diff options
| author | Sébastien Helleu <flashcode@flashtux.org> | 2021-05-12 20:39:40 +0200 |
|---|---|---|
| committer | Sébastien Helleu <flashcode@flashtux.org> | 2021-05-12 20:39:40 +0200 |
| commit | c588ee21bc8fd33678893d5c67616033281032e3 (patch) | |
| tree | 6b082610e625ca846417043edc1297e1b404cd41 | |
| parent | b7112e409060160ccb865c7a749579d18b914110 (diff) | |
| download | weechat-c588ee21bc8fd33678893d5c67616033281032e3.zip | |
core: improve options to load GnuTLS system/user CAs (closes #972)
Changes:
* new option: weechat.network.gnutls_ca_system
* option weechat.network.gnutls_ca_file renamed to
weechat.network.gnutls_ca_user
* reload certificates when options are changed
* remove build option CA_FILE
39 files changed, 971 insertions, 235 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 80f4f6a8e..04c5a372c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -139,15 +139,6 @@ set(WEECHAT_HOME "${WEECHAT_HOME}" CACHE FORCE) mark_as_advanced(CLEAR WEECHAT_HOME) -# option CA_FILE -if(NOT DEFINED CA_FILE OR "${CA_FILE}" STREQUAL "") - set(CA_FILE "/etc/ssl/certs/ca-certificates.crt") -endif() -set(CA_FILE "${CA_FILE}" CACHE - STRING "File containing the certificate authorities (default is \"/etc/ssl/certs/ca-certificates.crt\"). This is the default value of option \"weechat.network.gnutls_ca_file\". It is evaluated with function string_eval_path_home each time it is used." - FORCE) -mark_as_advanced(CLEAR CA_FILE) - if(COMMAND cmake_policy) if(POLICY CMP0003) cmake_policy(SET CMP0003 NEW) diff --git a/ChangeLog.adoc b/ChangeLog.adoc index f94ba77f1..9f46b8f35 100644 --- a/ChangeLog.adoc +++ b/ChangeLog.adoc @@ -20,6 +20,7 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes] New features:: + * core: add option weechat.network.gnutls_ca_system, rename option weechat.network.gnutls_ca_file to weechat.network.gnutls_ca_user, delete and reload certificates when options are changed, remove build option CA_FILE (issue #972) * core: use XDG directories by default (config, data, cache, runtime) (issue #1285) * core: evaluate option weechat.network.gnutls_ca_file * core: evaluate option weechat.plugin.path, change default value to "${weechat_data_dir}/plugins" diff --git a/config.h.cmake b/config.h.cmake index 75e2560cc..462dcf36c 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -18,5 +18,4 @@ #define WEECHAT_SHAREDIR "@WEECHAT_SHAREDIR@" #define LOCALEDIR "@LOCALEDIR@" #define WEECHAT_HOME "@WEECHAT_HOME@" -#define CA_FILE "@CA_FILE@" #define _GNU_SOURCE 1 diff --git a/configure.ac b/configure.ac index b0245446f..954a3b0e6 100644 --- a/configure.ac +++ b/configure.ac @@ -135,7 +135,6 @@ AH_VERBATIM([TESTS], [#undef TESTS]) AH_VERBATIM([MAN], [#undef MAN]) AH_VERBATIM([DOC], [#undef DOC]) AH_VERBATIM([WEECHAT_HOME], [#define WEECHAT_HOME ""]) -AH_VERBATIM([CA_FILE], [#define CA_FILE "/etc/ssl/certs/ca-certificates.crt"]) # Arguments for ./configure @@ -173,15 +172,9 @@ AC_ARG_ENABLE(man, [ --enable-man turn on build of man page AC_ARG_ENABLE(doc, [ --enable-doc turn on build of documentation (default=not built)],enable_doc=$enableval,enable_doc=no) AC_ARG_VAR(WEECHAT_HOME, [Force a single WeeChat home directory for config, logs, scripts, etc.]) -AC_ARG_VAR(CA_FILE, [File containing the certificate authorities (default is "/etc/ssl/certs/ca-certificates.crt"). This is the default value of option "weechat.network.gnutls_ca_file". It is evaluated with function string_eval_path_home each time it is used.]) AC_DEFINE_UNQUOTED(WEECHAT_HOME, "$WEECHAT_HOME") -if test "x$CA_FILE" = "x" ; then - CA_FILE="/etc/ssl/certs/ca-certificates.crt" -fi -AC_DEFINE_UNQUOTED(CA_FILE, "$CA_FILE") - not_asked="" not_found="" @@ -1545,7 +1538,6 @@ echo " Compile with debug..... : $msg_debug" echo " Compile tests.......... : $msg_tests" echo " Man page............... : $msg_man" echo " Documentation.......... : $msg_doc" -echo " Certificate authorities : ${CA_FILE}" if test "x$not_asked" != "x" || test "x$not_found" != "x"; then echo "" diff --git a/doc/de/includes/autogen_user_options.de.adoc b/doc/de/includes/autogen_user_options.de.adoc index 8916bd2fe..1cff6f15c 100644 --- a/doc/de/includes/autogen_user_options.de.adoc +++ b/doc/de/includes/autogen_user_options.de.adoc @@ -1260,11 +1260,17 @@ ** Werte: 1 .. 2147483647 ** Standardwert: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** Beschreibung: pass:none[file containing the certificate authorities (path is evaluated, see function string_eval_path_home in plugin API reference)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** Beschreibung: pass:none[load system's default trusted certificate authorities on startup; this can be turned off to save some memory only if you are not using SSL connections at all] +** Typ: boolesch +** Werte: on, off +** Standardwert: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** Beschreibung: pass:none[extra file(s) with certificate authorities; multiple files must be separated by colons (each path is evaluated, see function string_eval_path_home in plugin API reference)] ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette -** Standardwert: `+"/etc/ssl/certs/ca-certificates.crt"+` +** Standardwert: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** Beschreibung: pass:none[Zeitüberschreitung für gnutls Handshake (in Sekunden)] diff --git a/doc/de/weechat_faq.de.adoc b/doc/de/weechat_faq.de.adoc index c9e668b1c..13316bbd8 100644 --- a/doc/de/weechat_faq.de.adoc +++ b/doc/de/weechat_faq.de.adoc @@ -775,7 +775,9 @@ anstelle der kbd:[Shift]-Taste gedrückt werden). Falls macOS genutzt wird, muss mittels Homebrew `openssl` installiert werden. Eine CA-Datei wird mittels Zertifikaten vom Systemschlüssel geladen. -Der Pfad zu den Zertifikaten kann in WeeChat eingestellt werden: + +// TRANSLATION MISSING +With WeeChat ≤ 3.1, you can set the path to system certificates: ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -820,7 +822,9 @@ Im folgenden Beispiel muss "xxx" durch den betroffenen Servernamen ersetzt werde [[irc_ssl_freenode]] === Wie kann ich eine SSL gesicherte Verbindung zum freenode Server herstellen? -Die Option _weechat.network.gnutls_ca_file_ sollte auf die Zertifikationsdatei zeigen: +// TRANSLATION MISSING +With WeeChat ≤ 3.1, set option _weechat.network.gnutls_ca_file_ to file with +certificates: ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1136,8 +1140,7 @@ Die Skripten für WeeChat sind mit anderen IRC-Clients nicht kompatibel und vice [[scripts_update]] === Der Befehl "/script update" liest die Skriptliste nicht ein, wie kann ich das beheben? -Als erstes sollte das Kapitel über SSL Verbindungen in dieser FAQ gelesen werden -(besonders über die Option _weechat.network.gnutls_ca_file_). +Als erstes sollte das Kapitel über SSL Verbindungen in dieser FAQ gelesen werden. Wenn das nicht hilft, sollte die Skriptliste von Hand gelöscht werden. Dazu folgenden Befehl in der Shell ausführen: @@ -1221,9 +1224,9 @@ Damit WeeChat weniger Speicher benötigt, solltest Du folgende Tipps umsetzen: Fifo, Logger, Perl, Python, Ruby, Lua, Tcl, Guile, JavaScript, PHP, Spell, Xfer (wird für DCC benötigst), siehe `/help weechat.plugin.autoload`. * installiere ausschließlich Skripten die Du auch nutzt -* falls man SSL *NICHT* nutzt, sollte kein Zertifikat geladen werden. In diesem - Fall, einfach den Eintrag in folgender Option leer lassen: - _weechat.network.gnutls_ca_file_ +// TRANSLATION MISSING +* Do not load system certificates if SSL is *NOT* used: turn off this option: + _weechat.network.gnutls_ca_system_. * der Wert der Option _weechat.history.max_buffer_lines_number_ sollte möglichst niedrig eingestellt werden oder die Option _weechat.history.max_buffer_lines_minutes_ verwendet werden. diff --git a/doc/de/weechat_user.de.adoc b/doc/de/weechat_user.de.adoc index 13746f055..33e89c85d 100644 --- a/doc/de/weechat_user.de.adoc +++ b/doc/de/weechat_user.de.adoc @@ -207,11 +207,6 @@ Liste von häufig verwendeten Optionen: The value can also be 4 directories separated by colons, in this order: config, data, cache, runtime. -| CA_FILE | Datei | /etc/ssl/certs/ca-certificates.crt | - Datei enthält die Zertifizierungen. - Dies ist der Standardwert für Optionen - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>>. - | ENABLE_ALIAS | `ON`, `OFF` | ON | kompiliert <<alias_plugin,Alias Erweiterung>>. @@ -2917,8 +2912,13 @@ WeeChat immer ob dieser Verbindung sicher ist. Einige Optionen dienen dazu eine SSL Verbindung zu nutzen: -weechat.network.gnutls_ca_file:: - Pfad zu einer Datei mit SSL Zertifikaten +// TRANSLATION MISSING +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +// TRANSLATION MISSING +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: Datei mit den SSL Zertifikaten die genutzt werden um automatisch Ihren Nick diff --git a/doc/en/includes/autogen_user_options.en.adoc b/doc/en/includes/autogen_user_options.en.adoc index ec443d0b4..b799bb0bb 100644 --- a/doc/en/includes/autogen_user_options.en.adoc +++ b/doc/en/includes/autogen_user_options.en.adoc @@ -1260,11 +1260,17 @@ ** values: 1 .. 