- spelling fixes from Igor Sobrado Delgado.

git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9

compat/getentropy_linux.c

@@ -139,7 +139,7 @@ getentropy(void *buf, size_t len)
 	 * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.
 	 * sysctl is a failsafe API, so it guarantees a result.  This
 	 * should work inside a chroot, or when file descriptors are
-	 * exhuasted.
+	 * exhausted.
 	 *
 	 * However this can fail if the Linux kernel removes support
 	 * for sysctl.  Starting in 2007, there have been efforts to

compat/sha512.c

@@ -70,7 +70,7 @@ unsigned char *SHA512(void *data, unsigned int data_len, unsigned char *digest);
  * Please make sure that your system defines BYTE_ORDER.  If your
  * architecture is little-endian, make sure it also defines
  * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are
- * equivilent.
+ * equivalent.
  *
  * If your system does not define the above, then you can do so by
  * hand like this:

contrib/aaaa-filter-iterator.patch

@@ -312,7 +312,7 @@
 +	/**
  	 * Each time a delegation point changes for a given query or a 
  	 * query times out and/or wakes up, this state is (re)visited. 
- 	 * This state is reponsible for iterating through a list of 
+ 	 * This state is responsible for iterating through a list of 
 @@ -309,6 +320,13 @@ struct iter_qstate {
  	 */
  	int refetch_glue;

contrib/unbound.spec_fedora

@@ -273,7 +273,7 @@ fi
 - Change make/configure lines to attempt to fix -lphtread linking issue
 
 * Thu Feb 18 2010 Paul Wouters <[email protected]> - 1.4.1-2
-- Removed dependancy for dnssec-conf
+- Removed dependency for dnssec-conf
 - Added ISC DLV key (formerly in dnssec-conf)
 - Fixup old DLV locations in unbound.conf file via %%post
 - Fix parent child disagreement handling and no-ipv6 present [svn r1953]
@@ -312,7 +312,7 @@ fi
 - Re-enabled glob.patch
 
 * Wed May 20 2009 Paul Wouters <[email protected]> - 1.2.1-7
-- unbound-iterator.patch was not commited
+- unbound-iterator.patch was not committed
 
 * Wed May 20 2009 Paul Wouters <[email protected]> - 1.2.1-6
 - Fix for https://bugzilla.redhat.com/show_bug.cgi?id=499793
@@ -338,11 +338,11 @@ fi
 
 * Wed Jan 14 2009 Paul Wouters <[email protected] - 1.2.0-1
 - Updated to 1.2.0
-- Added dependancy on minimum SSL for CVE-2008-5077
-- Added dependancy on bc for unbound-munin
+- Added dependency on minimum SSL for CVE-2008-5077
+- Added dependency on bc for unbound-munin
 - Added minimum requirement of libevent 1.4.5. Crashes with older versions
   (note: libevent is stale in EL-4 and not in EL-5, needs fixing there)
-- Removed dependancy on selinux-policy (will get used when available)
+- Removed dependency on selinux-policy (will get used when available)
 - Enable options as per draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
 - Enable unwanted-reply-threshold to mitigate against a Kaminsky attack
 - Enable val-clean-additional to drop addition unsigned data from signed
@@ -423,7 +423,7 @@ fi
 - Build against ldns-1.3.0
 
 * Wed May 21 2008 Paul Wouters <[email protected]> - 1.0.0-1
-- Split of -devel package, fixed dependancies, make rpmlint happy
+- Split of -devel package, fixed dependencies, make rpmlint happy
 
 * Thu Apr 25 2008 Wouter Wijngaards <[email protected]> - 0.12
 - Using parts from ports collection entry by Jaap Akkerhuis.

dnstap/dnstap.proto

@@ -105,7 +105,7 @@ message Message {
 
     enum Type {
         // AUTH_QUERY is a DNS query message received from a resolver by an
-        // authoritative name server, from the perspective of the authorative
+        // authoritative name server, from the perspective of the authoritative
         // name server.
         AUTH_QUERY = 1;
 

doc/Changelog

@@ -1,5 +1,6 @@
 18 November 2015: Wouter
 	- newer acx_nlnetlabs.m4.
+	- spelling fixes from Igor Sobrado Delgado.
 
