codespell: extend checks to more subdirs

- fix issues found.
- fix a few more found locally.

Closes #15072

.github/workflows/checksrc.yml

@@ -53,7 +53,12 @@ jobs:
           python3 -m pip install cmakelint==1.4.3
 
       - name: spellcheck
-        run: codespell --skip src/tool_hugehelp.c -I .github/scripts/codespell-ignore.txt include src lib
+        run: |
+          codespell \
+            --skip scripts/mk-ca-bundle.pl \
+            --skip src/tool_hugehelp.c \
+            -I .github/scripts/codespell-ignore.txt \
+            CMake include m4 scripts src lib
 
       - name: cmakelint
         run: scripts/cmakelint.sh

RELEASE-NOTES

@@ -31,7 +31,7 @@ This release includes the following bugfixes:
  o cmake: allow building tests in unity mode [31]
  o cmake: delete unused NEED_LBER_H, HAVE_LDAP_H [38]
  o cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled [44]
- o cmake: drop redundant assigments [49]
+ o cmake: drop redundant assignments [49]
  o cmake: drop redundant zlib var, rename function (internals) [50]
  o cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW [13]
  o cmake: fix broken dependency chain for cmdline-opts, tidy-ups [11]
@@ -80,7 +80,7 @@ This release includes the following bugfixes:
  o tests: make precheck for HTTP on 127.0.0.1 into a feature [68]
  o tests: Only log warnings or worse by default in smbserver [33]
  o tests: postcheck is now in verify [69]
- o tests: remove all valgrind disble instructions [21]
+ o tests: remove all valgrind disable instructions [21]
  o tests: remove the %FTPTIME3 variable [41]
  o tests: speed up builds with single-binary test bundles [29]
  o tests: testrunner fairness [39]

docs/ECH.md

@@ -230,7 +230,7 @@ purpose. This code also implements the opportunistic (``--ech true``) or hard-fa
 (``--ech hard``) logic.
 
 Other than that, the main additions are in ``lib/doh.c``
-where we re-use ``dohprobe()`` to retrieve an HTTPS RR value for the target
+where we reuse ``dohprobe()`` to retrieve an HTTPS RR value for the target
 domain. If such a value is found, that is stored using a new ``doh_store_https()``
 function in a new field in the ``dohentry`` structure.
 
@@ -472,7 +472,7 @@ As of now we have not added support for using ``retry_config`` handling in the
 application - for a command line tool, one can just use ``dig`` (or ``kdig``)
 to get the HTTPS RR and pass the ECHConfigList from that on the command line,
 if needed, or one can access the value from command line output in verbose more
-and then re-use that in another invocation.
+and then reuse that in another invocation.
 
 Both our OpenSSL fork and BoringSSL have APIs for both controlling GREASE and
 accessing and logging ``retry_configs``, it seems wolfSSL has neither.

docs/TODO

@@ -1059,7 +1059,7 @@
 
 18.7 specify which response codes that make -f/--fail return error
 
- Allows a user to better specify exacly which error code(s) that are fine
+ Allows a user to better specify exactly which error code(s) that are fine
  and which are errors for their specific uses cases
 
 18.9 Choose the name of file in braces for complex URLs

lib/transfer.c

@@ -223,7 +223,7 @@ static ssize_t Curl_xfer_recv_resp(struct Curl_easy *data,
       blen = (size_t)totalleft;
   }
   else if(xfer_recv_shutdown_started(data)) {
-    /* we already reveived everything. Do not try more. */
+    /* we already received everything. Do not try more. */
     blen = 0;
   }
 

lib/vtls/mbedtls.c

@@ -541,7 +541,7 @@ static int mbed_verify_cb(void *ptr, mbedtls_x509_crt *crt,
     mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
     failf(data, "mbedTLS: %s", buf);
 #else
-    failf(data, "mbedTLS: cerificate verification error 0x%08x", *flags);
+    failf(data, "mbedTLS: certificate verification error 0x%08x", *flags);
 #endif
   }
 

lib/ws.c

@@ -1247,7 +1247,7 @@ CURL_EXTERN CURLcode curl_ws_send(CURL *data, const void *buffer,
         goto out;
       }
       /* We added the complete data to our sendbuf. Report one byte less as
-       * sent. This parital success should make the caller invoke us again
+       * sent. This partial success should make the caller invoke us again
        * with the last byte. */
       *sent = payload_added - 1;
       result = Curl_bufq_unwrite(&ws->sendbuf, 1);

scripts/checksrc.pl

@@ -630,7 +630,7 @@ sub scanfile {
         if($nostr =~ /^(.*[^']\?[^'].*)(\w|\)|\]|')\:/i) {
             my $m = $1;
             my $e = $nostr;
-            $e =~ s/'(.)':'(.)'/$1:$2/g; # eliminate chars quotes that suround colon
+            $e =~ s/'(.)':'(.)'/$1:$2/g; # eliminate chars quotes that surround colon
             $e =~ s/':'//g;              # ignore these
             if($e =~ /^(.*[^']\?[^'].*)(\w|\)|\]|')\:/i) {
                 checkwarn("NOSPACEC",
@@ -642,7 +642,7 @@ sub scanfile {
         if($nostr =~ /^(.*[^'"]\?[^'"].*)\:(\w|\)|\]|')/i) {
             my $m = $1;
             my $e = $nostr;
-            $e =~ s/'(.)':'(.)'/$1:$2/g; # eliminate chars quotes that suround colon
+            $e =~ s/'(.)':'(.)'/$1:$2/g; # eliminate chars quotes that surround colon
             $e =~ s/':'//g;              # ignore these
             if($e =~ /^(.*[^'"]\?[^'"].*)\:(\w|\)|\]|')/i) {
                 checkwarn("NOSPACEC",

scripts/managen

@@ -1256,7 +1256,7 @@ elsif($cmd eq "-c") {
 
 my @files = @ARGV; # the rest are the files
 
-# can be overriden for releases
+# can be overridden for releases
 if($ENV{'CURL_MAKETGZ_VERSION'}) {
     $version = $ENV{'CURL_MAKETGZ_VERSION'};
 }

tests/ech_tests.sh

@@ -93,13 +93,13 @@ declare -A neither_targets=(
 # Top of curl test tree, assume we're there
 : "${CTOP:=.}"
 
-# Plase to put test log output
+# Place to put test log output
 : "${LTOP:=$CTOP/tests/ech-log/}"
 
-# place to stash outputs when things go wrong
+# Place to stash outputs when things go wrong
 : "${BTOP:=$LTOP}"
 
-# time to wait for a remote access to work, 10 seconds
+# Time to wait for a remote access to work, 10 seconds
 : "${tout:=10s}"
 
 # Where we find OpenSSL .so's