2147483647 ** default value: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** description: pass:none[file containing the certificate authorities (path is evaluated, see function string_eval_path_home in plugin API reference)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** description: pass:none[load system's default trusted certificate authorities on startup; this can be turned off to save some memory only if you are not using SSL connections at all] +** type: boolean +** values: on, off +** default value: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** description: pass:none[extra file(s) with certificate authorities; multiple files must be separated by colons (each path is evaluated, see function string_eval_path_home in plugin API reference)] ** type: string ** values: any string -** default value: `+"/etc/ssl/certs/ca-certificates.crt"+` +** default value: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** description: pass:none[timeout (in seconds) for gnutls handshake] diff --git a/doc/en/weechat_faq.en.adoc b/doc/en/weechat_faq.en.adoc index b9a376118..c841117bb 100644 --- a/doc/en/weechat_faq.en.adoc +++ b/doc/en/weechat_faq.en.adoc @@ -727,7 +727,8 @@ you have to use kbd:[Alt] instead of kbd:[Shift]). If you are using macOS, you must install `openssl` from Homebrew. A CA file will be bootstrapped using certificates from the system keychain. -You can then set the path to certificates in WeeChat: + +With WeeChat ≤ 3.1, you can then set the path to system certificates: ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -767,7 +768,8 @@ by your server name: [[irc_ssl_freenode]] === How can I connect to freenode server using SSL? -Set option _weechat.network.gnutls_ca_file_ to file with certificates: +With WeeChat ≤ 3.1, set option _weechat.network.gnutls_ca_file_ to file with +certificates: ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1047,8 +1049,7 @@ Scripts are not compatible with other IRC clients. [[scripts_update]] === The command "/script update" can not read scripts, how to fix that? -First check questions about SSL connection in this FAQ -(especially the option _weechat.network.gnutls_ca_file_). +First check questions about SSL connection in this FAQ. If still not working, try to manually delete the scripts file (in your shell): @@ -1128,8 +1129,8 @@ You can try following tips to consume less memory: fifo, logger, perl, python, ruby, lua, tcl, guile, javascript, php, spell, xfer (used for DCC). See `/help weechat.plugin.autoload`. * Load only scripts that you really need. -* Do not load certificates if SSL is *NOT* used: set empty string in option - _weechat.network.gnutls_ca_file_. +* Do not load system certificates if SSL is *NOT* used: turn off this option: + _weechat.network.gnutls_ca_system_. * Reduce value of option _weechat.history.max_buffer_lines_number_ or set value of option _weechat.history.max_buffer_lines_minutes_. * Reduce value of option _weechat.history.max_commands_. diff --git a/doc/en/weechat_user.en.adoc b/doc/en/weechat_user.en.adoc index d14e504d6..98fb83736 100644 --- a/doc/en/weechat_user.en.adoc +++ b/doc/en/weechat_user.en.adoc @@ -198,11 +198,6 @@ List of commonly used options: The value can also be 4 directories separated by colons, in this order: config, data, cache, runtime. -| CA_FILE | file | /etc/ssl/certs/ca-certificates.crt | - File containing the certificate authorities. - This is the default value of option - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>>. - | ENABLE_ALIAS | `ON`, `OFF` | ON | Compile <<alias_plugin,Alias plugin>>. @@ -2857,8 +2852,11 @@ connection is fully trusted. Some options are used to control SSL connection: -weechat.network.gnutls_ca_file:: - path to file with certificate authorities +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: SSL certificate file used to automatically identify your nick (for example diff --git a/doc/fr/includes/autogen_user_options.fr.adoc b/doc/fr/includes/autogen_user_options.fr.adoc index 6b9dfc811..9d8d3f0df 100644 --- a/doc/fr/includes/autogen_user_options.fr.adoc +++ b/doc/fr/includes/autogen_user_options.fr.adoc @@ -1260,11 +1260,17 @@ ** valeurs: 1 .. 2147483647 ** valeur par défaut: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** description: pass:none[fichier contenant les autorités de certification (le chemin est évalué, voir la fonction string_eval_path_home dans la référence API extension)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** description: pass:none[charger les certificats des autorités de certification système au démarrage ; cela peut être désactivée pour économiser de la mémoire, seulement si vous n'utilisez pas du tout de connexions SSL] +** type: booléen +** valeurs: on, off +** valeur par défaut: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** description: pass:none[fichier(s) supplémentaire(s) avec des autorités de certification ; plusieurs fichiers doivent être séparés par ":" (chaque chemin est évalué, voir la fonction string_eval_path_home dans la référence API extension)] ** type: chaîne ** valeurs: toute chaîne -** valeur par défaut: `+"/etc/ssl/certs/ca-certificates.crt"+` +** valeur par défaut: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** description: pass:none[délai d'attente maximum (en secondes) pour la poignée de main (handshake) gnutls] diff --git a/doc/fr/weechat_faq.fr.adoc b/doc/fr/weechat_faq.fr.adoc index 09ac6cc93..25aace487 100644 --- a/doc/fr/weechat_faq.fr.adoc +++ b/doc/fr/weechat_faq.fr.adoc @@ -750,8 +750,9 @@ kbd:[Alt] au lieu de kbd:[Shift]). === J'ai des problèmes pour me connecter au serveur avec SSL, que puis-je faire ? Si vous utilisez macOS, vous devez installer `openssl` depuis Homebrew. -Un fichier CA sera installé avec le le trousseau système. Vous pouvez alors -définie le chemin vers les certificats sous WeeChat : +Un fichier CA sera installé avec le le trousseau système. + +Avec WeeChat ≤ 3.1, vous pouvez définir le chemin vers les certificats système : ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -792,8 +793,8 @@ seulement), remplacez "xxx" par le nom de votre serveur : [[irc_ssl_freenode]] === Comment puis-je me connecter à freenode avec SSL ? -Positionnez l'option _weechat.network.gnutls_ca_file_ avec le fichier des -certificats : +Avec WeeChat ≤ 3.1, positionnez l'option _weechat.network.gnutls_ca_file_ avec +le fichier des certificats : ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1086,8 +1087,7 @@ Les scripts ne sont pas compatibles avec d'autres clients IRC. [[scripts_update]] === La commande "/script update" ne peut pas lire les scripts, comment corriger ça ? -Consultez d'abord les questions à propos des connexions SSL dans cette FAQ -(en particulier l'option _weechat.network.gnutls_ca_file_). +Consultez d'abord les questions à propos des connexions SSL dans cette FAQ. Si cela