krb5 commit: Fix typos in comments

Greg Hudson ghudson at mit.edu
Wed Apr 8 15:22:57 EDT 2020


https://github.com/krb5/krb5/commit/db245c0d98c8e38a78a2e0b4af40ee23a18aaa96
commit db245c0d98c8e38a78a2e0b4af40ee23a18aaa96
Author: Greg Hudson <ghudson at mit.edu>
Date:   Thu Apr 2 13:56:58 2020 -0400

    Fix typos in comments
    
    Correct comment spelling errors detected using codespell.
    Reported by Jens Schleusener.

 src/appl/gss-sample/gss-client.c                   |    2 +-
 src/appl/gss-sample/gss-misc.c                     |    4 +-
 src/appl/gss-sample/gss-server.c                   |    2 +-
 src/ccapi/common/win/OldCC/ccutil.cxx              |    2 +-
 src/ccapi/common/win/OldCC/init.cxx                |    2 +-
 src/ccapi/common/win/OldCC/util.cxx                |    2 +-
 src/ccapi/lib/win/dllmain.cxx                      |    4 +-
 src/clients/ksu/authorization.c                    |    2 +-
 src/clients/ksu/ccache.c                           |    2 +-
 src/clients/ksu/heuristic.c                        |    2 +-
 src/clients/ksu/krb_auth_su.c                      |    2 +-
 src/clients/ksu/ksu.h                              |    2 +-
 src/clients/ksu/main.c                             |    8 ++--
 src/include/gssrpc/clnt.h                          |    6 +-
 src/include/gssrpc/rpc_msg.h                       |    2 +-
 src/include/gssrpc/svc.h                           |    4 +-
 src/include/gssrpc/svc_auth.h                      |    2 +-
 src/include/gssrpc/xdr.h                           |    4 +-
 src/include/k5-int.h                               |    6 +-
 src/include/k5-utf8.h                              |    2 +-
 src/include/kdb.h                                  |    8 ++--
 src/include/krb5/audit_plugin.h                    |    2 +-
 src/include/net-server.h                           |    4 +-
 src/kadmin/cli/kadmin.c                            |    2 +-
 src/kadmin/dbutil/kdb5_util.c                      |    2 +-
 src/kadmin/server/kadm_rpc_svc.c                   |    2 +-
 src/kadmin/testing/util/tcl_kadm5.c                |    4 +-
 src/kdc/kdc_log.c                                  |    2 +-
 src/kdc/kdc_preauth.c                              |    2 +-
 src/kdc/main.c                                     |    2 +-
 src/kprop/kpropd.c                                 |    2 +-
 src/lib/apputils/net-server.c                      |    2 +-
 src/lib/apputils/udppktinfo.c                      |    6 +-
 src/lib/crypto/builtin/des/doc/libdes.doc          |    2 +-
 src/lib/crypto/builtin/des/t_verify.c              |    2 +-
 src/lib/crypto/builtin/sha1/shs.c                  |    2 +-
 src/lib/crypto/builtin/sha1/t_shs3.c               |    2 +-
 src/lib/crypto/openssl/enc_provider/rc4.c          |    2 +-
 src/lib/gssapi/krb5/accept_sec_context.c           |    3 +-
 src/lib/gssapi/krb5/gssapi_krb5.h                  |    2 +-
 src/lib/gssapi/krb5/util_crypt.c                   |    2 +-
 src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c  |    2 +-
 src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c   |    2 +-
 src/lib/gssapi/mechglue/g_dup_name.c               |    2 +-
 src/lib/gssapi/mechglue/g_imp_name.c               |    2 +-
 src/lib/gssapi/mechglue/g_oid_ops.c                |    2 +-
 src/lib/gssapi/mechglue/mglueP.h                   |    6 +-
 src/lib/gssapi/spnego/spnego_mech.c                |    2 +-
 src/lib/kadm5/clnt/client_init.c                   |    2 +-
 src/lib/kadm5/kadm_err.et                          |    2 +-
 src/lib/kadm5/kadm_rpc_xdr.c                       |    2 +-
 src/lib/kadm5/srv/pwqual_dict.c                    |    2 +-
 src/lib/kadm5/srv/svr_principal.c                  |    2 +-
 .../unit-test/api.current/chpass-principal.exp     |    2 +-
 .../kadm5/unit-test/api.current/crte-principal.exp |   24 ++++++------
 .../kadm5/unit-test/api.current/dlte-policy.exp    |    2 +-
 .../kadm5/unit-test/api.current/mod-principal.exp  |    6 +-
 src/lib/kadm5/unit-test/config/unix.exp            |   40 ++++++++++----------
 src/lib/krad/internal.h                            |    6 +-
 src/lib/krad/remote.c                              |    6 +-
 src/lib/krb5/asn.1/krbasn1.h                       |    2 +-
 src/lib/krb5/ccache/cc_memory.c                    |    2 +-
 src/lib/krb5/ccache/cc_mslsa.c                     |    4 +-
 src/lib/krb5/ccache/ccapi/stdcc.c                  |    8 ++--
 src/lib/krb5/ccache/ccapi/stdcc.h                  |    2 +-
 src/lib/krb5/ccache/ccapi/stdcc_util.c             |    8 ++--
 src/lib/krb5/ccache/ccapi/stdcc_util.h             |    2 +-
 src/lib/krb5/ccache/t_cc.c                         |    2 +-
 src/lib/krb5/ccache/t_cccol.c                      |    2 +-
 src/lib/krb5/ccache/t_cccursor.c                   |    2 +-
 src/lib/krb5/ccache/t_marshal.c                    |    2 +-
 src/lib/krb5/keytab/kt_file.c                      |    4 +-
 src/lib/krb5/keytab/t_keytab.c                     |    2 +-
 src/lib/krb5/krb/authdata.h                        |    2 +-
 src/lib/krb5/krb/conv_princ.c                      |    2 +-
 src/lib/krb5/krb/encode_kdc.c                      |    2 +-
 src/lib/krb5/krb/get_in_tkt.c                      |    2 +-
 src/lib/krb5/krb/gic_pwd.c                         |    2 +-
 src/lib/krb5/krb/in_tkt_sky.c                      |    2 +-
 src/lib/krb5/krb/rd_cred.c                         |    2 +-
 src/lib/krb5/krb/rd_safe.c                         |    2 +-
 src/lib/krb5/krb/recvauth.c                        |    2 +-
 src/lib/krb5/krb/walk_rtree.c                      |   12 +++---
 src/lib/krb5/os/init_os_ctx.c                      |    2 +-
 src/lib/rpc/auth_gssapi.c                          |    2 +-
 src/lib/rpc/clnt_raw.c                             |    2 +-
 src/lib/rpc/clnt_udp.c                             |    2 +-
 src/lib/rpc/svc.c                                  |    2 +-
 src/lib/rpc/svc_auth_gssapi.c                      |    2 +-
 src/lib/rpc/svc_raw.c                              |    2 +-
 src/lib/rpc/svc_tcp.c                              |    6 +-
 src/lib/rpc/xdr.c                                  |    2 +-
 src/lib/rpc/xdr_rec.c                              |    6 +-
 src/lib/rpc/xdr_reference.c                        |    2 +-
 src/plugins/kdb/db2/adb_policy.c                   |    2 +-
 src/plugins/kdb/db2/kdb_db2.c                      |    4 +-
 src/plugins/kdb/db2/kdb_xdr.c                      |    5 +-
 src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c    |    4 +-
 src/plugins/kdb/ldap/ldap_util/kdb5_ldap_policy.c  |    2 +-
 .../kdb/ldap/ldap_util/kdb5_ldap_services.c        |    2 +-
 src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c    |    2 +-
 src/plugins/kdb/ldap/libkdb_ldap/ldap_handle.c     |    2 +-
 .../kdb/ldap/libkdb_ldap/ldap_krbcontainer.c       |    4 +-
 src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c  |    6 +-
 src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c      |    2 +-
 src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c |    2 +-
 src/plugins/preauth/pkinit/pkinit_clnt.c           |    2 +-
 src/plugins/preauth/pkinit/pkinit_crypto.h         |    2 +-
 src/plugins/preauth/pkinit/pkinit_matching.c       |    2 +-
 src/plugins/preauth/securid_sam2/securid2.c        |    4 +-
 src/tests/dejagnu/config/default.exp               |    4 +-
 src/tests/dejagnu/krb-standalone/pwchange.exp      |    2 +-
 src/tests/dejagnu/krb-standalone/standalone.exp    |    2 +-
 src/tests/gss-threads/gss-client.c                 |    2 +-
 src/tests/gss-threads/gss-misc.c                   |    4 +-
 src/tests/gss-threads/gss-server.c                 |    2 +-
 src/tests/gssapi/t_authind.py                      |    2 +-
 src/tests/gssapi/t_inq_ctx.c                       |    2 +-
 src/tests/hist.c                                   |    2 +-
 src/tests/jsonwalker.py                            |    2 +-
 src/tests/misc/test_chpw_message.c                 |    2 +-
 src/tests/t_hostrealm.py                           |    2 +-
 src/tests/t_localauth.py                           |    2 +-
 src/tests/t_mkey.py                                |    2 +-
 src/tests/t_sn2princ.py                            |    2 +-
 src/util/et/com_err.texinfo                        |    2 +-
 src/util/profile/prof_err.et                       |    4 +-
 src/util/profile/prof_tree.c                       |    8 ++--
 src/windows/installer/wix/config.wxi               |    2 +-
 src/windows/installer/wix/msi-deployment-guide.txt |    4 +-
 src/windows/leash/Leash.cpp                        |    4 +-
 src/windows/leash/LeashUIApplication.cpp           |    2 +-
 src/windows/leash/LeashUICommandHandler.cpp        |    2 +-
 src/windows/leash/LeashView.cpp                    |    4 +-
 src/windows/leash/MainFrm.cpp                      |    2 +-
 src/windows/leashdll/leash-int.h                   |    2 +-
 src/windows/leashdll/lsh_pwd.c                     |    2 +-
 src/windows/leashdll/lshutil.cpp                   |    3 +-
 src/windows/leashdll/timesync.c                    |    4 +-
 src/windows/lib/loadfuncs.c                        |    2 +-
 140 files changed, 232 insertions(+), 231 deletions(-)

diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c
index 93fca1f..6e2aa33 100644
--- a/src/appl/gss-sample/gss-client.c
+++ b/src/appl/gss-sample/gss-client.c
@@ -100,7 +100,7 @@ usage()
  *      host            (r) the target host name
  *      port            (r) the target port, in host byte order
  *
- * Returns: the established socket file desciptor, or -1 on failure
+ * Returns: the established socket file descriptor, or -1 on failure
  *
  * Effects:
  *
diff --git a/src/appl/gss-sample/gss-misc.c b/src/appl/gss-sample/gss-misc.c
index 856ca4a..1d051ed 100644
--- a/src/appl/gss-sample/gss-misc.c
+++ b/src/appl/gss-sample/gss-misc.c
@@ -340,7 +340,7 @@ display_status_1(m, code, type)
  * Effects:
  *
  * The GSS-API messages associated with maj_stat and min_stat are
- * displayed on stderr, each preceeded by "GSS-API error <msg>: " and
+ * displayed on stderr, each preceded by "GSS-API error <msg>: " and
  * followed by a newline.
  */
 void
@@ -356,7 +356,7 @@ display_status(msg, maj_stat, min_stat)
 /*
  * Function: display_ctx_flags
  *
- * Purpose: displays the flags returned by context initation in
+ * Purpose: displays the flags returned by context initiation in
  *          a human-readable form
  *
  * Arguments:
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c
index 793fefc..a0e19fc 100644
--- a/src/appl/gss-sample/gss-server.c
+++ b/src/appl/gss-sample/gss-server.c
@@ -106,7 +106,7 @@ int     verbose = 0;
  * Effects:
  *
  * The service name is imported with gss_import_name, and service
- * credentials are acquired with gss_acquire_cred.  If either opertion
+ * credentials are acquired with gss_acquire_cred.  If either operation
  * fails, an error message is displayed and -1 is returned; otherwise,
  * 0 is returned.  If mech is given, credentials are acquired for the
  * specified mechanism.
diff --git a/src/ccapi/common/win/OldCC/ccutil.cxx b/src/ccapi/common/win/OldCC/ccutil.cxx
index 729104d..b609231 100644
--- a/src/ccapi/common/win/OldCC/ccutil.cxx
+++ b/src/ccapi/common/win/OldCC/ccutil.cxx
@@ -53,7 +53,7 @@ Init::Info(
     InitInfo& info
     )
 {
-    // This funciton will not do automatic initialization.
+    // This function will not do automatic initialization.
     CcAutoLock AL(s_lock);
     if (!s_init) {
         memset(&info, 0, sizeof(info));
diff --git a/src/ccapi/common/win/OldCC/init.cxx b/src/ccapi/common/win/OldCC/init.cxx
index feb7ad3..baa8e28 100644
--- a/src/ccapi/common/win/OldCC/init.cxx
+++ b/src/ccapi/common/win/OldCC/init.cxx
@@ -53,7 +53,7 @@ Init::Info(
     InitInfo& info
     )
 {
-    // This funciton will not do automatic initialization.
+    // This function will not do automatic initialization.
     CcAutoLock AL(s_lock);
     if (!s_init) {
         memset(&info, 0, sizeof(info));
diff --git a/src/ccapi/common/win/OldCC/util.cxx b/src/ccapi/common/win/OldCC/util.cxx
index dd4a269..327f5f8 100644
--- a/src/ccapi/common/win/OldCC/util.cxx
+++ b/src/ccapi/common/win/OldCC/util.cxx
@@ -52,7 +52,7 @@ void free_alloc_p(void *pptr) {
 
 extern "C" DWORD alloc_textual_sid(
     PSID pSid,          // binary Sid
-    LPSTR *pTextualSid  // buffer for Textual representaion of Sid
+    LPSTR *pTextualSid  // buffer for Textual representation of Sid
     ) {
     PSID_IDENTIFIER_AUTHORITY psia;
     DWORD dwSubAuthorities;
diff --git a/src/ccapi/lib/win/dllmain.cxx b/src/ccapi/lib/win/dllmain.cxx
index aa5d00a..18aa005 100644
--- a/src/ccapi/lib/win/dllmain.cxx
+++ b/src/ccapi/lib/win/dllmain.cxx
@@ -149,9 +149,9 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL,     // DLL module handle
             // On Win9x/Me, the RPC exception will not be caught.
             // However, Win9x ignores exceptions during process shutdown,
             // so the exception will never be seen unless a debugger is
-            // attached to the proccess.
+            // attached to the process.
             //
-            // A good potential woraround would be to have a global
+            // A good potential workaround would be to have a global
             // variable that denotes whether the DLL is attached to the
             // process.  If it is not, all entrypoints into the DLL should
             // return failure.
diff --git a/src/clients/ksu/authorization.c b/src/clients/ksu/authorization.c
index 8919218..6ea1084 100644
--- a/src/clients/ksu/authorization.c
+++ b/src/clients/ksu/authorization.c
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "ksu.h"
diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c
index 2a99521..cbb9aa2 100644
--- a/src/clients/ksu/ccache.c
+++ b/src/clients/ksu/ccache.c
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "ksu.h"
diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c
index 3eb28ab..4f7280f 100644
--- a/src/clients/ksu/heuristic.c
+++ b/src/clients/ksu/heuristic.c
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "ksu.h"
diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c
index e39685f..fb848dc 100644
--- a/src/clients/ksu/krb_auth_su.c
+++ b/src/clients/ksu/krb_auth_su.c
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "ksu.h"
diff --git a/src/clients/ksu/ksu.h b/src/clients/ksu/ksu.h
index 3bf0bd4..66fb4bc 100644
--- a/src/clients/ksu/ksu.h
+++ b/src/clients/ksu/ksu.h
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "k5-int.h"
diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 4f03dd8..dc417e6 100644
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -23,7 +23,7 @@
  *     direct, indirect, or consequential damages with respect to any
  *     claim by the user or distributor of the ksu software.
  *
- * KSU was writen by:  Ari Medvinsky, ari at isi.edu
+ * KSU was written by:  Ari Medvinsky, ari at isi.edu
  */
 
