Commit 1860496d86 for openssl.org

commit 1860496d861e9ea92c1ac41ac0543c3f49d2353f
Author: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date:   Sat Jul 4 10:32:44 2026 +0200

    Fix typos

    Found by typos[1].

    [1] https://github.com/crate-ci/typos

    CLA: trivial

    Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Tim Hudson <tjh@openssl.org>
    Reviewed-by: Norbert Pocs <norbertp@openssl.org>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Wed Jul  8 10:46:01 2026
    (Merged from https://github.com/openssl/openssl/pull/31858)

diff --git a/CHANGES.md b/CHANGES.md
index 26ac778f55..da1eeb519a 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -4103,7 +4103,7 @@ breaking changes, and mappings for the large list of deprecated functions.

  * Fixed a bug in the function `OCSP_basic_verify` that verifies the signer
    certificate on an OCSP response. The bug caused the function in the case
-   where the (non-default) flag OCSP_NOCHECKS is used to return a postivie
+   where the (non-default) flag OCSP_NOCHECKS is used to return a positive
    response (meaning a successful verification) even in the case where the
    response signing certificate fails to verify.

@@ -19901,7 +19901,7 @@ s-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
    The new configuration file reading functions are:

            NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio,
-           NCONF_get_section, NCONF_get_string, NCONF_get_numbre
+           NCONF_get_section, NCONF_get_string, NCONF_get_number

            NCONF_default, NCONF_WIN32

diff --git a/apps/speed.c b/apps/speed.c
index c63add0d8d..b1732744d3 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -4633,7 +4633,7 @@ static int do_multi(int multi, int size_num)
     for (n = 0; n < multi; ++n) {
         while (wait(&status) == -1)
             if (errno != EINTR) {
-                BIO_printf(bio_err, "Waitng for child failed with 0x%x\n",
+                BIO_printf(bio_err, "Waiting for child failed with 0x%x\n",
                     errno);
                 return 1;
             }
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index 6094882947..b408e95e10 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -1134,7 +1134,7 @@ static int provider_init(OSSL_PROVIDER *prov)
         prov->error_strings[0].error = ERR_PACK(prov->error_lib, 0, 0);
         prov->error_strings[0].string = prov->name;
         /*
-         * Copy reasonstrings item 0..cnt-1 to prov->error_trings positions
+         * Copy reasonstrings item 0..cnt-1 to prov->error_strings positions
          * 1..cnt.
          */
         for (cnt2 = 1; cnt2 <= cnt; cnt2++) {
diff --git a/crypto/rc4/asm/rc4-md5-x86_64.pl b/crypto/rc4/asm/rc4-md5-x86_64.pl
index f814d6f86f..c4440ab32c 100644
--- a/crypto/rc4/asm/rc4-md5-x86_64.pl
+++ b/crypto/rc4/asm/rc4-md5-x86_64.pl
@@ -26,7 +26,7 @@
 # and Jim Guilford of Intel. MD5 is fresh implementation aiming to
 # minimize register usage, which was used as "main thread" with RC4
 # weaved into it, one RC4 round per one MD5 round. In addition to the
-# stiched subroutine the script can generate standalone replacement
+# stitched subroutine the script can generate standalone replacement
 # ossl_md5_block_asm_data_order and RC4. Below are performance numbers in
 # cycles per processed byte, less is better, for these the standalone
 # subroutines, sum of them, and stitched one:
diff --git a/crypto/sha/asm/keccak1600-avx512.pl b/crypto/sha/asm/keccak1600-avx512.pl
index 2a295d1c85..1b40130a6e 100755
--- a/crypto/sha/asm/keccak1600-avx512.pl
+++ b/crypto/sha/asm/keccak1600-avx512.pl
@@ -22,7 +22,7 @@
 # It's impossible to have one that is optimal for every step, hence
 # it's changing as algorithm progresses. Data is saved in linear order,
 # but in-register order morphs between rounds. Even rounds take in
-# linear layout, and odd rounds - transposed, or "verticaly-shaped"...
+# linear layout, and odd rounds - transposed, or "vertically-shaped"...
 #
 ########################################################################
 # Numbers are cycles per processed byte out of large message.
diff --git a/crypto/sha/keccak1600.c b/crypto/sha/keccak1600.c
index 59e688ce43..26d75f1b8e 100644
--- a/crypto/sha/keccak1600.c
+++ b/crypto/sha/keccak1600.c
@@ -111,7 +111,7 @@ static const uint64_t iotas[] = {
 /*
  * This is straightforward or "maximum clarity" implementation aiming
  * to resemble section 3.2 of the FIPS PUB 202 "SHA-3 Standard:
- * Permutation-Based Hash and Extendible-Output Functions" as much as
+ * Permutation-Based Hash and Extendable-Output Functions" as much as
  * possible. With one caveat. Because of the way C stores matrices,
  * references to A[x,y] in the specification are presented as A[y][x].
  * Implementation unrolls inner x-loops so that modulo 5 operations are
diff --git a/crypto/sm3/asm/sm3-armv8.pl b/crypto/sm3/asm/sm3-armv8.pl
index e0c33ecb95..6c51df28f8 100644
--- a/crypto/sm3/asm/sm3-armv8.pl
+++ b/crypto/sm3/asm/sm3-armv8.pl
@@ -51,7 +51,7 @@ $code.=<<___;
 ___
 }