ne fonctionne toujours pas, essayez de supprimer manuellement le fichier avec les scripts (dans votre shell) : @@ -1173,8 +1173,8 @@ Vous pouvez essayer les astuces suivantes pour consommer moins de mémoire : spell, xfer (utilisé pour les DCC). Voir `/help weechat.plugin.autoload`. * Charger uniquement les scripts dont vous avez vraiment besoin. -* Ne pas charger les certificats si SSL n'est *PAS* utilisé : affecter une - chaîne vide pour l'option _weechat.network.gnutls_ca_file_. +* Ne pas charger les certificats si SSL n'est *PAS* utilisé : désactiver + l'option _weechat.network.gnutls_ca_system_. * Réduire la valeur de l'option _weechat.history.max_buffer_lines_number_ ou affecter une valeur à l'option _weechat.history.max_buffer_lines_minutes_. * Réduire la valeur de l'option _weechat.history.max_commands_. diff --git a/doc/fr/weechat_user.fr.adoc b/doc/fr/weechat_user.fr.adoc index e44323cbd..b6bf18fc6 100644 --- a/doc/fr/weechat_user.fr.adoc +++ b/doc/fr/weechat_user.fr.adoc @@ -202,11 +202,6 @@ Liste des options couramment utilisées : La valeur peut aussi être 4 répertoires séparés par ":", dans cet order : config, data, cache, runtime. -| CA_FILE | fichier | /etc/ssl/certs/ca-certificates.crt | - Fichier contenant les autorités de certification. - C'est la valeur par défaut de l'option - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>>. - | ENABLE_ALIAS | `ON`, `OFF` | ON | Compiler <<alias_plugin,l'extension Alias>>. @@ -2957,8 +2952,13 @@ la connexion est entièrement de confiance. Quelques options sont utilisées pour contrôler la connexion SSL : -weechat.network.gnutls_ca_file:: - chemin vers le fichier avec les certificats de confiance +// TRANSLATION MISSING +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +// TRANSLATION MISSING +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: fichier de certificat SSL utilisé pour authentifier automatiquement votre diff --git a/doc/it/includes/autogen_user_options.it.adoc b/doc/it/includes/autogen_user_options.it.adoc index 36b361df2..1facf3712 100644 --- a/doc/it/includes/autogen_user_options.it.adoc +++ b/doc/it/includes/autogen_user_options.it.adoc @@ -1260,11 +1260,17 @@ ** valori: 1 .. 2147483647 ** valore predefinito: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** descrizione: pass:none[file containing the certificate authorities (path is evaluated, see function string_eval_path_home in plugin API reference)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** descrizione: pass:none[load system's default trusted certificate authorities on startup; this can be turned off to save some memory only if you are not using SSL connections at all] +** tipo: bool +** valori: on, off +** valore predefinito: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** descrizione: pass:none[extra file(s) with certificate authorities; multiple files must be separated by colons (each path is evaluated, see function string_eval_path_home in plugin API reference)] ** tipo: stringa ** valori: qualsiasi stringa -** valore predefinito: `+"/etc/ssl/certs/ca-certificates.crt"+` +** valore predefinito: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** descrizione: pass:none[timeout (in secondi) per l'handshake di gnutls] diff --git a/doc/it/weechat_faq.it.adoc b/doc/it/weechat_faq.it.adoc index e44347615..6c8e67d2c 100644 --- a/doc/it/weechat_faq.it.adoc +++ b/doc/it/weechat_faq.it.adoc @@ -791,7 +791,9 @@ kbd:[Shift]). // TRANSLATION MISSING If you are using macOS, you must install `openssl` from Homebrew. A CA file will be bootstrapped using certificates from the system keychain. -You can then set the path to certificates in WeeChat: + +// TRANSLATION MISSING +With WeeChat ≤ 3.1, you can set the path to system certificates: ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -832,7 +834,9 @@ Provare una stringa di priorità diversa (solo WeeChat ≥ 0.3.5), sostituendo [[irc_ssl_freenode]] === Come ci si può connettere al server freenode via SSL? -Impostare l'opzione _weechat.network.gnutls_ca_file_ con il file dei certificati: +// TRANSLATION MISSING +With WeeChat ≤ 3.1, set option _weechat.network.gnutls_ca_file_ to file with +certificates: ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1135,8 +1139,7 @@ Gli script non sono compatibili con altri client IRC. [[scripts_update]] === The command "/script update" can not read scripts, how to fix that? -First check questions about SSL connection in this FAQ -(especially the option _weechat.network.gnutls_ca_file_). +First check questions about SSL connection in this FAQ. If still not working, try to manually delete the scripts file (in your shell): @@ -1222,8 +1225,9 @@ Esistono diversi trucchi per ottimizzare l'uso della memoria: fifo, logger, perl, python, ruby, lua, tcl, guile, javascript, php, spell, xfer (usato per DCC). See `/help weechat.plugin.autoload`. * caricare solo gli script veramente necessari -* non caricare i certificati se SSL *NON* viene usato: usare una stringa vuota nell'opzione - _weechat.network.gnutls_ca_file_ +// TRANSLATION MISSING +* Do not load system certificates if SSL is *NOT* used: turn off this option: + _weechat.network.gnutls_ca_system_. * ridurre il valore dell'opzione _weechat.history.max_buffer_lines_number_ oppure impostare il valore dell'opzione _weechat.history.max_buffer_lines_minutes_ * ridurre il valore dell'opzione _weechat.history.max_commands_ diff --git a/doc/it/weechat_user.it.adoc b/doc/it/weechat_user.it.adoc index cf36845b2..abd836628 100644 --- a/doc/it/weechat_user.it.adoc +++ b/doc/it/weechat_user.it.adoc @@ -236,11 +236,6 @@ List of commonly used options: The value can also be 4 directories separated by colons, in this order: config, data, cache, runtime. -| CA_FILE | file | /etc/ssl/certs/ca-certificates.crt | - File containing the certificate authorities. - This is the default value of option - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>>. - | ENABLE_ALIAS | `ON`, `OFF` | ON | Compile <<alias_plugin,Alias plugin>>. @@ -3072,8 +3067,13 @@ maniera predefinita che la connessione sia completamente fidata. Esistono alcune opzioni per controllare la connessione SSL: -weechat.network.gnutls_ca_file:: - path del file con il certificato delle autorità +// TRANSLATION MISSING +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +// TRANSLATION MISSING +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: file del certificato SSL usato per identificare automaticamente il proprio diff --git a/doc/ja/includes/autogen_user_options.ja.adoc b/doc/ja/includes/autogen_user_options.ja.adoc index 5821c5ab0..878798777 100644 --- a/doc/ja/includes/autogen_user_options.ja.adoc +++ b/doc/ja/includes/autogen_user_options.ja.adoc @@ -1260,11 +1260,17 @@ ** 値: 1 .. 2147483647 ** デフォルト値: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** 説明: pass:none[file containing the certificate authorities (path is evaluated, see function string_eval_path_home in plugin API reference)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** 説明: pass:none[load system's default trusted certificate authorities on startup; this can be turned off to save some memory only if you are not using SSL connections at all] +** タイプ: ブール +** 値: on, off +** デフォルト値: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** 説明: pass:none[extra file(s) with certificate authorities; multiple files must be separated by colons (each path is evaluated, see function string_eval_path_home in plugin API reference)] ** タイプ: 文字列 ** 値: 未制約文字列 -** デフォルト値: `+"/etc/ssl/certs/ca-certificates.crt"+` +** デフォルト値: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** 説明: pass:none[gnutls ハンドシェイクのタイムアウト (秒単位)] diff --git a/doc/ja/weechat_faq.ja.adoc b/doc/ja/weechat_faq.ja.adoc index 876ab87df..dde3a0f83 100644 --- a/doc/ja/weechat_faq.ja.adoc +++ b/doc/ja/weechat_faq.ja.adoc @@ -730,7 +730,9 @@ WeeChat でマウスが利用可能な場合、kbd:[Shift] macOS をお使いの場合、必ず Homebrew から `openssl` をインストールしてください。こうすることでシステムの鍵束に含まれる証明書を使いつつ、CA -ファイルを起動時に読み込ませることが可能になります。