if (overbose &&
!strncmp(reply_string, "215 TOPS20", 10))
printf(
-"Remember to set tenex mode when transfering binary files from this machine.\n");
+"Remember to set tenex mode when transferring binary files from this machine.\n");
}
verbose = overbose;
#endif /* unix */
Change the permission modes of the file
.Ar file-name
on the remote
-sytem to
+system to
.Ar mode .
.It Ic close
Terminate the
.It
The second field is a comma separated list of users or groups for
which the current entry applies. NIS netgroups can used (if
-configured) if preceeded by @. The magic string ALL matches all users.
+configured) if preceded by @. The magic string ALL matches all users.
A group will match if the user is a member of that group, or it is the
user's primary group.
.It
errx (1, "Only root can set an initial OTP");
} else { /* Check the next OTP (RFC 1938/8.0: SHOULD) */
if (verify_user_otp(user) != 0) {
- errx (1, "User authentification failed");
+ errx (1, "User authentication failed");
}
}
}
for (j = 0; j < i; j++) {
char *p = strchr(newenv[j], '=');
if (p == NULL)
- errx(1, "enviroment '%s' missing '='", newenv[j]);
+ errx(1, "environment '%s' missing '='", newenv[j]);
*p++ = 0;
esetenv (newenv[j], p, 1);
}
@cindex KRB5_CONFIG
If you want to use a different configuration file then the default you
-can point a file with the enviroment variable @samp{KRB5_CONFIG}.
+can point a file with the environment variable @samp{KRB5_CONFIG}.
@example
env KRB5_CONFIG=$HOME/etc/krb5.conf kinit user@@REALM
This and following subsection documents the requirements on the KDC
and client certificates and the format used in the id-pkinit-san
-OtherName extention.
+OtherName extension.
On how to create certificates, you should read @ref{Use OpenSSL to
create certificates}.
@subsection KDC certificate
-The certificate for the KDC has serveral requirements.
+The certificate for the KDC has several requirements.
First, the certificate should have an Extended Key Usage (EKU)
id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second, there must be a
subjectAltName otherName using OID id-pkinit-san (1.3.6.1.5.2.2) in
the type field and a DER encoded KRB5PrincipalName that matches the
name of the TGS of the target realm. Also, if the certificate has a
-nameConstraints extention with a Generalname with dNSName or iPAdress,
+nameConstraints extension with a Generalname with dNSName or iPAdress,
it must match the hostname or adress of the KDC.
The client is not required by the standard to check the server
@subsubsection Using KRB5PrincipalName in id-pkinit-san
-The OtherName extention in the GeneralName is used to do the mapping
+The OtherName extension in the GeneralName is used to do the mapping
between certificate and principal. For the KDC certificate, this
stores the krbtgt principal name for that KDC. For the client
certificate, this stores the principal for which that certificate is
is a process based credential cache.
To use it, set the
.Ev KRB5CCNAME
-enviroment variable to
+environment variable to
.Ql KCM: Ns Ar uid
or add the stanza
.Bd -literal
implementation supports.
When compare the imported name of
.Dv GSS_C_NO_OID
-it may match serveral mechanism names (MN).
+it may match several mechanism names (MN).
.Pp
The resulting name from
.Fn gss_display_name
.Fa lifetime_rec
argument is set to
.Dv GSS_C_INDEFINITE
-(dont expire) or the number of seconds that the context is still valid.
+(don't expire) or the number of seconds that the context is still valid.
A value of 0 means that the context is expired.
.Fa mech_type
argument should be considered readonly and must not be released.
else if (strcmp(type_string, "krb5-principal-name") == 0)
nameoid = GSS_KRB5_NT_PRINCIPAL_NAME;
else
- errx(1, "%s not suppported", type_string);
+ errx(1, "%s not supported", type_string);
if (mech_string == NULL)
mechoid = GSS_KRB5_MECHANISM;
#
# Last time we run is w/o HOME and RANDFILE to make sure we can do
-# RAND_file_name() when the enviroment is lacking those.