-# A round of compresson function
+# A round of compression function
 # Input:
 # 	ab - choose instruction among sm3tt1a, sm3tt1b, sm3tt2a, sm3tt2b
 # 	vstate0 - vstate1, store digest status(A - H)
diff --git a/doc/designs/passing-algorithmidentifier-parameters.md b/doc/designs/passing-algorithmidentifier-parameters.md
index 9c5669e86b..0e6126b056 100644
--- a/doc/designs/passing-algorithmidentifier-parameters.md
+++ b/doc/designs/passing-algorithmidentifier-parameters.md
@@ -129,10 +129,10 @@ at all when such parameter data needs to be passed.
 Background / tl;dr
 ------------------

-### AlgorithmIdenfier parameter and how it's used
+### AlgorithmIdentifier parameter and how it's used

 OpenSSL has historically done a few tricks to not have to pass
-AlgorithmIdenfier parameter data to the backend implementations of
+AlgorithmIdentifier parameter data to the backend implementations of
 cryptographic operations:

 - In some cases, they were passed as part of the lower level key structure
diff --git a/doc/designs/quic-design/quic-ackm.md b/doc/designs/quic-design/quic-ackm.md
index 488fded5e1..38d72aac3c 100644
--- a/doc/designs/quic-design/quic-ackm.md
+++ b/doc/designs/quic-design/quic-ackm.md
@@ -424,7 +424,7 @@ This should be called for a packet before attempting to process its contents.
 Failure to do so may may result in processing a duplicated packet in violation
 of the RFC.

-The returrn value of this function transitions from 1 to 0 for a given PN once
+The return value of this function transitions from 1 to 0 for a given PN once
 that PN is passed to ossl_ackm_on_rx_packet, thus this function must be used
 before calling `ossl_ackm_on_rx_packet`.

diff --git a/doc/designs/quic-design/quic-requirements.md b/doc/designs/quic-design/quic-requirements.md
index c8aeedc7b7..daeb50db66 100644
--- a/doc/designs/quic-design/quic-requirements.md
+++ b/doc/designs/quic-design/quic-requirements.md
@@ -60,7 +60,7 @@ and that were specific to QUIC

 * For the MVP a single interop target (i.e. the server implementation list):

-  1. [Cloudfare](https://cloudflare-quic.com/)
+  1. [Cloudflare](https://cloudflare-quic.com/)

 * Testing against other implementations is not a release requirement for the MVP.

diff --git a/doc/internal/man7/VERSION.pod b/doc/internal/man7/VERSION.pod
index 4bc8ba6b93..8ffd836c13 100644
--- a/doc/internal/man7/VERSION.pod
+++ b/doc/internal/man7/VERSION.pod
@@ -26,7 +26,7 @@ The keys that are recognised are:

 The three parts of OpenSSL's 3 numbered version number, MAJOR.MINOR.PATCH.
 These are used to compose the values for the C macros B<OPENSSL_VERSION_MAJOR>,
-B<OPENSSL_VERSION_MINOR>, B<OPENSSL_VERSION_PACTH>.
+B<OPENSSL_VERSION_MINOR>, B<OPENSSL_VERSION_PATCH>.