その後、WeeChat で証明書へのパスを設定してください: + +// TRANSLATION MISSING +With WeeChat ≤ 3.1, you can set the path to system certificates: ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -770,7 +772,9 @@ gnutls ハンドシェイクに関するエラーの場合、Diffie-Hellman キ [[irc_ssl_freenode]] === どうすれば SSL を使って freenode サーバに接続できますか。 -オプション _weechat.network.gnutls_ca_file_ に証明書ファイルへのパスを設定してください。 +// TRANSLATION MISSING +With WeeChat ≤ 3.1, set option _weechat.network.gnutls_ca_file_ to file with +certificates: ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1050,8 +1054,7 @@ weeget.py と script.pl を使ってください。 [[scripts_update]] === コマンド "/script update" でスクリプトを読み込むことができません。どうすればいいですか。 -手始めに、この FAQ の SSL 接続に関する質問を確認してください -(特にオプション _weechat.network.gnutls_ca_file_ に関する質問)。 +手始めに、この FAQ の SSL 接続に関する質問を確認してください。 それでもだめなら、手作業で (シェルから) スクリプトリストファイルを削除してください: @@ -1132,8 +1135,9 @@ WeeChat バージョン 2.4 以下では "spell" プラグインは "aspell" と buflist、fifo、logger、perl、python、ruby、lua、tcl、guile、javascript、php、spell、xfer (DCC で使用)。 `/help weechat.plugin.autoload` を参照してください。 * 本当に必要なスクリプトだけをロード -* SSL を *使わない* なら、証明書を読み込まないでください: オプション - _weechat.network.gnutls_ca_file_ に空文字列を設定してください。 +// TRANSLATION MISSING +* Do not load system certificates if SSL is *NOT* used: turn off this option: + _weechat.network.gnutls_ca_system_. * _weechat.history.max_buffer_lines_number_ オプションの値を減らすか、_weechat.history.max_buffer_lines_minutes_ オプションに値を設定してください。 * _weechat.history.max_commands_ オプションの値を減らしてください。 diff --git a/doc/ja/weechat_user.ja.adoc b/doc/ja/weechat_user.ja.adoc index 2d39d7e7a..b3a5912e0 100644 --- a/doc/ja/weechat_user.ja.adoc +++ b/doc/ja/weechat_user.ja.adoc @@ -208,11 +208,6 @@ CMake に対するオプションを指定するには、以下の書式を使 The value can also be 4 directories separated by colons, in this order: config, data, cache, runtime. -| CA_FILE | file | /etc/ssl/certs/ca-certificates.crt | - 認証局を含むファイル。これは - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>> - オプションのデフォルト値です。 - | ENABLE_ALIAS | `ON`, `OFF` | ON | <<alias_plugin,Alias プラグイン>>のコンパイル。 @@ -2932,8 +2927,13 @@ SSL を使って IRC サーバに接続する場合、WeeChat 以下のオプションで SSL 接続を設定します: -weechat.network.gnutls_ca_file:: - 認証局ファイルへのパス +// TRANSLATION MISSING +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +// TRANSLATION MISSING +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: 自動的にニックネームを確認するために利用される SSL 証明書ファイル (例えば diff --git a/doc/pl/includes/autogen_user_options.pl.adoc b/doc/pl/includes/autogen_user_options.pl.adoc index e9075b109..9a8608f3a 100644 --- a/doc/pl/includes/autogen_user_options.pl.adoc +++ b/doc/pl/includes/autogen_user_options.pl.adoc @@ -1260,11 +1260,17 @@ ** wartości: 1 .. 2147483647 ** domyślna wartość: `+60+` -* [[option_weechat.network.gnutls_ca_file]] *weechat.network.gnutls_ca_file* -** opis: pass:none[file containing the certificate authorities (path is evaluated, see function string_eval_path_home in plugin API reference)] +* [[option_weechat.network.gnutls_ca_system]] *weechat.network.gnutls_ca_system* +** opis: pass:none[load system's default trusted certificate authorities on startup; this can be turned off to save some memory only if you are not using SSL connections at all] +** typ: bool +** wartości: on, off +** domyślna wartość: `+on+` + +* [[option_weechat.network.gnutls_ca_user]] *weechat.network.gnutls_ca_user* +** opis: pass:none[extra file(s) with certificate authorities; multiple files must be separated by colons (each path is evaluated, see function string_eval_path_home in plugin API reference)] ** typ: ciąg ** wartości: dowolny ciąg -** domyślna wartość: `+"/etc/ssl/certs/ca-certificates.crt"+` +** domyślna wartość: `+""+` * [[option_weechat.network.gnutls_handshake_timeout]] *weechat.network.gnutls_handshake_timeout* ** opis: pass:none[czas oczekiwania (w sekundach) na uwierzytelnienie gnutls] diff --git a/doc/pl/weechat_faq.pl.adoc b/doc/pl/weechat_faq.pl.adoc index 87f861987..5c75fb9a4 100644 --- a/doc/pl/weechat_faq.pl.adoc +++ b/doc/pl/weechat_faq.pl.adoc @@ -731,7 +731,9 @@ kbd:[Shift]). Jeśli używasz Mac macOS, musisz zainstalować `openssl` z Homebrew. Plik CA zostanie wygenerowany korzystając z systemowego keychaina. -Możez natępnie ustawić ścierzkę do certyfikatów w WeeChat: + +// TRANSLATION MISSING +With WeeChat ≤ 3.1, you can set the path to system certificates: ---- /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem" @@ -771,7 +773,9 @@ nazwą serwera: [[irc_ssl_freenode]] === Jak mogę połączyć się z serwerem freenode używając SSL? -Ustaw opcję _weechat.network.gnutls_ca_file_ do pliku z certyfikatami: +// TRANSLATION MISSING +With WeeChat ≤ 3.1, set option _weechat.network.gnutls_ca_file_ to file with +certificates: ---- /set weechat.network.gnutls_ca_file "/etc/ssl/certs/ca-certificates.crt" @@ -1053,7 +1057,7 @@ Skrypty nie są kompatybilne z innymi klientami IRC. === Komenda "/script update" nie może odczytać skryptów, jak to naprawić? Najpierw zapoznaj się z zagadnieniami dotyczącymi połączeń SSL znajdującymi się -w tym dokumencie (zwłaszcza opcji _weechat.network.gnutls_ca_file_). +w tym dokumencie. Jeśli to nie pomoże spróuj ręcznie usunąć plik z listą skryptów (z poziomu powłoki): @@ -1135,8 +1139,9 @@ W celu zmniejszenia używanej pamięci możesz zastosować się do poniższych r ruby, lua, tcl, guile, javascript, php, spell, xfer (używana do DCC). Zobacz `/help weechat.plugin.autoload`. * ładować tylko naprawdę używane skrypty -* nie ładuj certyfikatów jeśli SSL *NIE* jest używany: ustaw pusty ciąg w opcji - _weechat.network.gnutls_ca_file_ +// TRANSLATION MISSING +* Do not load system certificates if SSL is *NOT* used: turn off this option: + _weechat.network.gnutls_ca_system_. * zmniejsz wartość dla opcji _weechat.history.max_buffer_lines_number_ lub ustaw wartość opcji _weechat.history.max_buffer_lines_minutes_ * zmniejszyć wartość opcji _weechat.history.max_commands_ diff --git a/doc/pl/weechat_user.pl.adoc b/doc/pl/weechat_user.pl.adoc index a73ce15ab..1a1394287 100644 --- a/doc/pl/weechat_user.pl.adoc +++ b/doc/pl/weechat_user.pl.adoc @@ -205,11 +205,6 @@ Lista popularnych opcji: The value can also be 4 directories separated by colons, in this order: config, data, cache, runtime. -| CA_FILE | plik | /etc/ssl/certs/ca-certificates.crt | - Plik zawierający urzędy certyfikacji. - Jest to domyślna wartość opcji - <<option_weechat.network.gnutls_ca_file,weechat.network.gnutls_ca_file>>. - | ENABLE_ALIAS | `ON`, `OFF` | ON | Kompilacja <<alias_plugin,wtyczki alias>>. @@ -2893,8 +2888,13 @@ jest w pełni zaufane. Niektóre opcje są używane do kontroli połączenia SSL: -weechat.network.gnutls_ca_file:: - ścieżka do pliku z organami certyfikującymi +// TRANSLATION MISSING +weechat.network.gnutls_ca_system:: + load system's default trusted certificate authorities on startup + +// TRANSLATION MISSING +weechat.network.gnutls_ca_user:: + extra file(s) with certificate authorities irc.server.xxx.ssl_cert:: certyfikat SSL używany do automatycznej identyfikacji twojego nicka (na @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Ondřej Súkup <mimi.vx@gmail.com>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -4126,10 +4126,18 @@ msgid "" msgstr "časový limit (v sekundách) pro gnutls handshake" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" msgstr "" +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" +msgstr "soubor s SSL certifikátem a soukromý klíč (pro obsluhu klientů s SSL)" + msgid "timeout (in seconds) for gnutls handshake" msgstr "časový limit (v sekundách) pro gnutls handshake" @@ -4317,12 +4325,39 @@ msgstr "" "s jiným domovským adresářem pomocí \"--dir\" volby příkazové řádky.