Fix typos found using codespell.

* agent/cache.c: Fix typos.
* agent/call-pinentry.c: Likewise.
* agent/call-scd.c: Likewise.
* agent/command-ssh.c: Likewise.
* agent/command.c: Likewise.
* agent/divert-scd.c: Likewise.
* agent/findkey.c: Likewise.
* agent/gpg-agent.c: Likewise.
* agent/w32main.c: Likewise.
* common/argparse.c: Likewise.
* common/audit.c: Likewise.
* common/audit.h: Likewise.
* common/convert.c: Likewise.
* common/dotlock.c: Likewise.
* common/exechelp-posix.c: Likewise.
* common/exechelp-w32.c: Likewise.
* common/exechelp-w32ce.c: Likewise.
* common/exechelp.h: Likewise.
* common/helpfile.c: Likewise.
* common/i18n.h: Likewise.
* common/iobuf.c: Likewise.
* common/iobuf.h: Likewise.
* common/localename.c: Likewise.
* common/logging.c: Likewise.
* common/openpgp-oid.c: Likewise.
* common/session-env.c: Likewise.
* common/sexputil.c: Likewise.
* common/sysutils.c: Likewise.
* common/t-sexputil.c: Likewise.
* common/ttyio.c: Likewise.
* common/util.h: Likewise.
* dirmngr/cdblib.c: Likewise.
* dirmngr/certcache.c: Likewise.
* dirmngr/crlcache.c: Likewise.
* dirmngr/dirmngr-client.c: Likewise.
* dirmngr/dirmngr.c: Likewise.
* dirmngr/dirmngr_ldap.c: Likewise.
* dirmngr/dns-stuff.c: Likewise.
* dirmngr/http.c: Likewise.
* dirmngr/ks-engine-hkp.c: Likewise.
* dirmngr/ks-engine-ldap.c: Likewise.
* dirmngr/ldap-wrapper.c: Likewise.
* dirmngr/ldap.c: Likewise.
* dirmngr/misc.c: Likewise.
* dirmngr/ocsp.c: Likewise.
* dirmngr/validate.c: Likewise.
* g10/encrypt.c: Likewise.
* g10/getkey.c: Likewise.
* g10/gpg.c: Likewise.
* g10/gpgv.c: Likewise.
* g10/import.c: Likewise.
* g10/keydb.c: Likewise.
* g10/keydb.h: Likewise.
* g10/keygen.c: Likewise.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyring.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/misc.c: Likewise.
* g10/options.h: Likewise.
* g10/packet.h: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pkglue.c: Likewise.
* g10/plaintext.c: Likewise.
* g10/server.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/sqlite.c: Likewise.
* g10/tdbio.c: Likewise.
* g10/test-stubs.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
* g13/create.c: Likewise.
* g13/mountinfo.c: Likewise.
* kbx/keybox-blob.c: Likewise.
* kbx/keybox-file.c: Likewise.
* kbx/keybox-init.c: Likewise.
* kbx/keybox-search-desc.h: Likewise.
* kbx/keybox-search.c: Likewise.
* kbx/keybox-update.c: Likewise.
* scd/apdu.c: Likewise.
* scd/app-openpgp.c: Likewise.
* scd/app-p15.c: Likewise.
* scd/app.c: Likewise.
* scd/ccid-driver.c: Likewise.
* scd/command.c: Likewise.
* scd/iso7816.c: Likewise.
* sm/base64.c: Likewise.
* sm/call-agent.c: Likewise.
* sm/call-dirmngr.c: Likewise.
* sm/certchain.c: Likewise.
* sm/gpgsm.c: Likewise.
* sm/import.c: Likewise.
* sm/keydb.c: Likewise.
* sm/minip12.c: Likewise.
* sm/qualified.c: Likewise.
* sm/server.c: Likewise.
* tools/gpg-check-pattern.c: Likewise.
* tools/gpgconf-comp.c: Likewise.
* tools/gpgkey2ssh.c: Likewise.
* tools/gpgparsemail.c: Likewise.
* tools/gpgtar.c: Likewise.
* tools/rfc822parse.c: Likewise.
* tools/symcryptrun.c: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>

agent/cache.c

@@ -167,7 +167,7 @@ new_data (const char *string, struct secret_data_s **r_data)
 
   /* We pad the data to 32 bytes so that it get more complicated
      finding something out by watching allocation patterns.  This is
-     usally not possible but we better assume nothing about our secure
+     usually not possible but we better assume nothing about our secure
      storage provider.  To support the AESWRAP mode we need to add 8
      extra bytes as well. */
   total = (length + 8) + 32 - ((length+8) % 32);

agent/call-pinentry.c

@@ -226,7 +226,7 @@ getinfo_pid_cb (void *opaque, const void *buffer, size_t length)
 }
 
 /* Fork off the pin entry if this has not already been done.  Note,
-   that this function must always be used to aquire the lock for the
+   that this function must always be used to acquire the lock for the
    pinentry - we will serialize _all_ pinentry calls.
  */
 static gpg_error_t

agent/call-scd.c

@@ -189,7 +189,7 @@ atfork_cb (void *opaque, int where)
 /* Fork off the SCdaemon if this has not already been done.  Lock the
    daemon and make sure that a proper context has been setup in CTRL.
    This function might also lock the daemon, which means that the
-   caller must call unlock_scd after this fucntion has returned
+   caller must call unlock_scd after this function has returned
    success and the actual Assuan transaction been done. */
 static int
 start_scd (ctrl_t ctrl)

agent/command-ssh.c

@@ -3569,7 +3569,7 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock)
  out:
 
   if (err && es_feof (stream_sock))
-    log_error ("error occured while processing request: %s\n",
+    log_error ("error occurred while processing request: %s\n",
 	       gpg_strerror (err));
 
   if (send_err)

agent/command.c

@@ -2585,7 +2585,7 @@ static const char hlp_putval[] =
   "\n"
   "KEY is an an arbitrary symbol with the same syntax rules as keys\n"
   "for shell environment variables.  PERCENT_ESCAPED_VALUE is the\n"
-  "corresponsing value; they should be similar to the values of\n"
+  "corresponding value; they should be similar to the values of\n"
   "envronment variables but gpg-agent does not enforce any\n"
   "restrictions.  If that value is not given any value under that KEY\n"
   "is removed from this special environment.";

agent/divert-scd.c

@@ -224,7 +224,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
     log_debug ("pin_cb called without proper PIN info hack\n");
 
   /* If BUF has been passed as NULL, we are in pinpad mode: The
-     callback opens the popup and immediatley returns. */
+     callback opens the popup and immediately returns. */
   if (!buf)
     {
       if (maxbuf == 0) /* Close the pinentry. */

agent/findkey.c

@@ -1219,7 +1219,7 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
 
 
 /* Delete the key with GRIP from the disk after having asked for
-   confirmation using DESC_TEXT.  If FORCE is set the fucntion won't
+   confirmation using DESC_TEXT.  If FORCE is set the function won't
    require a confirmation via Pinentry or warns if the key is also
    used by ssh.
 

agent/gpg-agent.c

@@ -1485,7 +1485,7 @@ agent_deinit_default_ctrl (ctrl_t ctrl)
 
 /* Because the ssh protocol does not send us information about the
    current TTY setting, we use this function to use those from startup
-   or those explictly set.  This is also used for the restricted mode
+   or those explicitly set.  This is also used for the restricted mode
    where we ignore requests to change the environment.  */
 gpg_error_t
 agent_copy_startup_env (ctrl_t ctrl)

agent/w32main.c

@@ -258,7 +258,7 @@ handle_taskbar (void *ctx)
 
 /* This function initializes the Window system and sets up the taskbar
    icon.  We only have very limited GUI support just to give the
-   taskbar icon a little bit of life.  This fucntion is called once to
+   taskbar icon a little bit of life.  This function is called once to
    fire up the icon.  */
 int
 w32_setup_taskbar (void)

common/argparse.c

@@ -851,7 +851,7 @@ find_long_option( ARGPARSE_ARGS *arg,
     /* Would be better if we can do a binary search, but it is not
        possible to reorder our option table because we would mess
        up our help strings - What we can do is: Build a nice option
-       lookup table wehn this function is first invoked */
+       lookup table when this function is first invoked */
     if( !*keyword )
 	return -1;
     for(i=0; opts[i].short_opt; i++ )

common/audit.c

@@ -164,7 +164,7 @@ audit_release (audit_ctx_t ctx)
 
 
 /* Set the type for the audit operation.  If CTX is NULL, this is a
-   dummy fucntion.  */
+   dummy function.  */
 void
 audit_set_type (audit_ctx_t ctx, audit_type_t type)
 {

common/audit.h

@@ -174,7 +174,7 @@ typedef enum
 
     AUDIT_ROOT_TRUSTED,  /* cert, err */
     /* Tells whether the root certificate is trusted.  This event is
-       emmited durcing chain validation.  */
+       emitted during chain validation.  */
 
     AUDIT_CRL_CHECK, /* err */
     /* Tells the status of a CRL or OCSP check.  */

common/convert.c

@@ -70,7 +70,7 @@ hex2bin (const char *string, void *buffer, size_t length)
 /* Convert STRING consisting of hex characters into its binary representation
    and store that at BUFFER.  BUFFER needs to be of LENGTH bytes.  The
    function check that the STRING will convert exactly to LENGTH
-   bytes. Colons inbetween the hex digits are allowed, if one colon
+   bytes. Colons between the hex digits are allowed, if one colon
    has been given a colon is expected very 2 characters. The string
    is delimited by either end of string or a white space character.
    The function returns -1 on error or the length of the parsed
@@ -180,7 +180,7 @@ bin2hexcolon (const void *buffer, size_t length, char *stringbuf)
    Nul byte at the end is used to make sure tha the result can always
    be used as a C-string.
 