 #include "ksu.h"
@@ -506,7 +506,7 @@ main (argc, argv)
 #endif /* GET_TGT_VIA_PASSWD */
     }
 
-    /* if the user is root or same uid then authentication is not neccesary,
+    /* if the user is root or same uid then authentication is not necessary,
        root gets in automatically */
 
     if (source_uid && (source_uid != target_uid)) {
@@ -625,7 +625,7 @@ main (argc, argv)
 
 #ifdef HAVE_GETUSERSHELL
 
-    /* insist that the target login uses a standard shell (root is omited) */
+    /* insist that the target login uses a standard shell (root is omitted) */
 
     if (!standard_shell(target_pwd->pw_shell) && source_uid) {
         fprintf(stderr, _("ksu: permission denied (shell).\n"));
@@ -1001,7 +1001,7 @@ static void sweep_up(context, cc)
 /*****************************************************************
 get_params is to be called for the -a option or -e option to
            collect all params passed in for the shell or for
-           cmd.  An aray is returned containing all params.
+           cmd.  An array is returned containing all params.
            optindex is incremented accordingly and the first
            element in the returned array is reserved for the
            name of the command to be executed or the name of the
diff --git a/src/include/gssrpc/clnt.h b/src/include/gssrpc/clnt.h
index 6a4a1e1..e5af80d 100644
--- a/src/include/gssrpc/clnt.h
+++ b/src/include/gssrpc/clnt.h
@@ -93,8 +93,8 @@ struct rpc_err {
 		int RE_errno;		/* realated system error */
 		enum auth_stat RE_why;	/* why the auth error occurred */
 		struct {
-			rpcvers_t low;	/* lowest verion supported */
-			rpcvers_t high;	/* highest verion supported */
+			rpcvers_t low;	/* lowest version supported */
+			rpcvers_t high;	/* highest version supported */
 		} RE_vers;
 		struct {		/* maybe meaningful if RPC_FAILED */
 			int32_t s1;
@@ -226,7 +226,7 @@ typedef struct CLIENT {
 
 
 /*
- * RPCTEST is a test program which is accessable on every rpc
+ * RPCTEST is a test program which is accessible on every rpc
  * transport/port.  It is used for testing, performance evaluation,
  * and network administration.
  */
diff --git a/src/include/gssrpc/rpc_msg.h b/src/include/gssrpc/rpc_msg.h
index 1070202..9403bfc 100644
--- a/src/include/gssrpc/rpc_msg.h
+++ b/src/include/gssrpc/rpc_msg.h
@@ -48,7 +48,7 @@ GSSRPC__BEGIN_DECLS
 
 /*
  * Bottom up definition of an rpc message.
- * NOTE: call and reply use the same overall stuct but
+ * NOTE: call and reply use the same overall struct but
  * different parts of unions within it.
  */
 
diff --git a/src/include/gssrpc/svc.h b/src/include/gssrpc/svc.h
index 1bb8dd9..15cb3d7 100644
--- a/src/include/gssrpc/svc.h
+++ b/src/include/gssrpc/svc.h
@@ -81,7 +81,7 @@ typedef struct SVCXPRT {
 #endif
 	u_short		xp_port;	 /* associated port number */
 	struct xp_ops {
-	    /* receive incomming requests */
+	    /* receive incoming requests */
 	    bool_t	(*xp_recv)(struct SVCXPRT *, struct rpc_msg *);
 	    /* get transport status */
 	    enum xprt_stat (*xp_stat)(struct SVCXPRT *);
@@ -103,7 +103,7 @@ typedef struct SVCXPRT {
 	SVCAUTH		*xp_auth;	 /* auth flavor of current req */
 	void		*xp_p1;		 /* private */
 	void		*xp_p2;		 /* private */
-	int		xp_laddrlen;	 /* lenght of local address */
+	int		xp_laddrlen;	 /* length of local address */
 	struct sockaddr_in xp_laddr;	 /* local address */
 } SVCXPRT;
 
diff --git a/src/include/gssrpc/svc_auth.h b/src/include/gssrpc/svc_auth.h
index ceb13b7..4585374 100644
--- a/src/include/gssrpc/svc_auth.h
+++ b/src/include/gssrpc/svc_auth.h
@@ -88,7 +88,7 @@ extern enum auth_stat gssrpc__authenticate(struct svc_req *rqst,
 enum auth_stat gssrpc__svcauth_none(struct svc_req *,
 	struct rpc_msg *, bool_t *);
 /* unix style (uid, gids) */
-/* RENAMED: shoudl be _svcauth_unix. */
+/* RENAMED: should be _svcauth_unix. */
 enum auth_stat gssrpc__svcauth_unix(struct svc_req *,
 	struct rpc_msg *, bool_t *);
 /* short hand unix style */
diff --git a/src/include/gssrpc/xdr.h b/src/include/gssrpc/xdr.h
index c66ae69..da9e173 100644
--- a/src/include/gssrpc/xdr.h
+++ b/src/include/gssrpc/xdr.h
@@ -107,7 +107,7 @@ typedef	bool_t (*xdrproc_t)();
 /*
  * The XDR handle.
  * Contains operation which is being applied to the stream,
- * an operations vector for the paticular implementation (e.g. see xdr_mem.c),
+ * an operations vector for the particular implementation (e.g. see xdr_mem.c),
  * and two private fields for the use of the particular impelementation.
  */
 typedef struct XDR {
@@ -211,7 +211,7 @@ struct xdr_discrim {
 };
 
 /*
- * In-line routines for fast encode/decode of primitve data types.
+ * In-line routines for fast encode/decode of primitive data types.
  * Caveat emptor: these use single memory cycles to get the
  * data from the underlying buffer, and will fail to operate
  * properly if the data is not aligned.  The standard way to use these
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 5fee63b..99350a8 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1113,7 +1113,7 @@ krb5_authdata_free_internal(krb5_context kcontext,
  * A pluggable interface should have one or more currently supported major
  * versions, starting at 1.  Each major version should have a current minor
  * version, also starting at 1.  If new methods are added to a vtable, the
- * minor version should be incremented and the vtable stucture should document
+ * minor version should be incremented and the vtable structure should document
  * where each minor vtable version ends.  If method signatures for a vtable are
  * changed, the major version should be incremented.
  *
@@ -1367,7 +1367,7 @@ void KRB5_CALLCONV krb5_free_priv_enc_part(krb5_context, krb5_priv_enc_part *);
   krb5_data **code);
   modifies  *code
   effects   Returns the ASN.1 encoding of *rep in **code.
-  Returns ASN1_MISSING_FIELD if a required field is emtpy in *rep.
+  Returns ASN1_MISSING_FIELD if a required field is empty in *rep.
   Returns ENOMEM if memory runs out.
 */
 
@@ -1907,7 +1907,7 @@ krb5_ser_unpack_bytes(krb5_octet *, size_t, krb5_octet **, size_t *);
 krb5_error_code KRB5_CALLCONV
 krb5int_cc_default(krb5_context, krb5_ccache *);
 
-/* Fill in the buffer with random alpha-numeric data. */
+/* Fill in the buffer with random alphanumeric data. */
 krb5_error_code
 krb5int_random_string(krb5_context, char *string, unsigned int length);
 
diff --git a/src/include/k5-utf8.h b/src/include/k5-utf8.h
index ca548b5..7cc8cda 100644
--- a/src/include/k5-utf8.h
+++ b/src/include/k5-utf8.h
@@ -132,7 +132,7 @@ int krb5int_utf8_isspace( const char *);
 size_t krb5int_utf8_strcspn( const char* str, const char *set);
 /* span characters in set, return bytes spanned */
 size_t krb5int_utf8_strspn( const char* str, const char *set);
-/* return first occurance of character in string */
+/* return first occurrence of character in string */
 char *krb5int_utf8_strchr( const char* str, const char *chr);
 /* return first character of set in string */
 char *krb5int_utf8_strpbrk( const char* str, const char *set);
diff --git a/src/include/kdb.h b/src/include/kdb.h
index c56947a..ff47716 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -1103,7 +1103,7 @@ typedef struct _kdb_vftabl {
 
     /*
      * Optional: For each principal entry in the database, invoke func with the
-     * argments func_arg and the entry data.  If match_entry is specified, the
+     * arguments func_arg and the entry data.  If match_entry is specified, the
      * module may narrow the iteration to principal names matching that regular
      * expression; a module may alternatively ignore match_entry.
      */
@@ -1135,9 +1135,9 @@ typedef struct _kdb_vftabl {
 
     /*
      * Optional: For each password policy entry in the database, invoke func
-     * with the argments data and the entry data.  If match_entry is specified,
-     * the module may narrow the iteration to policy names matching that
-     * regular expression; a module may alternatively ignore match_entry.
+     * with the arguments data and the entry data.  If match_entry is
+     * specified, the module may narrow the iteration to policy names matching
+     * that regular expression; a module may alternatively ignore match_entry.
      */
     krb5_error_code (*iter_policy)(krb5_context kcontext, char *match_entry,
                                    osa_adb_iter_policy_func func,
diff --git a/src/include/krb5/audit_plugin.h b/src/include/krb5/audit_plugin.h
index b6e9064..64dda75 100644
--- a/src/include/krb5/audit_plugin.h
+++ b/src/include/krb5/audit_plugin.h
@@ -74,7 +74,7 @@
 #define PROT_CONSTRAINT 1 /**< Protocol constraint */
 #define LOCAL_POLICY    2 /**< Local policy violation */
 
-#define REQID_LEN 32 /* Size of the alpha-numeric request ID */
+#define REQID_LEN 32 /* Size of the alphanumeric request ID */
 
 /** KDC audit state structure and declarations */
 typedef struct _krb5_audit_state {
diff --git a/src/include/net-server.h b/src/include/net-server.h
index e5edcc4..a30749d 100644
--- a/src/include/net-server.h
+++ b/src/include/net-server.h
@@ -31,7 +31,7 @@
 
 #include <verto.h>
 
-/* The delimeter characters supported by the addresses string. */
+/* The delimiter characters supported by the addresses string. */
 #define ADDRESSES_DELIM ",; "
 
 typedef struct _krb5_fulladdr {
@@ -95,7 +95,7 @@ krb5_error_code make_toolong_error (void *handle, krb5_data **);
  * Contexts are needed in lots of places.  Opaque application-provided
  * handles are passed around in lots of place, but contexts are not.
  * For now, we'll require that the application provide us an easy way
- * to get at a context; eventually it should probably be explicity.
+ * to get at a context; eventually it should probably be explicitly.
  */
 krb5_context get_context(void *handle);
 
diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c
index a6e858d..225cd2b 100644
--- a/src/kadmin/cli/kadmin.c
+++ b/src/kadmin/cli/kadmin.c
@@ -442,7 +442,7 @@ kadmin_startup(int argc, char *argv[], char **request_out, char ***args_out)
 