\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: nemůžu číst certifikát \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: certifikát vypršel" +msgstr[1] "%sgnutls: certifikát vypršel" +msgstr[2] "%sgnutls: certifikát vypršel" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: nemůžu číst certifikát \"%s\"" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "Myš je zapnuta" +msgstr[1] "Myš je zapnuta" +msgstr[2] "Myš je zapnuta" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: nemůžu číst certifikát \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: certifikát vypršel" +msgstr[1] "%sgnutls: certifikát vypršel" +msgstr[2] "%sgnutls: certifikát vypršel" msgid "set server name indication (SNI) failed" msgstr "" @@ -13245,6 +13280,16 @@ msgstr "%s%s: vypršel časový limit \"%s\" pro %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: nemohu se připojit\" neočekávaná chyba (%d)" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: nemůžu číst certifikát \"%s\"" +#~ msgstr[1] "%sgnutls: nemůžu číst certifikát \"%s\"" +#~ msgstr[2] "%sgnutls: nemůžu číst certifikát \"%s\"" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Chyba: nemohu získat HOME adresář\n" @@ -24,7 +24,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-04-13 11:40+0200\n" "Last-Translator: Nils Görs <weechatter@arcor.de>\n" "Language-Team: German <kde-i18n-de@kde.org>\n" @@ -5039,9 +5039,19 @@ msgstr "" "Rechner (mittels einem Kindprozess)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"Datei mit SSL Zertifikat und privatem Schlüssel (zur Nutzung von Clients mit " +"SSL)" msgid "timeout (in seconds) for gnutls handshake" msgstr "Zeitüberschreitung für gnutls Handshake (in Sekunden)" @@ -5247,13 +5257,39 @@ msgstr "" "Verzeichnis zu starten.\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "" +"%sgnutls: Zertifikat für Fingerprint (%s) konnte nicht berechnet werden" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: die Gültigkeitsdauer des Zertifikates ist abgelaufen" +msgstr[1] "%sgnutls: die Gültigkeitsdauer des Zertifikates ist abgelaufen" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "" "%sgnutls: Zertifikat für Fingerprint (%s) konnte nicht berechnet werden" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "%s: pipe geöffnet (Datei: %s)" +msgstr[1] "%s: pipe geöffnet (Datei: %s)" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" msgstr "" +"%sgnutls: Zertifikat für Fingerprint (%s) konnte nicht berechnet werden" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: die Gültigkeitsdauer des Zertifikates ist abgelaufen" +msgstr[1] "%sgnutls: die Gültigkeitsdauer des Zertifikates ist abgelaufen" msgid "set server name indication (SNI) failed" msgstr "Server Name Indication (SNI) konnte nicht gesetzt werden" @@ -15580,6 +15616,17 @@ msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "" "%s%s: Verbindung konnte nicht hergestellt werden: unerwarteter Fehler (%d)" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "" +#~ "%sgnutls: Zertifikat für Fingerprint (%s) konnte nicht berechnet werden" +#~ msgstr[1] "" +#~ "%sgnutls: Zertifikat für Fingerprint (%s) konnte nicht berechnet werden" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Fehler: Das HOME-Verzeichnis kann nicht ermittelt werden\n" @@ -22,7 +22,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Elián Hanisch <lambdae2@gmail.com>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -4319,9 +4319,19 @@ msgstr "" "subproceso)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"ruta para encontrar plugins (\"%h\" será reemplazado por el directorio raíz " +"de WeeChat, \"~/.weechat\" por defecto)" msgid "timeout (in seconds) for gnutls handshake" msgstr "tiempo de espera (en segundos) para el saludo gnutls" @@ -4511,12 +4521,36 @@ msgstr "" "\"\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: no es posible leer el certificado \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: el certificado ha expirado" +msgstr[1] "%sgnutls: el certificado ha expirado" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: no es posible leer el certificado \"%s\"" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "Ratón activado" +msgstr[1] "Ratón activado" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: no es posible leer el certificado \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: el certificado ha expirado" +msgstr[1] "%sgnutls: el certificado ha expirado" msgid "set server name indication (SNI) failed" msgstr "" @@ -13524,6 +13558,15 @@ msgstr "%s%s: tiempo de espera máximo para \"%s\" con %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: no es posible conectarse al transmisor" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: no es posible leer el certificado \"%s\"" +#~ msgstr[1] "%sgnutls: no es posible leer el certificado \"%s\"" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Error: no ha sido posible obtener el directorio HOME\n" @@ -21,8 +21,8 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" -"PO-Revision-Date: 2021-05-11 21:39+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" +"PO-Revision-Date: 2021-05-12 20:35+0200\n" "Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" "Language: fr\n" @@ -4908,11 +4908,22 @@ msgstr "" "distante (effectuée dans un processus fils)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" +"charger les certificats des autorités de certification système au " +"démarrage ; cela peut être désactivée pour économiser de la mémoire, " +"seulement si vous n'utilisez pas du tout de connexions SSL" + +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" -"fichier contenant les autorités de certification (le chemin est évalué, voir " -"la fonction string_eval_path_home dans la référence API extension)" +"fichier(s) supplémentaire(s) avec des autorités de certification ; plusieurs " +"fichiers doivent être séparés par \":\" (chaque chemin est évalué, voir la " +"fonction string_eval_path_home dans la référence API extension)" msgid "timeout (in seconds) for gnutls handshake" msgstr "" @@ -5120,16 +5131,41 @@ msgstr "" "\"--dir\".\n" #, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "" +"%sAttention : échec de chargement des autorités de certification système" + +#, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%d certificat chargé (système)" +msgstr[1] "%d certificats chargés (système)" + +#, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "" "%sAttention : échec de chargement des autorités de certification depuis le " "fichier %s" #, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "%d certificat chargé (fichier : %s)" +msgstr[1] "%d certificats chargés (fichier : %s)" + +#, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" msgstr "" -"%sAttention : aucune autorité de certification chargée (fichier non trouvé : " -"%s)" +"%sAttention : échec de chargement des autorités de certification depuis le " +"fichier %s (fichier non trouvé)" + +#, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%d certificat supprimé" +msgstr[1] "%d certificats supprimés" msgid "set server name indication (SNI) failed" msgstr "la définition de l'indication de nom de serveur (SNI) a échoué" @@ -15278,6 +15314,35 @@ msgstr "%s%s : délai d'attente dépassé pour \"%s\" avec %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s : impossible de se connecter : erreur inattendue (%d)" +#, c-format +#~ msgid "" +#~ "%d certificate loaded from system's default trusted certificate " +#~ "authorities" +#~ msgid_plural "" +#~ "%d certificates loaded from system's default trusted certificate " +#~ "authorities" +#~ msgstr[0] "%d certificat chargé (système)" +#~ msgstr[1] "%d certificats chargés (système)" + +#, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "" +#~ "%d certificat chargé depuis le fichier des autorités de certification " +#~ "utilisateur : %s" +#~ msgstr[1] "" +#~ "%d certificats chargés depuis le fichier des autorités de certification : " +#~ "%s" + +#, c-format +#~ msgid "%sWarning: no certificate authorities loaded (file not found: %s)" +#~ msgstr "" +#~ "%sAttention : aucune autorité de certification chargée (fichier non " +#~ "trouvé : %s)" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Erreur : impossible de lire le répertoire personnel\n" @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Andras Voroskoi <voroskoi@frugalware.org>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -3683,11 +3683,21 @@ msgid "" msgstr "SSL használata a a kapcsolathoz" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" msgstr "" #, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" +msgstr "" +"modulok elérési útvonala ('%h' helyére automatikusan a WeeChat saját " +"könyvtára, alapértelmezésben ~/.weechat, kerül)" + +#, fuzzy msgid "timeout (in seconds) for gnutls handshake" msgstr "SSL használata a a kapcsolathoz" @@ -3870,12 +3880,36 @@ msgstr "" "saját könyvtárral futtatni a WeeChat-et a \"--dir\" opció segítségével!