-   BUFSIZE is the availabe length of BUFFER; if the converted result
+   BUFSIZE is the available length of BUFFER; if the converted result
    plus a possible required extra Nul character does not fit into this
    buffer, the function returns NULL and won't change the existing
    content of BUFFER.  In-place conversion is possible as long as
@@ -190,7 +190,7 @@ bin2hexcolon (const void *buffer, size_t length, char *stringbuf)
    does not store anything.  This may be used to find the end of
    HEXSTRING.
 
-   On sucess the function returns a pointer to the next character
+   On success the function returns a pointer to the next character
    after HEXSTRING (which is either end-of-string or a the next white
    space).  If BUFLEN is not NULL the number of valid vytes in BUFFER
    is stored there (an extra Nul byte is not counted); this will even

common/dotlock.c

@@ -1293,7 +1293,7 @@ dotlock_remove_lockfiles (void)
   dotlock_t h, h2;
 
   /* First set the lockfiles list to NULL so that for example
-     dotlock_release is ware that this fucntion is currently
+     dotlock_release is aware that this function is currently
      running.  */
   LOCK_all_lockfiles ();
   h = all_lockfiles;

common/exechelp-posix.c

@@ -171,7 +171,7 @@ close_all_fds (int first, int *except)
 /* Returns an array with all currently open file descriptors.  The end
    of the array is marked by -1.  The caller needs to release this
    array using the *standard free* and not with xfree.  This allow the
-   use of this fucntion right at startup even before libgcrypt has
+   use of this function right at startup even before libgcrypt has
    been initialized.  Returns NULL on error and sets ERRNO
    accordingly.  */
 int *

common/exechelp-w32.c

@@ -116,7 +116,7 @@ close_all_fds (int first, int *except)
 /* Returns an array with all currently open file descriptors.  The end
    of the array is marked by -1.  The caller needs to release this
    array using the *standard free* and not with xfree.  This allow the
-   use of this fucntion right at startup even before libgcrypt has
+   use of this function right at startup even before libgcrypt has
    been initialized.  Returns NULL on error and sets ERRNO
    accordingly.  */
 int *
@@ -751,7 +751,7 @@ gnupg_release_process (pid_t pid)
 }
 
 
-/* Spawn a new process and immediatley detach from it.  The name of
+/* Spawn a new process and immediately detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).
    Environment strings in ENVP are set.  An error is returned if

common/exechelp-w32ce.c

@@ -799,7 +799,7 @@ gnupg_release_process (pid_t pid)
 }
 
 
-/* Spawn a new process and immediatley detach from it.  The name of
+/* Spawn a new process and immediately detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).
    Environment strings in ENVP are set.  An error is returned if

common/exechelp.h

@@ -46,7 +46,7 @@ void close_all_fds (int first, int *except);
 /* Returns an array with all currently open file descriptors.  The end
    of the array is marked by -1.  The caller needs to release this
    array using the *standard free* and not with xfree.  This allow the
-   use of this fucntion right at startup even before libgcrypt has
+   use of this function right at startup even before libgcrypt has
    been initialized.  Returns NULL on error and sets ERRNO accordingly.  */
 int *get_all_open_fds (void);
 
@@ -168,7 +168,7 @@ void gnupg_kill_process (pid_t pid);
 void gnupg_release_process (pid_t pid);
 
 
-/* Spawn a new process and immediatley detach from it.  The name of
+/* Spawn a new process and immediately detach from it.  The name of
    the program to exec is PGMNAME and its arguments are in ARGV (the
    programname is automatically passed as first argument).
    Environment strings in ENVP are set.  An error is returned if

common/helpfile.c

@@ -216,7 +216,7 @@ findkey_locale (const char *key, const char *locname,
      /usr/share/gnupg/help.txt
 
    Here LL denotes the two digit language code of the current locale.
-   If ONLY_CURRENT_LOCALE is set, the fucntion won;t fallback to the
+   If ONLY_CURRENT_LOCALE is set, the function won't fallback to the
    english valiant ("help.txt") unless that locale has been requested.
 
    The help file needs to be encoded in UTF-8, lines with a '#' in the

common/i18n.h

@@ -53,7 +53,7 @@ const char *i18n_utf8 (const char *string);
 const char *i18n_localegettext (const char *lc_messages, const char *string)
                                 GNUPG_GCC_ATTR_FORMAT_ARG(2);
 
-/* If a module wants a local L_() fucntion we define it here.  */
+/* If a module wants a local L_() function we define it here.  */
 #ifdef LunderscoreIMPL
 LunderscorePROTO
 LunderscoreIMPL

common/iobuf.c

@@ -1141,7 +1141,7 @@ iobuf_close (iobuf_t a)
 					 a->chain, NULL, &dummy_len)))
 	log_error ("IOBUFCTRL_FREE failed on close: %s\n", gpg_strerror (rc));
       if (! rc && rc2)
-	/* Whoops!  An error occured.  Save it in RC if we haven't
+	/* Whoops!  An error occurred.  Save it in RC if we haven't
 	   already recorded an error.  */
 	rc = rc2;
 

common/iobuf.h

@@ -426,7 +426,7 @@ int iobuf_push_filter2 (iobuf_t a,
    IOBUF_DEBUG_MODE is not 0.  */
 int iobuf_print_chain (iobuf_t a);
 
-/* Indicate that some error occured on the specified filter.  */
+/* Indicate that some error occurred on the specified filter.  */
 #define iobuf_set_error(a)    do { (a)->error = 1; } while(0)
 
 /* Return any pending error on filter A.  */
@@ -458,7 +458,7 @@ off_t iobuf_tell (iobuf_t a);
      That is, data is appended to the buffer and the seek does not
      cause the size of the buffer to grow.
 
-   If no error occured, then any limit previous set by
+   If no error occurred, then any limit previous set by
    iobuf_set_limit() is cleared.  Further, any error on the filter
    (the file filter or the temp filter) is cleared.
 
@@ -555,8 +555,8 @@ size_t iobuf_temp_to_buffer (iobuf_t a, byte * buffer, size_t buflen);
 /* Copies the data from the input iobuf SOURCE to the output iobuf
    DEST until either an error is encountered or EOF is reached.
    Returns the number of bytes successfully written.  If an error
-   occured, then any buffered bytes are not returned to SOURCE and are
+   occurred, then any buffered bytes are not returned to SOURCE and are
-   effectively lost.  To check if an error occured, use
+   effectively lost.  To check if an error occurred, use
    iobuf_error.  */
 size_t iobuf_copy (iobuf_t dest, iobuf_t source);
 

common/localename.c

@@ -55,7 +55,7 @@
 
 /* Use a dummy value for LC_MESSAGES in case it is not defined.  This
    works because we always test for HAVE_LC_MESSAGES and the core
-   fucntion takes the category as a string as well.  */
+   function takes the category as a string as well.  */
 #ifndef HAVE_LC_MESSAGES
 #define LC_MESSAGES 0
 #endif

common/logging.c

@@ -204,7 +204,7 @@ fun_writer (void *cookie_arg, const void *buffer, size_t size)
      avoids the ugly mix of fd and estream code.  */
 
   /* Note that we always try to reconnect to the socket but print
-     error messages only the first time an error occured.  If
+     error messages only the first time an error occurred.  If
      RUNNING_DETACHED is set we don't fall back to stderr and even do
      not print any error messages.  This is needed because detached
      processes often close stderr and by writing to file descriptor 2

common/openpgp-oid.c

@@ -390,7 +390,7 @@ curve_supported_p (const char *name)
 