 =item B<PRE_RELEASE_TAG>

diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index e5b05701f7..1ca411e5d7 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -147,7 +147,7 @@ as part of this call or separately using EVP_MAC_CTX_set_params().
 Providing non-NULL I<params> to this function is equivalent to calling
 EVP_MAC_CTX_set_params() with those I<params> for the same I<ctx> beforehand.
 Note: There are additional requirements for some MAC algorithms during
-re-initalization (i.e. calling EVP_MAC_init() on an EVP_MAC after EVP_MAC_final()
+re-initialization (i.e. calling EVP_MAC_init() on an EVP_MAC after EVP_MAC_final()
 has been called on the same object).  See the NOTES section below.

 EVP_MAC_init() should be called before EVP_MAC_update() and EVP_MAC_final().
@@ -352,7 +352,7 @@ The usage of the parameter names "custom", "iv" and "salt" correspond to
 the names used in the standard where the algorithm was defined.

 Some MAC algorithms store internal state that cannot be extracted during
-re-initalization.  For example GMAC cannot extract an B<IV> from the
+re-initialization.  For example GMAC cannot extract an B<IV> from the
 underlying CIPHER context, and so calling EVP_MAC_init() on an EVP_MAC object
 after EVP_MAC_final() has been called cannot reset its cipher state to what it
 was when the B<IV> was initially generated.  For such instances, an
diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod
index ce8a0b7fc9..9e4cd0c22a 100644
--- a/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_CTX_new.pod
@@ -846,7 +846,7 @@ Perform a Certification Request transaction, making use of the new credentials:

     OSSL_CMP_CTX_set1_cert(cmp_ctx, initialCert);
     OSSL_CMP_CTX_set1_pkey(cmp_ctx, initialKey);
-    OSSL_CMP_CTX_set0_newPkey(cmp_ctx, 1, curentKey);
+    OSSL_CMP_CTX_set0_newPkey(cmp_ctx, 1, currentKey);
     currentCert = OSSL_CMP_exec_CR_ses(cmp_ctx);

 Perform a Key Update Request, signed using the cert (and key) to be updated:
diff --git a/doc/man7/ossl-guide-quic-client-non-block.pod b/doc/man7/ossl-guide-quic-client-non-block.pod
index 06a13e36b6..c7f66079d7 100644
--- a/doc/man7/ossl-guide-quic-client-non-block.pod
+++ b/doc/man7/ossl-guide-quic-client-non-block.pod
@@ -173,7 +173,7 @@ stream but no data has not yet arrived from the peer for that stream).

 L<SSL_read_ex(3)> and L<SSL_write_ex(3)> will return 0 to indicate an error and
 L<SSL_read(3)> and L<SSL_write(3)> will return 0 or a negative value to indicate
-an error. L<SSL_shutdown(3)> will return a negative value to incidate an error.
+an error. L<SSL_shutdown(3)> will return a negative value to indicate an error.

 In the event of an error an application should call L<SSL_get_error(3)> to find
 out what type of error has occurred. If the error is non-fatal and can be
diff --git a/doc/man7/ossl-guide-tls-client-non-block.pod b/doc/man7/ossl-guide-tls-client-non-block.pod
index ee03f6624b..a45086caf6 100644
--- a/doc/man7/ossl-guide-tls-client-non-block.pod
+++ b/doc/man7/ossl-guide-tls-client-non-block.pod
@@ -140,7 +140,7 @@ from the underlying socket but the data has not yet arrived from the peer).

 L<SSL_read_ex(3)> and L<SSL_write_ex(3)> will return 0 to indicate an error and
 L<SSL_read(3)> and L<SSL_write(3)> will return 0 or a negative value to indicate
-an error. L<SSL_shutdown(3)> will return a negative value to incidate an error.
+an error. L<SSL_shutdown(3)> will return a negative value to indicate an error.