\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" +msgstr[1] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "a felhasználók le lettek tiltva" +msgstr[1] "a felhasználók le lettek tiltva" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" +msgstr[1] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" msgid "set server name indication (SNI) failed" msgstr "" @@ -12482,6 +12516,15 @@ msgstr "%s hiányzó argumentum a(z) \"%s\" opciónak\n" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s DCC: nem sikerült kapcsolódni a küldőhöz\n" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" +#~ msgstr[1] "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + #, fuzzy #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "%s nem sikerült a HOME könyvtárat beállítani\n" @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Esteban I. Ruiz Moreno <exio4.com@gmail.com>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -4436,9 +4436,19 @@ msgstr "" "processo figlio)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"file con il certificato SSL e la chiave privata (per servire i client con " +"SSL)" msgid "timeout (in seconds) for gnutls handshake" msgstr "timeout (in secondi) per l'handshake di gnutls" @@ -4629,12 +4639,36 @@ msgstr "" "con un'altra home usando l'opzione da riga di comando \"--dir\".\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: impossibile leggere il certificato \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: il certificato è scaduto" +msgstr[1] "%sgnutls: il certificato è scaduto" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: impossibile leggere il certificato \"%s\"" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "Mouse abilitato" +msgstr[1] "Mouse abilitato" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: impossibile leggere il certificato \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: il certificato è scaduto" +msgstr[1] "%sgnutls: il certificato è scaduto" msgid "set server name indication (SNI) failed" msgstr "" @@ -13750,6 +13784,15 @@ msgstr "%s%s: timeout per \"%s\" con %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: impossibile connettersi al mittente" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: impossibile leggere il certificato \"%s\"" +#~ msgstr[1] "%sgnutls: impossibile leggere il certificato \"%s\"" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Errore: impossibile aprire la directory HOME\n" @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: AYANOKOUZI, Ryuunosuke <i38w7i3@yahoo.co.jp>\n" "Language-Team: Japanese <https://github.com/l/weechat/tree/master/" @@ -4657,10 +4657,18 @@ msgid "" msgstr "リモートホストへの接続タイムアウト時間 (秒単位) (子プロセスが行う)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" msgstr "" +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" +msgstr "SSL 証明書と秘密鍵のファイル (SSL 接続を利用するクライアント用)" + msgid "timeout (in seconds) for gnutls handshake" msgstr "gnutls ハンドシェイクのタイムアウト (秒単位)" @@ -4856,12 +4864,33 @@ msgstr "" "\"--dir\" コマンドラインオプションをつけて WeeChat を起動してみてください。\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: 証明書指紋の計算に失敗しました (%s)" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: 証明書は失効しました" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: 証明書指紋の計算に失敗しました (%s)" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "%s: パイプを開けました (ファイル: %s)" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: 証明書指紋の計算に失敗しました (%s)" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: 証明書は失効しました" msgid "set server name indication (SNI) failed" msgstr "サーバ名表示 (SNI) の設定に失敗しました" @@ -14559,6 +14588,14 @@ msgstr "%s%s: \"%s\" のタイムアウト %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: 接続できません: 未定義のエラー (%d)" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: 証明書指紋の計算に失敗しました (%s)" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "エラー: HOME ディレクトリが不明です\n" @@ -22,7 +22,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-03-14 13:37+0100\n" "Last-Translator: Krzysztof Korościk <soltys@soltys.info>\n" "Language-Team: Polish <kde-i18n-doc@kde.org>\n" @@ -4804,9 +4804,19 @@ msgstr "" "w procesie potomnym)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"plik z certyfikatem SSL i kluczem prywatnym (dla obsługi klientów poprzez " +"SSL)" msgid "timeout (in seconds) for gnutls handshake" msgstr "czas oczekiwania (w sekundach) na uwierzytelnienie gnutls" @@ -5003,12 +5013,39 @@ msgstr "" "w innym katalogu domowym używając w linii komend opcji \"--dir\".\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: certyfikat wygasł" +msgstr[1] "%sgnutls: certyfikat wygasł" +msgstr[2] "%sgnutls: certyfikat wygasł" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "%s: otworzono strumień (plik: %s)" +msgstr[1] "%s: otworzono strumień (plik: %s)" +msgstr[2] "%s: otworzono strumień (plik: %s)" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: certyfikat wygasł" +msgstr[1] "%sgnutls: certyfikat wygasł" +msgstr[2] "%sgnutls: certyfikat wygasł" msgid "set server name indication (SNI) failed" msgstr "ustawianie wskaźnika nazwy serwera (SNI) się nie powiodło" @@ -14915,6 +14952,16 @@ msgstr "%s%s: przekroczono czas na \"%s\" z %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: nie można połączyć: niespodziewany błąd (%d)" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" +#~ msgstr[1] "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" +#~ msgstr[2] "%sgnutls: nie udało się wyliczyć odcisku certyfikatu (%s)" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Błąd: nie można pozyskać katalogu domowego\n" @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Vasco Almeida <vascomalmeida@sapo.pt>\n" "Language-Team: Portuguese <>\n" @@ -4689,9 +4689,19 @@ msgstr "" "processo filho)" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"ficheiro com o certificado SSL e chave privada (para servir os clientes com " +"SSL)" msgid "timeout (in seconds) for gnutls handshake" msgstr "tempo limite (em segundos) para o gnutls handshake" @@ -4890,12 +4900,36 @@ msgstr "" "com outro diretório usando a opção \"--dir\" na linha de comandos.\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: falha ao calcular impressão digital do certificado (%s)" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: o certificado expirou" +msgstr[1] "%sgnutls: o certificado expirou" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: falha ao calcular impressão digital do certificado (%s)" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "%s: pipe aberto (ficheiro: %s)" +msgstr[1] "%s: pipe aberto (ficheiro: %s)" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: falha ao calcular impressão digital do certificado (%s)" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: o certificado expirou" +msgstr[1] "%sgnutls: o certificado expirou" msgid "set server name indication (SNI) failed" msgstr "falha ao definir indicação do nome de servidor (SNI)" @@ -14410,6 +14444,17 @@ msgstr "%s%s: tempo limite de \"%s\" com %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: não foi possível conectar: erro inesperado (%d)" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "" +#~ "%sgnutls: falha ao calcular impressão digital do certificado (%s)" +#~ msgstr[1] "" +#~ "%sgnutls: falha ao calcular impressão digital do certificado (%s)" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Erro: não foi possível obter o diretório HOME\n" diff --git