 /* Enumerate available and supported OpenPGP curves.  The caller needs
    to set the integer variable at ITERP to zero and keep on calling
-   this fucntion until NULL is returned.  */
+   this function until NULL is returned.  */
 const char *
 openpgp_enum_curves (int *iterp)
 {

common/session-env.c

@@ -97,7 +97,7 @@ static size_t lastallocatedarraysize;
 
 /* Return the names of standard environment variables one after the
    other.  The caller needs to set the value at the address of
-   ITERATOR initally to 0 and then call this function until it returns
+   ITERATOR initially to 0 and then call this function until it returns
    NULL.  */
 const char *
 session_env_list_stdenvnames (int *iterator, const char **r_assname)

common/sexputil.c

@@ -335,7 +335,7 @@ hash_algo_from_sigval (const unsigned char *sigval)
   if (sskip (&s, &depth) || depth)
     return 0; /* Invalid S-expression.  */
   if (*s != '(')
-    return 0; /* No futher list.  */
+    return 0; /* No further list.  */
   /* Check whether this is (hash ALGO).  */
   s++;
   n = snext (&s);

common/sysutils.c

@@ -267,7 +267,7 @@ check_permissions(const char *path,int extension,int checkonly)
 #endif
 
 
-/* Wrapper around the usual sleep fucntion.  This one won't wake up
+/* Wrapper around the usual sleep function.  This one won't wake up
    before the sleep time has really elapsed.  When build with Pth it
    merely calls pth_sleep and thus suspends only the current
    thread. */
@@ -446,7 +446,7 @@ gnupg_tmpfile (void)
    some folks close them before an exec and the next file we open will
    get one of them assigned and thus any output (i.e. diagnostics) end
    up in that file (e.g. the trustdb).  Not actually a gpg problem as
-   this will hapen with almost all utilities when called in a wrong
+   this will happen with almost all utilities when called in a wrong
    way.  However we try to minimize the damage here and raise
    awareness of the problem.
 

common/t-sexputil.c

@@ -79,7 +79,7 @@ test_make_canon_sexp_from_rsa_pk (void)
     size_t elen;
     unsigned char *result;
     size_t resultlen;
-    gpg_err_code_t reverr;  /* Expected error from the reverse fucntion.  */
+    gpg_err_code_t reverr;  /* Expected error from the reverse function.  */
   } tests[] = {
     {
       "\x82\xB4\x12\x48\x08\x48\xC0\x76\xAA\x8E\xF1\xF8\x7F\x5E\x9B\x89"

common/ttyio.c

@@ -502,7 +502,7 @@ do_get( const char *prompt, int hidden )
     do {
 #ifdef HAVE_W32CE_SYSTEM
       /* Using getchar is not a correct solution but for now it
-         doesn't matter becuase we have no real console at all.  We
+         doesn't matter because we have no real console at all.  We
          should rework this as soon as we have switched this entire
          module to estream.  */
         c = getchar();

common/util.h

@@ -221,7 +221,7 @@ extern gpg_err_source_t default_errsource;
 
 /* Convenience function to return a gpg-error code for memory
    allocation failures.  This function makes sure that an error will
-   be returned even if accidently ERRNO is not set.  */
+   be returned even if accidentally ERRNO is not set.  */
 static inline gpg_error_t
 out_of_core (void)
 {

dirmngr/cdblib.c

@@ -696,7 +696,7 @@ make_find (struct cdb_make *cdbmp,
 {
   struct cdb_rl *rl = cdbmp->cdb_rec[hval&255];
   int r, i;
-  int seeked = 0;
+  int sought = 0;
   while(rl) {
     for(i = rl->cnt - 1; i >= 0; --i) { /* search backward */
       if (rl->rec[i].hval != hval)
@@ -711,7 +711,7 @@ make_find (struct cdb_make *cdbmp,
           return -1;
         cdbmp->cdb_bpos = cdbmp->cdb_buf;
       }
-      seeked = 1;
+      sought = 1;
       r = match(cdbmp->cdb_fd, rl->rec[i].rpos, key, klen);
       if (!r)
 	continue;
@@ -725,7 +725,7 @@ make_find (struct cdb_make *cdbmp,
     }
     rl = rl->next;
   }
-  if (seeked && lseek(cdbmp->cdb_fd, cdbmp->cdb_dpos, SEEK_SET) < 0)
+  if (sought && lseek(cdbmp->cdb_fd, cdbmp->cdb_dpos, SEEK_SET) < 0)
     return -1;
   return 0;
 }

dirmngr/certcache.c

@@ -331,7 +331,7 @@ put_cert (ksba_cert_t cert, int is_loaded, int is_trusted, void *fpr_buffer)
 /* Load certificates from the directory DIRNAME.  All certificates
    matching the pattern "*.crt" or "*.der"  are loaded.  We assume that
    certificates are DER encoded and not PEM encapsulated. The cache
-   should be in a locked state when calling this fucntion.  */
+   should be in a locked state when calling this function.  */
 static gpg_error_t
 load_certs_from_dir (const char *dirname, int are_trusted)
 {
@@ -687,7 +687,7 @@ get_cert_bysubject (const char *subject_dn, unsigned int seq)
 
 
 
-/* Return a value decribing the the class of PATTERN.  The offset of
+/* Return a value describing the the class of PATTERN.  The offset of
    the actual string to be used for the comparison is stored at
    R_OFFSET.  The offset of the serialnumer is stored at R_SN_OFFSET. */
 static enum pattern_class

dirmngr/crlcache.c

@@ -859,7 +859,7 @@ update_dir (crl_cache_t cache)
                  field, thus we can compare it pretty easily. */
               *endp = 0;
               e = find_entry ( cache->entries, fieldp);
-              *endp = ':'; /* Restore orginal line. */
+              *endp = ':'; /* Restore original line. */
               if (e && e->deleted)
                 {
                   /* Marked for deletion, so don't write it. */
@@ -1212,7 +1212,7 @@ find_entry (crl_cache_entry_t first, const char *issuer_hash)
 }
 
 
-/* Create a new CRL cache. This fucntion is usually called only once.
+/* Create a new CRL cache. This function is usually called only once.
    never fail. */
 void
 crl_cache_init(void)

dirmngr/dirmngr-client.c

@@ -185,7 +185,7 @@ main (int argc, char **argv )
   log_set_prefix ("dirmngr-client",
                   GPGRT_LOG_WITH_PREFIX);
 
-  /* For W32 we need to initialize the socket subsystem.  Becuase we
+  /* For W32 we need to initialize the socket subsystem.  Because we
      don't use Pth we need to do this explicit. */
 #ifdef HAVE_W32_SYSTEM
  {

dirmngr/dirmngr.c

@@ -1987,7 +1987,7 @@ check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
 }
 
 
-/* Helper to call a connection's main fucntion. */
+/* Helper to call a connection's main function. */
 static void *
 start_connection_thread (void *arg)
 {

dirmngr/dirmngr_ldap.c

@@ -165,7 +165,7 @@ struct my_opt_s
   unsigned int alarm_timeout; /* And for the alarm based timeout.  */
   int multi;
 
-  estream_t outstream;    /* Send output to thsi stream.  */
+  estream_t outstream;    /* Send output to this stream.  */
 
   /* Note that we can't use const for the strings because ldap_* are
      not defined that way.  */

dirmngr/dns-stuff.c

@@ -48,7 +48,7 @@
 #endif
 
 #if !defined(HAVE_GETADDRINFO) && !defined(USE_ADNS)
-# error Either getaddrinfo or the ADNS libary is required.
+# error Either getaddrinfo or the ADNS library is required.
 #endif
 
 #ifdef WITHOUT_NPTH /* Give the Makefile a chance to build without Pth.  */
@@ -511,7 +511,7 @@ resolve_addr_standard (const struct sockaddr *addr, int addrlen,
 }
 
 
-/* This a wrapper around getaddrinfo with slighly different semantics.
+/* This a wrapper around getaddrinfo with slightly different semantics.
    NAME is the name to resolve.
    PORT is the requested port or 0.
    WANT_FAMILY is either 0 (AF_UNSPEC), AF_INET6, or AF_INET4.

dirmngr/http.c

@@ -267,7 +267,7 @@ struct http_context_s
 };
 
 
-/* The global callback for the verification fucntion.  */
+/* The global callback for the verification function.  */
 static gpg_error_t (*tls_callback) (http_t, http_session_t, int);
 
 /* The list of files with trusted CA certificates.  */

dirmngr/ks-engine-hkp.c

@@ -101,7 +101,7 @@ struct hostinfo_s
 static hostinfo_t *hosttable;
 static int hosttable_size;
 
-/* The number of host slots we initally allocate for HOSTTABLE.  */
+/* The number of host slots we initially allocate for HOSTTABLE.  */
 #define INITIAL_HOSTTABLE_SIZE 10
 
 

dirmngr/ks-engine-ldap.c

@@ -433,10 +433,10 @@ keyspec_to_ldap_filter (const char *keyspec, char **filter, int only_exact)
 
    If this function successfully interrogated the server, it returns
    0.  If there was an LDAP error, it returns the LDAP error code.  If
-   an error occured, *basednp, etc., are undefined (and don't need to
+   an error occurred, *basednp, etc., are undefined (and don't need to
    be freed.)
 