 In the event of an error an application should call L<SSL_get_error(3)> to find
 out what type of error has occurred. If the error is non-fatal and can be
diff --git a/doc/man7/ossl-guide-tls-server-block.pod b/doc/man7/ossl-guide-tls-server-block.pod
index 44ca2d7d8b..f445492282 100644
--- a/doc/man7/ossl-guide-tls-server-block.pod
+++ b/doc/man7/ossl-guide-tls-server-block.pod
@@ -170,7 +170,7 @@ key agreement, but the certificate exchange is avoided.
 Most servers, including this one, do not solicit client certificates.  We
 therefore do not need a "trust store" and allow the handshake to complete even
 when the client does not present a certificate.  Note: Even if a client did
-present a trusted ceritificate, for it to be useful, the server application
+present a trusted certificate, for it to be useful, the server application
 would still need custom code to use the verified identity to grant nondefault
 access to that particular client.  Some servers grant access to all clients
 with certificates from a private CA, this then requires processing of
diff --git a/include/internal/quic_lcidm.h b/include/internal/quic_lcidm.h
index 66421e8ac1..079dacd597 100644
--- a/include/internal/quic_lcidm.h
+++ b/include/internal/quic_lcidm.h
@@ -254,7 +254,7 @@ int ossl_quic_lcidm_debug_add(QUIC_LCIDM *lcidm, void *opaque,

 /*
  * Obtain a local connection id which is not used yet.
- * Returns 1 on succes, 0 on failure.
+ * Returns 1 on success, 0 on failure.
  */
 int ossl_quic_lcidm_get_unused_cid(QUIC_LCIDM *lcidm, QUIC_CONN_ID *cid);

diff --git a/include/internal/quic_vlint.h b/include/internal/quic_vlint.h
index ff015eb127..c8b056909d 100644
--- a/include/internal/quic_vlint.h
+++ b/include/internal/quic_vlint.h
@@ -54,7 +54,7 @@ static ossl_unused ossl_inline size_t ossl_quic_vlint_encode_len(uint64_t v)
 }

 /*
- * This function writes a QUIC varable-length encoded integer to buf.
+ * This function writes a QUIC variable-length encoded integer to buf.
  * The smallest usable representation is used.
  *
  * It is the caller's responsibility to ensure that the buffer is big enough by
diff --git a/include/internal/quic_wire.h b/include/internal/quic_wire.h
index f2efabaeba..06ae9ca677 100644
--- a/include/internal/quic_wire.h
+++ b/include/internal/quic_wire.h
@@ -424,7 +424,7 @@ int ossl_quic_wire_encode_frame_conn_close(WPACKET *pkt,

 /*
  * Encodes a QUIC HANDSHAKE_DONE frame to the packet writer. This frame type
- * takes no arguiments.
+ * takes no arguments.
  */
 int ossl_quic_wire_encode_frame_handshake_done(WPACKET *pkt);

diff --git a/include/internal/zeroization.h b/include/internal/zeroization.h
index be8e18d638..d30baa869a 100644
--- a/include/internal/zeroization.h
+++ b/include/internal/zeroization.h
@@ -11,7 +11,7 @@
  * Utility functions for handling OPENSSL_PEDANTIC_ZEROIZATION.
  *
  * ISO 19790:2012/Cor.1:2015 7.9 requires cryptographic module to provide
- * methods to zeroise all unproctected security sensitive parameters
+ * methods to zeroise all unprotected security sensitive parameters
  * (which includes both Critical/Private and Public security parameters).
  *
  * To comply with these (arguably, unnecessarily onerous) requirements,
diff --git a/include/openssl/x509v3.h.in b/include/openssl/x509v3.h.in
index 8e50d31144..21def64b94 100644
--- a/include/openssl/x509v3.h.in
+++ b/include/openssl/x509v3.h.in
@@ -933,7 +933,7 @@ DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
 DECLARE_ASN1_FUNCTIONS(IPAddressFamily)

