typos in api documentation

[A. P. Garcia]

I caught some typos while reading the api documentation (library.ps).
Here's a diff...


diff --git a/doc/api/free.tex b/doc/api/free.tex
index 02733b7..e93c83a 100644
--- a/doc/api/free.tex
+++ b/doc/api/free.tex
@@ -15,7 +15,7 @@ Frees the pointer \funcarg{ptr}. This is a wrapper macro
to
 \end{funcdecl}

 Frees the data structure \funcparam{val}, including the pointer
-\funcparam{val} which has been allocate by any of numerous routines.
+\funcparam{val} which has been allocated by any of numerous routines.


 \begin{funcdecl}{krb5_free_princial}{void}{\funcinout}
diff --git a/doc/api/keytab.tex b/doc/api/keytab.tex
index 63e27e5..39b70a7 100644
--- a/doc/api/keytab.tex
+++ b/doc/api/keytab.tex
@@ -1,7 +1,7 @@
 The key table functions deal with storing and retrieving service keys
 for use by unattended services which participate in authentication
exchanges.

-Keytab routines are all be atomic.  Every routine that acquires
+Keytab routines are all atomic.  Every routine that acquires
 a non-sharable resource releases it before it returns.

 All keytab types support multiple concurrent sequential scans.
@@ -121,7 +121,7 @@ If this routine is not available, then KRB5_KT_NOWRITE
is returned.

 \funcarg{name} is filled in with the first \funcparam{namesize} bytes of
 the name of the keytab identified by \funcname{id}.
-If the name is shorter than \funcparam{namesize}, then \funcarg{name}
+If the name is shorter than \funcparam{namesize}, then \funcparam{name}
 will be null-terminated.

 \begin{funcdecl}{krb5_kt_close}{krb5_error_code}{\funcinout}
diff --git a/doc/api/krb5.tex b/doc/api/krb5.tex
index 3e347a4..f757bc1 100644
--- a/doc/api/krb5.tex
+++ b/doc/api/krb5.tex
@@ -55,7 +55,7 @@ Returns {\sc enomem}.

 While the \datatype{krb5_context} represents a per-process or per-thread
 context, the \datatype{krb5_auth_context} represents a per-connection
-context are are used by the various functions involved directly in
+context used by the various functions involved directly in
 client/server authentication.  Some of the data stored in this context
 include keyblocks, addresses, sequence numbers, authenticators, checksum
 type, and replay cache pointer.
@@ -97,7 +97,7 @@ Frees the auth_context \funcparam{auth_context} returned
by
 \funcarg{krb5_int32}{flags}
 \end{funcdecl}

-Sets the flags of \funcparam{auth_context} to funcparam{flags}. Valid
+Sets the flags of \funcparam{auth_context} to \funcparam{flags}. Valid
 flags are:

 \begin{tabular}{ll}
@@ -303,7 +303,7 @@ participates in a network communication. The following
functions allow
 one to create, modify and access portions of the
 \datatype{krb5_principal}.

-Other functions found in orther portions of the manual include
+Other functions found in other portions of the manual include
 \funcname{krb5_sname_to_principal}, \funcname{krb5_free_principal},

 While it is possible to directly access the data structure in the
@@ -399,7 +399,7 @@ A macro which returns the realm of
\funcparam{principal}.
 \funcparam{krb5_data *}{realm}
 \end{funcdecl}

-A macro which returns sets the realm of \funcparam{principal} to
+A macro which sets the realm of \funcparam{principal} to
 \funcparam{realm}.

 \begin{funcdecl}{krb5_princ_set_realm_data}{void}{\funcinout}
@@ -410,7 +410,7 @@ A macro which returns sets the realm of
\funcparam{principal} to

 \internalfunc

-A macro which returns sets the data portion of the realm of
+A macro which sets the data portion of the realm of
 \funcparam{principal} to \funcparam{data}.

 \begin{funcdecl}{krb5_princ_set_realm_length}{void}{\funcinout}
@@ -421,7 +421,7 @@ A macro which returns sets the data portion of the
realm of

 \internalfunc

-A macro which returns sets the length \funcparam{principal} to
+A macro which sets the length of \funcparam{principal} to
 \funcparam{length}.

 \begin{funcdecl}{krb5_princ_size}{void}{\funcinout}
@@ -924,7 +924,7 @@ For example, it can be used to obtain the
pre-authentication data
 passed back from the KDC.  The caller is responsible for freeing this
 structure by using \funcname{krb5_free_kdc_rep}.

-If \funcparam{etypes} is non-NULL, the it is used as for the list of
+If \funcparam{etypes} is non-NULL, then it is used for the list of
 valid encyrption types. Otherwise, the context default is used (as
 returned by \funcname{krb5_get_default_in_tkt_etypes}.

@@ -1160,10 +1160,10 @@ If \funcparam{server} is NULL, then any server name
will be accepted if
 the appropriate key can be found, and the caller should verify that the
 server principal matches some trust criterion.

-If \funcparam{server} is not NULL, and a replay detaction cache has not
been
+If \funcparam{server} is not NULL, and a replay detection cache has not
been
 established with the \funcparam{auth_context}, one will be generated.

-\funcparam{keytab} specifies a keytab containing generate a decryption
key. If
+\funcparam{keytab} specifies a keytab containing a decryption key. If
 NULL, \funcparam{krb5_kt_default} will be used to find the default
 keytab and the key taken from there\footnote{i.e., srvtab file in
 Kerberos V4 parlance}.
@@ -1176,7 +1176,7 @@ authentication. If no keyblock is specified, the
\funcparam{keytab} is
 consulted for an entry matching the requested keytype, server and
 version number and used instead.