     /*
      * If no principal name is specified: If authenticating anonymously, use
-     * the anonymouse principal for the local realm, else if a ccache was
+     * the anonymous principal for the local realm, else if a ccache was
      * specified and its primary principal name can be read, it is used, else
      * if a keytab was specified, the principal name is host/hostname,
      * otherwise append "/admin" to the primary name of the default ccache,
diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c
index a720eec..8cd0537 100644
--- a/src/kadmin/dbutil/kdb5_util.c
+++ b/src/kadmin/dbutil/kdb5_util.c
@@ -316,7 +316,7 @@ int main(argc, argv)
                                      &global_params, &global_params);
     if (retval) {
         com_err(progname, retval,
-                _("while retreiving configuration parameters"));
+                _("while retrieving configuration parameters"));
         exit(1);
     }
 
diff --git a/src/kadmin/server/kadm_rpc_svc.c b/src/kadmin/server/kadm_rpc_svc.c
index d343e2c..8371fa7 100644
--- a/src/kadmin/server/kadm_rpc_svc.c
+++ b/src/kadmin/server/kadm_rpc_svc.c
@@ -22,7 +22,7 @@ static int check_rpcsec_auth(struct svc_req *);
 /*
  * Function: kadm_1
  *
- * Purpose: RPC proccessing procedure.
+ * Purpose: RPC processing procedure.
  *	    originally generated from rpcgen
  *
  * Arguments:
diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c
index 4d3114b..864a929 100644
--- a/src/kadmin/testing/util/tcl_kadm5.c
+++ b/src/kadmin/testing/util/tcl_kadm5.c
@@ -688,7 +688,7 @@ static Tcl_DString *unparse_principal_ent(kadm5_principal_ent_t princ,
         krb5_ret = krb5_unparse_name(context, princ->principal, &tmp);
         if (krb5_ret) {
             /* XXX Do we want to return an error?  Not sure. */
-            Tcl_DStringAppendElement(str, "[unparseable principal]");
+            Tcl_DStringAppendElement(str, "[unparsable principal]");
         }
         else {
             Tcl_DStringAppendElement(str, tmp);
@@ -713,7 +713,7 @@ static Tcl_DString *unparse_principal_ent(kadm5_principal_ent_t princ,
     if (mask & KADM5_MOD_NAME) {
         if ((krb5_ret = krb5_unparse_name(context, princ->mod_name, &tmp))) {
             /* XXX */
-            Tcl_DStringAppendElement(str, "[unparseable principal]");
+            Tcl_DStringAppendElement(str, "[unparsable principal]");
         }
         else {
             Tcl_DStringAppendElement(str, tmp);
diff --git a/src/kdc/kdc_log.c b/src/kdc/kdc_log.c
index b160ba2..f86e078 100644
--- a/src/kdc/kdc_log.c
+++ b/src/kdc/kdc_log.c
@@ -224,7 +224,7 @@ log_tgs_alt_tgt(krb5_context context, krb5_principal p)
     char *sname;
     if (krb5_unparse_name(context, p, &sname)) {
         krb5_klog_syslog(LOG_INFO,
-                         _("TGS_REQ: issuing alternate <un-unparseable> TGT"));
+                         _("TGS_REQ: issuing alternate <un-unparsable> TGT"));
     } else {
         limit_string(sname);
         krb5_klog_syslog(LOG_INFO, _("TGS_REQ: issuing TGT %s"), sname);
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index a303bfd..04cd0e7 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -1468,7 +1468,7 @@ return_padata(krb5_context context, krb5_kdcpreauth_rock rock,
      * data doesn't correspond to the replaced reply key, and RFC 4120 section
      * 5.2.7.5 forbids us from sending etype-info describing the initial reply
      * key in an AS-REP if it doesn't have the same enctype as the replaced
-     * reply key.  For all current and forseeable preauth mechs, we can assume
+     * reply key.  For all current and foreseeable preauth mechs, we can assume
      * the client received etype-info2 in an earlier step and already computed
      * the initial reply key if it needed it.  The client can determine the
      * enctype of the replaced reply key from the etype field of the enc-part
diff --git a/src/kdc/main.c b/src/kdc/main.c
index fdcd694..b845710 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -504,7 +504,7 @@ create_workers(verto_ctx *ctx, int num)
 
     /*
      * Setup our signal handlers which will forward to the children.
-     * These handlers will be overriden in the child processes.
+     * These handlers will be overridden in the child processes.
      */
 #ifdef POSIX_SIGNALS
     (void) sigemptyset(&s_action.sa_mask);
diff --git a/src/kprop/kpropd.c b/src/kprop/kpropd.c
index ab4a764..5881a89 100644
--- a/src/kprop/kpropd.c
+++ b/src/kprop/kpropd.c
@@ -1446,7 +1446,7 @@ recv_database(krb5_context context, int fd, int database_fd,
     inbuf.length = sizeof(database_size);
     retval = krb5_mk_safe(context,auth_context,&inbuf,confmsg,NULL);
     if (retval) {
-        com_err(progname, retval, "while encoding # of receieved bytes");
+        com_err(progname, retval, "while encoding # of received bytes");
         send_error(context, fd, retval, "while encoding # of received bytes");
         exit(1);
     }
diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index 6b18dfe..294dcfc 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -362,7 +362,7 @@ loop_add_address(const char *address, int port, enum bind_type type,
  *
  * - addresses
  *      A string for the addresses.  Pass NULL to use the wildcard address.
- *      Supported delimeters can be found in ADDRESSES_DELIM.  Addresses are
+ *      Supported delimiters can be found in ADDRESSES_DELIM.  Addresses are
  *      parsed with k5_parse_host_name().
  * - default_port
  *      What port the socket should be set to if not specified in addresses.
diff --git a/src/lib/apputils/udppktinfo.c b/src/lib/apputils/udppktinfo.c
index 9a06ae8..c6e86f6 100644
--- a/src/lib/apputils/udppktinfo.c
+++ b/src/lib/apputils/udppktinfo.c
@@ -298,8 +298,8 @@ recv_from_to(int sock, void *buf, size_t len, int flags,
     if (!to || !tolen || !r)
         return recvfrom(sock, buf, len, flags, from, fromlen);
 
-    /* Clobber with something recognizeable in case we can't extract the
-     * address but try to use it anyways. */
+    /* Clobber with something recognizable in case we can't extract the address
+     * but try to use it anyways. */
     memset(to, 0x40, *tolen);
 
     iov.iov_base = buf;
@@ -505,7 +505,7 @@ recv_from_to(int sock, void *buf, size_t len, int flags,
              aux_addressing_info *auxaddr)
 {
     if (to && tolen) {
-        /* Clobber with something recognizeable in case we try to use the
+        /* Clobber with something recognizable in case we try to use the
          * address. */
         memset(to, 0x40, *tolen);
         *tolen = 0;
diff --git a/src/lib/crypto/builtin/des/doc/libdes.doc b/src/lib/crypto/builtin/des/doc/libdes.doc
index 19c03c1..6e9431e 100644
--- a/src/lib/crypto/builtin/des/doc/libdes.doc
+++ b/src/lib/crypto/builtin/des/doc/libdes.doc
@@ -149,7 +149,7 @@ int
 	by "*key", then after getting a new key, call the des_set_key() 
 	routine when needed.
 
-	No meaningfull value is returned.  Void is not used for compatibility
+	No meaningful value is returned.  Void is not used for compatibility
 	with other compilers.
 
 
diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c
index f4332f5..4a19933 100644
--- a/src/lib/crypto/builtin/des/t_verify.c
+++ b/src/lib/crypto/builtin/des/t_verify.c
@@ -325,7 +325,7 @@ main(argc,argv)
         printf("%02x ",cipher_text[j]);
     printf("\n\n");
     if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
-        printf("verify: error in CBC cheksum\n");
+        printf("verify: error in CBC checksum\n");
         exit(-1);
     }
     else
diff --git a/src/lib/crypto/builtin/sha1/shs.c b/src/lib/crypto/builtin/sha1/shs.c
index f28a4fc..f66a753 100644
--- a/src/lib/crypto/builtin/sha1/shs.c
+++ b/src/lib/crypto/builtin/sha1/shs.c
@@ -139,7 +139,7 @@ void SHSTransform(SHS_LONG *digest, const SHS_LONG *data)
 
 #else
 
-    /* Heavy mangling, in 4 sub-rounds of 20 interations each. */
+    /* Heavy mangling, in 4 sub-rounds of 20 iterations each. */
     subRound( A, B, C, D, E, f1, K1, eData[  0 ] );
     subRound( E, A, B, C, D, f1, K1, eData[  1 ] );
     subRound( D, E, A, B, C, f1, K1, eData[  2 ] );
diff --git a/src/lib/crypto/builtin/sha1/t_shs3.c b/src/lib/crypto/builtin/sha1/t_shs3.c
index f7932ef..7aa0bbd 100644
--- a/src/lib/crypto/builtin/sha1/t_shs3.c
+++ b/src/lib/crypto/builtin/sha1/t_shs3.c
@@ -17,7 +17,7 @@ static void test7(void);
 
 /* When run on a little-endian CPU we need to perform byte reversal on an
    array of longwords.  It is possible to make the code endianness-
-   independant by fiddling around with data at the byte level, but this
+   independent by fiddling around with data at the byte level, but this
    makes for very slow code, so we rely on the user to sort out endianness
    at compile time */
 
diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
index a65d57b..bc87c6f 100644
--- a/src/lib/crypto/openssl/enc_provider/rc4.c
+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
@@ -52,7 +52,7 @@ struct arcfour_state {
 /* Interface layer to krb5 crypto layer */
 
 /* The workhorse of the arcfour system,
- * this impliments the cipher
+ * this implements the cipher
  */
 
 /* In-place IOV crypto */
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index c821cc8..3f63ab6 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -750,7 +750,8 @@ kg_accept_krb5(minor_status, context_handle,
             goto fail;
         }
 
-        /* Always read the clients bindings - eventhough we might ignore them */
+        /* Always read the client's bindings, even though we might ignore
+         * them. */
         TREAD_STR(ptr, ptr2, reqcksum.length);
 
         if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS ) {
diff --git a/src/lib/gssapi/krb5/gssapi_krb5.h b/src/lib/gssapi/krb5/gssapi_krb5.h
index 84b4159..e266b59 100644
--- a/src/lib/gssapi/krb5/gssapi_krb5.h
+++ b/src/lib/gssapi/krb5/gssapi_krb5.h
@@ -124,7 +124,7 @@ typedef struct gss_krb5_lucid_key {
 } gss_krb5_lucid_key_t;
 
 typedef struct gss_krb5_rfc1964_keydata {
-    OM_uint32       sign_alg;       /* signing algorthm */
+    OM_uint32       sign_alg;       /* signing algorithm */
     OM_uint32       seal_alg;       /* seal/encrypt algorithm */
     gss_krb5_lucid_key_t    ctx_key;
     /* Context key
diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c
index 80954af..c9aaafd 100644
--- a/src/lib/gssapi/krb5/util_crypt.c
+++ b/src/lib/gssapi/krb5/util_crypt.c
@@ -677,7 +677,7 @@ kg_fixup_padding_iov(OM_uint32 *minor_status, gss_iov_buffer_desc *iov,
      * the padding length.
      *
      * If the caller manages the padding length, then relative_padlength
-     * wil be zero.
+     * will be zero.
      *
      * eg. if the buffers are structured as follows:
      *
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c b/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c
index 9eab25e..6ba170d 100644
--- a/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c
+++ b/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c
@@ -149,7 +149,7 @@ gss_acquire_cred_impersonate_name(OM_uint32 *minor_status,
     /*
      * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
      * appropriate default.  We use the first mechanism in the
-     * mechansim list as the default. This set is created with
+     * mechanism list as the default. This set is created with
      * statics thus needs not be freed
      */
     if(desired_mechs == GSS_C_NULL_OID_SET) {
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
index 7835d59..cc34acc 100644
--- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
+++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
@@ -146,7 +146,7 @@ OM_uint32 *		time_rec;
     /*
      * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
      * appropriate default.  We use the first mechanism in the
-     * mechansim list as the default. This set is created with
+     * mechanism list as the default. This set is created with
      * statics thus needs not be freed
      */
     if(desired_mechs == GSS_C_NULL_OID_SET) {
diff --git a/src/lib/gssapi/mechglue/g_dup_name.c b/src/lib/gssapi/mechglue/g_dup_name.c
index cc824fd..ff01db2 100644
--- a/src/lib/gssapi/mechglue/g_dup_name.c
+++ b/src/lib/gssapi/mechglue/g_dup_name.c
@@ -81,7 +81,7 @@ gss_name_t *dest_name;
 	dest_union->name_type = 0;
 	dest_union->external_name = 0;
 
-	/* Now copy the external representaion */
+	/* Now copy the external representation. */
 	if (gssint_create_copy_buffer(src_union->external_name,
 				&dest_union->external_name, 0))
 		goto allocation_failure;
diff --git a/src/lib/gssapi/mechglue/g_imp_name.c b/src/lib/gssapi/mechglue/g_imp_name.c
index 374965b..c3e809c 100644
--- a/src/lib/gssapi/mechglue/g_imp_name.c
+++ b/src/lib/gssapi/mechglue/g_imp_name.c
@@ -356,7 +356,7 @@ importExportName(minor, unionName, inputNameType)
      *	 the unwrapped name.  Presumably the exported name had,
      *	 prior to being exported been obtained in such a way
      *	 that it has been properly perpared ("canonicalized," in
-     *	 GSS-API terms) accroding to some name type; we cannot
+     *	 GSS-API terms) according to some name type; we cannot
      *	 tell what that name type was now, but the name should
      *	 need no further preparation other than the lowest
      *	 common denominator afforded by the mech to names
diff --git a/src/lib/gssapi/mechglue/g_oid_ops.c b/src/lib/gssapi/mechglue/g_oid_ops.c
index 1d75c63..1d7970c 100644
--- a/src/lib/gssapi/mechglue/g_oid_ops.c
+++ b/src/lib/gssapi/mechglue/g_oid_ops.c
@@ -27,7 +27,7 @@
 #include "mglueP.h"
 
 /*
- * gss_release_oid has been moved to g_initialize, becasue it requires access
+ * gss_release_oid has been moved to g_initialize, because it requires access
  * to the mechanism list.  All functions requiring direct access to the
  * mechanism list are now in g_initialize.c
  */
diff --git a/src/lib/gssapi/mechglue/mglueP.h b/src/lib/gssapi/mechglue/mglueP.h
index f16333c..2b65939 100644
--- a/src/lib/gssapi/mechglue/mglueP.h
+++ b/src/lib/gssapi/mechglue/mglueP.h
@@ -87,7 +87,7 @@ OM_uint32 gssint_get_mech_type_oid(gss_OID OID, gss_buffer_t token);
  * access mechanism specific versions of the gssapi routines through
  * the routines in the glue module (gssd_mech_glue.c)
  *
- * This contants all of the functions defined in gssapi.h except for
+ * This contains all of the functions defined in gssapi.h except for
  * gss_release_buffer() and gss_release_oid_set(), which I am
  * assuming, for now, to be equal across mechanisms.
  */
@@ -739,8 +739,8 @@ typedef struct gss_config {
  * In the user space we use a wrapper structure to encompass the
  * mechanism entry points.  The wrapper contain the mechanism
  * entry points and other data which is only relevant to the gss-api
- * layer.  In the kernel we use only the gss_config strucutre because
- * the kernal does not cantain any of the extra gss-api specific data.
+ * layer.  In the kernel we use only the gss_config structure because
+ * the kernel does not cantain any of the extra gss-api specific data.
  */
 typedef struct gss_mech_config {
 	char *kmodName;			/* kernel module name */
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index 8e0c3a3..c9305c7 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -3759,7 +3759,7 @@ put_negResult(unsigned char **buf_out, OM_uint32 negResult,
 }
 