a/po/pt_BR.po b/po/pt_BR.po index 82ab1fb90..9c7a89681 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-03-05 20:43+0100\n" "Last-Translator: Érico Nogueira <ericonr@disroot.org>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -4315,9 +4315,19 @@ msgid "" msgstr "tempo de espera (em segundos) pelo handshake do gnutls" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"caminho para a busca por plugins (\"%h\" será substituído pelo diretório do " +"WeeChat, \"~/.weechat/\" por padrão)" # better not translate handshake msgid "timeout (in seconds) for gnutls handshake" @@ -4501,12 +4511,36 @@ msgid "" msgstr "" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sgnutls: não foi possível ler certificado \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "%sgnutls: certificado foi expirado" +msgstr[1] "%sgnutls: certificado foi expirado" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sgnutls: não foi possível ler certificado \"%s\"" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "Mouse está habilitado" +msgstr[1] "Mouse está habilitado" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sgnutls: não foi possível ler certificado \"%s\"" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "%sgnutls: certificado foi expirado" +msgstr[1] "%sgnutls: certificado foi expirado" msgid "set server name indication (SNI) failed" msgstr "" @@ -12967,6 +13001,15 @@ msgstr "%s%s: tempo esgotado para \"%s\" com %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: não foi possível conectar ao remetente" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sgnutls: não foi possível ler certificado \"%s\"" +#~ msgstr[1] "%sgnutls: não foi possível ler certificado \"%s\"" + #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "Erro: não foi possível obter o diretório do usuário (HOME)\n" @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Aleksey V Zapparov AKA ixti <ixti@member.fsf.org>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -3712,9 +3712,19 @@ msgid "" msgstr "использовать SSL при связи с сервером" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +#, fuzzy +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" +"путь поиска pluginов ('%h' заменяется на домашний каталог WeeChat, по " +"умолчанию - ~/.weechat)" #, fuzzy msgid "timeout (in seconds) for gnutls handshake" @@ -3900,12 +3910,39 @@ msgstr "" "с другой домашней директорией используя параметр \"--dir\".\n" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "Не могу записать лог-файл \"%s\"\n" + +#, fuzzy, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "Не могу записать лог-файл \"%s\"\n" +msgstr[1] "Не могу записать лог-файл \"%s\"\n" +msgstr[2] "Не могу записать лог-файл \"%s\"\n" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "Не могу записать лог-файл \"%s\"\n" -#, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "команда users отключена" +msgstr[1] "команда users отключена" +msgstr[2] "команда users отключена" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "Не могу записать лог-файл \"%s\"\n" + +#, fuzzy, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "Не могу записать лог-файл \"%s\"\n" +msgstr[1] "Не могу записать лог-файл \"%s\"\n" +msgstr[2] "Не могу записать лог-файл \"%s\"\n" msgid "set server name indication (SNI) failed" msgstr "" @@ -12513,6 +12550,16 @@ msgstr "%s нет аргумента для параметра \"%s\"\n" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s DCC: не могу соединиться с отправителем\n" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "Не могу записать лог-файл \"%s\"\n" +#~ msgstr[1] "Не могу записать лог-файл \"%s\"\n" +#~ msgstr[2] "Не могу записать лог-файл \"%s\"\n" + #, fuzzy #~ msgid "Error: unable to get HOME directory\n" #~ msgstr "%s не могу получить домашний каталог\n" @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2021-02-06 15:55+0100\n" "Last-Translator: Hasan Kiran <sunder67@hotmail.com>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -3346,8 +3346,15 @@ msgid "" msgstr "" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" msgid "timeout (in seconds) for gnutls handshake" @@ -3520,12 +3527,33 @@ msgid "" msgstr "" #, fuzzy, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "%sHata: dosya \"%s\" oluşturulamaz" + +#, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "" + +#, fuzzy, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "%sHata: dosya \"%s\" oluşturulamaz" +#, fuzzy, c-format +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "Filtre \"%s\" etkin" + +#, fuzzy, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" +msgstr "%sHata: dosya \"%s\" oluşturulamaz" + #, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" -msgstr "" +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "" msgid "set server name indication (SNI) failed" msgstr "" @@ -11468,6 +11496,14 @@ msgstr "" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "" +#, fuzzy, c-format +#~ msgid "" +#~ "%d certificate loaded from user's trusted certificate authorities file: %s" +#~ msgid_plural "" +#~ "%d certificates loaded from user's trusted certificate authorities file: " +#~ "file %s" +#~ msgstr[0] "%sHata: dosya \"%s\" oluşturulamaz" + #~ msgid "Error: not enough memory for home directory\n" #~ msgstr "Hata: ev dizini için bellek yeterli değil\n" diff --git a/po/weechat.pot b/po/weechat.pot index 0361cd213..a4abd4eaf 100644 --- a/po/weechat.pot +++ b/po/weechat.pot @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2021-05-11 21:38+0200\n" +"POT-Creation-Date: 2021-05-12 20:34+0200\n" "PO-Revision-Date: 2014-08-16 10:27+0200\n" "Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n" "Language-Team: weechat-dev <weechat-dev@nongnu.org>\n" @@ -3335,8 +3335,15 @@ msgid "" msgstr "" msgid "" -"file containing the certificate authorities (path is evaluated, see function " -"string_eval_path_home in plugin API reference)" +"load system's default trusted certificate authorities on startup; this can " +"be turned off to save some memory only if you are not using SSL connections " +"at all" +msgstr "" + +msgid "" +"extra file(s) with certificate authorities; multiple files must be separated " +"by colons (each path is evaluated, see function string_eval_path_home in " +"plugin API reference)" msgstr "" msgid "timeout (in seconds) for gnutls handshake" @@ -3508,13 +3515,37 @@ msgid "" msgstr "" #, c-format +msgid "%sWarning: failed to load system certificate authorities" +msgstr "" + +#, c-format +msgid "%d certificate loaded (system)" +msgid_plural "%d certificates loaded (system)" +msgstr[0] "" +msgstr[1] "" + +#, c-format msgid "%sWarning: failed to load certificate authorities from file %s" msgstr "" #, c-format -msgid "%sWarning: no certificate authorities loaded (file not found: %s)" +msgid "%d certificate loaded (file: %s)" +msgid_plural "%d certificates loaded (file: %s)" +msgstr[0] "" +msgstr[1] "" + +#, c-format +msgid "" +"%sWarning: failed to load certificate authorities from file %s (file not " +"found)" msgstr "" +#, c-format +msgid "%d certificate purged" +msgid_plural "%d certificates purged" +msgstr[0] "" +msgstr[1] "" + msgid "set server name indication (SNI) failed" msgstr "" diff --git a/src/core/wee-config.c b/src/core/wee-config.c index 0abbc896a..33f5372eb 100644 --- a/src/core/wee-config.c +++ b/src/core/wee-config.c @@ -291,7 +291,8 @@ struct t_config_option *config_history_max_visited_buffers; /* config, network section */ struct t_config_option *config_network_connection_timeout; -struct t_config_option *config_network_gnutls_ca_file; +struct t_config_option *config_network_gnutls_ca_system; +struct t_config_option *config_network_gnutls_ca_user; struct t_config_option *config_network_gnutls_handshake_timeout; struct t_config_option *config_network_proxy_curl; @@ -1278,12 +1279,13 @@ config_change_completion_partial_completion_templates (const void *pointer, } /* - * Callback for changes on option "weechat.network.gnutls_ca_file". + * Callback for changes on