Commit df5f836f64 for openssl.org

commit df5f836f641bcf7a6820531ae586e92243f2ff2a
Author: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date:   Sat Jul 4 09:36:17 2026 +0200

    Eliminate/fix repeated word usage

    Found by running the checkpatch.pl Linux script to enforce coding style.

    Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Norbert Pocs <norbertp@openssl.org>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Wed Jul  8 10:11:11 2026
    (Merged from https://github.com/openssl/openssl/pull/31860)

diff --git a/apps/speed.c b/apps/speed.c
index aa10d32bd5..c63add0d8d 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2945,7 +2945,7 @@ int speed_main(int argc, char **argv)
                                 &outlen, loopargs[k].buf,
                                 lengths[testnum])) {
                             BIO_puts(bio_err,
-                                "\nFailed to to encrypt the data\n");
+                                "\nFailed to encrypt the data\n");
                             dofail();
                             exit(1);
                         }
diff --git a/crypto/ml_kem/ml_kem.c b/crypto/ml_kem/ml_kem.c
index 2fc0e5a980..27fa15e246 100644
--- a/crypto/ml_kem/ml_kem.c
+++ b/crypto/ml_kem/ml_kem.c
@@ -1148,7 +1148,7 @@ static __owur int gencbd_vector_ntt(scalar *out, CBD_FUNC cbd, uint8_t *counter,
  * |A| (our key->m, with the public key holding an expanded (16-bit per scalar
  * coefficient) key->t vector).
  *
- * Caller passes storage in |tmp| for for two temporary vectors.
+ * Caller passes storage in |tmp| for two temporary vectors.
  */
 static __owur int encrypt_cpa(uint8_t out[ML_KEM_SHARED_SECRET_BYTES],
     const uint8_t message[DEGREE / 8],
diff --git a/crypto/rand/rand_uniform.c b/crypto/rand/rand_uniform.c
index 877150af4e..0b7f7a3c0a 100644
--- a/crypto/rand/rand_uniform.c
+++ b/crypto/rand/rand_uniform.c
@@ -47,7 +47,7 @@ uint32_t ossl_rand_uniform_uint32(OSSL_LIB_CTX *ctx, uint32_t upper, int *err)
      * We are generating a fixed point number on the interval [0, 1).
      * Multiplying this by the range gives us a number on [0, upper).
      * The high word of the multiplication result represents the integral
-     * part we want.  The lower word is the fractional part.  We can early exit if
+     * part we want.  The lower word is the fractional part.  We can early exit
      * if the fractional part is small enough that no carry from the next lower
      * word can cause an overflow and carry into the integer part.  This
      * happens when the fractional part is bounded by 2^32 - upper which
@@ -69,7 +69,7 @@ uint32_t ossl_rand_uniform_uint32(OSSL_LIB_CTX *ctx, uint32_t upper, int *err)
      * repeat the process with the next lower word.
      *
      * Each *bit* of randomness has a probability of one half of terminating
-     * this process, so each each word beyond the first has a probability
+     * this process, so each word beyond the first has a probability
      * of 2^-32 of not terminating the process.  That is, we're extremely
      * likely to stop very rapidly.
      */
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index efacdcf9fe..161d9a9c56 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -227,7 +227,7 @@ int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private)

     if (!ossl_rsa_check_factors(rsa)) {
         ERR_raise_data(ERR_LIB_RSA, RSA_R_INVALID_KEYPAIR,
-            "RSA factors/exponents are too big for for n-modulus\n");
+            "RSA factors/exponents are too big for n-modulus\n");
         goto err;
     }