 /*
- * API tag for elements of the ASIdentifer SEQUENCE.
+ * API tag for elements of the ASIdentifier SEQUENCE.
  */
 #define V3_ASID_ASNUM 0
 #define V3_ASID_RDI 1
diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c
index 9c25866794..74e9fc11ee 100644
--- a/providers/implementations/signature/eddsa_sig.c
+++ b/providers/implementations/signature/eddsa_sig.c
@@ -551,7 +551,7 @@ static int ed448_sign(void *vpeddsactx,
     /*
      * s390x_ed448_digestsign() does not yet support context-strings or
      * pre-hashing. Fall back to non-accelerated sign if a context-string or
-     * pre-hasing is provided.
+     * pre-hashing is provided.
      */
     if (S390X_CAN_SIGN(ED448)
         && peddsactx->context_string_len == 0
@@ -673,7 +673,7 @@ static int ed448_verify(void *vpeddsactx,
     /*
      * s390x_ed448_digestverify() does not yet support context-strings or
      * pre-hashing. Fall back to non-accelerated verify if a context-string or
-     * pre-hasing is provided.
+     * pre-hashing is provided.
      */
     if (S390X_CAN_SIGN(ED448)
         && peddsactx->context_string_len == 0
diff --git a/ssl/quic/quic_wire_pkt.c b/ssl/quic/quic_wire_pkt.c
index 8a65ac9869..368a585072 100644
--- a/ssl/quic/quic_wire_pkt.c
+++ b/ssl/quic/quic_wire_pkt.c
@@ -870,7 +870,7 @@ int ossl_quic_calculate_retry_integrity_tag(OSSL_LIB_CTX *libctx,
     EVP_CIPHER_CTX *cctx = NULL;
     int ok = 0, l = 0, l2 = 0, wpkt_valid = 0;
     WPACKET wpkt;
-    /* Worst case length of the Retry Psuedo-Packet header is 68 bytes. */
+    /* Worst case length of the Retry Pseudo-Packet header is 68 bytes. */
     unsigned char buf[128];
     QUIC_PKT_HDR hdr2;
     size_t hdr_enc_len = 0;
@@ -892,7 +892,7 @@ int ossl_quic_calculate_retry_integrity_tag(OSSL_LIB_CTX *libctx,
     hdr2 = *hdr;
     hdr2.len = 0;

-    /* Assemble retry psuedo-packet. */
+    /* Assemble retry pseudo-packet. */
     if (!WPACKET_init_static_len(&wpkt, buf, sizeof(buf), 0)) {
         ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
         goto err;
diff --git a/test/bntest.c b/test/bntest.c
index cb5b9278af..77f07bc630 100644
--- a/test/bntest.c
+++ b/test/bntest.c
@@ -1238,7 +1238,7 @@ static int file_sum(STANZA *s)
     /*
      * Test that the functions work when |r| and |a| point to the same BIGNUM,
      * or when |r| and |b| point to the same BIGNUM.
-     * There is no test for all of |r|, |a|, and |b| pointint to the same BIGNUM.
+     * There is no test for all of |r|, |a|, and |b| pointing to the same BIGNUM.
      */
     if (!TEST_true(BN_copy(ret, a))
         || !TEST_true(BN_add(ret, ret, b))
@@ -1277,7 +1277,7 @@ static int file_sum(STANZA *s)
         /*
          * Test that the functions work when |r| and |a| point to the same
          * BIGNUM, or when |r| and |b| point to the same BIGNUM.
-         * There is no test for all of |r|, |a|, and |b| pointint to the same
+         * There is no test for all of |r|, |a|, and |b| pointing to the same
          * BIGNUM.
          */
         if (!TEST_true(BN_copy(ret, a))
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index cb18ead4db..20d9496116 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -2411,7 +2411,7 @@ static struct ec_der_pub_keys_st {
  * Tests the range of the decoded EC char2 public point.
  * See ec_GF2m_simple_oct2point().
  */
-static int test_invalide_ec_char2_pub_range_decode(int id)
+static int test_invalid_ec_char2_pub_range_decode(int id)
 {
     int ret = 0;
     EVP_PKEY *pkey;
@@ -8994,7 +8994,7 @@ int setup_tests(void)
 #ifndef OPENSSL_NO_EC
     ADD_TEST(test_X509_PUBKEY_inplace);
     ADD_TEST(test_X509_PUBKEY_dup);
-    ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
+    ADD_ALL_TESTS(test_invalid_ec_char2_pub_range_decode,
         OSSL_NELEM(ec_der_pub_keys));
 #endif
 #ifndef OPENSSL_NO_DSA
diff --git a/test/quic_multistream_test.c b/test/quic_multistream_test.c
index ea77aac694..1a70b07cf6 100644
--- a/test/quic_multistream_test.c
+++ b/test/quic_multistream_test.c
@@ -4559,7 +4559,7 @@ static int script_68_inject_handshake(struct helper *h, unsigned char *msg,
     return 1;
 }

