "
-				   "replacement hdb extention");
+				   "replacement hdb extension");
 	    return ret;
 	}
 
@@ -136,7 +136,7 @@ hdb_replace_extension(krb5_context context,
 			      &size);
 	    if (ret) {
 		krb5_set_error_message(context, ret, "hdb: failed to decode "
-				       "present hdb extention");
+				       "present hdb extension");
 		return ret;
 	    }
 
@@ -153,7 +153,7 @@ hdb_replace_extension(krb5_context context,
 	ret = copy_HDB_extension(ext, ext2);
 	if (ret)
 	    krb5_set_error_message(context, ret, "hdb: failed to copy replacement "
-				   "hdb extention");
+				   "hdb extension");
 	return ret;
     }
 

lib/hx509/ca.c

@@ -892,7 +892,7 @@ hx509_ca_tbs_set_unique(hx509_context context,
  *
  * @param context A hx509 context.
  * @param tbs object to be signed.
- * @param env enviroment variable to expand variables in the subject
+ * @param env environment variable to expand variables in the subject
  * name, see hx509_env_init().
  *
  * @return An hx509 error code, see hx509_get_error_string().

lib/hx509/data/openssl.cnf

@@ -82,7 +82,7 @@ certs		= .
 
 [req]
 distinguished_name	= req_distinguished_name
-x509_extensions		= v3_ca	# The extentions to add to the self signed cert
+x509_extensions		= v3_ca	# The extensions to add to the self signed cert
 
 string_mask = utf8only
 

lib/hx509/doxygen.c

@@ -82,4 +82,4 @@
  * See the @ref page_ca for description and examples. */
 /** @defgroup hx509_peer hx509 certificate selecting functions */
 /** @defgroup hx509_print hx509 printing functions */
-/** @defgroup hx509_env hx509 enviroment functions */
+/** @defgroup hx509_env hx509 environment functions */

lib/hx509/env.c

@@ -34,7 +34,7 @@
 #include "hx_locl.h"
 
 /**
- * @page page_env Hx509 enviroment functions
+ * @page page_env Hx509 environment functions
  *
  * See the library functions here: @ref hx509_env
  */
@@ -43,7 +43,7 @@
  * Add a new key/value pair to the hx509_env.
  *
  * @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
  * @param key key to add
  * @param value value to add
  *
@@ -94,7 +94,7 @@ hx509_env_add(hx509_context context, hx509_env *env,
  * Add a new key/binding pair to the hx509_env.
  *
  * @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
  * @param key key to add
  * @param list binding list to add
  *
@@ -141,7 +141,7 @@ hx509_env_add_binding(hx509_context context, hx509_env *env,
  * Search the hx509_env for a length based key.
  *
  * @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
  * @param key key to search for.
  * @param len length of key.
  *
@@ -167,7 +167,7 @@ hx509_env_lfind(hx509_context context, hx509_env env,
  * Search the hx509_env for a key.
  *
  * @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
  * @param key key to search for.
  *
  * @return the value if the key is found, NULL otherwise.
@@ -190,7 +190,7 @@ hx509_env_find(hx509_context context, hx509_env env, const char *key)
  * Search the hx509_env for a binding.
  *
  * @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
  * @param key key to search for.
  *
  * @return the binding if the key is found, NULL if not found.
@@ -229,9 +229,9 @@ env_free(hx509_env b)
 }
 
 /**
- * Free an hx509_env enviroment context.
+ * Free an hx509_env environment context.
  *
- * @param env the enviroment to free.
+ * @param env the environment to free.
  *
  * @ingroup hx509_env
  */

lib/hx509/hxtool-commands.in

@@ -107,7 +107,7 @@ command = {
 	option = {
 		long = "embedded-certs"
 		type = "-flag"
-		help = "dont embedded certficiates"
+		help = "don't embed certificates"
 	}
 	option = {
 		long = "embed-leaf-only"

lib/hx509/hxtool.c

@@ -1935,7 +1935,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv)
 	else if (strcasecmp(opt->signature_algorithm_string, "rsa-with-sha256") == 0)
 	    sigalg = hx509_signature_rsa_with_sha256();
 	else
-	    errx(1, "unsupported sigature algorith");
+	    errx(1, "unsupported sigature algorithm");
 	hx509_ca_tbs_set_signature_algorithm(context, tbs, sigalg);
     }
 