 /*
- * This routine compares the recieved mechset to the mechset that
+ * This routine compares the received mechset to the mechset that
  * this server can support. It looks sequentially through the mechset
  * and the first one that matches what the server can support is
  * chosen as the negotiated mechanism. If one is found, negResult
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
index aa08918..ff1580e 100644
--- a/src/lib/kadm5/clnt/client_init.c
+++ b/src/lib/kadm5/clnt/client_init.c
@@ -285,7 +285,7 @@ init_any(krb5_context context, char *client_name, enum init_type init_type,
         goto error;
 
     /*
-     * Bypass the remainder of the code and return straightaway
+     * Bypass the remainder of the code and return straight away
      * if the gss service requested is kiprop
      */
     if (iprop_enable) {
diff --git a/src/lib/kadm5/kadm_err.et b/src/lib/kadm5/kadm_err.et
index 892a6fa..fbe2e76 100644
--- a/src/lib/kadm5/kadm_err.et
+++ b/src/lib/kadm5/kadm_err.et
@@ -23,7 +23,7 @@ error_code KADM5_BAD_CLASS, "Invalid number of character classes"
 error_code KADM5_BAD_LENGTH, "Invalid password length"
 error_code KADM5_BAD_POLICY, "Illegal policy name"
 error_code KADM5_BAD_PRINCIPAL, "Illegal principal name"
-error_code KADM5_BAD_AUX_ATTR, "Invalid auxillary attributes"
+error_code KADM5_BAD_AUX_ATTR, "Invalid auxiliary attributes"
 error_code KADM5_BAD_HISTORY, "Invalid password history count"
 error_code KADM5_BAD_MIN_PASS_LIFE, "Password minimum life is greater than password maximum life"
 error_code KADM5_PASS_Q_TOOSHORT, "Password is too short"
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 8383e4e..0411c3f 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -244,7 +244,7 @@ static bool_t xdr_krb5_boolean(XDR *xdrs, krb5_boolean *kbool)
 bool_t xdr_krb5_key_data_nocontents(XDR *xdrs, krb5_key_data *objp)
 {
      /*
-      * Note that this function intentionally DOES NOT tranfer key
+      * Note that this function intentionally DOES NOT transfer key
       * length or contents!  xdr_krb5_key_data in adb_xdr.c does, but
       * that is only for use within the server-side library.
       */
diff --git a/src/lib/kadm5/srv/pwqual_dict.c b/src/lib/kadm5/srv/pwqual_dict.c
index f736eac..e3ac20e 100644
--- a/src/lib/kadm5/srv/pwqual_dict.c
+++ b/src/lib/kadm5/srv/pwqual_dict.c
@@ -87,7 +87,7 @@ word_compare(const void *s1, const void *s2)
  * success.
  *
  * Modifies:
- *      word_list to point to a chunck of allocated memory containing
+ *      word_list to point to a chunk of allocated memory containing
  *      pointers to words
  *      word_block to contain the dictionary.
  *
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 53ecbe1..8a7ab6e 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -2005,7 +2005,7 @@ static int decrypt_key_data(krb5_context context,
  *      kvnop           (w) kvno to fill in, or NULL
  *
  * Effects: Searches the key_data array of entry, which must have been
- * retrived with kadm5_get_principal with the KADM5_KEY_DATA mask, to
+ * retrieved with kadm5_get_principal with the KADM5_KEY_DATA mask, to
  * find a key with a specified enctype, salt type, and kvno in a
  * principal entry.  If not found, return ENOENT.  Otherwise, decrypt
  * it with the master key, and return the key in keyblock, the salt
diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal.exp
index 53a96e5..47a19dc 100644
--- a/src/lib/kadm5/unit-test/api.current/chpass-principal.exp
+++ b/src/lib/kadm5/unit-test/api.current/chpass-principal.exp
@@ -67,7 +67,7 @@ if { $RPC } { test1805 }
 
 #
 # admin with changepw service tickets try to change other principals
-# password, failes with AUTH error
+# password, fails with AUTH error
 test "chpass-principal 180.625"
 proc test180625 {} {
     global test
diff --git a/src/lib/kadm5/unit-test/api.current/crte-principal.exp b/src/lib/kadm5/unit-test/api.current/crte-principal.exp
index 52dda78..d6d6809 100644
--- a/src/lib/kadm5/unit-test/api.current/crte-principal.exp
+++ b/src/lib/kadm5/unit-test/api.current/crte-principal.exp
@@ -645,7 +645,7 @@ proc test28 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return
     }
     send "lindex \$principal 10\n"
@@ -689,7 +689,7 @@ proc test29 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 1\n"
@@ -733,7 +733,7 @@ proc test30 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -778,7 +778,7 @@ proc test31 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -823,7 +823,7 @@ proc test32 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     if { ! [cmd {kadm5_get_policy $server_handle test-pol policy}]} {
@@ -912,7 +912,7 @@ proc test33 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -957,7 +957,7 @@ proc test34 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -1002,7 +1002,7 @@ proc test35 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -1047,7 +1047,7 @@ proc test36 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     if { ! [cmd {kadm5_get_policy $server_handle test-pol policy} ]} {
@@ -1135,7 +1135,7 @@ proc test37 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -1179,7 +1179,7 @@ proc test38 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 3\n"
@@ -1308,7 +1308,7 @@ proc test40 {} {
     if {! [cmd [format {
 	kadm5_get_principal $server_handle "%s/a" principal KADM5_PRINCIPAL_NORMAL_MASK
     } $test]]} {
-	fail "$test: can not retreive principal"
+	fail "$test: can not retrieve principal"
 	return;
     }
     send "lindex \$principal 4\n"
diff --git a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp b/src/lib/kadm5/unit-test/api.current/dlte-policy.exp
index 4ba40fd..ad2863d 100644
--- a/src/lib/kadm5/unit-test/api.current/dlte-policy.exp
+++ b/src/lib/kadm5/unit-test/api.current/dlte-policy.exp
@@ -158,7 +158,7 @@ proc test12 {} {
 		$KADM5_STRUCT_VERSION $KADM5_API_VERSION_3 \
 		server_handle
     }]} {
-	perror "$test unexecpted failure in init"
+	perror "$test unexpected failure in init"
 	return
     }
     if {! [cmd [format {
diff --git a/src/lib/kadm5/unit-test/api.current/mod-principal.exp b/src/lib/kadm5/unit-test/api.current/mod-principal.exp
index 44f8548..ac9f968 100644
--- a/src/lib/kadm5/unit-test/api.current/mod-principal.exp
+++ b/src/lib/kadm5/unit-test/api.current/mod-principal.exp
@@ -493,7 +493,7 @@ proc test22 {} {
 	kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
 		{KADM5_PW_EXPIRATION}
     } $test]]} {
-	fail "$test: modifiy failed"
+	fail "$test: modify failed"
 	return
     }
     if {! [cmd [format {
@@ -535,7 +535,7 @@ proc test23 {} {
 	kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
 		{KADM5_PW_EXPIRATION}
     } $test]]} {
-	fail "$test: modifiy failed"
+	fail "$test: modify failed"
 	return
     }
     if {! [cmd [format {
@@ -885,7 +885,7 @@ proc test29 {} {
 	kadm5_modify_principal $server_handle [simple_principal "%s/a"] \
 		{KADM5_POLICY_CLR}
     } $test]]} {
-	fail "$test: modifiy failed"
+	fail "$test: modify failed"
 	return
     }
     if {! [cmd [format {
diff --git a/src/lib/kadm5/unit-test/config/unix.exp b/src/lib/kadm5/unit-test/config/unix.exp
index ca67095..d7706ec 100644
--- a/src/lib/kadm5/unit-test/config/unix.exp
+++ b/src/lib/kadm5/unit-test/config/unix.exp
@@ -156,62 +156,62 @@ proc api_start {} {
 	send "set current_struct_version \[expr \$KADM5_STRUCT_VERSION &~ \$KADM5_STRUCT_VERSION_MASK\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set current_api_version \[expr \$KADM5_API_VERSION_3 &~ \$KADM5_API_VERSION_MASK\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set bad_struct_version_mask \[expr 0x65432100 | \$current_struct_version\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set bad_api_version_mask \[expr 0x65432100 | \$current_api_version\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set no_api_version_mask \$current_api_version\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set no_struct_version_mask \$current_struct_version\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set old_api_version \[expr \$KADM5_API_VERSION_MASK | 0x00\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set old_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0x00\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set new_api_version \[expr \$KADM5_API_VERSION_MASK | 0xca\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 	send "set new_struct_version \[expr \$KADM5_STRUCT_VERSION_MASK | 0xca\]\n"
 	expect {
 		-re "$prompt$" {}
-		eof { perror "EOF setting API varibles"}
-		timeout { perror "timeout setting API varibles"}
+		eof { perror "EOF setting API variables"}
+		timeout { perror "timeout setting API variables"}
 	}
 
 	set api_pid $pid
diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h
index 996a893..0143d15 100644
--- a/src/lib/krad/internal.h
+++ b/src/lib/krad/internal.h
@@ -93,9 +93,9 @@ kr_remote_free(krad_remote *rr);
  * The timeout parameter is the total timeout across all retries in
  * milliseconds.
  *
- * If the cb is called with a retval of ETIMEDOUT it indicates that the alloted
- * time has elapsed. However, in the case of a timeout, we continue to listen
- * for the packet until krad_remote_cancel() is called or a response is
+ * If the cb is called with a retval of ETIMEDOUT it indicates that the
+ * allotted time has elapsed. However, in the case of a timeout, we continue to
+ * listen for the packet until krad_remote_cancel() is called or a response is
  * received. This means that cb will always be called twice in the event of a
  * timeout. This permits you to pursue other remotes while still listening for
  * a response from the first one.
diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c
index 437f7e9..c96a9b4 100644
--- a/src/lib/krad/remote.c
+++ b/src/lib/krad/remote.c
@@ -152,7 +152,7 @@ remote_disconnect(krad_remote *rr)
 }
 
 /* Add the specified flags to the remote. This automatically manages the
- * lifecyle of the underlying event. Also connects if disconnected. */
+ * lifecycle of the underlying event. Also connects if disconnected. */
 static krb5_error_code
 remote_add_flags(krad_remote *remote, verto_ev_flag flags)
 {
@@ -198,7 +198,7 @@ remote_add_flags(krad_remote *remote, verto_ev_flag flags)
 }
 
 /* Remove the specified flags to the remote. This automatically manages the
- * lifecyle of the underlying event. */
+ * lifecycle of the underlying event. */
 static void
 remote_del_flags(krad_remote *remote, verto_ev_flag flags)
 {
@@ -234,7 +234,7 @@ remote_shutdown(krad_remote *rr)
     }
 }
 
-/* Handle when packets receive no response within their alloted time. */
+/* Handle when packets receive no response within their allotted time. */
 static void
 on_timeout(verto_ctx *ctx, verto_ev *ev)
 {
diff --git a/src/lib/krb5/asn.1/krbasn1.h b/src/lib/krb5/asn.1/krbasn1.h
index cfc24ad..c580335 100644
--- a/src/lib/krb5/asn.1/krbasn1.h
+++ b/src/lib/krb5/asn.1/krbasn1.h
@@ -22,7 +22,7 @@
  * If KRB5_GENEROUS_LR_TYPE is defined, then we are generous about
  * accepting a one byte negative lr_type - which is not sign
  * extended. Prior to July 2000, we were sending a negative lr_type as
- * a positve single byte value - instead of a signed integer. This
+ * a positive single byte value - instead of a signed integer. This
  * allows us to receive the old value and deal
  */
 #define KRB5_GENEROUS_LR_TYPE
diff --git a/src/lib/krb5/ccache/cc_memory.c b/src/lib/krb5/ccache/cc_memory.c
index 9d13de9..610091a 100644
--- a/src/lib/krb5/ccache/cc_memory.c
+++ b/src/lib/krb5/ccache/cc_memory.c
@@ -361,7 +361,7 @@ krb5_mcc_start_seq_get(krb5_context context, krb5_ccache id,
  * cursor is a krb5_cc_cursor originally obtained from
  * krb5_mcc_start_seq_get.
  *
- * Modifes:
+ * Modifies:
  * cursor, creds
  *
  * Effects:
diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c
index 7afdfc3..4931e6c 100644
--- a/src/lib/krb5/ccache/cc_mslsa.c
+++ b/src/lib/krb5/ccache/cc_mslsa.c
@@ -1512,7 +1512,7 @@ typedef struct _krb5_lcc_cursor {
  * id
  *
  * Effects:
- * Acccess the MS Kerberos LSA cache in the current logon session
+ * Access the MS Kerberos LSA cache in the current logon session
  * Ignore the residual.
  *
  * Returns:
@@ -1737,7 +1737,7 @@ krb5_lcc_start_seq_get(krb5_context context, krb5_ccache id, krb5_cc_cursor *cur
  * cursor is a krb5_cc_cursor originally obtained from
  * krb5_lcc_start_seq_get.
  *
- * Modifes:
+ * Modifies:
  * cursor
  *
  * Effects:
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c
index 8664f70..0dc5259 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc.c
@@ -625,7 +625,7 @@ krb5_stdccv3_retrieve (krb5_context context,
 /*
  *  end seq
  *
- * just free up the storage assoicated with the cursor (if we can)
+ * just free up the storage associated with the cursor (if we can)
  */
 krb5_error_code KRB5_CALLCONV
 krb5_stdccv3_end_seq_get (krb5_context context,
@@ -1393,7 +1393,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred
 
 
 /*
- * retreive
+ * retrieve
  *
  * - try to find a matching credential in the cache
  */
@@ -1412,7 +1412,7 @@ krb5_stdcc_retrieve(context, id, whichfields, mcreds, creds)
 /*
  *  end seq
  *
- * just free up the storage assoicated with the cursor (if we could)
+ * just free up the storage associated with the cursor (if we could)
  */
 krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get
 (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor)
@@ -1515,7 +1515,7 @@ krb5_stdcc_destroy (krb5_context context, krb5_ccache id)
     free(id);
 
     /* If the cache does not exist when we tried to destroy it,
-       that's fine.  That means someone else destryoed it since
+       that's fine.  That means someone else destroyed it since
        we resolved it. */
     if (retval == KRB5_FCC_NOFILE)
         return 0;
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.h b/src/lib/krb5/ccache/ccapi/stdcc.h
index d3b6009..acb8a26 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.h
+++ b/src/lib/krb5/ccache/ccapi/stdcc.h
@@ -35,7 +35,7 @@ typedef struct _stdccCacheData {
 } stdccCacheData, *stdccCacheDataPtr;
 
 
-/* function protoypes  */
+/* function prototypes  */
 
 void krb5_stdcc_shutdown(void);
 
diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.c b/src/lib/krb5/ccache/ccapi/stdcc_util.c
index 1f2a386..c3627fe 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc_util.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc_util.c
@@ -367,7 +367,7 @@ copy_cc_cred_union_to_krb5_creds (krb5_context in_context,
 
 /*
  * copy_krb5_creds_to_cc_credentials
- * - analagous to above but in the reverse direction
+ * - analogous to above but in the reverse direction
  */
 krb5_error_code
 copy_krb5_creds_to_cc_cred_union (krb5_context in_context,
@@ -618,7 +618,7 @@ int copyCCDataArrayToK5(cc_creds *ccCreds, krb5_creds *v5Creds, char whichArray)
 
 /*
  * copyK5DataArrayToCC
- * - analagous to above, but in the other direction
+ * - analogous to above, but in the other direction
  */
 int copyK5DataArrayToCC(krb5_creds *v5Creds, cc_creds *ccCreds, char whichArray)
 {
@@ -759,7 +759,7 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest)
 
 /*
  * dupK5toCC
- * - analagous to above but in the reverse direction
+ * - analogous to above but in the reverse direction
  */
 void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 {
@@ -839,7 +839,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
   (in dupK5toCC() above) with its own memory allocation routines - which
   may be different than how the CCache allocates memory - the Kerb5 library
   must have its own version of cc_free_creds() to deallocate it.  These
-  functions do that.  The top-level function to substitue for cc_free_creds()
+  functions do that.  The top-level function to substitute for cc_free_creds()
   is krb5_free_cc_cred_union().
 
