Spelling... and more spelling

    4.  Patches should follow our coding style (see

    4.  Patches should follow our coding style (see

    https://www.openssl.org/policies/codingstyle.html) and compile without

    https://www.openssl.org/policies/codingstyle.html) and compile without

    warnings. Where gcc or clang is availble you should use the

    warnings. Where gcc or clang is available you should use the

    --strict-warnings Configure option.  OpenSSL compiles on many varied

    --strict-warnings Configure option.  OpenSSL compiles on many varied

    platforms: try to ensure you only use portable features.

    platforms: try to ensure you only use portable features.

# DEBUG_UNUSED enables __owur (warn unused result) checks.

# DEBUG_UNUSED enables __owur (warn unused result) checks.

my $gcc_devteam_warn = "-DDEBUG_UNUSED"

my $gcc_devteam_warn = "-DDEBUG_UNUSED"

        # -DPEDANTIC complements -pedantic and is meant to mask code that

        # -DPEDANTIC complements -pedantic and is meant to mask code that

        # is not strictly standard-compliant and/or implementation-specifc,

        # is not strictly standard-compliant and/or implementation-specific,

        # e.g. inline assembly, disregards to alignment requirements, such

        # e.g. inline assembly, disregards to alignment requirements, such

        # that -pedantic would complain about. Incidentally -DPEDANTIC has

        # that -pedantic would complain about. Incidentally -DPEDANTIC has

        # to be used even in sanitized builds, because sanitizer too is

        # to be used even in sanitized builds, because sanitizer too is

our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";

our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";

#

#

# API compability name to version number mapping.

# API compatibility name to version number mapping.

#

#

my $maxapi = "1.1.0";           # API for "no-deprecated" builds

my $maxapi = "1.1.0";           # API for "no-deprecated" builds

my $apitable = {

my $apitable = {

}

}

unless ($disabled{ubsan}) {

unless ($disabled{ubsan}) {

    # -DPEDANTIC or -fnosanitize=aligmnent may also be required on some

    # -DPEDANTIC or -fnosanitize=alignment may also be required on some

    # platforms.

    # platforms.

    $config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all ";

    $config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all ";

}

}

                   on a platform that does not support AFALG.

                   on a platform that does not support AFALG.

  enable-asan

  enable-asan

                   Build with the Address sanitser. This is a developer option

                   Build with the Address sanitiser. This is a developer option

                   only. It may not work on all platforms and should never be

                   only. It may not work on all platforms and should never be

                   used in production environments. It will only work when used

                   used in production environments. It will only work when used

                   with gcc or clang and should be used in conjunction with the

                   with gcc or clang and should be used in conjunction with the

                   "illegal instruction" exception. There might be a way

                   "illegal instruction" exception. There might be a way

                   to enable support in kernel, e.g. FreeBSD kernel can be

                   to enable support in kernel, e.g. FreeBSD kernel can be

                   compiled with CPU_ENABLE_SSE, and there is a way to

                   compiled with CPU_ENABLE_SSE, and there is a way to

                   disengage SSE2 code pathes upon application start-up,

                   disengage SSE2 code paths upon application start-up,

                   but if you aim for wider "audience" running such kernel,

                   but if you aim for wider "audience" running such kernel,

                   consider no-sse2. Both the 386 and no-asm options imply

                   consider no-sse2. Both the 386 and no-asm options imply

                   no-sse2.

                   no-sse2.

                   Don't build Time Stamping Authority support.

                   Don't build Time Stamping Authority support.

  enable-ubsan

  enable-ubsan

                   Build with the Undefined Behaviour sanitser. This is a

                   Build with the Undefined Behaviour sanitiser. This is a

                   developer option only. It may not work on all platforms and

                   developer option only. It may not work on all platforms and

                   should never be used in production environments. It will only

                   should never be used in production environments. It will only

                   work when used with gcc or clang and should be used in

                   work when used with gcc or clang and should be used in

       $ nmake test                                     # Windows

       $ nmake test                                     # Windows

     NOTE: you MUST run the tests from an unprivileged account (or

     NOTE: you MUST run the tests from an unprivileged account (or

     disable your privileges temporarly if your platform allows it).

     disable your privileges temporarily if your platform allows it).

     If some tests fail, look at the output.  There may be reasons for

     If some tests fail, look at the output.  There may be reasons for

     the failure that isn't a problem in OpenSSL itself (like a

     the failure that isn't a problem in OpenSSL itself (like a

      o New STORE structure and library to provide an interface to all

      o New STORE structure and library to provide an interface to all

        sorts of data repositories.  Supports storage of public and

        sorts of data repositories.  Supports storage of public and

        private keys, certificates, CRLs, numbers and arbitrary blobs.

        private keys, certificates, CRLs, numbers and arbitrary blobs.

	This library is unfortunately unfinished and unused withing

        This library is unfortunately unfinished and unused within

        OpenSSL.

        OpenSSL.

      o New control functions for the error stack.

      o New control functions for the error stack.

      o Changed the PKCS#7 library to support one-pass S/MIME

      o Changed the PKCS#7 library to support one-pass S/MIME

      o Major overhaul of RC4 performance on Intel P4, IA-64 and

      o Major overhaul of RC4 performance on Intel P4, IA-64 and

        AMD64.

        AMD64.

      o Changed the Configure script to have some algorithms disabled

      o Changed the Configure script to have some algorithms disabled

        by default.  Those can be explicitely enabled with the new

        by default.  Those can be explicitly enabled with the new

        argument form 'enable-xxx'.

        argument form 'enable-xxx'.

      o Change the default digest in 'openssl' commands from MD5 to

      o Change the default digest in 'openssl' commands from MD5 to

        SHA-1.

        SHA-1.

   "Matching Perl" refers to chosen "shell environment", i.e. if built

   "Matching Perl" refers to chosen "shell environment", i.e. if built

   under MSYS, then Perl compiled for MSYS must be used.

   under MSYS, then Perl compiled for MSYS must be used.

   Alternativelly, one can use MSYS2 from https://msys2.github.io/,

   Alternatively, one can use MSYS2 from https://msys2.github.io/,

   which includes MingW (32-bit and 64-bit).

   which includes MingW (32-bit and 64-bit).

 * It is also possible to cross-compile it on Linux by configuring

 * It is also possible to cross-compile it on Linux by configuring