Fix Typos

conf/master

@@ -350,7 +350,7 @@
 # the autosign_file and the auto_accept setting.
 #autoreject_file: /etc/salt/autoreject.conf
 
-# If the autosign_grains_dir is specified, incoming keys from minons with grain
+# If the autosign_grains_dir is specified, incoming keys from minions with grain
 # values matching those defined in files in this directory will be accepted
 # automatically. This is insecure. Minions need to be configured to send the grains.
 #autosign_grains_dir: /etc/salt/autosign_grains

conf/suse/master

@@ -302,7 +302,7 @@ syndic_user: salt
 # the autosign_file and the auto_accept setting.
 #autoreject_file: /etc/salt/autoreject.conf
 
-# If the autosign_grains_dir is specified, incoming keys from minons with grain
+# If the autosign_grains_dir is specified, incoming keys from minions with grain
 # values matching those defined in files in this directory will be accepted
 # automatically. This is insecure. Minions need to be configured to send the grains.
 #autosign_grains_dir: /etc/salt/autosign_grains

salt/modules/x509.py

@@ -126,7 +126,7 @@ def _fix_ctx(m2_ctx, issuer=None):
 
 def _new_extension(name, value, critical=0, issuer=None, _pyfree=1):
     '''
-    Create new X509_Extension, This is required because M2Crypto
+    Create new X509_Extension, this is required because M2Crypto
     doesn't support getting the publickeyidentifier from the issuer
     to create the authoritykeyidentifier extension.
     '''
@@ -595,7 +595,7 @@ def read_certificate(certificate):
 
 def read_certificates(glob_path):
     '''
-    Returns a dict containing details of a all certificates matching a glob
+    Returns a dict containing details of all certificates matching a glob
 
     glob_path:
         A path to certificates to be read and returned.
@@ -658,8 +658,8 @@ def read_crl(crl):
 
     :depends:   - OpenSSL command line tool
 
-    csl:
+    crl:
-        A path or PEM encoded string containing the CSL to read.
+        A path or PEM encoded string containing the CRL to read.
 
     CLI Example:
 
@@ -754,17 +754,17 @@ def write_pem(text, path, overwrite=True, pem_type=None):
         PEM string input to be written out.
 
     path:
-        Path of the file to write the pem out to.
+        Path of the file to write the PEM out to.
 
     overwrite:
-        If True(default), write_pem will overwrite the entire pem file.
+        If ``True``(default), write_pem will overwrite the entire PEM file.
         Set False to preserve existing private keys and dh params that may
-        exist in the pem file.
+        exist in the PEM file.
 
     pem_type:
         The PEM type to be saved, for example ``CERTIFICATE`` or
         ``PUBLIC KEY``. Adding this will allow the function to take
-        input that may contain multiple pem types.
+        input that may contain multiple PEM types.
 
     CLI Example:
 
@@ -818,10 +818,10 @@ def create_private_key(path=None,
         Length of the private key in bits. Default 2048
 
     passphrase:
-        Passphrase for encryting the private key
+        Passphrase for encrypting the private key
 
     cipher:
-        Cipher for encrypting the private key. Has no effect if passhprase is None.
+        Cipher for encrypting the private key. Has no effect if passphrase is None.
 
     verbose:
         Provide visual feedback on stdout. Default True
@@ -878,7 +878,7 @@ def create_crl(  # pylint: disable=too-many-arguments,too-many-locals
     :depends:   - PyOpenSSL Python module
 
     path:
-        Path to write the crl to.
+        Path to write the CRL to.
 
     text:
         If ``True``, return the PEM text without writing to a file.
@@ -886,14 +886,14 @@ def create_crl(  # pylint: disable=too-many-arguments,too-many-locals
 
     signing_private_key:
         A path or string of the private key in PEM format that will be used
-        to sign this crl. This is required.
+        to sign the CRL. This is required.
 
     signing_private_key_passphrase:
         Passphrase to decrypt the private key.
 
     signing_cert:
         A certificate matching the private key that will be used to sign
-        this crl. This is required.
+        the CRL. This is required.
 
     revoked:
         A list of dicts containing all the certificates to revoke. Each dict
@@ -1127,9 +1127,9 @@ def create_certificate(
         Default ``False``.
 
     overwrite:
-        If True(default), create_certificate will overwrite the entire pem
+        If ``True``(default), create_certificate will overwrite the entire PEM
         file. Set False to preserve existing private keys and dh params that
-        may exist in the pem file.
+        may exist in the PEM file.
 
     kwargs:
         Any of the properties below can be included as additional
@@ -1139,7 +1139,7 @@ def create_certificate(
         Request a remotely signed certificate from ca_server. For this to
         work, a ``signing_policy`` must be specified, and that same policy
         must be configured on the ca_server. See ``signing_policy`` for
-        details. Also the salt master must permit peers to call the
+        details. Also, the salt master must permit peers to call the
         ``sign_remote_certificate`` function.
 