   If the CCache library wants to use a cred_union structure created by
diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.h b/src/lib/krb5/ccache/ccapi/stdcc_util.h
index 2e5eecc..6836d54 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc_util.h
+++ b/src/lib/krb5/ccache/ccapi/stdcc_util.h
@@ -20,7 +20,7 @@
 
 #include "krb5.h"
 
-/* protoypes for private functions declared in stdcc_util.c */
+/* prototypes for private functions declared in stdcc_util.c */
 #ifdef USE_CCAPI_V3
 krb5_error_code
 copy_cc_cred_union_to_krb5_creds (krb5_context in_context,
diff --git a/src/lib/krb5/ccache/t_cc.c b/src/lib/krb5/ccache/t_cc.c
index 06a1062..a7251e2 100644
--- a/src/lib/krb5/ccache/t_cc.c
+++ b/src/lib/krb5/ccache/t_cc.c
@@ -603,7 +603,7 @@ main(void)
     if (check_registered(context, "KEYRING:process:"))
         do_test(context, "KEYRING:process:");
     else
-        printf("Skiping KEYRING: test - unregistered type\n");
+        printf("Skipping KEYRING: test - unregistered type\n");
 
     do_test(context, "MEMORY:");
     do_test(context, "FILE:");
diff --git a/src/lib/krb5/ccache/t_cccol.c b/src/lib/krb5/ccache/t_cccol.c
index 444806e..741f955 100644
--- a/src/lib/krb5/ccache/t_cccol.c
+++ b/src/lib/krb5/ccache/t_cccol.c
@@ -235,7 +235,7 @@ main(int argc, char **argv)
      * resolve to the generated caches and appear in the collection.  (They
      * might appear before being initialized; that's not currently considered
      * important).  The primary cache for the collection should remain as the
-     * unitialized cache from the previous step.
+     * uninitialized cache from the previous step.
      */
     typename = krb5_cc_get_type(ctx, ccinitial);
     check(krb5_cc_new_unique(ctx, typename, NULL, &ccu1));
diff --git a/src/lib/krb5/ccache/t_cccursor.c b/src/lib/krb5/ccache/t_cccursor.c
index 4323b77..96ca3ae 100644
--- a/src/lib/krb5/ccache/t_cccursor.c
+++ b/src/lib/krb5/ccache/t_cccursor.c
@@ -27,7 +27,7 @@
 /*
  * Displays a list of caches returned by the cccol cursor.  The first argument,
  * if given, is set to the default cache name for the context before iterating.
- * Any remaining argments are resolved as caches and kept open during the
+ * Any remaining arguments are resolved as caches and kept open during the
  * iteration.  If the argument "CONTENT" is given as one of the cache names,
  * immediately exit with status 0 if the collection contains credentials and 1
  * if it does not.
diff --git a/src/lib/krb5/ccache/t_marshal.c b/src/lib/krb5/ccache/t_marshal.c
index 144554c..bd0284a 100644
--- a/src/lib/krb5/ccache/t_marshal.c
+++ b/src/lib/krb5/ccache/t_marshal.c
@@ -162,7 +162,7 @@ const struct test {
         /* Version 4 header */
         16,
         "\x05\x04\x00\x0C\x00\x01\x00\x08\x00\x00\x01\x2C\x00\x00\xD4\x31",
-        /* Verion 4 principal */
+        /* Version 4 principal */
         37,
         "\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0B\x4B\x52\x42\x54"
         "\x45\x53\x54\x2E\x43\x4F\x4D\x00\x00\x00\x0A\x74\x65\x73\x74\x63"
diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c
index 021c943..80db117 100644
--- a/src/lib/krb5/keytab/kt_file.c
+++ b/src/lib/krb5/keytab/kt_file.c
@@ -703,7 +703,7 @@ const krb5_kt_ops krb5_kt_dfl_ops = {
  * There are no separators between fields of an entry.
  * A principal is a length-encoded array of length-encoded strings.  The
  * length is a krb5_int16 in each case.  The specific format, then, is
- * multiple entries concatinated with no separators.  An entry has this
+ * multiple entries concatenated with no separators.  An entry has this
  * exact format:
  *
  * sizeof(krb5_int16) bytes for number of components in the principal;
@@ -1299,7 +1299,7 @@ krb5_ktfileint_size_entry(krb5_context context, krb5_keytab_entry *entry, krb5_i
  * Find and reserve a slot in the file for an entry of the needed size.
  * The commit point will be set to the position in the file where the
  * the length (sizeof(krb5_int32) bytes) of this node should be written
- * when commiting the write.  The file position left as a result of this
+ * when committing the write.  The file position left as a result of this
  * call is the position where the actual data should be written.
  *
  * The size_needed argument may be adjusted if we find a hole that is
diff --git a/src/lib/krb5/keytab/t_keytab.c b/src/lib/krb5/keytab/t_keytab.c
index ea4ce68..aa5153c 100644
--- a/src/lib/krb5/keytab/t_keytab.c
+++ b/src/lib/krb5/keytab/t_keytab.c
@@ -219,7 +219,7 @@ kt_test(krb5_context context, const char *name)
 
 
     kret = krb5_kt_get_entry(context, kt, princ, 0, 0, &kent);
-    CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting non-existant entry");
+    CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting nonexistent entry");
 
     krb5_free_principal(context, princ);
 
diff --git a/src/lib/krb5/krb/authdata.h b/src/lib/krb5/krb/authdata.h
index 74d663c..10cc2c3 100644
--- a/src/lib/krb5/krb/authdata.h
+++ b/src/lib/krb5/krb/authdata.h
@@ -43,7 +43,7 @@ krb5int_authdata_verify(krb5_context context,
 
 /* PAC */
 /*
- * A PAC consists of a sequence of PAC_INFO_BUFFERs, preceeded by
+ * A PAC consists of a sequence of PAC_INFO_BUFFERs, preceded by
  * a PACTYPE header. Decoding the contents of the buffers is left
  * to the application (notwithstanding signature verification).
  */
diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c
index 9dc3798..9601bb4 100644
--- a/src/lib/krb5/krb/conv_princ.c
+++ b/src/lib/krb5/krb/conv_princ.c
@@ -31,7 +31,7 @@
  * NOTE: This is highly site specific, and is only really necessary
  * for sites who need to convert from V4 to V5.  It is used by both
  * the KDC and the kdb5_convert program.  Since its use is highly
- * specialized, the necesary information is just going to be
+ * specialized, the necessary information is just going to be
  * hard-coded in this file.
  */
 
diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c
index 5e652d9..e4907da 100644
--- a/src/lib/krb5/krb/encode_kdc.c
+++ b/src/lib/krb5/krb/encode_kdc.c
@@ -79,7 +79,7 @@ krb5_encode_kdc_rep(krb5_context context, krb5_msgtype type,
      * also note that the reason why we are passing it in a structure
      * instead of as an argument to encode_krb5_enc_kdc_rep_part (the
      * way we should) is for compatibility with the ISODE version of
-     * this fuction.  Ah, compatibility....
+     * this function.  Ah, compatibility....
      */
     tmp_encpart = *encpart;
     tmp_encpart.msg_type = type;
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index cc0f70e..a1c4a53 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -439,7 +439,7 @@ sort_krb5_padata_sequence(krb5_context context, krb5_data *realm,
             /* see if we can extract a number */
             l = strtol(p, &q, 10);
             if ((q != NULL) && (q > p)) {
-                /* got a valid number; search for a matchin entry */
+                /* got a valid number; search for a matching entry */
                 for (i = base; padata[i] != NULL; i++) {
                     /* bubble the matching entry to the front of the list */
                     if (padata[i]->pa_type == l) {
diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index 54e0a8e..cdfdb48 100644
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -417,7 +417,7 @@ cleanup:
   If password is passed as NULL, the password is read from the terminal,
   and then converted into a key.
 
-  A succesful call will place the ticket in the credentials cache ccache.
+  A successful call will place the ticket in the credentials cache ccache.
 
   returns system errors, encryption errors
 */
diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c
index 342fe18..4787fa0 100644
--- a/src/lib/krb5/krb/in_tkt_sky.c
+++ b/src/lib/krb5/krb/in_tkt_sky.c
@@ -60,7 +60,7 @@ get_as_key_skey(krb5_context context, krb5_principal client,
   the system key store (e.g. /etc/krb5.keytab).  If keyblock is non-NULL, it
   is used as the decryption key.
 
-  A succesful call will place the ticket in the credentials cache ccache.
+  A successful call will place the ticket in the credentials cache ccache.
 
   returns system errors, encryption errors
 
diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c
index 720147c..d89a98a 100644
--- a/src/lib/krb5/krb/rd_cred.c
+++ b/src/lib/krb5/krb/rd_cred.c
@@ -90,7 +90,7 @@ make_cred_list(krb5_context context, krb5_cred *krbcred,
     if (list == NULL)
         goto cleanup;
 
-    /* For each credential, create a strcture in the list of credentials and
+    /* For each credential, create a structure in the list of credentials and
      * copy the information. */
     for (i = 0; i < count; i++) {
         list[i] = k5alloc(sizeof(*list[i]), &ret);
diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c
index 7b7a30c..6e5c97aa 100644
--- a/src/lib/krb5/krb/rd_safe.c
+++ b/src/lib/krb5/krb/rd_safe.c
@@ -92,7 +92,7 @@ read_krbsafe(krb5_context context, krb5_auth_context ac,
     if (ret)
         goto cleanup;
 
-    /* Verify the checkum over the re-encoded message. */
+    /* Verify the checksum over the re-encoded message. */
     ret = krb5_k_verify_checksum(context, key, KRB5_KEYUSAGE_KRB_SAFE_CKSUM,
                                  der_zerosafe, safe_cksum, &valid);
     if (!valid) {
diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c
index 570fede..f784fa3 100644
--- a/src/lib/krb5/krb/recvauth.c
+++ b/src/lib/krb5/krb/recvauth.c
@@ -144,7 +144,7 @@ recvauth_common(krb5_context context,
 
     /*
      * If there was a problem, send back a krb5_error message,
-     * preceeded by the length of the krb5_error message.  If
+     * preceded by the length of the krb5_error message.  If
      * everything's ok, send back 0 for the length.
      */
     if (problem) {
diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c
index 4074fe8..bb5ca08 100644
--- a/src/lib/krb5/krb/walk_rtree.c
+++ b/src/lib/krb5/krb/walk_rtree.c
@@ -174,7 +174,7 @@ cleanup:
 /* ANL - Modified to allow Configurable Authentication Paths.
  * This modification removes the restriction on the choice of realm
  * names, i.e. they nolonger have to be hierarchical. This
- * is allowed by RFC 1510: "If a hierarchical orginization is not used
+ * is allowed by RFC 1510: "If a hierarchical organization is not used
  * it may be necessary to consult some database in order to construct
  * an authentication path between realms."  The database is contained
  * in the [capaths] section of the krb5.conf file.
@@ -184,8 +184,8 @@ cleanup:
  * entries if the same krb5.conf is used for clients and servers)
  *
  * for example: ESnet will be running a KDC which will share
- * inter-realm keys with its many orginizations which include among
- * other ANL, NERSC and PNL. Each of these orginizations wants to
+ * inter-realm keys with its many organizations which include among
+ * other ANL, NERSC and PNL. Each of these organizations wants to
  * use its DNS name in the realm, ANL.GOV. In addition ANL wants
  * to authenticatite to HAL.COM via a K5.MOON and K5.JUPITER
  * A [capaths] section of the krb5.conf file for the ANL.GOV clients
@@ -221,9 +221,9 @@ cleanup:
  *
  * This version of the Configurable Authentication Path modification
  * differs from the previous versions prior to K5 beta 5 in that
- * the profile routines are used, and the explicite path from
- * client's realm to server's realm must be given. The modifications
- * will work together.
+ * the profile routines are used, and the explicit path from client's
+ * realm to server's realm must be given. The modifications will work
+ * together.
  * DEE - 5/23/95
  */
 
diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c
index 3aa86f4..2be266f 100644
--- a/src/lib/krb5/os/init_os_ctx.c
+++ b/src/lib/krb5/os/init_os_ctx.c
@@ -369,7 +369,7 @@ add_kdc_config_file(profile_filespec_t **pfiles)
 
