From 7a77cb21d864179e05a3c36ad939bb929d9fd334 Mon Sep 17 00:00:00 2001 From: Brian J Murray Date: Sun, 6 Nov 2016 04:45:15 -0800 Subject: [PATCH] Clarify Comments and Fix Typos (#651) Fixes many typos, and errors in comments. * Clarifies many comments * Grammar correction in config.pl help text * Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE. * Comment typo fix (Dont => Don't) * Comment typo fix (assure => ensure) * Comment typo fix (byes => bytes) * Added citation for quoted standard * Comment typo fix (one complement => 1's complement) The is some debate about whether to prefer "one's complement", "ones' complement", or "1's complement". The more recent RFCs related to TLS (RFC 6347, RFC 4347, etc) use " 1's complement", so I followed that convention. * Added missing ")" in comment * Comment alignment * Incorrect comment after #endif --- include/mbedtls/rsa.h | 2 +- include/mbedtls/x509.h | 2 +- library/net.c | 2 +- library/pkparse.c | 12 ++++++------ library/ssl_tls.c | 9 +++++---- library/x509.c | 2 +- scripts/config.pl | 22 ++++++++++++++++++++-- 7 files changed, 35 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 9c8645df6..a324b6936 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -206,7 +206,7 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rs * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note This function does NOT take care of message - * padding. Also, be sure to set input[0] = 0 or assure that + * padding. Also, be sure to set input[0] = 0 or ensure that * input is smaller than N. * * \note The input and output buffers must be large diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 54dac166b..f219bf128 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -157,7 +157,7 @@ #define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13) #define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14) -#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ +#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* * Storage format identifiers diff --git a/library/net.c b/library/net.c index a77268c55..b6b08ed72 100644 --- a/library/net.c +++ b/library/net.c @@ -228,7 +228,7 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char } } - /* I we ever get there, it's a success */ + /* Bind was successful */ ret = 0; break; } diff --git a/library/pkparse.c b/library/pkparse.c index bddcf5d3a..f0a12f983 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1186,12 +1186,12 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #endif /* MBEDTLS_PEM_PARSE_C */ /* - * At this point we only know it's not a PEM formatted key. Could be any - * of the known DER encoded private key formats - * - * We try the different DER format parsers to see if one passes without - * error - */ + * At this point we only know it's not a PEM formatted key. Could be any + * of the known DER encoded private key formats + * + * We try the different DER format parsers to see if one passes without + * error + */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen, pwd, pwdlen ) ) == 0 ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d44264208..c455625da 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3413,7 +3413,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { - /* Dont check write errors as we can't do anything here. + /* Don't check write errors as we can't do anything here. * If the error is permanent we'll catch it later, * if it's not, then hopefully it'll work next time. */ (void) ssl->f_send( ssl->p_bio, ssl->out_buf, len ); @@ -5914,8 +5914,9 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot const char **p; /* - * "Empty strings MUST NOT be included and byte strings MUST NOT be - * truncated". Check lengths now rather than later. + * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings + * MUST NOT be truncated." + * We check lengths now rather than later. */ tot_len = 0; for( p = protos; *p != NULL; p++ ) @@ -7472,7 +7473,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, * and, for DTLS, to/from TLS equivalent. * * For TLS this is the identity. - * For DTLS, use one complement (v -> 255 - v, and then map as follows: + * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) */ diff --git a/library/x509.c b/library/x509.c index 33bcb9ef0..b063a19c5 100644 --- a/library/x509.c +++ b/library/x509.c @@ -656,7 +656,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50 /* * X.509 Extensions (No parsing of extensions, pointer should - * be either manually updated or extensions should be parsed! + * be either manually updated or extensions should be parsed!) */ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ) diff --git a/scripts/config.pl b/scripts/config.pl index d4c32fd1b..5e1865d8c 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -6,8 +6,26 @@ use warnings; use strict; my $usage = <] unset -$0 [-f ] set [] +$0 [-f ] [set | unset | full | realfull] + +Commands + set [] - Uncomments or adds a #define for the to + the configuration file, and optionally making it + of . + If the symbol isn't present in the file an error + is returned. + unset - Comments out the #define for the given symbol if + present in the configuration file. + full - Uncomments all #define's in the configuration file + excluding some reserved symbols, until the + 'Module configuration options' section + realfull - Uncomments all #define's with no exclusions + +Options + -f - The file or file path for the configuration file + to edit. When omitted, the following default is + used: + $config_file EOU # for our eyes only: # $0 [-f ] full|realfull