 17 November 2015: Wouter
 	- Fix #594. libunbound: optionally use libnettle for crypto.
@@ -801,7 +802,7 @@
 	  existence in 4592.  NSEC empty non-terminals exist and thus the
 	  RCODE should have been NOERROR. If this occurs, and the RRsets
 	  are secure, we set the RCODE to NOERROR and the security status
-	  of the reponse is also considered secure.
+	  of the response is also considered secure.
 
 14 February 2014: Wouter
 	- Works on Minix (3.2.1).
@@ -1573,7 +1574,7 @@
 	- Fix getaddrinfowithincludes on windows with fedora16 mingw32-gcc.
 	- Fix warnings with gcc 4.6 in compat/inet_ntop.c.
 	- Fix warning unused in compat/strptime.c.
-	- Fix malloc detection and double defintion.
+	- Fix malloc detection and double definition.
 
 2 December 2011: Wouter
 	- configure generated with autoconf 2.68.
@@ -5018,7 +5019,7 @@
 	- Advertise builtin select libevent alternative when no libevent
 	  is found.
 	- signit can generate NSEC3 hashes, for generating tests.
-	- multiple nsec3 paramaters in message test.
+	- multiple nsec3 parameters in message test.
 	- too high nsec3 iterations becomes insecure test.
 
 21 September 2007: Wouter
@@ -5089,7 +5090,7 @@
 	- testbound can replay a TCP query (set MATCH TCP in the QUERY).
 	- DS and noDS referral validation test.
 	- if you configure many trust anchors, parent trust anchors can
-	  securely deny existance of child trust anchors, if validated.
+	  securely deny existence of child trust anchors, if validated.
 	- not all *.name NSECs are present because a wildcard was matched,
 	  and *.name NSECs can prove nodata for empty nonterminals.
 	  Also, for wildcard name NSECs, check they are not from the parent
@@ -5396,7 +5397,7 @@
 
 17 July 2007: Wouter
 	- forward zone options in config file.
-	- forward per zone in iterator. takes precendence over stubs.
+	- forward per zone in iterator. takes precedence over stubs.
 	- fixup commithooks.
 	- removed forward-to and forward-to-port features, subsumed by
 	  new forward zones.
@@ -5497,7 +5498,7 @@
 	  ldns and libevent are linked statically. Default is off.
 	- make install and make uninstall. Works with static-exe and without.
 	  installation of unbound binary and manual pages.
-	- alignement problem fix on solaris 64.
+	- alignment problem fix on solaris 64.
 	- fixup address in case of TCP error.
 
 12 June 2007: Wouter
@@ -5580,7 +5581,7 @@
 	- removed FLAG_CD from message and rrset caches. This was useful for
 	  an agnostic forwarder, but not for a sophisticated (trust value per
 	  rrset enabled) cache.
-	- iterator reponse typing.
+	- iterator response typing.
 	- iterator cname handle.
 	- iterator prime start.
 	- subquery work.
@@ -5600,7 +5601,7 @@
 	- Acknowledge use of unbound-java code in iterator. Nicer readme.
 	- services/cache/dns.c DNS Cache. Hybrid cache uses msgcache and
 	  rrset cache from module environment.
-	- packed rrset key has type and class as easily accessable struct
+	- packed rrset key has type and class as easily accessible struct
 	  members. They are still kept in network format for fast msg encode.
 	- dns cache find_delegation routine.
 	- iterator main functions setup.
@@ -5684,7 +5685,7 @@
 	- EDNS read from query, used to make reply smaller.
 	- advertised edns value constants.
 	- EDNS BADVERS response, if asked for too high edns version.
-	- EDNS extended error reponses once the EDNS record from the query
+	- EDNS extended error responses once the EDNS record from the query
 	  has successfully been parsed.
 