 /* Set the profile paths in the context.  If secure is set to TRUE
    then do not include user paths (from environment variables, etc).
-   If kdc is TRUE, include kdc.conf from whereever we expect to find
+   If kdc is TRUE, include kdc.conf from wherever we expect to find
    it.  */
 static krb5_error_code
 os_init_paths(krb5_context ctx, krb5_boolean kdc)
diff --git a/src/lib/rpc/auth_gssapi.c b/src/lib/rpc/auth_gssapi.c
index 568ec6d..8ab7ab5 100644
--- a/src/lib/rpc/auth_gssapi.c
+++ b/src/lib/rpc/auth_gssapi.c
@@ -383,7 +383,7 @@ next_token:
 	  } else {
 	       PRINTF(("gssapi_create: processing signed isn\n"));
 
-	       /* don't check conf (integ only) or qop (accpet default) */
+	       /* don't check conf (integ only) or qop (accept default) */
 	       *gssstat = gss_unseal(minor_stat,
 				     AUTH_PRIVATE(auth)->context,
 				     &call_res.signed_isn,
diff --git a/src/lib/rpc/clnt_raw.c b/src/lib/rpc/clnt_raw.c
index 515086b..dcbb5cf 100644
--- a/src/lib/rpc/clnt_raw.c
+++ b/src/lib/rpc/clnt_raw.c
@@ -41,7 +41,7 @@ static char sccsid[] = "@(#)clnt_raw.c 1.22 87/08/11 Copyr 1984 Sun Micro";
  * Memory based rpc for simple testing and timing.
  * Interface to create an rpc client and server in the same process.
  * This lets us similate rpc and get round trip overhead, without
- * any interference from the kernal.
+ * any interference from the kernel.
  */
 
 #include <gssrpc/rpc.h>
diff --git a/src/lib/rpc/clnt_udp.c b/src/lib/rpc/clnt_udp.c
index 49b09e0..2503a38 100644
--- a/src/lib/rpc/clnt_udp.c
+++ b/src/lib/rpc/clnt_udp.c
@@ -109,7 +109,7 @@ struct cu_data {
  *     Caller may wish to set this something more useful.
  *
  * wait is the amount of time used between retransmitting a call if
- * no response has been heard;  retransmition occurs until the actual
+ * no response has been heard;  retransmission occurs until the actual
  * rpc call times out.
  *
  * sendsz and recvsz are the maximum allowable packet sizes that can be
diff --git a/src/lib/rpc/svc.c b/src/lib/rpc/svc.c
index c171ecc..cfbc7aa 100644
--- a/src/lib/rpc/svc.c
+++ b/src/lib/rpc/svc.c
@@ -74,7 +74,7 @@ static SVCXPRT *xports[NOFILE];
  * The services list
  * Each entry represents a set of procedures (an rpc program).
  * The dispatch routine takes request structs and runs the
- * apropriate procedure.
+ * appropriate procedure.
  */
 static struct svc_callout {
 	struct svc_callout *sc_next;
diff --git a/src/lib/rpc/svc_auth_gssapi.c b/src/lib/rpc/svc_auth_gssapi.c
index 4831b00..b7ffee4 100644
--- a/src/lib/rpc/svc_auth_gssapi.c
+++ b/src/lib/rpc/svc_auth_gssapi.c
@@ -373,7 +373,7 @@ enum auth_stat gssrpc__svcauth_gssapi(
 	  /*
 	   * If the client's server_creds is already set, use it.
 	   * Otherwise, try each credential in server_creds_list until
-	   * one of them succeedes, then set the client server_creds
+	   * one of them succeeds, then set the client server_creds
 	   * to that.  If all fail, the client's server_creds isn't
 	   * set (which is fine, because the client will be gc'ed
 	   * anyway).
diff --git a/src/lib/rpc/svc_raw.c b/src/lib/rpc/svc_raw.c
index dba6c29..dd453cf 100644
--- a/src/lib/rpc/svc_raw.c
+++ b/src/lib/rpc/svc_raw.c
@@ -39,7 +39,7 @@ static char sccsid[] = "@(#)svc_raw.c 1.15 87/08/11 Copyr 1984 Sun Micro";
  * svc_raw.c,   This a toy for simple testing and timing.
  * Interface to create an rpc client and server in the same UNIX process.
  * This lets us similate rpc and get rpc (round trip) overhead, without
- * any interference from the kernal.
+ * any interference from the kernel.
  */
 
 #include <gssrpc/rpc.h>
diff --git a/src/lib/rpc/svc_tcp.c b/src/lib/rpc/svc_tcp.c
index 54ce70e..56fe7b6 100644
--- a/src/lib/rpc/svc_tcp.c
+++ b/src/lib/rpc/svc_tcp.c
@@ -39,7 +39,7 @@ static char sccsid[] = "@(#)svc_tcp.c 1.21 87/08/11 Copyr 1984 Sun Micro";
  * svc_tcp.c, Server side for TCP/IP based RPC.
  *
  * Actually implements two flavors of transporter -
- * a tcp rendezvouser (a listner and connection establisher)
+ * a tcp rendezvouser (a listener and connection establisher)
  * and a record/tcp stream.
  */
 
@@ -262,7 +262,7 @@ makefd_xprt(
 	xprt->xp_verf.oa_base = cd->verf_body;
 	xprt->xp_addrlen = 0;
 	xprt->xp_laddrlen = 0;
-	xprt->xp_ops = &svctcp_op;  /* truely deals with calls */
+	xprt->xp_ops = &svctcp_op;  /* truly deals with calls */
 	xprt->xp_port = 0;  /* this is a connection, not a rendezvouser */
 	xprt->xp_sock = fd;
 	xprt_register(xprt);
@@ -344,7 +344,7 @@ svctcp_destroy(SVCXPRT *xprt)
 static struct timeval wait_per_try = { 35, 0 };
 
 /*
- * reads data from the tcp conection.
+ * reads data from the tcp connection.
  * any error is fatal and the connection is closed.
  * (And a read of zero bytes is a half closed stream => error.)
  */
diff --git a/src/lib/rpc/xdr.c b/src/lib/rpc/xdr.c
index 8c14ddc..24c3de4 100644
--- a/src/lib/rpc/xdr.c
+++ b/src/lib/rpc/xdr.c
@@ -544,7 +544,7 @@ xdr_u_int32(XDR *xdrs, uint32_t *up)
 }
 
 /*
- * XDR a descriminated union
+ * XDR a discriminated union
  * Support routine for discriminated unions.
  * You create an array of xdrdiscrim structures, terminated with
  * an entry with a null procedure pointer.  The routine gets
diff --git a/src/lib/rpc/xdr_rec.c b/src/lib/rpc/xdr_rec.c
index 28894f3..1f6a776 100644
--- a/src/lib/rpc/xdr_rec.c
+++ b/src/lib/rpc/xdr_rec.c
@@ -418,7 +418,7 @@ xdrrec_skiprecord(XDR *xdrs)
 }
 
 /*
- * Look ahead fuction.
+ * Look ahead function.
  * Returns TRUE iff there is no more input in the buffer
  * after consuming the rest of the current record.
  */
@@ -442,8 +442,8 @@ xdrrec_eof(XDR *xdrs)
 /*
  * The client must tell the package when an end-of-record has occurred.
  * The second paraemters tells whether the record should be flushed to the
- * (output) tcp stream.  (This let's the package support batched or
- * pipelined procedure calls.)  TRUE => immmediate flush to tcp connection.
+ * (output) tcp stream.  (This lets the package support batched or
+ * pipelined procedure calls.)  TRUE => immediate flush to tcp connection.
  */
 bool_t
 xdrrec_endofrecord(XDR *xdrs, bool_t sendnow)
diff --git a/src/lib/rpc/xdr_reference.c b/src/lib/rpc/xdr_reference.c
index eab7d2d..eff279d 100644
--- a/src/lib/rpc/xdr_reference.c
+++ b/src/lib/rpc/xdr_reference.c
@@ -55,7 +55,7 @@ static char sccsid[] = "@(#)xdr_reference.c 1.11 87/08/11 SMI";
  * referenced by a pointer inside the structure that is currently being
  * translated.  pp references a pointer to storage. If *pp is null
  * the  necessary storage is allocated.
- * size is the sizeof the referneced structure.
+ * size is the sizeof the referenced structure.
  * proc is the routine to handle the referenced structure.
  */
 bool_t
diff --git a/src/plugins/kdb/db2/adb_policy.c b/src/plugins/kdb/db2/adb_policy.c
index 5e046ab..9bf1931 100644
--- a/src/plugins/kdb/db2/adb_policy.c
+++ b/src/plugins/kdb/db2/adb_policy.c
@@ -310,7 +310,7 @@ error:
  *
  * Arguments:
  *      db              (input) db handle
- *      func            (input) fucntion pointer to call
+ *      func            (input) function pointer to call
  *      data            opaque data type
  *      <return value>  0 on success error code on failure
  *
diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c
index 5106a5c..1a476b5 100644
--- a/src/plugins/kdb/db2/kdb_db2.c
+++ b/src/plugins/kdb/db2/kdb_db2.c
@@ -95,7 +95,7 @@
  * time of this file is the "version number" of the database.
  * At the start of a read operation, the reader checks the version
  * number; at the end of the read operation, it checks again.  If the
- * version number changed, or if the semaphore was nonexistant at
+ * version number changed, or if the semaphore was nonexistent at
  * either time, the reader sleeps for a second to let things
  * stabilize, and then tries again; if it does not succeed after
  * KRB5_DBM_MAX_RETRY attempts, it gives up.
@@ -107,7 +107,7 @@
  *
  * If the system crashes in the middle of an update, the semaphore
  * file is not automatically created on reboot; this is a feature, not
- * a bug, since the database may be inconsistant.  Note that the
+ * a bug, since the database may be inconsistent.  Note that the
  * absence of a semaphore file does not prevent another _update_ from
  * taking place later.  Database replacements take place automatically
  * only on replica servers; a crash in the middle of an update will be
diff --git a/src/plugins/kdb/db2/kdb_xdr.c b/src/plugins/kdb/db2/kdb_xdr.c
index aae5343..054a87a 100644
--- a/src/plugins/kdb/db2/kdb_xdr.c
+++ b/src/plugins/kdb/db2/kdb_xdr.c
@@ -182,7 +182,7 @@ krb5_encode_princ_entry(krb5_context context, krb5_data *content,
     (void) memcpy(nextloc, unparse_princ, unparse_princ_size);
     nextloc += unparse_princ_size;
 
-    /* tl_data is a linked list, of type, legth, contents */
+    /* tl_data is a linked list, of type, length, contents */
     for (tl_data = entry->tl_data; tl_data; tl_data = tl_data->tl_data_next) {
         krb5_kdb_encode_int16(tl_data->tl_data_type, nextloc);
         nextloc += 2;
@@ -399,7 +399,8 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content,
         krb5_kdb_decode_int16(nextloc, key_data->key_data_kvno);
         nextloc += 2;
 
-        /* key_data_ver determins number of elements and how to unparse them. */
+        /* key_data_ver determines number of elements and how to unparse
+         * them. */
         if (key_data->key_data_ver >= 0 &&
             key_data->key_data_ver <= KRB5_KDB_V1_KEY_DATA_ARRAY) {
             for (j = 0; j < key_data->key_data_ver; j++) {
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
index 9402813..52375a2 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
@@ -163,7 +163,7 @@ list_modify_str_array(char ***destlist, const char **sourcelist, int mode)
     /* We need to add every entry present in the source list to
      * the destination list */
     if (mode == LIST_MODE_ADD) {
-        /* Traverse throught the end of destlist for appending */
+        /* Traverse through the end of destlist for appending */
         for (dlist = *destlist, dcount = 0; *dlist != NULL;
              dlist++, dcount++) {
             ;   /* NULL statement */
@@ -227,7 +227,7 @@ list_modify_int_array(int *destlist, const int *sourcelist, int mode)
     /* We need to add every entry present in the source list to the
      * destination list */
     if (mode == LIST_MODE_ADD) {
-        /* Traverse throught the end of destlist for appending */
+        /* Traverse through the end of destlist for appending */
         for (dlist = destlist, dcount = 0; *dlist != END_OF_LIST;
              dlist++, dcount++)
             ;   /* NULL statement */
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_policy.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_policy.c
index 02cb059..c642e17 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_policy.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_policy.c
@@ -432,7 +432,7 @@ kdb5_ldap_modify_policy(int argc, char *argv[])
     int i = 0;
 
     /* Check for number of arguments -- minimum is 3
-       since atleast one parameter should be given in
+       since at least one parameter should be given in
        addition to 'modify_policy' and policy DN */
     if ((argc < 3) || (argc > 16)) {
         goto err_usage;
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
index b92cb58..e87688d 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c
@@ -284,7 +284,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv)
             goto cleanup;
         }
 
-        /* TODO: file lock for the service passowrd file */
+        /* TODO: file lock for the service password file */
 
         fclose(pfile);
         fclose(newfile);
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c
index d233106..0b56ba8 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.c
@@ -432,7 +432,7 @@ main(int argc, char *argv[])
                                          &global_params, &global_params);
         if (retval) {
             com_err(progname, retval,
-                    _("while retreiving configuration parameters"));
+                    _("while retrieving configuration parameters"));
             exit_status++;
             goto cleanup;
         }
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_handle.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_handle.c
index 2f5d3d9..49d684e 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_handle.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_handle.c
@@ -57,7 +57,7 @@ krb5_get_ldap_handle(krb5_ldap_context *ldap_context)
 }
 
 /*
- * This is called incase krb5_get_ldap_handle returns NULL.
+ * This is called in case krb5_get_ldap_handle returns NULL.
  * Try getting a single connection (handle) and return the same by
  * calling krb5_get_ldap_handle function.
  * Do not lock the mutex here. The caller should lock it
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_krbcontainer.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_krbcontainer.c
index 7668ee5..a810e63 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_krbcontainer.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_krbcontainer.c
@@ -48,7 +48,7 @@ krb5_ldap_read_krbcontainer_dn(krb5_context context, char **container_dn)
     *container_dn = NULL;
     SETUP_CONTEXT();
 
-    /* read kerberos containter location from [dbmodules] section of krb5.conf file */
+    /* read kerberos container location from [dbmodules] section of krb5.conf file */
     if (ldap_context->conf_section) {
         if ((st=profile_get_string(context->profile, KDB_MODULE_SECTION, ldap_context->conf_section,
                                    KRB5_CONF_LDAP_KERBEROS_CONTAINER_DN, NULL,
@@ -59,7 +59,7 @@ krb5_ldap_read_krbcontainer_dn(krb5_context context, char **container_dn)
         }
     }
 