-/* Send a CerticateRequest message post-handshake */
+/* Send a CertificateRequest message post-handshake */
 static const struct script_op script_68[] = {
     OP_S_SET_INJECT_HANDSHAKE(script_68_inject_handshake),
     OP_C_SET_ALPN("ossltest"),
diff --git a/test/sslbuffertest.c b/test/sslbuffertest.c
index c7bcbe66e9..13b6f6b404 100644
--- a/test/sslbuffertest.c
+++ b/test/sslbuffertest.c
@@ -177,7 +177,7 @@ end:
  * Test 1: Attempt to free buffers after only a partial record header has been
  *         received
  * Test 2: Attempt to free buffers after a full record header but no record body
- * Test 3: Attempt to free buffers after a full record hedaer and partial record
+ * Test 3: Attempt to free buffers after a full record header and partial record
  *         body
  */
 static int test_free_buffers(int test)
diff --git a/test/threadstest.c b/test/threadstest.c
index 6915df3a3e..50a5d90340 100644
--- a/test/threadstest.c
+++ b/test/threadstest.c
@@ -760,7 +760,7 @@ static OSSL_PROVIDER *multi_provider[MAXIMUM_PROVIDERS + 1];
 static size_t multi_num_threads;
 static thread_t multi_threads[MAXIMUM_THREADS];

-static void multi_intialise(void)
+static void multi_initialise(void)
 {
     multi_success = 1;
     multi_libctx = NULL;
@@ -789,7 +789,7 @@ static void thead_teardown_libctx(void)
     for (p = multi_provider; *p != NULL; p++)
         OSSL_PROVIDER_unload(*p);
     OSSL_LIB_CTX_free(multi_libctx);
-    multi_intialise();
+    multi_initialise();
 }

 static int thread_setup_libctx(int libctx, const char *providers[])
@@ -840,7 +840,7 @@ static int thread_run_test(void (*main_func)(void),
 {
     int testresult = 0;

-    multi_intialise();
+    multi_initialise();
     if (!thread_setup_libctx(libctx, providers)
         || !start_threads(num_threads, thread_func))
         goto err;
@@ -1019,7 +1019,7 @@ static int test_multi_shared_pkey_common(void (*worker)(void))
 {
     int testresult = 0;

-    multi_intialise();
+    multi_initialise();
     if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers : default_provider)
         || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx))
         || !start_threads(1, &thread_shared_evp_pkey)
@@ -1071,7 +1071,7 @@ static int test_multi_shared_pkey_release(void)
     int testresult = 0;
     size_t i = 1;

-    multi_intialise();
+    multi_initialise();
     shared_evp_pkey = NULL;
     if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers : default_provider)
         || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx)))
@@ -1104,7 +1104,7 @@ static int test_multi_load_unload_provider(void)
     OSSL_PROVIDER *prov = NULL;
     int testresult = 0;

-    multi_intialise();
+    multi_initialise();
     if (!thread_setup_libctx(1, NULL)
         || !TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, "default"))
         || !TEST_ptr(sha256 = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL))
diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm
index c2546280c8..6249704a23 100644
--- a/util/perl/OpenSSL/ParseC.pm
+++ b/util/perl/OpenSSL/ParseC.pm
@@ -62,7 +62,7 @@ my @opensslcpphandlers = (
     ##################################################################
     # OpenSSL CPP specials
     #
-    # These are used to convert certain pre-precessor expressions into
+    # These are used to convert certain pre-processor expressions into
     # others that @cpphandlers have a better chance to understand.

     # This changes any OPENSSL_NO_DEPRECATED_x_y[_z] check to a check of