+# RAND_file_name() when the environment is lacking those.
#
if [ -r /dev/random -o -r /dev/urandom -o -r /dev/srandom -o -r /dev/arandom ] ; then
ext2 = hdb_find_extension(entry, ext->data.element);
} else {
/*
- * This is an unknown extention, and we are asked to replace a
+ * This is an unknown extension, and we are asked to replace a
* possible entry in `entry' that is of the same type. This
* might seem impossible, but ASN.1 CHOICE comes to our
* rescue. The first tag in each branch in the CHOICE is
&size);
if (ret) {
krb5_set_error_message(context, ret, "hdb: failed to decode "
- "replacement hdb extention");
+ "replacement hdb extension");
return ret;
}
&size);
if (ret) {
krb5_set_error_message(context, ret, "hdb: failed to decode "
- "present hdb extention");
+ "present hdb extension");
return ret;
}
ret = copy_HDB_extension(ext, ext2);
if (ret)
krb5_set_error_message(context, ret, "hdb: failed to copy replacement "
- "hdb extention");
+ "hdb extension");
return ret;
}
*
* @param context A hx509 context.
* @param tbs object to be signed.
- * @param env enviroment variable to expand variables in the subject
+ * @param env environment variable to expand variables in the subject
* name, see hx509_env_init().
*
* @return An hx509 error code, see hx509_get_error_string().
[req]
distinguished_name = req_distinguished_name
-x509_extensions = v3_ca # The extentions to add to the self signed cert
+x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = utf8only
* See the @ref page_ca for description and examples. */
/** @defgroup hx509_peer hx509 certificate selecting functions */
/** @defgroup hx509_print hx509 printing functions */
-/** @defgroup hx509_env hx509 enviroment functions */
+/** @defgroup hx509_env hx509 environment functions */
#include "hx_locl.h"
/**
- * @page page_env Hx509 enviroment functions
+ * @page page_env Hx509 environment functions
*
* See the library functions here: @ref hx509_env
*/
* Add a new key/value pair to the hx509_env.
*
* @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
* @param key key to add
* @param value value to add
*
* Add a new key/binding pair to the hx509_env.
*
* @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
* @param key key to add
* @param list binding list to add
*
* Search the hx509_env for a length based key.
*
* @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
* @param key key to search for.
* @param len length of key.
*
* Search the hx509_env for a key.
*
* @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
* @param key key to search for.
*
* @return the value if the key is found, NULL otherwise.
* Search the hx509_env for a binding.
*
* @param context A hx509 context.
- * @param env enviroment to add the enviroment variable too.
+ * @param env environment to add the environment variable too.
* @param key key to search for.
*
* @return the binding if the key is found, NULL if not found.
}
/**
- * Free an hx509_env enviroment context.
+ * Free an hx509_env environment context.
*
- * @param env the enviroment to free.
+ * @param env the environment to free.
*
* @ingroup hx509_env
*/
option = {
long = "embedded-certs"
type = "-flag"
- help = "dont embedded certficiates"
+ help = "don't embed certificates"
}
option = {
long = "embed-leaf-only"
else if (strcasecmp(opt->signature_algorithm_string, "rsa-with-sha256") == 0)
sigalg = hx509_signature_rsa_with_sha256();
else
- errx(1, "unsupported sigature algorith");
+ errx(1, "unsupported sigature algorithm");
hx509_ca_tbs_set_signature_algorithm(context, tbs, sigalg);
}
}
validate_print(ctx,
HX509_VALIDATE_F_VALIDATE|HX509_VALIDATE_F_VERBOSE,
- "checking extention: %s\n",
+ "checking extension: %s\n",
check_extension[j].name);
(*check_extension[j].func)(ctx,
&status,
&t->extensions->val[i]);
}
} else
- validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extentions\n");
+ validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extensions\n");
if (status.isca) {
if (!status.haveSKI)
* user.