-    /* read kerberos containter location from [dbdefaults] section of krb5.conf file */
+    /* read kerberos container location from [dbdefaults] section of krb5.conf file */
     if (dn == NULL) {
         if ((st=profile_get_string(context->profile, KDB_MODULE_DEF_SECTION,
                                    KRB5_CONF_LDAP_KERBEROS_CONTAINER_DN, NULL,
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
index a5180c7..ce28bf6 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
@@ -291,7 +291,7 @@ krb5_ldap_delete_principal(krb5_context context,
              * From the attrsetmask value, identify the attributes set on the directory user
              * object and delete them.
              * NOTE: krbsecretkey attribute has per principal entries. There can be chances that the
-             * other principals' keys are exisiting/left-over. So delete all the values.
+             * other principals' keys are existing/left-over. So delete all the values.
              */
             while (attrsetmask) {
                 if (attrsetmask & 1) {
@@ -565,7 +565,7 @@ cleanup:
 /*
  * Function: krb5_ldap_unparse_principal_name
  *
- * Purpose: Removes '\\' that comes before every occurence of '@'
+ * Purpose: Removes '\\' that comes before every occurrence of '@'
  *          in the principal name component.
  *
  * Arguments:
@@ -593,7 +593,7 @@ krb5_ldap_unparse_principal_name(char *user_name)
 /*
  * Function: krb5_ldap_parse_principal_name
  *
- * Purpose: Inserts '\\' before every occurence of '@'
+ * Purpose: Inserts '\\' before every occurrence of '@'
  *          in the principal name component.
  *
  * Arguments:
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
index f6d00be..3daf524 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
@@ -444,7 +444,7 @@ krb5_ldap_modify_realm(krb5_context context, krb5_ldap_realm_params *rparams,
     }
 
 
-    /* Realm modify opearation */
+    /* Realm modify operation */
     if (mods != NULL) {
         if ((st=ldap_modify_ext_s(ld, rparams->realmdn, mods, NULL, NULL)) != LDAP_SUCCESS) {
             st = set_ldap_error (context, st, OP_MOD);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
index 4193b4a..4f48fd6 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
@@ -286,7 +286,7 @@ cleanup:
  * check the existence of the object.  This serves one major purpose,
  * i.e., if the object to be is anything other than the ticket policy
  * object then the krb5_ldap_read_policy returns an error and thus is
- * not accidently deleted in this function.
+ * not accidentally deleted in this function.
  *
  * NOTE: Other kerberos objects (user/realm object) might be having
  * references to the policy object to be deleted. This situation is
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index 4d47f73..2817cc2 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -758,7 +758,7 @@ pkinit_as_rep_parse(krb5_context context,
 
         break;
     default:
-        pkiDebug("unknow as_rep type %d\n", kdc_reply->choice);
+        pkiDebug("unknown as_rep type %d\n", kdc_reply->choice);
         goto cleanup;
     }
 
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h
index 8064a07..77d5c61 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto.h
+++ b/src/plugins/preauth/pkinit/pkinit_crypto.h
@@ -356,7 +356,7 @@ krb5_error_code server_check_dh
 	krb5_data *dh_params,				/* IN
 		    ???? */
 	int minbits);					/* IN
-		    the mininum number of key bits acceptable */
+		    the minimum number of key bits acceptable */
 
 /*
  * this function completes the KDC's DH protocol. The KDC generates
diff --git a/src/plugins/preauth/pkinit/pkinit_matching.c b/src/plugins/preauth/pkinit/pkinit_matching.c
index afcce3f..b042c74 100644
--- a/src/plugins/preauth/pkinit/pkinit_matching.c
+++ b/src/plugins/preauth/pkinit/pkinit_matching.c
@@ -296,7 +296,7 @@ parse_rule_component(krb5_context context,
     rc->kwval_type = kwval_type;
 
     /*
-     * Before procesing the value for this keyword,
+     * Before processing the value for this keyword,
      * (compiling the regular expression or processing the list)
      * we need to find the end of it.  That means parsing for the
      * beginning of the next keyword (or the end of the rule).
diff --git a/src/plugins/preauth/securid_sam2/securid2.c b/src/plugins/preauth/securid_sam2/securid2.c
index 363e17a..ef7a8bf 100644
--- a/src/plugins/preauth/securid_sam2/securid2.c
+++ b/src/plugins/preauth/securid_sam2/securid2.c
@@ -77,7 +77,7 @@ static char PIN_message[64];            /* Max length should be 50 chars */
  *   returns: 0 on success
  *            KRB5 error codes otherwise
  *
- *   builds pricipal name with final instance of "SECURID" and
+ *   builds principal name with final instance of "SECURID" and
  *   finds the database entry, decrypts the key out of the database
  *   and passes the key back to the calling process
  */
@@ -436,7 +436,7 @@ verify_securid_data_2(krb5_context context, krb5_db_entry *client,
                 (memcmp(passcode, trackp->passcode, pin1_len) != 0)) {
                 retval = KRB5KDC_ERR_PREAUTH_FAILED;
                 krb5_klog_syslog(LOG_INFO, "New SecurID PIN Failed for user "
-                                 "%s: PIN mis-match", user);
+                                 "%s: PIN mismatch", user);
                 break;
             }
             retval = SD_Pin(trackp->handle, passcode);
diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp
index b047ef1..f5536c6 100644
--- a/src/tests/dejagnu/config/default.exp
+++ b/src/tests/dejagnu/config/default.exp
@@ -1764,7 +1764,7 @@ proc kinit { name pass standalone } {
     # Use kinit to get a ticket.
 	#
 	# For now always get forwardable tickets. Later when we need to make
-	# tests that distiguish between forwardable tickets and otherwise
+	# tests that distinguish between forwardable tickets and otherwise
 	# we should but another option to this proc. --proven
 	#
     spawn $KINIT -5 -f $name@$REALMNAME
@@ -1899,7 +1899,7 @@ proc kinit_kt { name keytab standalone testname } {
     # Use kinit to get a ticket.
 	#
 	# For now always get forwardable tickets. Later when we need to make
-	# tests that distiguish between forwardable tickets and otherwise
+	# tests that distinguish between forwardable tickets and otherwise
 	# we should but another option to this proc. --proven
 	#
     spawn $KINIT -5 -f -k -t $keytab $name@$REALMNAME
diff --git a/src/tests/dejagnu/krb-standalone/pwchange.exp b/src/tests/dejagnu/krb-standalone/pwchange.exp
index 9792401..010e834 100644
--- a/src/tests/dejagnu/krb-standalone/pwchange.exp
+++ b/src/tests/dejagnu/krb-standalone/pwchange.exp
@@ -13,7 +13,7 @@ proc kinit_expecting_pwchange { name pass newpass } {
     # Use kinit to get a ticket.
 	#
 	# For now always get forwardable tickets. Later when we need to make
-	# tests that distiguish between forwardable tickets and otherwise
+	# tests that distinguish between forwardable tickets and otherwise
 	# we should but another option to this proc. --proven
 	#
     spawn $KINIT -5 -f $name@$REALMNAME
diff --git a/src/tests/dejagnu/krb-standalone/standalone.exp b/src/tests/dejagnu/krb-standalone/standalone.exp
index d284297..d67691e 100644
--- a/src/tests/dejagnu/krb-standalone/standalone.exp
+++ b/src/tests/dejagnu/krb-standalone/standalone.exp
@@ -82,7 +82,7 @@ proc kinit_wrong_pw { name badpass } {
     # Use kinit to get a ticket.
 	#
 	# For now always get forwardable tickets. Later when we need to make
-	# tests that distiguish between forwardable tickets and otherwise
+	# tests that distinguish between forwardable tickets and otherwise
 	# we should but another option to this proc. --proven
 	#
     spawn $KINIT -5 -f $name@$REALMNAME
diff --git a/src/tests/gss-threads/gss-client.c b/src/tests/gss-threads/gss-client.c
index 3878e09..c0cf25d 100644
--- a/src/tests/gss-threads/gss-client.c
+++ b/src/tests/gss-threads/gss-client.c
@@ -125,7 +125,7 @@ get_server_info(char *host, u_short port)
  *      host            (r) the target host name
  *      port            (r) the target port, in host byte order
  *
- * Returns: the established socket file desciptor, or -1 on failure
+ * Returns: the established socket file descriptor, or -1 on failure
  *
  * Effects:
  *
diff --git a/src/tests/gss-threads/gss-misc.c b/src/tests/gss-threads/gss-misc.c
index 5c738d3..3d7d67a 100644
--- a/src/tests/gss-threads/gss-misc.c
+++ b/src/tests/gss-threads/gss-misc.c
@@ -330,7 +330,7 @@ display_status_1(char *m, OM_uint32 code, int type)
  * Effects:
  *
  * The GSS-API messages associated with maj_stat and min_stat are
- * displayed on stderr, each preceeded by "GSS-API error <msg>: " and
+ * displayed on stderr, each preceded by "GSS-API error <msg>: " and
  * followed by a newline.
  */
 void
@@ -343,7 +343,7 @@ display_status(char *msg, OM_uint32 maj_stat, OM_uint32 min_stat)
 /*
  * Function: display_ctx_flags
  *
- * Purpose: displays the flags returned by context initation in
+ * Purpose: displays the flags returned by context initiation in
  *          a human-readable form
  *
  * Arguments:
diff --git a/src/tests/gss-threads/gss-server.c b/src/tests/gss-threads/gss-server.c
index 9bae196..42136a8 100644
--- a/src/tests/gss-threads/gss-server.c
+++ b/src/tests/gss-threads/gss-server.c
@@ -105,7 +105,7 @@ int verbose = 0;
  * Effects:
  *
  * The service name is imported with gss_import_name, and service
- * credentials are acquired with gss_acquire_cred.  If either opertion
+ * credentials are acquired with gss_acquire_cred.  If either operation
  * fails, an error message is displayed and -1 is returned; otherwise,
  * 0 is returned.
  */
diff --git a/src/tests/gssapi/t_authind.py b/src/tests/gssapi/t_authind.py
index af1741a..e9f129d 100644
--- a/src/tests/gssapi/t_authind.py
+++ b/src/tests/gssapi/t_authind.py
@@ -28,7 +28,7 @@ realm.run(['./t_srcattrs', 'p:service/2'], expected_code=1, expected_msg=msg)
 
 realm.kinit(realm.user_princ, password('user'), ['-X', 'indicators=one two'])
 out = realm.run(['./t_srcattrs', 'p:service/2'])
-# Hexademical "one" and "two"
+# Hexadecimal "one" and "two"
 if '6f6e65' not in out or '74776f' not in out:
     fail('Expected auth indicator not seen in name attributes')
 
diff --git a/src/tests/gssapi/t_inq_ctx.c b/src/tests/gssapi/t_inq_ctx.c
index ac427a4..c59ca38 100644
--- a/src/tests/gssapi/t_inq_ctx.c
+++ b/src/tests/gssapi/t_inq_ctx.c
@@ -32,7 +32,7 @@
 
 
 /*
- * Test program for inquiring about a security context, intented to be run from
+ * Test program for inquiring about a security context, intended to be run from
  * a Python test script.  Partially establishes a context to test inquiring
  * about an incomplete context, and then establishes full contexts and inquires
  * them.  Exits with status 0 if all operations are successful, or 1 if not.
diff --git a/src/tests/hist.c b/src/tests/hist.c
index 3d9e29e..6bab968 100644
--- a/src/tests/hist.c
+++ b/src/tests/hist.c
@@ -37,7 +37,7 @@
  * (since krb5 1.3 we ordinarily ensure that there's only one).  With the
  * "swap" argument, the two history keys are swapped in order; we use this
  * operation to simulate the case where krb5 1.7 or earlier chose something
- * other than the first history key to create pasword history entries.
+ * other than the first history key to create password history entries.
  */
 
 #include <k5-int.h>
diff --git a/src/tests/jsonwalker.py b/src/tests/jsonwalker.py
index 1880363..0dbdadd 100644
--- a/src/tests/jsonwalker.py
+++ b/src/tests/jsonwalker.py
@@ -25,7 +25,7 @@ class Parser(object):
 
     def flatten(self, defaults):
         """
-        Flattens pathes to attributes.
+        Flattens paths to attributes.
 
         Parameters
         ----------
diff --git a/src/tests/misc/test_chpw_message.c b/src/tests/misc/test_chpw_message.c
index ba6fa18..c6fdaa1 100644
--- a/src/tests/misc/test_chpw_message.c
+++ b/src/tests/misc/test_chpw_message.c
@@ -55,7 +55,7 @@ static krb5_data result_ad_complex = {
 static krb5_data result_ad_length = {
     0, 30,
     "\0\0"             /* zero bytes */
-    "\0\0\0\x0d"       /* min length, 13 charaters */
+    "\0\0\0\x0d"       /* min length, 13 characters */
     "\0\0\0\0"         /* history */
     "\0\0\0\0"         /* properties */
     "\0\0\0\0\0\0\0\0" /* expire */
diff --git a/src/tests/t_hostrealm.py b/src/tests/t_hostrealm.py
index 7cec3b8..40b0e1e 100755
--- a/src/tests/t_hostrealm.py
+++ b/src/tests/t_hostrealm.py
@@ -40,7 +40,7 @@ def testd_error(realm, expected_error, msg, env=None):
 ###
 
 # The test2 module returns a fatal error on hosts beginning with 'z',
-# and an answer on hosts begining with 'a'.
+# and an answer on hosts beginning with 'a'.
 mark('test2 module')
 testh_error(realm, 'zoo', 'service not available', 'host_realm test2 z')
 testh(realm, 'abacus', ['a'], 'host_realm test2 a')
diff --git a/src/tests/t_localauth.py b/src/tests/t_localauth.py
index 33390c4..75b53a5 100755
--- a/src/tests/t_localauth.py
+++ b/src/tests/t_localauth.py
@@ -132,7 +132,7 @@ conf = {'plugins': {'localauth': { 'module': [
 mod = realm.special_env('mod', False, conf)
 
 # test1's untyped an2ln method should come before the names method, mapping
-# test/a/b at X to its realm name (superceding auth_to_local_names).
+# test/a/b at X to its realm name (superseding auth_to_local_names).
 test_an2ln(mod, 'test/a/b at X', 'X', 'mod untyped an2ln')
 