 4 May 2007: Wouter

doc/unbound-control.8.in

@@ -169,7 +169,7 @@ therefore not flushed.  The option must end with a ':' and whitespace
 must be between the option and the value.  Some values may not have an
 effect if set this way, the new values are not written to the config file,
 not all options are supported.  This is different from the set_option call
-in libunbound, where all values work because unbound has not been inited.
+in libunbound, where all values work because unbound has not been initialized.
 .IP
 The values that work are: statistics\-interval, statistics\-cumulative,
 do\-not\-query\-localhost, harden\-short\-bufsize, harden\-large\-queries,

doc/unbound.conf.5.in

@@ -588,7 +588,7 @@ Can be given multiple times, for different domains.
 .B private\-address: \fI<IP address or subnet>
 Give IPv4 of IPv6 addresses or classless subnets. These are addresses
 on your private network, and are not allowed to be returned for
-public internet names.  Any occurence of such addresses are removed
+public internet names.  Any occurrence of such addresses are removed
 from DNS answers. Additionally, the DNSSEC validator may mark the
 answers bogus. This protects against so\-called DNS Rebinding, where
 a user browser is turned into a network proxy, allowing remote access
@@ -747,7 +747,7 @@ Instruct the validator to remove data from the additional section of secure
 messages that are not signed properly. Messages that are insecure, bogus,
 indeterminate or unchecked are not affected. Default is yes. Use this setting
 to protect the users that rely on this validator for authentication from 
-protentially bad data in the additional section.
+potentially bad data in the additional section.
 .TP
 .B val\-log\-level: \fI<number>
 Have the validator print validation failures to the log.  Regardless of
@@ -1034,7 +1034,7 @@ If set to 0, all queries are dropped for domains where the limit is
 exceeded.  If set to another value, 1 in that number is allowed through
 to complete.  Default is 10, allowing 1/10 traffic to flow normally.
 This can make ordinary queries complete (if repeatedly queried for),
-and enter the cache, whilst also mitigiting the traffic flow by the
+and enter the cache, whilst also mitigating the traffic flow by the
 factor given.
 .TP 5
 .B ratelimit\-for\-domain: \fI<domain> <number qps>

iterator/iter_scrub.c

@@ -674,7 +674,7 @@ scrub_sanitize(sldns_buffer* pkt, struct msg_parse* msg,
 	 * children of the originating zone. The idea here is that, 
 	 * as far as we know, the server that we contacted is ONLY 
 	 * authoritative for the originating zone. It, of course, MAY 
-	 * be authoriative for any other zones, and of course, MAY 
+	 * be authoritative for any other zones, and of course, MAY 
 	 * NOT be authoritative for some subdomains of the originating 
 	 * zone. */
 	prev = NULL;

iterator/iter_utils.c

@@ -255,7 +255,7 @@ iter_filter_unsuitable(struct iter_env* iter_env, struct module_env* env,
 			return -1; /* server is lame */
 		else if(rtt >= USEFUL_SERVER_TOP_TIMEOUT)
 			/* server is unresponsive,
-			 * we used to return TOP_TIMOUT, but fairly useless,
+			 * we used to return TOP_TIMEOUT, but fairly useless,
 			 * because if == TOP_TIMEOUT is dropped because
 			 * blacklisted later, instead, remove it here, so
 			 * other choices (that are not blacklisted) can be
@@ -306,7 +306,7 @@ iter_fill_rtt(struct iter_env* iter_env, struct module_env* env,
 	return got_it;
 }
 