-   If no LDAP error occured, you still need to check that *basednp is
+   If no LDAP error occurred, you still need to check that *basednp is
    valid.  If it is NULL, then the server does not appear to be an
    OpenPGP Keyserver.  In this case, you also do not need to xfree
    *pgpkeyattrp.  */
@@ -1616,7 +1616,7 @@ extract_attributes (LDAPMod ***modlist, char *line)
 
   fields = strsplit (line, ':', '\0', &field_count);
   if (field_count == 1)
-    /* We only have a single field.  There is definately nothing to
+    /* We only have a single field.  There is definitely nothing to
        do.  */
     goto out;
 

dirmngr/ldap-wrapper.c

@@ -160,7 +160,7 @@ destroy_wrapper (struct wrapper_context_s *ctx)
 
 /* Print the content of LINE to thye log stream but make sure to only
    print complete lines.  Using NULL for LINE will flush any pending
-   output.  LINE may be modified by this fucntion. */
+   output.  LINE may be modified by this function. */
 static void
 print_log_line (struct wrapper_context_s *ctx, char *line)
 {

dirmngr/ldap.c

@@ -382,7 +382,7 @@ parse_one_pattern (const char *pattern)
   return result;
 }
 
-/* Take the string STRING and escape it accoring to the URL rules.
+/* Take the string STRING and escape it according to the URL rules.
    Retun a newly allocated string. */
 static char *
 escape4url (const char *string)
@@ -512,7 +512,7 @@ start_default_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
 }
 
 
-/* Prepare an LDAP query to return certificates maching PATTERNS using
+/* Prepare an LDAP query to return certificates matching PATTERNS using
    the SERVER.  This function returns an error code or 0 and a CONTEXT
    on success. */
 gpg_error_t

dirmngr/misc.c

@@ -36,7 +36,7 @@
    buffer will be returned.  The caller should provide RESULT of at
    least strlen(STRING)/2 bytes.  There is no error detection, the
    parsing stops at the first non hex character.  With RESULT given as
-   NULL, the fucntion does only return the size of the buffer which
+   NULL, the function does only return the size of the buffer which
    would be needed.  */
 size_t
 unhexify (unsigned char *result, const char *string)

dirmngr/ocsp.c

@@ -83,7 +83,7 @@ read_response (estream_t fp, unsigned char **r_buffer, size_t *r_buflen)
           return err;
         }
       if ( !(nread == bufsize-nbytes && !es_feof (fp)))
-        { /* Response succesfully received. */
+        { /* Response successfully received. */
           nbytes += nread;
           *r_buffer = buffer;
           *r_buflen = nbytes;
@@ -116,7 +116,7 @@ read_response (estream_t fp, unsigned char **r_buffer, size_t *r_buflen)
 
 /* Construct an OCSP request, send it to the configured OCSP responder
    and parse the response. On success the OCSP context may be used to
-   further process the reponse. */
+   further process the response. */
 static gpg_error_t
 do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
                  const char *url, ksba_cert_t cert, ksba_cert_t issuer_cert)

dirmngr/validate.c

@@ -597,7 +597,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
           break;  /* Okay: a self-signed certicate is an end-point. */
         }
 
-      /* To avoid loops, we use an arbitary limit on the length of
+      /* To avoid loops, we use an arbitrary limit on the length of
          the chain. */
       depth++;
       if (depth > maxdepth)
@@ -757,7 +757,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
          here because this does not seem to make much sense.  This
          might become a recursive process and we should better cache
          our validity results to avoid double work.  Far worse a
-         catch-22 may happen for an improper setup hierachy and we
+         catch-22 may happen for an improper setup hierarchy and we
          need a way to break up such a deadlock. */
       err = check_revocations (ctrl, chain);
     }

g10/encrypt.c

@@ -85,7 +85,7 @@ encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey)
   buf[0] = (*seskey)->algo;
   memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen );
 
-  /* We only pass already checked values to the following fucntion,
+  /* We only pass already checked values to the following function,
      thus we consider any failure as fatal.  */
   if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
     BUG ();

g10/getkey.c

@@ -986,7 +986,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk,
 	      add_to_strlist (&namelist, fpr_string);
 	    }
 	  else if (!rc && !fpr && !did_key_byname)
-	    /* The acquisition method said no failure occured, but it
+	    /* The acquisition method said no failure occurred, but it
 	       didn't return a fingerprint.  That's a failure.  */
 	    {
 	      no_fingerprint = 1;
@@ -2297,7 +2297,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
 
       if (backsig)
 	{
-	  /* At ths point, backsig contains the most recent 0x19 sig.
+	  /* At this point, backsig contains the most recent 0x19 sig.
 	     Let's see if it is good. */
 
 	  /* 2==valid, 1==invalid, 0==didn't check */

g10/gpg.c

@@ -2008,7 +2008,7 @@ parse_tofu_db_format (const char *db_format)
     }
 }
 
-/* This fucntion called to initialized a new control object.  It is
+/* This function called to initialized a new control object.  It is
    assumed that this object has been zeroed out before calling this
    function. */
 static void
@@ -3579,7 +3579,7 @@ main (int argc, char **argv)
     /* Do these after the switch(), so they can override settings. */
     if(PGP6)
       {
-        /* That does not anymore work becuase we have no more support
+        /* That does not anymore work because we have no more support
            for v3 signatures.  */
 	opt.disable_mdc=1;
 	opt.escape_from=1;

g10/gpgv.c

@@ -242,7 +242,7 @@ g10_exit( int rc )
 
 
 /* Stub:
- * We have to override the trustcheck from pkclist.c becuase
+ * We have to override the trustcheck from pkclist.c because
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int

g10/import.c

@@ -1638,7 +1638,7 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
 /****************
  * Ditto for secret keys.  Handling is simpler than for public keys.
  * We allow secret key importing only when allow is true, this is so
- * that a secret key can not be imported accidently and thereby tampering
+ * that a secret key can not be imported accidentally and thereby tampering
  * with the trust calculation.
  */
 static int

g10/keydb.c

@@ -156,7 +156,7 @@ static int lock_all (KEYDB_HANDLE hd);
 static void unlock_all (KEYDB_HANDLE hd);
 
 
-/* Check whether the keyid KID is in key id is definately not in the
+/* Check whether the keyid KID is in key id is definitely not in the
    database.
 
    Returns:

g10/keydb.h

@@ -288,7 +288,7 @@ unsigned long keydb_get_skipped_counter (KEYDB_HANDLE hd);
    so that the next search starts at the beginning of the database
    (the start of the first resource).
 
-   Returns 0 on success and an error code if an error occured.
+   Returns 0 on success and an error code if an error occurred.
    (Currently, this function always returns 0 if HD is valid.)  */
 gpg_error_t keydb_search_reset (KEYDB_HANDLE hd);
 
@@ -305,7 +305,7 @@ gpg_error_t keydb_search_reset (KEYDB_HANDLE hd);
 
    If no key matches the search description, returns
    GPG_ERR_NOT_FOUND.  If there was a match, returns 0.  If an error
-   occured, returns an error code.
+   occurred, returns an error code.
 
    The returned key is considered to be selected and the raw data can,
    for instance, be returned by calling keydb_get_keyblock().  */
@@ -437,7 +437,7 @@ void getkey_disable_caches(void);
    occurs.
 