 # Match the auth_to_local values in order.  test2's TYPEA should map
diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py
index 99273c9..41831fa 100755
--- a/src/tests/t_mkey.py
+++ b/src/tests/t_mkey.py
@@ -46,7 +46,7 @@ def check_mkey_list(*expected):
 
 
 # Get the K/M principal.  Verify that it has the expected mkvno.  Each
-# remaining argment must be a sequence of two elements: an expected
+# remaining argument must be a sequence of two elements: an expected
 # key version and an expected enctype.
 keyline_re = re.compile(r'^Key: vno (\d+), (\S+)$')
 def check_master_dbent(expected_mkvno, *expected_keys):
diff --git a/src/tests/t_sn2princ.py b/src/tests/t_sn2princ.py
index 26dcb91..f1b21c5 100755
--- a/src/tests/t_sn2princ.py
+++ b/src/tests/t_sn2princ.py
@@ -102,7 +102,7 @@ realm.addprinc(oprinc)
 # oprinc now exists, but we still get the fprinc ticket from the cache.
 realm.run(['./gcred', 'srv-hst', oprinc], env=fallback_canon,
           expected_msg=fprinc)
-# Without the cached result, we sould get oprinc in preference to fprinc.
+# Without the cached result, we should get oprinc in preference to fprinc.
 os.rename(realm.ccache + '.save', realm.ccache)
 realm.run(['./gcred', 'srv-hst', oprinc], env=fallback_canon,
           expected_msg=oprinc)
diff --git a/src/util/et/com_err.texinfo b/src/util/et/com_err.texinfo
index 918f152..145aadf 100644
--- a/src/util/et/com_err.texinfo
+++ b/src/util/et/com_err.texinfo
@@ -396,7 +396,7 @@ any event, any invariant which the library assumes must be maintained.
 In general, it is not in the domain of non user-interface library
 routines to write error messages to the user's terminal, or halt the
 process.  Such forms of ``error handling'' should be reserved for
-failures of internal invariants and consistancy checks only, as it
+failures of internal invariants and consistency checks only, as it
 provides the user of the library no way to clean up for himself in the
 event of total failure.
 
diff --git a/src/util/profile/prof_err.et b/src/util/profile/prof_err.et
index d5850d0..2898d6b 100644
--- a/src/util/profile/prof_err.et
+++ b/src/util/profile/prof_err.et
@@ -13,9 +13,9 @@ error_code	PROF_ADD_NOT_SECTION,
 error_code	PROF_SECTION_WITH_VALUE, 
 	"A profile section header has a non-zero value"
 error_code	PROF_BAD_LINK_LIST, 	"Bad linked list in profile structures"
-error_code	PROF_BAD_GROUP_LVL, 	"Bad group level in profile strctures"
+error_code	PROF_BAD_GROUP_LVL, 	"Bad group level in profile structures"
 error_code	PROF_BAD_PARENT_PTR, 	
-	"Bad parent pointer in profile strctures"
+	"Bad parent pointer in profile structures"
 error_code	PROF_MAGIC_ITERATOR,	"Bad magic value in profile iterator"
 error_code	PROF_SET_SECTION_VALUE,	"Can't set value on section node"
 error_code	PROF_EINVAL,		"Invalid argument passed to profile library"
diff --git a/src/util/profile/prof_tree.c b/src/util/profile/prof_tree.c
index 38aadc4..b3c15ca 100644
--- a/src/util/profile/prof_tree.c
+++ b/src/util/profile/prof_tree.c
@@ -113,7 +113,7 @@ errcode_t profile_create_node(const char *name, const char *value,
 }
 
 /*
- * This function verifies that all of the representation invarients of
+ * This function verifies that all of the representation invariants of
  * the profile are true.  If not, we have a programming bug somewhere,
  * probably in this file.
  */
@@ -236,7 +236,7 @@ const char *profile_get_node_value(struct profile_node *node)
 
 /*
  * Iterate through the section, returning the nodes which match
- * the given name.  If name is NULL, then interate through all the
+ * the given name.  If name is NULL, then iterate through all the
  * nodes in the section.  If section_flag is non-zero, only return the
  * section which matches the name; don't return relations.  If value
  * is non-NULL, then only return relations which match the requested
@@ -313,7 +313,7 @@ errcode_t profile_find_node(struct profile_node *section, const char *name,
 
 /*
  * Iterate through the section, returning the relations which match
- * the given name.  If name is NULL, then interate through all the
+ * the given name.  If name is NULL, then iterate through all the
  * relations in the section.  The first time this routine is called,
  * the state pointer must be null.  When this profile_find_node_relation()
  * returns, if the state pointer is non-NULL, then this routine should
@@ -346,7 +346,7 @@ errcode_t profile_find_node_relation(struct profile_node *section,
 
 /*
  * Iterate through the section, returning the subsections which match
- * the given name.  If name is NULL, then interate through all the
+ * the given name.  If name is NULL, then iterate through all the
  * subsections in the section.  The first time this routine is called,
  * the state pointer must be null.  When this profile_find_node_subsection()
  * returns, if the state pointer is non-NULL, then this routine should
diff --git a/src/windows/installer/wix/config.wxi b/src/windows/installer/wix/config.wxi
index 5e6267d..f7ee93d 100644
--- a/src/windows/installer/wix/config.wxi
+++ b/src/windows/installer/wix/config.wxi
@@ -26,7 +26,7 @@
   -->
 <Include xmlns="http://schemas.microsoft.com/wix/2003/01/wi">
 
-    <!-- include site sepecific customizations -->
+    <!-- include site-specific customizations -->
     <?include site-local.wxi?>
     
     <!-- Sanity checks -->
diff --git a/src/windows/installer/wix/msi-deployment-guide.txt b/src/windows/installer/wix/msi-deployment-guide.txt
index ab317af..fd376a6 100644
--- a/src/windows/installer/wix/msi-deployment-guide.txt
+++ b/src/windows/installer/wix/msi-deployment-guide.txt
@@ -822,12 +822,12 @@ Kerberos for Windows
     1) "Kerberos for Windows" 32-bit i386 MSI package
 
        Upgrade code {61211594-AAA1-4A98-A299-757326763CC7}
-       Upto current release
+       Up to current release
 
     2) "Kerberos for Windows" 64-bit amd64 MSI package
 
        Upgrade code {6DA9CD86-6028-4852-8C94-452CAC229244}
-       Upto current release
+       Up to current release
 
     2) "MIT Project Pismere Kerberos for Windows" MSI package and 
        "MIT SWRT Kerberos for Windows" MSI
diff --git a/src/windows/leash/Leash.cpp b/src/windows/leash/Leash.cpp
index f338e72..a9bb8ea 100644
--- a/src/windows/leash/Leash.cpp
+++ b/src/windows/leash/Leash.cpp
@@ -506,7 +506,7 @@ FUNC_INFO leash_fi[] = {
     END_FUNC_INFO
 };
 
-// com_err funcitons
+// com_err functions
 DECL_FUNC_PTR(error_message);
 FUNC_INFO ce_fi[] =  {
     MAKE_FUNC_INFO(error_message),
@@ -1237,7 +1237,7 @@ CLeashApp::IpAddrChangeMonitor(void * hWnd)
 
         NumOfAddrs = GetNumOfIpAddrs();
         if ( NumOfAddrs != prevNumOfAddrs ) {
-            // wait for the network state to stablize
+            // wait for the network state to stabilize
             Sleep(2000);
             // this call should probably be mutex protected
             ObtainTicketsViaUserIfNeeded((HWND)hWnd);
diff --git a/src/windows/leash/LeashUIApplication.cpp b/src/windows/leash/LeashUIApplication.cpp
index c470169..e9f539b 100644
--- a/src/windows/leash/LeashUIApplication.cpp
+++ b/src/windows/leash/LeashUIApplication.cpp
@@ -278,7 +278,7 @@ LeashUIApplication::OnCreateUICommand(UINT32 commandId, UI_COMMANDTYPE typeID,
 
 // It looks like this is called by the framework when the window with the
 // ribbon is going away, to give the application a chance to free any
-// application-specific resources (not from the framwork) that were bound
+// application-specific resources (not from the framework) that were bound
 // to a command in OnCreateUICommand.
 //
 // We do not have any such resources, so we do not need to implement this
diff --git a/src/windows/leash/LeashUICommandHandler.cpp b/src/windows/leash/LeashUICommandHandler.cpp
index 762f957..d583914 100644
--- a/src/windows/leash/LeashUICommandHandler.cpp
+++ b/src/windows/leash/LeashUICommandHandler.cpp
@@ -104,7 +104,7 @@ LeashUICommandHandler::QueryInterface(REFIID iid, void **ppv)
 // ribbon.)  Just proxy these commands through to the existing MFC
 // handlers by sendding the appropriate message to the main window.
 // Action only needs to be taken on the EXECUTE verb, so we can
-// ignore the additional properties surrouding the action, which would
+// ignore the additional properties surrounding the action, which would
 // be relevant for other verbs.
 //
 // The commandIds are taken from the XML ribbon description.
diff --git a/src/windows/leash/LeashView.cpp b/src/windows/leash/LeashView.cpp
index a2d005b..9fc1292 100644
--- a/src/windows/leash/LeashView.cpp
+++ b/src/windows/leash/LeashView.cpp
@@ -1506,7 +1506,7 @@ VOID CLeashView::OnDebugMode()
     }
 
 
-    // Check all possible 'KRB' system varables, then reset (delete) debug file
+    // Check all possible 'KRB' system variables, then delete debug file
     CHAR*  Env[] = {"TEMP", "TMP", "HOME", NULL};
     CHAR** pEnv = Env;
     CHAR debugFilePath[MAX_PATH];
@@ -2168,7 +2168,7 @@ BOOL CLeashView::PreTranslateMessage(MSG* pMsg)
 
                 if (CMainFrame::m_isMinimum)
                 {
-                    // minimized dispay
+                    // minimized display
                     ticketStatusKrb5.Format("Kerb-5: %02d:%02d Left",
                                              (m_ticketTimeLeft / 60L / 60L),
                                              (m_ticketTimeLeft / 60L % 60L));
diff --git a/src/windows/leash/MainFrm.cpp b/src/windows/leash/MainFrm.cpp
index 843f2ce..29796b3 100644
--- a/src/windows/leash/MainFrm.cpp
+++ b/src/windows/leash/MainFrm.cpp
@@ -175,7 +175,7 @@ int CMainFrame::OnCreate(LPCREATESTRUCT lpCreateStruct)
 #endif
 
 
-	// TODO: Remove this if you don't want tool tips or a resizeable toolbar
+	// TODO: Remove this if you don't want tool tips or a resizable toolbar
 	//m_wndToolBar.SetPaneStyle(m_wndToolBar.GetPaneStyle() |
 	//	                     CBRS_TOOLTIPS | CBRS_FLYBY | CBRS_SIZE_DYNAMIC);
 
diff --git a/src/windows/leashdll/leash-int.h b/src/windows/leashdll/leash-int.h
index bf6f6a0..d914f7d 100644
--- a/src/windows/leashdll/leash-int.h
+++ b/src/windows/leashdll/leash-int.h
@@ -241,7 +241,7 @@ cc_free_NC_info,
 
 /* The following definitions are summarized from KRB5, Leash32, and
  * Leashw32 modules.  They are current as of KfW 2.6.2.  There is no
- * guarrantee that changes to other modules will be updated in this list.
+ * guarantee that changes to other modules will be updated in this list.
  */
 
 /* Must match the values used in Leash32.exe */
diff --git a/src/windows/leashdll/lsh_pwd.c b/src/windows/leashdll/lsh_pwd.c
index c02b39a..f944811 100644
--- a/src/windows/leashdll/lsh_pwd.c
+++ b/src/windows/leashdll/lsh_pwd.c
@@ -431,7 +431,7 @@ int Leash_changepwd_dlg_ex(HWND hParent, LPLSH_DLGINFO_EX lpdlginfo)
 
 
 /*  These little utils are taken from lshutil.c
-    they are added here for the Call back funtion.
+    they are added here for the Call back function.
 ****** beginning of added utils from lshutil.c  ******/
 
 BOOL IsDlgItem(HWND hWnd, WORD id)
diff --git a/src/windows/leashdll/lshutil.cpp b/src/windows/leashdll/lshutil.cpp
index a90e7e9..867f605 100644
--- a/src/windows/leashdll/lshutil.cpp
+++ b/src/windows/leashdll/lshutil.cpp
@@ -1,6 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c - <<< One-line description of file >>> */
-/* leashdll/lshutil.cpp - text maniuplation for principal entry */
+/* leashdll/lshutil.cpp - text manipulation for principal entry */
 /*
  * Copyright (C) 2012 by the Massachusetts Institute of Technology.
  * All rights reserved.
diff --git a/src/windows/leashdll/timesync.c b/src/windows/leashdll/timesync.c
index b6b4481..84765e9 100644
--- a/src/windows/leashdll/timesync.c
+++ b/src/windows/leashdll/timesync.c
@@ -189,7 +189,7 @@ LONG Leash_timesync(int MessageP)
     {
         if (rc && !*tmpstr)
         {
-            strcpy(tmpstr, "Unable to syncronize time!\n\n");
+            strcpy(tmpstr, "Unable to synchronize time!\n\n");
             if (*hostname)
             {
                 char                tmpstr1[2048];
@@ -283,7 +283,7 @@ int ProcessTimeSync(char *hostname, int Port, char *tmpstr)
         return(LSH_SETTIMEOFDAY);
     }
 
-    sprintf(tmpstr, "The time has been syncronized with the server:   %s\n\n", hostname);
+    sprintf(tmpstr, "The time has been synchronized with the server:   %s\n\n", hostname);
     strcat(tmpstr, "To be able to use the Kerberos server, it was necessary to \nset the system time to:  ") ;
     strcat(tmpstr, ctime((time_t *)&hosttime));
     strcat(tmpstr, "\n");
diff --git a/src/windows/lib/loadfuncs.c b/src/windows/lib/loadfuncs.c
index 44ec54d..a577d3b 100644
--- a/src/windows/lib/loadfuncs.c
+++ b/src/windows/lib/loadfuncs.c
@@ -27,7 +27,7 @@ UnloadFuncs(
 // LoadFuncs:
 //
 // This function try to load the functions for a DLL.  It returns 0 on failure
-// and non-zero on success.  The parameters are descibed below.
+// and non-zero on success.  The parameters are described below.
 //
 
 int


More information about the cvs-krb5 mailing list