         Example:
@@ -1200,7 +1200,7 @@ def create_certificate(
 
     public_key:
         The public key to be included in this certificate. This can be sourced
-        from a public key, certificate, csr or private key. If a private key
+        from a public key, certificate, CSR or private key. If a private key
         is used, the matching public key from the private key will be
         generated before any processing is done. This means you can request a
         certificate from a remote CA using a private key file as your
@@ -1264,7 +1264,7 @@ def create_certificate(
             X509v3 Subject Alternative Name
 
         crlDistributionPoints:
-            X509v3 CRL distribution points
+            X509v3 CRL Distribution Points
 
         issuingDistributionPoint:
             X509v3 Issuing Distribution Point
@@ -1324,7 +1324,7 @@ def create_certificate(
     signing_policy:
         A signing policy that should be used to create this certificate.
         Signing policies should be defined in the minion configuration, or in
-        a minion pillar. It should be a yaml formatted list of arguments
+        a minion pillar. It should be a YAML formatted list of arguments
         which will override any arguments passed to this function. If the
         ``minions`` key is included in the signing policy, only minions
         matching that pattern (see match.glob and match.compound) will be
@@ -1385,11 +1385,11 @@ def create_certificate(
                 passphrase=kwargs['public_key_passphrase'])).replace('\n', '')
 
         # Remove system entries in kwargs
-        # Including listen_in and preqreuired because they are not included
+        # Including listen_in and prerequired because they are not included
         # in STATE_INTERNAL_KEYWORDS
         # for salt 2014.7.2
         for ignore in list(_STATE_INTERNAL_KEYWORDS) + \
-                ['listen_in', 'preqrequired', '__prerequired__']:
+                ['listen_in', 'prerequired', '__prerequired__']:
             kwargs.pop(ignore, None)
         # TODO: Make timeout configurable in Neon
         certs = __salt__['publish.publish'](
@@ -1712,7 +1712,7 @@ def verify_private_key(private_key, public_key, passphrase=None):
 
     public_key:
         The public key to verify, can be a string or path to a PEM formatted
-        certificate, csr, or another private key.
+        certificate, CSR, or another private key.
 
     passphrase:
         Passphrase to decrypt the private key.
@@ -1739,7 +1739,7 @@ def verify_signature(certificate, signing_pub_key=None,
 
     signing_pub_key:
         The public key to verify, can be a string or path to a PEM formatted
-        certificate, csr, or private key.
+        certificate, CSR, or private key.
 
     signing_pub_key_passphrase:
         Passphrase to the signing_pub_key if it is an encrypted private key.

salt/states/x509.py

@@ -6,7 +6,7 @@ Manage X509 Certificates
 
 :depends: M2Crypto
 
-This module can enable managing a complete PKI infrastructure including creating private keys, CA's,
+This module can enable managing a complete PKI infrastructure including creating private keys, CAs,
 certificates and CRLs. It includes the ability to generate a private key on a server, and have the
 corresponding public key sent to a remote CA to create a CA signed certificate. This can be done in
 a secure manner, where private keys are always generated locally and never moved across the network.
@@ -94,7 +94,7 @@ the mine where it can be easily retrieved by other minions.
 
 
 The signing policy defines properties that override any property requested or included in a CRL. It also
-can define a restricted list of minons which are allowed to remotely invoke this signing policy.
+can define a restricted list of minions which are allowed to remotely invoke this signing policy.
 
 /srv/salt/signing_policies.conf
 
@@ -117,7 +117,7 @@ can define a restricted list of minons which are allowed to remotely invoke this
 
 
 This state will instruct all minions to trust certificates signed by our new CA.
-Using jinja to strip newlines from the text avoids dealing with newlines in the rendered yaml,
+Using Jinja to strip newlines from the text avoids dealing with newlines in the rendered YAML,
 and the  :mod:`sign_remote_certificate <salt.states.x509.sign_remote_certificate>` state will
 handle properly formatting the text before writing the output.
 
@@ -266,8 +266,8 @@ def private_key_managed(name,
         Cipher for encrypting the private key.
 
     new:
-        Always create a new key. Defaults to False.
+        Always create a new key. Defaults to ``False``.
-        Combining new with :mod:`prereq <salt.states.requsities.preqreq>`, or when used as part of a `managed_private_key` can allow key rotation whenever a new certificiate is generated.
+        Combining new with :mod:`prereq <salt.states.requsities.preqreq>`, or when used as part of a `managed_private_key` can allow key rotation whenever a new certificate is generated.
 
     overwrite:
         Overwrite an existing private key if the provided passphrase cannot decrypt it.
@@ -283,7 +283,7 @@ def private_key_managed(name,
 
     Example:
 
-    The jinja templating in this example ensures a private key is generated if the file doesn't exist
+    The JINJA templating in this example ensures a private key is generated if the file doesn't exist
     and that a new private key is generated whenever the certificate that uses it is to be renewed.
 
     .. code-block:: jinja
@@ -382,7 +382,7 @@ def certificate_managed(name,
         Manages the private key corresponding to the certificate. All of the
         arguments supported by :py:func:`x509.private_key_managed
         <salt.states.x509.private_key_managed>` are supported. If `name` is not
-        speicified or is the same as the name of the certificate, the private
+        specified or is the same as the name of the certificate, the private
         key and certificate will be written together in the same file.
 
     append_certs:
@@ -595,14 +595,14 @@ def crl_managed(name,
         Path to the certificate
 
     signing_private_key
-        The private key that will be used to sign this crl. This is
+        The private key that will be used to sign the CRL. This is
         usually your CA's private key.
 
     signing_private_key_passphrase
         Passphrase to decrypt the private key.
 
     signing_cert
-        The certificate of the authority that will be used to sign this crl.
+        The certificate of the authority that will be used to sign the CRL.
         This is usually your CA's certificate.
 
     revoked
@@ -618,8 +618,8 @@ def crl_managed(name,
         of pyOpenSSL less than 0.14.
 
     days_remaining : 30
-        The crl should be automatically recreated if there are less than
+        The CRL should be automatically recreated if there are less than
-        ``days_remaining`` days until the crl expires. Set to 0 to disable
+        ``days_remaining`` days until the CRL expires. Set to 0 to disable
         automatic renewal.
 
     include_expired : False