-The authentcator in the request is decrypted and stored in the
+The authenticator in the request is decrypted and stored in the
 \funcparam{auth_context}. The client specified in the decrypted
 authenticator is compared to the client specified in the decoded ticket
 to ensure that the compare.
@@ -1240,7 +1240,7 @@ caller when it is no longer needed.

 If the flags in \funcparam{auth_context} indicate that a sequence number
 should be used (either {\sc KRB5_AUTH_CONTEXT_DO_SEQUENCE} or
-{\sc KRB5_AUTH_CONTEXT_RET_SEQUENCE}) and the local sequqnce number in the
+{\sc KRB5_AUTH_CONTEXT_RET_SEQUENCE}) and the local sequence number in the
 \funcparam{auth_context} is 0, a new number will be generated with
 \funcname{krb5_generate_seq_number}.

@@ -1355,7 +1355,7 @@ ignored if \funcparam{in_creds} is non-null.
Otherwise,
 null, in which case the client principal used is the one in the
 credential cache's default principal.

-The \funcparam{ap_req_options} parameters specifies the options which
+The \funcparam{ap_req_options} parameter specifies the options which
 should be passed to \funcname{krb5_mk_req}.  Valid options are listed
 in Table \ref{ap-req-options}.  If \funcparam{ap_req_options}
 specifies MUTUAL_REQUIRED, then \funcname{krb5_sendauth} will perform
@@ -1439,8 +1439,8 @@ The parameters \funcparam{server},
\funcparam{auth_context},
 and \funcparam{keytab} are used by \funcname{krb5_rd_req} to obtain the
 server's private key.

-If \funcparam{server} is non-null, the princicpal component of it is
-ysed to determine the replay cache to use. Otherwise,
+If \funcparam{server} is non-null, the principal component of it is
+used to determine the replay cache to use. Otherwise,
 \funcname{krb5_recvauth} will use a default replay cache.

 The \funcparam{flags} argument allows the caller to modify the behavior of
@@ -1471,10 +1471,10 @@ Formats a KRB_SAFE message into \funcparam{outbuf}.

 \funcparam{userdata} is formatted as the user data in the message.
 Portions of \funcparam{auth_context} specify the checksum type; the
-keyblockm which might be used to seed the checksum;
+keyblock which might be used to seed the checksum;
 full addresses (host and port) for the sender and receiver.
 The \funcparam{local_addr} portion of \funcparam{*auth_context}
-is used to form the addresses usedin the KRB_SAFE message. The
\funcparam{remote_addr} is optional; if the
+is used to form the addresses used in the KRB_SAFE message. The
\funcparam{remote_addr} is optional; if the
 receiver's address is not known, it may be replaced by NULL.
 \funcparam{local_addr}, however, is mandatory.

@@ -1540,18 +1540,18 @@ the message does not match \funcparam{remote_addr},
the error
 KRB5KRB_AP_ERR_BADADDR will be returned.

 If \funcparam{local_addr} is non-NULL, then the address of the receiver
-in the message much match it.  If it is null, the receiver address in
+in the message must match it.  If it is null, the receiver address in
 the message will be checked against the list of local addresses as
 returned by \funcname{krb5_os_localaddr}. If the check fails,
-KRB5KRB_AP_ERR_BADARRD is returned.
+KRB5KRB_AP_ERR_BADADDR is returned.

 The \funcparam{outbuf} buffer storage (i.e.,
 \funcparam{outbuf{\ptsto}data} is allocated storage which the caller
 should free when it is no longer needed.

 If auth_context_flags portion of \funcparam{auth_context} indicates
-that sequence numbers are to be used (i.e., if
KRB5_AUTH_CONTEXT_DOSEQUENCE is
-set in it), The \funcparam{remote_seq_number} portion of
+that sequence numbers are to be used (i.e., if
KRB5_AUTH_CONTEXT_DO_SEQUENCE is
+set in it), the \funcparam{remote_seq_number} portion of
 \funcparam{auth_context} is compared to the sequence number for the
 message, and KRB5_KRB_AP_ERR_BADORDER is returned if it does not match.
 Otherwise, the sequence number is not used.
@@ -1641,7 +1641,7 @@ the message does not match the remote_addr, the error
 KRB5KRB_AP_ERR_BADADDR will be returned.

 If local_addr portion of the auth_context is non-NULL, then the address
-of the receiver in the message much match it.  If it is null, the
+of the receiver in the message must match it.  If it is null, the
 receiver address in the message will be checked against the list of
 local addresses as returned by \funcname{krb5_os_localaddr}.

@@ -1730,7 +1730,7 @@ newly allocated copy, which should be freed with
 \funcarg{krb5_authenticator **}{authto}
 \end{funcdecl}

-Copy an authenticator structure, filling in \funcparam{*outauthdat} to
+Copy an authenticator structure, filling in \funcparam{*authto} to
 point to the newly allocated copy, which should be freed with
 \funcname{krb5_free_authenticator}.

diff --git a/doc/api/rcache.tex b/doc/api/rcache.tex
index 28bad36..0dfee9a 100644
--- a/doc/api/rcache.tex
+++ b/doc/api/rcache.tex
@@ -49,7 +49,7 @@ Errors: error if cannot resolve name.

 \internalfunc

-Looks up \funcparam{type} in the list of knows cache types and if found
+Looks up \funcparam{type} in the list of known cache types and if found
 attaches the operations to \funcparam{*id} which must be previously
 allocated.

@@ -151,7 +151,7 @@ cache.  May also return permission errors, storage
failure errors.
 \funcarg{krb5_rcache}{id}
 \end{funcdecl}
 Removes all expired replay information (i.e. those entries which are
-older than then authenticator lifespan of the cache) from the cache
+older than the authenticator lifespan of the cache) from the cache
 \funcparam{id}.  Requires that \funcparam{id} identifies a valid replay
 cache.