-/** filter the addres list, putting best targets at front,
+/** filter the address list, putting best targets at front,
  * returns number of best targets (or 0, no suitable targets) */
 static int
 iter_filter_order(struct iter_env* iter_env, struct module_env* env,

iterator/iterator.c

@@ -176,7 +176,7 @@ next_state(struct iter_qstate* iq, enum iter_state nextstate)
 /**
  * Transition an event to its final state. Final states always either return
  * a result up the module chain, or reactivate a dependent event. Which
- * final state to transtion to is set in the module state for the event when
+ * final state to transition to is set in the module state for the event when
  * it was created, and depends on the original purpose of the event.
  *
  * The response is stored in the qstate->buf buffer.
@@ -506,7 +506,7 @@ target_count_increase(struct iter_qstate* iq, int num)
 /**
  * Generate a subrequest.
  * Generate a local request event. Local events are tied to this module, and
- * have a correponding (first tier) event that is waiting for this event to
+ * have a corresponding (first tier) event that is waiting for this event to
  * resolve to continue.
  *
  * @param qname The query name for this request.

libunbound/python/Makefile

@@ -36,7 +36,7 @@
 help:
 	@echo "Please use \`make <target>' where <target> is one of"
 	@echo "  testenv   to make test environment and run bash "
-	@echo "            usefull in case you don't want to install unbound but want to test examples"
+	@echo "            useful in case you don't want to install unbound but want to test examples"
 	@echo "  doc       to make documentation"
 	@echo "  clean     clean all"
 

libunbound/python/doc/install.rst

@@ -22,7 +22,7 @@ You need GNU make to compile sources; SWIG and Python devel libraries to compile
 
 **Testing**
 
-If the compilation is successfull, you can test the python LDNS extension module by::
+If the compilation is successful, you can test the python LDNS extension module by::
 
 	> cd contrib/python
 	> make testenv

libunbound/python/doc/modules/unbound.rst

@@ -42,7 +42,7 @@ Class ub_result
 	 	False, if validation failed or domain queried has no security info.
 
 	  	It is possible to get a result with no data (havedata is false),
-	  	and secure is true. This means that the non-existance of the data
+	  	and secure is true. This means that the non-existence of the data
 	  	was cryptographically proven (with signatures).
 
 	.. attribute:: bogus

libunbound/python/examples/dnssec-valid.py

@@ -44,7 +44,7 @@
 ctx.debuglevel(2)
 
 if os.path.isfile("keys"):
-    ctx.add_ta_file("keys") #read public keys for DNSSEC verificatio
+    ctx.add_ta_file("keys") #read public keys for DNSSEC verification
 
 status, result = ctx.resolve("www.nic.cz", RR_TYPE_A, RR_CLASS_IN)
 if status == 0 and result.havedata:

libunbound/python/libunbound.i

@@ -1,5 +1,5 @@
 /*
- * libounbound.i: pyUnbound module (libunbound wrapper for Python)
+ * libunbound.i: pyUnbound module (libunbound wrapper for Python)
  * 
  * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
  *                     Marek Vavrusa  (xvavru00 AT stud.fit.vutbr.cz)
@@ -455,7 +455,7 @@ Result: ['74.125.43.147', '74.125.43.99', '74.125.43.103', '74.125.43.104']
         #_UB_CTX_METHODS#   
         
         def zone_print(self):
-            """Print local zones using debougout"""            
+            """Print local zones using debugout"""            
             _unbound.ub_ctx_print_local_zones(self)
 
         def zone_add(self,zonename,zonetype):

ltmain.sh

@@ -4394,7 +4394,7 @@ EOF
         {
           /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
              namespace, but it is not one of the ones we know about and
-             have already dealt with, above (inluding dump-script), then
+             have already dealt with, above (including dump-script), then
              report an error. Otherwise, targets might begin to believe
              they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
              namespace. The first time any user complains about this, we'll

pythonmod/doc/examples/example4.rst

@@ -24,7 +24,7 @@ DNS query and word lookup
 
 Let's define the following format od DNS queries: ``word1[.]word2[.] ... wordN[.]{en,cs}[._dict_.cz.]``.
 Word lookup is done by simple ``dict`` lookup from broken DNS request.
-Query name is divided into a list of labels. This list is accesible as qname_list attribute.
+Query name is divided into a list of labels. This list is accessible as qname_list attribute.
 ::
 
    aword = ' '.join(qstate.qinfo.qname_list[0:-4]) #skip last four labels

pythonmod/doc/modules/config.rst

@@ -311,7 +311,7 @@ config_file
 
    .. attribute:: local_data
 
-      Local data RRs configged.
+      Local data RRs configured.
 