    If the data was not read from the cache, then the self-signed data
-   has definately been merged into the public key using
+   has definitely been merged into the public key using
    merge_selfsigs.  */
 int get_pubkey( PKT_public_key *pk, u32 *keyid );
 
@@ -751,7 +751,7 @@ KEYDB_HANDLE get_ctx_handle(GETKEY_CTX ctx);
      free_public_key (sk);
 
      if (gpg_err_code (err) != GPG_ERR_EOF)
-       ; // An error occured.
+       ; // An error occurred.
  */
 gpg_error_t enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *pk);
 

g10/keygen.c

@@ -1284,7 +1284,7 @@ do_create_from_keygrip (ctrl_t ctrl, int algo, const char *hexkeygrip,
 }
 
 
-/* Common code for the key generation fucntion gen_xxx.  */
+/* Common code for the key generation function gen_xxx.  */
 static int
 common_gen (const char *keyparms, int algo, const char *algoelem,
             kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey,

g10/keyid.c

@@ -785,7 +785,7 @@ format_hexfingerprint (const char *fingerprint, char *buffer, size_t buflen)
 
 /* Return the so called KEYGRIP which is the SHA-1 hash of the public
    key parameters expressed as an canoncial encoded S-Exp.  ARRAY must
-   be 20 bytes long.  Returns 0 on sucess or an error code.  */
+   be 20 bytes long.  Returns 0 on success or an error code.  */
 gpg_error_t
 keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
 {

g10/keylist.c

@@ -903,7 +903,7 @@ list_keyblock_pka (ctrl_t ctrl, kbnode_t keyblock)
       size_t datalen;
       gpg_error_t err;
 
-      /* We do not have an export fucntion which allows to pass a
+      /* We do not have an export function which allows to pass a
          keyblock, thus we need to search the key again.  */
       err = export_pubkey_buffer (ctrl, hexfpr,
                                   EXPORT_DANE_FORMAT, NULL,

g10/keyring.c

@@ -1215,7 +1215,7 @@ create_tmp_file (const char *template,
 
 # ifdef USE_ONLY_8DOT3
   /* Here is another Windoze bug?:
-   * you cant rename("pubring.gpg.tmp", "pubring.gpg");
+   * you can't rename("pubring.gpg.tmp", "pubring.gpg");
    * but	rename("pubring.gpg.tmp", "pubring.aaa");
    * works.  So we replace .gpg by .bak or .tmp
    */

g10/mainproc.c

@@ -387,7 +387,7 @@ proc_pubkey_enc (ctrl_t ctrl, CTX c, PACKET *pkt)
          to the Libgcrypt defined one.  This is due a chicken-egg
          problem: We need to have code in Libgcrypt for a new
          algorithm so to implement a proposed new algorithm before the
-         IANA will finally assign an OpenPGP indentifier.  */
+         IANA will finally assign an OpenPGP identifier.  */
       snprintf (buf, sizeof buf, "%08lX%08lX %d 0",
 		(ulong)enc->keyid[0], (ulong)enc->keyid[1], enc->pubkey_algo);
       write_status_text (STATUS_ENC_TO, buf);
@@ -1091,7 +1091,7 @@ list_node (CTX c, kbnode_t node)
     {
 
       log_debug ("FIXME: No way to print secret key packets here\n");
-      /* fixme: We may use a fucntion to turn a secret key packet into
+      /* fixme: We may use a function to turn a secret key packet into
          a public key one and use that here.  */
     }
   else if (node->pkt->pkttype == PKT_SIGNATURE)
@@ -1442,7 +1442,7 @@ do_proc_packets (ctrl_t ctrl, CTX c, iobuf_t a)
        * I used it.  Adding the MDC check here is a hack.
        * The right solution is to initiate another context for encrypted
        * packet and not to reuse the current one ...  It works right
-       * when there is a compression packet inbetween which adds just
+       * when there is a compression packet between which adds just
        * an extra layer.
        * Hmmm: Rewrite this whole module here??
        */

g10/misc.c

@@ -98,7 +98,7 @@ register_secured_file (const char *fname)
   struct stat buf;
   struct secured_file_item *sf;
 
-  /* Note that we stop immediatley if something goes wrong here. */
+  /* Note that we stop immediately if something goes wrong here. */
   if (stat (fname, &buf))
     log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
                "register_secured_file", strerror (errno));
@@ -498,7 +498,7 @@ openpgp_cipher_blocklen (cipher_algo_t algo)
 }
 
 /****************
- * Wrapper around the libgcrypt function with additonal checks on
+ * Wrapper around the libgcrypt function with additional checks on
  * the OpenPGP contraints for the algo ID.
  */
 int
@@ -862,7 +862,7 @@ pct_expando(const char *string,struct expando_args *args)
 
 	    case 'f': /* Fingerprint of key being signed */
 	    case 'p': /* Fingerprint of the primary key making the signature. */
-	    case 'g': /* Fingerprint of thge key making the signature.  */
+	    case 'g': /* Fingerprint of the key making the signature.  */
 	      {
 		byte array[MAX_FINGERPRINT_LEN];
 		size_t len;
@@ -1074,7 +1074,7 @@ string_to_digest_algo (const char *string)
 {
   int val;
 
-  /* FIXME: We should make use of our wrapper fucntion and not assume
+  /* FIXME: We should make use of our wrapper function and not assume
      that there is a 1 to 1 mapping between OpenPGP and Libgcrypt.  */
   val = gcry_md_map_name (string);
   if (!val && string && (string[0]=='H' || string[0]=='h'))

g10/options.h

@@ -116,7 +116,7 @@ struct
   int skip_verify;
   int skip_hidden_recipients;
 
-  /* TM_CLASSIC must be zero to accomodate trustdbs generated before
+  /* TM_CLASSIC must be zero to accommodate trustdbs generated before
      we started storing the trust model inside the trustdb. */
   enum
     {

g10/packet.h

@@ -481,7 +481,7 @@ int search_packet( iobuf_t inp, PACKET *pkt, off_t *retpos, int with_uid );
    reached.
 
    Returns -1 when end of file is reached or an error code, if an
-   error occured.  (Note: this function never returns 0, because it
+   error occurred.  (Note: this function never returns 0, because it
    effectively keeps going until it gets an EOF.)  */
 int copy_all_packets( iobuf_t inp, iobuf_t out );
 
@@ -578,7 +578,7 @@ const byte *parse_sig_subpkt2 ( PKT_signature *sig,
    constraints.
 
    Returns 0 if the size is acceptable.  Returns -2 if the buffer is
-   definately too short.  To check for an error, check whether the
+   definitely too short.  To check for an error, check whether the
    return value is less than 0.  */
 int parse_one_sig_subpkt( const byte *buffer, size_t n, int type );
 

g10/parse-packet.c

@@ -3019,7 +3019,7 @@ parse_mdc (IOBUF inp, int pkttype, unsigned long pktlen,
 /*
  * This packet is internally generated by us (ibn armor.c) to transfer
  * some information to the lower layer.  To make sure that this packet
- * is really a GPG faked one and not one comming from outside, we
+ * is really a GPG faked one and not one coming from outside, we
  * first check that there is a unique tag in it.
  *
  * The format of such a control packet is:

g10/pkclist.c

@@ -113,7 +113,7 @@ do_show_revocation_reason( PKT_signature *sig )
 void
 show_revocation_reason( PKT_public_key *pk, int mode )
 {
-    /* Hmmm, this is not so easy becuase we have to duplicate the code
+    /* Hmmm, this is not so easy because we have to duplicate the code
      * used in the trustbd to calculate the keyflags.  We need to find
      * a clean way to check revocation certificates on keys and
      * signatures.  And there should be no duplicate code.  Because we
@@ -1076,7 +1076,7 @@ build_pk_list (ctrl_t ctrl,
             }
 
           /* Do group expand here too.  The trick here is to continue
-             the loop if any expansion occured.  The code above will
+             the loop if any expansion occurred.  The code above will
              then list all expanded keys. */
           if (expand_id(answer,&backlog,0))
             continue;

g10/pkglue.c

@@ -31,7 +31,7 @@
 #include "main.h"
 #include "options.h"
 
-/* FIXME: Better chnage the fucntion name because mpi_ is used by
+/* FIXME: Better change the function name because mpi_ is used by
    gcrypt macros.  */
 gcry_mpi_t
 get_mpi_from_sexp (gcry_sexp_t sexp, const char *item, int mpifmt)

g10/plaintext.c

@@ -165,7 +165,7 @@ get_output_file (const byte *embedded_name, int embedded_namelen,
     ;
   else
     {
-      /* Note: riscos stuff is not expected to wrok anymore.  If we
+      /* Note: riscos stuff is not expected to work anymore.  If we
          want to port it again to riscos we should do most of the suff
          in estream.  FIXME: Consider to remove all riscos special
          cases.  */

g10/server.c

@@ -257,7 +257,7 @@ cmd_recipient (assuan_context_t ctx, char *line)
    then not be done for this key.  If the policy is not to sign at all
    if not all signer keys are valid, the client has to take care of
    this.  All SIGNER commands are cumulative until a RESET but they
-   are *not* reset by an SIGN command becuase it can be expected that
+   are *not* reset by an SIGN command because it can be expected that
    set of signers are used for more than one sign operation.
 