*
* And it should be called before access to the home directory
- * as this may be in DFS, not accessable by root, and require
+ * as this may be in DFS, not accessible by root, and require
* the PAG to have been setup.
*
* The krb5_afs_pag can be called after this routine to
until one succeeds or fails, or all return a special return value such
as KRB5_PLUGIN_NO_HANDLE to indicate that the plugin was not applicable.
Most plugin types obtain deterministic plugin behavior in spite of the
-non-deterministic invokation order by, for example, invoking all plugins
+non-deterministic invocation order by, for example, invoking all plugins
for each "rule" and passing the rule to each plugin with the expectation
that just one plugin will match any given rule.
.Pp
The
.Li krb5_enc_data
structure holds and encrypted data.
-There are two public accessable members of
+There are two public accessible members of
.Li krb5_enc_data .
.Li enctype
that holds the encryption type of the data encrypted and
.Nm krb5_digest_get_tickets ,
.Nm krb5_digest_get_client_binding ,
.Nm krb5_digest_get_a1_hash
-.Nd remote digest (HTTP-DIGEST, SASL, CHAP) suppport
+.Nd remote digest (HTTP-DIGEST, SASL, CHAP) support
.Sh LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
.Sh SYNOPSIS
if(i < 0) {
ret = errno;
krb5_set_error_message(context, ret,
- N_("open(%s) logile: %s", ""), fn,
+ N_("open(%s) logfile: %s", ""), fn,
strerror(ret));
free(fn);
return ret;
.Pp
Options with multiple arguments should be handled better.
.Pp
-Should be integreated with SL.
+Should be integrated with SL.
.Pp
It's very confusing that the struct you pass in is called getargS.
.Sh SEE ALSO
** to all overrideable system calls.
*/
static struct unix_syscall {
- const char *zName; /* Name of the sytem call */
+ const char *zName; /* Name of the system call */
sqlite3_syscall_ptr pCurrent; /* Current value of the system call */
sqlite3_syscall_ptr pDefault; /* Default value */
} aSyscall[] = {
#: lib/krb5/log.c:311
#, c-format
-msgid "open(%s) logile: %s"
+msgid "open(%s) logfile: %s"
msgstr ""
#: lib/krb5/log.c:322
#: lib/krb5/log.c:311
#, c-format
-msgid "open(%s) logile: %s"
+msgid "open(%s) logfile: %s"
msgstr ""
#: lib/krb5/log.c:322
rm -f current-db*
-# check with no extentions
+# check with no extensions
${kadmin} load ${srcdir}/text-dump-0.7 || exit 1
${propdb} > db-dump.tmp|| exit 1
rm -f current-db*
sed 's/[0-9]*$//' > out-text-dump-0.7-orig || exit 1
cmp out-text-dump-0.7-orig out-text-dump-0.7 || exit 1
-# check with no extentions
+# check with no extensions
${kadmin} load ${srcdir}/text-dump-no-ext || exit 1
${propdb} > db-dump.tmp || exit 1
${propddb} < db-dump.tmp || exit 1
awk '{$11=""; print;}' > out-text-dump-no-ext-orig || exit 1
cmp out-text-dump-no-ext-orig out-text-dump-no-ext || exit 1
-# check with known extentions
+# check with known extensions
${kadmin} load ${srcdir}/text-dump-known-ext || exit 1
${propdb} > db-dump.tmp || exit 1
${propddb} < db-dump.tmp || exit 1
awk '{$11=""; print;}' > out-text-dump-known-ext-orig || exit 1
cmp out-text-dump-known-ext-orig out-text-dump-known-ext || exit 1
-# check with unknown extentions
+# check with unknown extensions
${kadmin} load ${srcdir}/text-dump-unknown-ext || exit 1
${propdb} > db-dump.tmp || exit 1
${propddb} < db-dump.tmp || exit 1