    .. attribute:: remote_control_enable
 

pythonmod/doc/modules/env.rst

@@ -68,7 +68,7 @@ Module event
 
 .. data:: module_event_error
 
-   Error occured.
+   Error occurred.
 
 Security status
 ~~~~~~~~~~~~~~~~

pythonmod/doc/modules/struct.rst

@@ -347,12 +347,12 @@ DNSMessage
 
    .. method:: __init__(self, rr_name, rr_type, rr_class = RR_CLASS_IN, query_flags = 0, default_ttl = 0)
 
-      Prepares an answer (DNS packet) from qiven information. Query flags are combination of PKT_xx contants.
+      Prepares an answer (DNS packet) from given information. Query flags are combination of PKT_xx constants.
 
    .. method:: set_return_msg(self, qstate)
 
       This method fills qstate return message according to the given informations. 
-		It takes lists of RRs in each section of answer, created necessray RRsets in wire format and store the result in :attr:`qstate.return_msg`.
+		It takes lists of RRs in each section of answer, created necessary RRsets in wire format and store the result in :attr:`qstate.return_msg`.
 		Returns 1 if OK.
 
    .. attribute:: rr_name

pythonmod/doc/usecase.rst

@@ -9,7 +9,7 @@ Synchronized with database engine, for example *MySQL*.
 
 Firewall control
 ----------------
-Control firewall (e.g. enable incomming SSH connection) with DNS query signed with private key. 
+Control firewall (e.g. enable incoming SSH connection) with DNS query signed with private key. 
 So firewall can blocks every service during normal operation.
 
 Scriptable DNS-based blacklist (DNS-BL_)

sldns/parseutil.h

@@ -56,13 +56,13 @@ time_t sldns_mktime_from_utc(const struct tm *tm);
 
 /**
  * The function interprets time as the number of seconds since epoch
- * with respect to now using serial arithmitics (rfc1982).
+ * with respect to now using serial arithmetics (rfc1982).
  * That number of seconds is then converted to broken-out time information.
  * This is especially usefull when converting the inception and expiration
  * fields of RRSIG records.
  *
  * \param[in] time number of seconds since epoch (midnight, January 1st, 1970)
- *            to be intepreted as a serial arithmitics number relative to now.
+ *            to be intepreted as a serial arithmetics number relative to now.
  * \param[in] now number of seconds since epoch (midnight, January 1st, 1970)
  *            to which the time value is compared to determine the final value.
  * \param[out] result the struct with the broken-out time information

smallapp/unbound-anchor.c

@@ -95,7 +95,7 @@
  * signed yet; avoids attacks on system clock).  The
  * last-successful-RFC5011-probe (if available) has to be more than 30 days
  * in the past (otherwise, RFC5011 should have worked).  This keeps
- * unneccesary https traffic down.  If the main certificate is expired, it
+ * unnecessary https traffic down.  If the main certificate is expired, it
  * fails.
  *
  * The dates on the keys in the xml are checked (uses the libexpat xml

testcode/checklocks.c

@@ -430,7 +430,7 @@ finish_acquire_lock(struct thr_check* thr, struct checked_lock* lock,
  * @param timedfunc: the pthread_mutex_timedlock or similar function.
  *	Uses absolute timeout value.
  * @param arg: what to pass to tryfunc and timedlock.
- * @param exclusive: if lock must be exlusive (only one allowed).
+ * @param exclusive: if lock must be exclusive (only one allowed).
  * @param getwr: if attempts to get writelock (or readlock) for rwlocks.
  */
 static void