    Note that this command returns an INV_RECP status which is a bit

g10/sig-check.c

@@ -176,7 +176,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
 	 * like this feature here.
          *
          * Note that before 2.0.10, we used RIPE-MD160 for the hash
-         * and accidently didn't include the timestamp and algorithm
+         * and accidentally didn't include the timestamp and algorithm
          * information in the hash.  Given that this feature is not
          * commonly used and that a replay attacks detection should
          * not solely be based on this feature (because it does not

g10/sqlite.c

@@ -179,7 +179,7 @@ sqlite3_stepx (sqlite3 *db,
       rc = sqlite3_step (stmt);
 
       if (rc != SQLITE_ROW)
-        /* No more data (SQLITE_DONE) or an error occured.  */
+        /* No more data (SQLITE_DONE) or an error occurred.  */
         break;
 
       if (! callback)

g10/tdbio.c

@@ -87,7 +87,7 @@ static int cache_entries;
 static int cache_is_dirty;
 
 
-/* An object to pass infomation to cmp_krec_fpr. */
+/* An object to pass information to cmp_krec_fpr. */
 struct cmp_krec_fpr_struct
 {
   int pubkey_algo;
@@ -95,7 +95,7 @@ struct cmp_krec_fpr_struct
   int fprlen;
 };
 
-/* An object used to pass infomation to cmp_[s]dir. */
+/* An object used to pass information to cmp_[s]dir. */
 struct cmp_xdir_struct
 {
   int pubkey_algo;
@@ -446,7 +446,7 @@ tdbio_sync()
 /*
  * Simple transactions system:
  * Everything between begin_transaction and end/cancel_transaction
- * is not immediatly written but at the time of end_transaction.
+ * is not immediately written but at the time of end_transaction.
  *
  * NOTE: The transaction code is disabled in the 1.2 branch, as it is
  * not yet used.

g10/test-stubs.c

@@ -54,7 +54,7 @@ g10_exit( int rc )
 
 
 /* Stub:
- * We have to override the trustcheck from pkclist.c becuase
+ * We have to override the trustcheck from pkclist.c because
  * this utility assumes that all keys in the keyring are trustworthy
  */
 int

g10/tofu.c

@@ -573,7 +573,7 @@ initdb (sqlite3 *db, enum db_type type)
          latter binding, we warn the user about the conflict and ask
          for a policy decision about the new binding.  We also change
          the old binding's policy to ask if it was auto.  So that we
-         know why this occured, we also set conflict to 0xbaddecaf.
+         know why this occurred, we also set conflict to 0xbaddecaf.
   */
   if (type == DB_EMAIL || type == DB_COMBINED)
     rc = sqlite3_exec_printf

g10/trust.c

@@ -294,7 +294,7 @@ check_or_update_trustdb (void)
 
 /*
  * Return the validity information for PK.  If the namehash is not
- * NULL, the validity of the corresponsing user ID is returned,
+ * NULL, the validity of the corresponding user ID is returned,
  * otherwise, a reasonable value for the entire key is returned.
  */
 unsigned int
@@ -641,7 +641,7 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
    compacted.  To "compact" a user ID, we simply remove ALL signatures
    except the self-sig that caused the user ID to be remove-worthy.
    We don't actually remove the user ID packet itself since it might
-   be ressurected in a later merge.  Note that this function requires
+   be resurrected in a later merge.  Note that this function requires
    that the caller has already done a merge_keys_and_selfsig().
 
    TODO: change the import code to allow importing a uid with only a

g10/trustdb.c

@@ -1887,7 +1887,7 @@ validate_keys (int interactive)
   u32 start_time, next_expire;
 
   /* Make sure we have all sigs cached.  TODO: This is going to
-     require some architectual re-thinking, as it is agonizingly slow.
+     require some architectural re-thinking, as it is agonizingly slow.
      Perhaps combine this with reset_trust_records(), or only check
      the caches on keys that are actually involved in the web of
      trust. */

g13/create.c

@@ -119,7 +119,7 @@ encrypt_keyblob (ctrl_t ctrl, void *keyblob, size_t keybloblen,
 
 
 /* Write a new file under the name FILENAME with the keyblob and an
-   appropriate header.  This fucntion is called with a lock file in
+   appropriate header.  This function is called with a lock file in
    place and after checking that the filename does not exists.  */
 static gpg_error_t
 write_keyblob (const char *filename,

g13/mountinfo.c

@@ -118,7 +118,7 @@ mountinfo_del_mount (const char *container, const char *mountpoint,
   mtab_t m;
 
   /* If a container or mountpint is givem search the RID via the
-     standard find fucntion.  */
+     standard find function.  */
   if (container || mountpoint)
     {
       err = mountinfo_find_mount (container, mountpoint, &rid);

kbx/keybox-blob.c

@@ -54,7 +54,7 @@
 
 ** The OpenPGP and X.509 blobs
 
-   The OpenPGP and X.509 blobs are very similiar, things which are
+   The OpenPGP and X.509 blobs are very similar, things which are
    X.509 specific are noted like [X.509: xxx]
 
    - u32  Length of this blob (including these 4 bytes)

kbx/keybox-file.c

@@ -45,7 +45,7 @@ ftello (FILE *stream)
 
 
 
-/* Read a block at the current postion and return it in r_blob.
+/* Read a block at the current position and return it in r_blob.
    r_blob may be NULL to simply skip the current block.  */
 int
 _keybox_read_blob2 (KEYBOXBLOB *r_blob, FILE *fp, int *skipped_deleted)

kbx/keybox-init.c

@@ -228,7 +228,7 @@ keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes)
 
 
 /* Close the file of the resource identified by HD.  For consistent
-   results this fucntion closes the files of all handles pointing to
+   results this function closes the files of all handles pointing to
    the resource identified by HD.  */
 void
 _keybox_close_file (KEYBOX_HANDLE hd)

kbx/keybox-search-desc.h

@@ -70,7 +70,7 @@ struct keydb_search_desc
   union {
     const char *name;
     unsigned char fpr[24];
-    u32 kid[2]; /* Note that this is in native endianess.  */
+    u32 kid[2]; /* Note that this is in native endianness.  */
     unsigned char grip[20];
   } u;
   int exact;    /* Use exactly this key ('!' suffix in gpg).  */

kbx/keybox-search.c

@@ -431,7 +431,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
   if (namelen < 1)
     return 0;
 
-  /* Note that for X.509 we start at index 1 becuase index 0 is used
+  /* Note that for X.509 we start at index 1 because index 0 is used
      for the issuer name.  */
   for (idx=!!x509 ;idx < nuids; idx++)
     {

kbx/keybox-update.c

@@ -80,7 +80,7 @@ create_tmp_file (const char *template,
 
 # ifdef USE_ONLY_8DOT3
   /* Here is another Windoze bug?:
-   * you cant rename("pubring.kbx.tmp", "pubring.kbx");
+   * you can't rename("pubring.kbx.tmp", "pubring.kbx");
    * but	rename("pubring.kbx.tmp", "pubring.aaa");
    * works.  So we replace ".kbx" by ".kb_" or ".k__".  Note that we
    * can't use ".bak" and ".tmp", because these suffixes are used by

scd/apdu.c

@@ -686,7 +686,7 @@ static int
 ct_get_status (int slot, unsigned int *status)
 {
   (void)slot;
-  /* The status we returned is wrong but we don't care becuase ctAPI
+  /* The status we returned is wrong but we don't care because ctAPI
      is not anymore required.  */
   *status = APDU_CARD_USABLE|APDU_CARD_PRESENT|APDU_CARD_ACTIVE;
   return 0;
@@ -2035,7 +2035,7 @@ open_pcsc_reader_wrapped (const char *portstr)
   int err;
   unsigned int dummy_status;
 
-  /* Note that we use the constant and not the fucntion because this
+  /* Note that we use the constant and not the function because this
      code won't be be used under Windows.  */
   const char *wrapperpgm = GNUPG_LIBEXECDIR "/gnupg-pcsc-wrapper";
 
@@ -3158,7 +3158,7 @@ apdu_open_reader (const char *portstr)
    with remote readers only.  Note that the supplied CLOSEFNC will
    only be called once and the slot will not be valid afther this.
 