diff --git a/crypto/slh_dsa/slh_fors.c b/crypto/slh_dsa/slh_fors.c
index 78587589db..10335cc5df 100644
--- a/crypto/slh_dsa/slh_fors.c
+++ b/crypto/slh_dsa/slh_fors.c
@@ -156,7 +156,7 @@ int ossl_slh_fors_sign(SLH_DSA_HASH_CTX *ctx, const uint8_t *md,
         /*
          * Give each of the k trees a unique range at each level.
          * e.g. If we have 4096 leaf nodes (2^a = 2^12) for each tree
-         * tree i will use indexes from 4096 * i + (0..4095) for its bottom level.
+         * i will use indexes from 4096 * i + (0..4095) for its bottom level.
          * For the next level up from the bottom there would be 2048 nodes
          * (so tree i uses indexes 2048 * i + (0...2047) for this level)
          */
diff --git a/crypto/x509/v3_akid.c b/crypto/x509/v3_akid.c
index 9c93e88267..f500165d0d 100644
--- a/crypto/x509/v3_akid.c
+++ b/crypto/x509/v3_akid.c
@@ -179,7 +179,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
         /*
          * The subject key identifier of the issuer cert is acceptable unless
          * the issuer cert is same as subject cert, but the subject will not
-         * not be self-signed (i.e. will be signed with a different key).
+         * be self-signed (i.e. will be signed with a different key).
          */
         i = X509_get_ext_by_NID(issuer_cert, NID_subject_key_identifier, -1);
         if (i >= 0 && (ext = X509_get_ext(issuer_cert, i)) != NULL
diff --git a/crypto/x509/v3_bitst.c b/crypto/x509/v3_bitst.c
index 89c3deddd3..1b0204bf75 100644
--- a/crypto/x509/v3_bitst.c
+++ b/crypto/x509/v3_bitst.c
@@ -52,7 +52,7 @@ STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
     for (bnam = method->usr_data; bnam->lname; bnam++) {
         /*
          * If the bitnumber did not change from the last iteration, this entry
-         * is an an alias for the previous bit; treat the first result as
+         * is an alias for the previous bit; treat the first result as
          * canonical and ignore the rest.
          */
         if (last_seen_bit == bnam->bitnum)
diff --git a/demos/http3/ossl-nghttp3.c b/demos/http3/ossl-nghttp3.c
index 2461df73c2..e75f226221 100644
--- a/demos/http3/ossl-nghttp3.c
+++ b/demos/http3/ossl-nghttp3.c
@@ -543,7 +543,7 @@ static void h3_conn_pump_stream(OSSL_DEMO_H3_STREAM *s, void *conn_)
             break;

         /*
-         * This function is confusingly named as it is is named from nghttp3's
+         * This function is confusingly named as it is named from nghttp3's
          * 'perspective'; it is used to pass data *into* the HTTP/3 stack which
          * has been received from the network.
          */
diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
index 6024395aa0..364fd0ef65 100644
--- a/providers/fips/self_test.c
+++ b/providers/fips/self_test.c
@@ -344,7 +344,7 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, void *fips_global,
     bio_module = (*st->bio_new_file_cb)(st->module_filename, "rb");

     /* This section can be called on demand and that could race with deferred
-     * tests being executed in another thread, so we use use helpers to get
+     * tests being executed in another thread, so we use helpers to get
      * proper locking around this critical section */

     if (SELF_TEST_lock_deferred(fips_global)) {
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 1efc149119..67725bf454 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -4906,7 +4906,7 @@ SSL *ossl_quic_new_from_listener(SSL *ssl, uint64_t flags)
     ossl_quic_channel_set_msg_callback_arg(qc->ch, ql->obj.ssl.ctx->msg_callback_arg);

     /*
-     * We deliberately pass NULL for engine and port, because we don't want to
+     * We deliberately pass NULL for engine and port, because we don't want
      * to turn QCSO we create here into an event leader, nor port leader.
      * Both those roles are occupied already by listener (`ssl`) we use
      * to create a new QCSO here.
diff --git a/ssl/quic/quic_txp.c b/ssl/quic/quic_txp.c
index 425f76a003..bd026af3a4 100644
--- a/ssl/quic/quic_txp.c
+++ b/ssl/quic/quic_txp.c
@@ -1477,7 +1477,7 @@ static int txp_should_try_staging(OSSL_QUIC_TX_PACKETISER *txp,
      * This is not a major concern for clients, since if a client has a 1-RTT EL
      * provisioned the server is guaranteed to also have a 1-RTT EL provisioned.
      *
-     * TODO(QUIC FUTURE): Revisit this when when have reached a decision on how
+     * TODO(QUIC FUTURE): Revisit this when we have reached a decision on how
      * best to implement this
      */
     if (*conn_close_enc_level > enc_level
diff --git a/test/asn1_internal_test.c b/test/asn1_internal_test.c
index 8edea7ca91..1f6785cda3 100644
--- a/test/asn1_internal_test.c
+++ b/test/asn1_internal_test.c
@@ -476,7 +476,7 @@ static int posix_time_test(void)

     /*
      * Frequently platform conversions can not deal with one second before the
-     * the Unix epoch, due to inheriting terrible API design and knocking this
+     * Unix epoch, due to inheriting terrible API design and knocking this
      * time value out as an error return.
      *
      * We should do better.
diff --git a/test/danetest.c b/test/danetest.c
index 1b0320b28d..f9e30388e1 100644
--- a/test/danetest.c
+++ b/test/danetest.c
@@ -370,7 +370,7 @@ static int test_tlsafile(SSL_CTX *ctx, const char *base_name,
             continue;
         }
         if (!TEST_int_eq(mdpth, want_depth)) {
-            TEST_info("In test test %d", testno);
+            TEST_info("In test %d", testno);
             ret = 0;
         }
     }