lib/hx509/print.c

@@ -969,15 +969,15 @@ hx509_validate_cert(hx509_context context,
 	    }
 	    validate_print(ctx,
 			   HX509_VALIDATE_F_VALIDATE|HX509_VALIDATE_F_VERBOSE,
-			   "checking extention: %s\n",
+			   "checking extension: %s\n",
 			   check_extension[j].name);
 	    (*check_extension[j].func)(ctx,
 				       &status,
 				       check_extension[j].cf,
 				       &t->extensions->val[i]);
 	}
     } else
-	validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extentions\n");
+	validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extensions\n");
 
     if (status.isca) {
 	if (!status.haveSKI)

lib/kdfs/k5dfspag.c

@@ -236,7 +236,7 @@ int krb5_dfs_getpag()
  * user.
  *
  * And it should be called before access to the home directory
- * as this may be in DFS, not accessable by root, and require
+ * as this may be in DFS, not accessible by root, and require
  * the PAG to have been setup.
  *
  * The krb5_afs_pag can be called after this routine to

lib/krb5/krb5-plugin.7

@@ -87,7 +87,7 @@ the above three.  Plugins are typically invoked in no particular order
 until one succeeds or fails, or all return a special return value such
 as KRB5_PLUGIN_NO_HANDLE to indicate that the plugin was not applicable.
 Most plugin types obtain deterministic plugin behavior in spite of the
-non-deterministic invokation order by, for example, invoking all plugins
+non-deterministic invocation order by, for example, invoking all plugins
 for each "rule" and passing the rule to each plugin with the expectation
 that just one plugin will match any given rule.
 .Pp

lib/krb5/krb5_c_make_checksum.3

@@ -168,7 +168,7 @@ The functions starting with krb5_c are compat functions with MIT kerberos.
 The
 .Li krb5_enc_data
 structure holds and encrypted data.
-There are two public accessable members of
+There are two public accessible members of
 .Li krb5_enc_data .
 .Li enctype
 that holds the encryption type of the data encrypted and

lib/krb5/krb5_digest.3

@@ -64,7 +64,7 @@
 .Nm krb5_digest_get_tickets ,
 .Nm krb5_digest_get_client_binding ,
 .Nm krb5_digest_get_a1_hash
-.Nd remote digest (HTTP-DIGEST, SASL, CHAP) suppport
+.Nd remote digest (HTTP-DIGEST, SASL, CHAP) support
 .Sh LIBRARY
 Kerberos 5 Library (libkrb5, -lkrb5)
 .Sh SYNOPSIS

lib/krb5/log.c

@@ -318,7 +318,7 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig)
 	    if(i < 0) {
 		ret = errno;
 		krb5_set_error_message(context, ret,
-				       N_("open(%s) logile: %s", ""), fn,
+				       N_("open(%s) logfile: %s", ""), fn,
 				       strerror(ret));
 		free(fn);
 		return ret;

lib/roken/getarg.3

@@ -334,7 +334,7 @@ the options come in the correct order.
 .Pp
 Options with multiple arguments should be handled better.
 .Pp
-Should be integreated with SL.
+Should be integrated with SL.
 .Pp
 It's very confusing that the struct you pass in is called getargS.
 .Sh SEE ALSO

lib/sqlite/sqlite3.c

@@ -24892,7 +24892,7 @@ static int openDirectory(const char*, int*);
 ** to all overrideable system calls.
 */
 static struct unix_syscall {
-  const char *zName;            /* Name of the sytem call */
+  const char *zName;            /* Name of the system call */
   sqlite3_syscall_ptr pCurrent; /* Current value of the system call */
   sqlite3_syscall_ptr pDefault; /* Default value */
 } aSyscall[] = {

po/heimdal_krb5/heimdal_krb5.pot

@@ -1144,7 +1144,7 @@ msgstr ""
 
 #: lib/krb5/log.c:311
 #, c-format
-msgid "open(%s) logile: %s"
+msgid "open(%s) logfile: %s"
 msgstr ""
 
 #: lib/krb5/log.c:322

po/heimdal_krb5/sv_SE.po

@@ -1126,7 +1126,7 @@ msgstr ""
 
 #: lib/krb5/log.c:311
 #, c-format
-msgid "open(%s) logile: %s"
+msgid "open(%s) logfile: %s"
 msgstr ""
 
 #: lib/krb5/log.c:322