-   If PORTSTR is NULL we default to the first availabe port.
+   If PORTSTR is NULL we default to the first available port.
 */
 int
 apdu_open_remote_reader (const char *portstr,
@@ -4052,7 +4052,7 @@ send_le (int slot, int class, int ins, int p0, int p1,
    The return value is the status word or -1 for an invalid SLOT or
    other non card related error.  If RETBUF is not NULL, it will
    receive an allocated buffer with the returned data.  The length of
-   that data will be put into *RETBUFLEN.  The caller is reponsible
+   that data will be put into *RETBUFLEN.  The caller is responsible
    for releasing the buffer even in case of errors.  */
 int
 apdu_send_le(int slot, int extended_mode,
@@ -4075,7 +4075,7 @@ apdu_send_le(int slot, int extended_mode,
    return value is the status word or -1 for an invalid SLOT or other
    non card related error.  If RETBUF is not NULL, it will receive an
    allocated buffer with the returned data.  The length of that data
-   will be put into *RETBUFLEN.  The caller is reponsible for
+   will be put into *RETBUFLEN.  The caller is responsible for
    releasing the buffer even in case of errors.  */
 int
 apdu_send (int slot, int extended_mode,

scd/app-openpgp.c

@@ -1223,7 +1223,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid,
 /* Get the public key for KEYNO and store it as an S-expresion with
    the APP handle.  On error that field gets cleared.  If we already
    know about the public key we will just return.  Note that this does
-   not mean a key is available; this is soley indicated by the
+   not mean a key is available; this is solely indicated by the
    presence of the app->app_local->pk[KEYNO].key field.
 
    Note that GnuPG 1.x does not need this and it would be too time
@@ -1548,7 +1548,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
   send_keypair_info (app, ctrl, 2);
   send_keypair_info (app, ctrl, 3);
   /* Note: We do not send the Cardholder Certificate, because that is
-     relativly long and for OpenPGP applications not really needed.  */
+     relatively long and for OpenPGP applications not really needed.  */
   return 0;
 }
 
@@ -1675,7 +1675,7 @@ check_pinpad_request (app_t app, pininfo_t *pininfo, int admin_pin)
 }
 
 
-/* Verify a CHV either using using the pinentry or if possibile by
+/* Verify a CHV either using using the pinentry or if possible by
    using a pinpad.  PINCB and PINCB_ARG describe the usual callback
    for the pinentry.  CHVNO must be either 1 or 2. SIGCOUNT is only
    used with CHV1.  PINVALUE is the address of a pointer which will
@@ -4632,7 +4632,7 @@ app_select_openpgp (app_t app)
         }
       xfree (relptr);
 
-      /* Some of the first cards accidently don't set the
+      /* Some of the first cards accidentally don't set the
          CHANGE_FORCE_CHV bit but allow it anyway. */
       if (app->card_version <= 0x0100 && manufacturer == 1)
         app->app_local->extcap.change_force_chv = 1;

scd/app-p15.c

@@ -276,7 +276,7 @@ typedef struct aodf_object_s *aodf_object_t;
 struct app_local_s
 {
   /* The home DF. Note, that we don't yet support a multilevel
-     hierachy.  Thus we assume this is directly below the MF.  */
+     hierarchy.  Thus we assume this is directly below the MF.  */
   unsigned short home_df;
 
   /* The type of the card. */

scd/app.c

@@ -915,7 +915,7 @@ app_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
 }
 
 
-/* Perform a GET CHALLENGE operation.  This fucntion is special as it
+/* Perform a GET CHALLENGE operation.  This function is special as it
    directly accesses the card without any application specific
    wrapper. */
 gpg_error_t

scd/ccid-driver.c

@@ -2321,7 +2321,7 @@ ccid_poll (ccid_driver_t handle)
     }
   else if (msg[0] == RDR_to_PC_HardwareError)
     {
-      DEBUGOUT ("hardware error occured\n");
+      DEBUGOUT ("hardware error occurred\n");
     }
   else
     {
@@ -3136,7 +3136,7 @@ ccid_transceive (ccid_driver_t handle,
             }
 
           if (!!(tpdu[1] & 0x40) != handle->t1_nr)
-            { /* Reponse does not match our sequence number. */
+            { /* Response does not match our sequence number. */
               msg = send_buffer;
               tpdu = msg + hdrlen;
               tpdu[0] = nad_byte;
@@ -3563,7 +3563,7 @@ ccid_transceive_secure (ccid_driver_t handle,
       handle->t1_ns ^= 1;
 
       if (!!(tpdu[1] & 0x40) != handle->t1_nr)
-        { /* Reponse does not match our sequence number. */
+        { /* Response does not match our sequence number. */
           DEBUGOUT ("I-block with wrong seqno received\n");
           return CCID_DRIVER_ERR_CARD_IO_ERROR;
         }
@@ -3603,7 +3603,7 @@ ccid_transceive_secure (ccid_driver_t handle,
           return CCID_DRIVER_ERR_CARD_IO_ERROR;
         }
       else if (!!(tpdu[1] & 0x10) == handle->t1_ns)
-        { /* Reponse does not match our sequence number. */
+        { /* Response does not match our sequence number. */
           DEBUGOUT ("R-block with wrong seqno received on more bit\n");
           return CCID_DRIVER_ERR_CARD_IO_ERROR;
         }

scd/command.c

@@ -529,7 +529,7 @@ open_card (ctrl_t ctrl, const char *apptype)
 static const char hlp_serialno[] =
   "SERIALNO [<apptype>]\n"
   "\n"
-  "Return the serial number of the card using a status reponse.  This\n"
+  "Return the serial number of the card using a status response.  This\n"
   "function should be used to check for the presence of a card.\n"
   "\n"
   "If APPTYPE is given, an application of that type is selected and an\n"
@@ -1147,7 +1147,7 @@ static const char hlp_getattr[] =
   "returned through status message, see the LEARN command for details.\n"
   "\n"
   "However, the current implementation assumes that Name is not escaped;\n"
-  "this works as long as noone uses arbitrary escaping. \n"
+  "this works as long as no one uses arbitrary escaping. \n"
   "\n"
   "Note, that this function may even be used on a locked card.";
 static gpg_error_t
@@ -1185,7 +1185,7 @@ static const char hlp_setattr[] =
   "application.  NAME and VALUE must be percent and '+' escaped.\n"
   "\n"
   "However, the current implementation assumes that NAME is not\n"
-  "escaped; this works as long as noone uses arbitrary escaping.\n"
+  "escaped; this works as long as no one uses arbitrary escaping.\n"
   "\n"
   "A PIN will be requested for most NAMEs.  See the corresponding\n"
   "setattr function of the actually used application (app-*.c) for\n"
@@ -1487,7 +1487,7 @@ static const char hlp_passwd[] =
   "PASSWD [--reset] [--nullpin] <chvno>\n"
   "\n"
   "Change the PIN or, if --reset is given, reset the retry counter of\n"
-  "the card holder verfication vector CHVNO.  The option --nullpin is\n"
+  "the card holder verification vector CHVNO.  The option --nullpin is\n"
   "used for TCOS cards to set the initial PIN.  The format of CHVNO\n"
   "depends on the card application.";
 static gpg_error_t
@@ -1837,7 +1837,7 @@ static const char hlp_apdu[] =
   "  S CARD-ATR 3BFA1300FF813180450031C173C00100009000B1\n"
   "\n"
   "Using the option --more handles the card status word MORE_DATA\n"
-  "(61xx) and concatenates all reponses to one block.\n"
+  "(61xx) and concatenates all responses to one block.\n"
   "\n"
   "Using the option \"--exlen\" the returned APDU may use extended\n"
   "length up to N bytes.  If N is not given a default value is used\n"

scd/iso7816.c

@@ -291,7 +291,7 @@ iso7816_verify_kp (int slot, int chvno, pininfo_t *pininfo)
 }
 
 /* Perform a VERIFY command on SLOT using the card holder verification
-   vector CHVNO with a CHV of lenght CHVLEN.  Returns 0 on success. */
+   vector CHVNO with a CHV of length CHVLEN.  Returns 0 on success. */
 gpg_error_t
 iso7816_verify (int slot, int chvno, const char *chv, size_t chvlen)
 {

sm/base64.c

@@ -540,7 +540,7 @@ base64_finish_write (struct writer_cb_parm_s *parm)
 
 
 /* Create a reader for the given file descriptor.  Depending on the
-   control information an input decoding is automagically choosen.
+   control information an input decoding is automagically chosen.
    The function returns a Base64Context object which must be passed to
    the gpgme_destroy_reader function.  The created KsbaReader object
    is also returned, but the caller must not call the
@@ -621,7 +621,7 @@ gpgsm_destroy_reader (Base64Context ctx)
 