options "weechat.network.gnutls_ca_system" + * and "weechat.network.gnutls_ca_user". */ void -config_change_network_gnutls_ca_file (const void *pointer, void *data, - struct t_config_option *option) +config_change_network_gnutls_ca (const void *pointer, void *data, + struct t_config_option *option) { /* make C compiler happy */ (void) pointer; @@ -1291,7 +1293,7 @@ config_change_network_gnutls_ca_file (const void *pointer, void *data, (void) option; if (network_init_gnutls_ok) - network_set_gnutls_ca_file (); + network_reload_ca_files (1); } /* @@ -4494,15 +4496,26 @@ config_weechat_init_options () "child process)"), NULL, 1, INT_MAX, "60", NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); - config_network_gnutls_ca_file = config_file_new_option ( + config_network_gnutls_ca_system = config_file_new_option ( weechat_config_file, ptr_section, - "gnutls_ca_file", "string", - N_("file containing the certificate authorities " - "(path is evaluated, see function string_eval_path_home in " + "gnutls_ca_system", "boolean", + N_("load system's default trusted certificate authorities on startup; " + "this can be turned off to save some memory only if you are not " + "using SSL connections at all"), + NULL, 0, 0, "on", NULL, 0, + NULL, NULL, NULL, + &config_change_network_gnutls_ca, NULL, NULL, + NULL, NULL, NULL); + config_network_gnutls_ca_user = config_file_new_option ( + weechat_config_file, ptr_section, + "gnutls_ca_user", "string", + N_("extra file(s) with certificate authorities; multiple files must " + "be separated by colons " + "(each path is evaluated, see function string_eval_path_home in " "plugin API reference)"), - NULL, 0, 0, CA_FILE, NULL, 0, + NULL, 0, 0, "", NULL, 0, NULL, NULL, NULL, - &config_change_network_gnutls_ca_file, NULL, NULL, + &config_change_network_gnutls_ca, NULL, NULL, NULL, NULL, NULL); config_network_gnutls_handshake_timeout = config_file_new_option ( weechat_config_file, ptr_section, diff --git a/src/core/wee-config.h b/src/core/wee-config.h index 356641e6a..303dbd01d 100644 --- a/src/core/wee-config.h +++ b/src/core/wee-config.h @@ -336,7 +336,8 @@ extern struct t_config_option *config_history_max_commands; extern struct t_config_option *config_history_max_visited_buffers; extern struct t_config_option *config_network_connection_timeout; -extern struct t_config_option *config_network_gnutls_ca_file; +extern struct t_config_option *config_network_gnutls_ca_system; +extern struct t_config_option *config_network_gnutls_ca_user; extern struct t_config_option *config_network_gnutls_handshake_timeout; extern struct t_config_option *config_network_proxy_curl; diff --git a/src/core/wee-network.c b/src/core/wee-network.c index 3fdaf01b6..32b975cf1 100644 --- a/src/core/wee-network.c +++ b/src/core/wee-network.c @@ -56,6 +56,7 @@ #include "weechat.h" #include "wee-network.h" +#include "wee-config.h" #include "wee-eval.h" #include "wee-hashtable.h" #include "wee-hook.h" @@ -67,6 +68,7 @@ int network_init_gnutls_ok = 0; +int network_num_certs = 0; /* number of certs loaded (system + user) */ gnutls_certificate_credentials_t gnutls_xcred; /* GnuTLS client credentials */ @@ -87,57 +89,171 @@ network_init_gcrypt () } /* - * Sets trust file with option "gnutls_ca_file". + * Loads system's default trusted certificate authorities. + * + * Returns the number of certificates loaded. */ -void -network_set_gnutls_ca_file () +int +network_load_system_ca_file (int force_display) +{ + int rc; + + if (weechat_no_gnutls) + return 0; + + if (!CONFIG_BOOLEAN(config_network_gnutls_ca_system)) + return 0; + + rc = gnutls_certificate_set_x509_system_trust (gnutls_xcred); + if (rc < 0) + { + gui_chat_printf ( + NULL, + _("%sWarning: failed to load system certificate authorities"), + gui_chat_prefix[GUI_CHAT_PREFIX_ERROR]); + return 0; + } + + if (force_display || (weechat_debug_core >= 1)) + { + gui_chat_printf ( + NULL, + NG_("%d certificate loaded (system)", + "%d certificates loaded (system)", + rc), + rc); + } + + return rc; +} + +/* + * Loads user's trusted certificate authorities. + */ + +int +network_load_user_ca_files (int force_display) { - char *ca_path; + int i, rc, num_loaded, num_paths; + char **paths, *ca_path; struct t_hashtable *options; if (weechat_no_gnutls) - return; + return 0; + + num_loaded = 0; + paths = NULL; + options = NULL; + + paths = string_split (CONFIG_STRING(config_network_gnutls_ca_user), ":", + NULL, 0, 0, &num_paths); + if (!paths) + goto end; options = hashtable_new ( 32, WEECHAT_HASHTABLE_STRING, WEECHAT_HASHTABLE_STRING, NULL, NULL); - if (options) - hashtable_set (options, "directory", "config"); - ca_path = string_eval_path_home ( - CONFIG_STRING(config_network_gnutls_ca_file), - NULL, NULL, options); - if (options) - hashtable_free (options); + if (!options) + goto end; + hashtable_set (options, "directory", "config"); - if (ca_path) + for (i = 0; i < num_paths; i++) { - if (access (ca_path, R_OK) == 0) + ca_path = string_eval_path_home (paths[i], NULL, NULL, options); + if (ca_path && ca_path[0]) { - if (gnutls_certificate_set_x509_trust_file (gnutls_xcred, ca_path, - GNUTLS_X509_FMT_PEM) < 0) + if (access (ca_path, R_OK) == 0) + { + rc = gnutls_certificate_set_x509_trust_file ( + gnutls_xcred, ca_path, GNUTLS_X509_FMT_PEM); + if (rc < 0) + { + gui_chat_printf ( + NULL, + _("%sWarning: failed to load certificate authorities " + "from file %s"), + gui_chat_prefix[GUI_CHAT_PREFIX_ERROR], + ca_path); + } + else + { + num_loaded += rc; + if (force_display || (weechat_debug_core >= 1)) + { + gui_chat_printf ( + NULL, + NG_("%d certificate loaded (file: %s)", + "%d certificates loaded (file: %s)", + rc), + rc, ca_path); + } + } + } + else { gui_chat_printf ( NULL, _("%sWarning: failed to load certificate authorities " - "from file %s"), + "from file %s (file not found)"), gui_chat_prefix[GUI_CHAT_PREFIX_ERROR], ca_path); } } - else - { - gui_chat_printf ( - NULL, - _("%sWarning: no certificate authorities loaded " - "(file not found: %s)"), - gui_chat_prefix[GUI_CHAT_PREFIX_ERROR], - ca_path); - } - free (ca_path); + if (ca_path) + free (ca_path); + } + +end: + if (paths) + string_free_split (paths); + if (options) + hashtable_free (options); + + return num_loaded; +} + +/* + * Loads system's default and user's trusted certificate authorities. + */ + +void +network_load_ca_files (int force_display) +{ + if (weechat_no_gnutls) + return; + + network_num_certs = 0; + + network_num_certs += network_load_system_ca_file (force_display); + network_num_certs += network_load_user_ca_files (force_display); +} + +/* + * Reloads system's default and user's trusted certificate authorities. + */ + +void +network_reload_ca_files (int force_display) +{ + if (weechat_no_gnutls) + return; + + gnutls_certificate_free_credentials (gnutls_xcred); + if (force_display || (weechat_debug_core >= 1)) + { + gui_chat_printf (NULL, + NG_("%d certificate purged", + "%d certificates purged", + network_num_certs), + network_num_certs); } + + gnutls_certificate_allocate_credentials (&gnutls_xcred); + + network_load_ca_files (force_display); } /* @@ -151,8 +267,7 @@ network_init_gnutls () { gnutls_global_init (); gnutls_certificate_allocate_credentials (&gnutls_xcred); - - network_set_gnutls_ca_file (); + network_load_ca_files (0); #if LIBGNUTLS_VERSION_NUMBER >= 0x02090a /* 2.9.10 */ gnutls_certificate_set_verify_function (gnutls_xcred, &hook_connect_gnutls_verify_certificates); diff --git a/src/core/wee-network.h b/src/core/wee-network.h index d6c2e13fa..dcd441c8f 100644 --- a/src/core/wee-network.h +++ b/src/core/wee-network.h @@ -46,7 +46,8 @@ struct t_network_socks5 extern int network_init_gnutls_ok; extern void network_init_gcrypt (); -extern void network_set_gnutls_ca_file (); +extern void network_load_ca_files (int force_display); +extern void network_reload_ca_files (int force_display); extern void network_init_gnutls (); extern void network_end (); extern int network_pass_proxy (const char *proxy, int sock, |