 /* Create a writer for the given STREAM.  Depending on
    the control information an output encoding is automagically
-   choosen.  The function returns a Base64Context object which must be
+   chosen.  The function returns a Base64Context object which must be
    passed to the gpgme_destroy_writer function.  The created
    KsbaWriter object is also returned, but the caller must not call
    the ksba_reader_release function on it. */

sm/call-agent.c

@@ -578,7 +578,7 @@ store_serialno (const char *line)
 }
 
 
-/* Callback for the gpgsm_agent_serialno fucntion.  */
+/* Callback for the gpgsm_agent_serialno function.  */
 static gpg_error_t
 scd_serialno_status_cb (void *opaque, const char *line)
 {
@@ -630,7 +630,7 @@ gpgsm_agent_scd_serialno (ctrl_t ctrl, char **r_serialno)
 
 
 
-/* Callback for the gpgsm_agent_serialno fucntion.  */
+/* Callback for the gpgsm_agent_serialno function.  */
 static gpg_error_t
 scd_keypairinfo_status_cb (void *opaque, const char *line)
 {

sm/call-dirmngr.c

@@ -239,7 +239,7 @@ start_dirmngr (ctrl_t ctrl)
   dirmngr_ctx_locked = 1;
 
   err = start_dirmngr_ext (ctrl, &dirmngr_ctx);
-  /* We do not check ERR but the existance of a context because the
+  /* We do not check ERR but the existence of a context because the
      error might come from a failed command send to the dirmngr.
      Fixme: Why don't we close the drimngr context if we encountered
      an error in prepare_dirmngr?  */

sm/certchain.c

@@ -1784,7 +1784,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
           /* Note that it is possible for the last certificate in the
              chain (i.e. our target certificate) that it has not yet
              been stored in the keybox and thus the flag can't be set.
-             We ignore this error becuase it will later be stored
+             We ignore this error because it will later be stored
              anyway.  */
           err = keydb_set_cert_flags (ci->cert, 1, KEYBOX_FLAG_BLOB, 0,
                                       KEYBOX_FLAG_BLOB_EPHEMERAL, 0);
@@ -2079,7 +2079,7 @@ get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen)
      until we have found the root.  Because we are only interested in
      German Bundesnetzagentur (former RegTP) derived certificates 3
      levels are enough.  (The German signature law demands a 3 tier
-     hierachy; thus there is only one CA between the EE and the Root
+     hierarchy; thus there is only one CA between the EE and the Root
      CA.)  */
   memset (&array, 0, sizeof array);
 

sm/gpgsm.c

@@ -214,7 +214,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_c (aExport, "export", N_("export certificates")),
 
   /* We use -raw and not -p1 for pkcs#1 secret key export so that it
-     won't accidently be used in case -p12 was intended.  */
+     won't accidentally be used in case -p12 was intended.  */
   ARGPARSE_c (aExportSecretKeyP12, "export-secret-key-p12", "@"),
   ARGPARSE_c (aExportSecretKeyP8,  "export-secret-key-p8", "@"),
   ARGPARSE_c (aExportSecretKeyRaw, "export-secret-key-raw", "@"),
@@ -1487,7 +1487,7 @@ main ( int argc, char **argv)
     log_info (_("WARNING: program may create a core file!\n"));
 
 /*   if (opt.qualsig_approval && !opt.quiet) */
-/*     log_info (_("This software has offically been approved to " */
+/*     log_info (_("This software has officially been approved to " */
 /*                 "create and verify\n" */
 /*                 "qualified signatures according to German law.\n")); */
 
@@ -1524,7 +1524,7 @@ main ( int argc, char **argv)
 
   set_debug ();
 
-  /* Although we alwasy use gpgsm_exit, we better install a regualr
+  /* Although we always use gpgsm_exit, we better install a regualr
      exit handler so that at least the secure memory gets wiped
      out. */
   if (atexit (emergency_cleanup))

sm/import.c

@@ -747,7 +747,7 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader, struct stats_s *stats)
       goto leave;
     }
 
-  /* GnuPG 2.0.4 accidently created binary P12 files with the string
+  /* GnuPG 2.0.4 accidentally created binary P12 files with the string
      "The passphrase is %s encoded.\n\n" prepended to the ASN.1 data.
      We fix that here.  */
   if (p12buflen > 29 && !memcmp (p12buffer, "The passphrase is ", 18))

sm/keydb.c

@@ -478,7 +478,7 @@ keydb_get_resource_name (KEYDB_HANDLE hd)
   return s? s: "";
 }
 
-/* Switch the handle into ephemeral mode and return the orginal value. */
+/* Switch the handle into ephemeral mode and return the original value. */
 int
 keydb_set_ephemeral (KEYDB_HANDLE hd, int yes)
 {

sm/minip12.c

@@ -273,7 +273,7 @@ parse_tag (unsigned char const **buffer, size_t *size, struct tag_info *ti)
                         -- two bytes in INPUT.
 
    Create a new buffer with the content of that octet string.  INPUT
-   is the orginal buffer with a length as stored at LENGTH.  Returns
+   is the original buffer with a length as stored at LENGTH.  Returns
    NULL on error or a new malloced buffer with the length of this new
    buffer stored at LENGTH and the number of bytes parsed from input
    are added to the value stored at INPUT_CONSUMED.  INPUT_CONSUMED is
@@ -679,7 +679,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
   unsigned char *plain = NULL;
   int bad_pass = 0;
   unsigned char *cram_buffer = NULL;
-  size_t consumed = 0; /* Number of bytes consumed from the orginal buffer. */
+  size_t consumed = 0; /* Number of bytes consumed from the original buffer. */
   int is_3des = 0;
   int is_pbes2 = 0;
   gcry_mpi_t *result = NULL;
@@ -1193,7 +1193,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
   gcry_mpi_t *result = NULL;
   int result_count, i;
   unsigned char *cram_buffer = NULL;
-  size_t consumed = 0; /* Number of bytes consumed from the orginal buffer. */
+  size_t consumed = 0; /* Number of bytes consumed from the original buffer. */
   int is_pbes2 = 0;
 
   where = "start";

sm/qualified.c

@@ -184,7 +184,7 @@ gpgsm_is_in_qualified_list (ctrl_t ctrl, ksba_cert_t cert, char *country)
 
 /* We know that CERT is a qualified certificate.  Ask the user for
    consent to actually create a signature using this certificate.
-   Returns: 0 for yes, GPG_ERR_CANCEL for no or any otehr error
+   Returns: 0 for yes, GPG_ERR_CANCEL for no or any other error
    code. */
 gpg_error_t
 gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert)

sm/server.c

@@ -425,7 +425,7 @@ static const char hlp_signer[] =
   "used, the signing will then not be done for this key.  If the policy\n"
   "is not to sign at all if not all signer keys are valid, the client\n"
   "has to take care of this.  All SIGNER commands are cumulative until\n"
-  "a RESET but they are *not* reset by an SIGN command becuase it can\n"
+  "a RESET but they are *not* reset by an SIGN command because it can\n"
   "be expected that set of signers are used for more than one sign\n"
   "operation.";
 static gpg_error_t

tools/gpg-check-pattern.c

@@ -319,7 +319,7 @@ get_regerror (int errcode, regex_t *compiled)
 
 /* Parse the pattern given in the memory aread DATA/DATALEN and return
    a new pattern array.  The end of the array is indicated by a NULL
-   entry.  On error an error message is printed and the fucntion
+   entry.  On error an error message is printed and the function
    returns NULL.  Note that the function modifies DATA and assumes
    that data is nul terminated (even if this is one byte past
    DATALEN).  */
@@ -446,7 +446,7 @@ match_p (const char *string, pattern_t *patarray)
 }
 
 
-/* Actual processing of the input.  This fucntion does not return an
+/* Actual processing of the input.  This function does not return an
    error code but exits as soon as a match has been found.  */
 static void
 process (FILE *fp, pattern_t *patarray)

tools/gpgconf-comp.c

@@ -1271,7 +1271,7 @@ gc_component_reload (int component)
 
 /* More or less Robust version of dgettext.  It has the side effect of
    switching the codeset to utf-8 because this is what we want to
-   output.  In theory it is posible to keep the orginal code set and
+   output.  In theory it is posible to keep the original code set and
    switch back for regular disgnostic output (redefine "_(" for that)
    but given the natur of this tool, being something invoked from
    other pograms, it does not make much sense.  */
@@ -3300,7 +3300,7 @@ gc_component_change_options (int component, estream_t in, estream_t out)
       int i;
       int saved_errno = errno;
 
-      /* An error occured or a dry-run is requested.  */
+      /* An error occurred or a dry-run is requested.  */
       for (i = 0; i < GC_BACKEND_NR; i++)
 	{
 	  if (src_filename[i])