--- strongswan-4.2.14.orig/debian/logcheck.violations.ignore +++ strongswan-4.2.14/debian/logcheck.violations.ignore @@ -0,0 +1 @@ +ipsec_setup: KLIPS debug `none' --- strongswan-4.2.14.orig/debian/strongswan-starter.config +++ strongswan-4.2.14/debian/strongswan-starter.config @@ -0,0 +1,47 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium strongswan/start_level || true + +# disable for now, until we can deal with the don't-edit-conffiles situation +#db_input high strongswan/ikev1 || true +#db_input high strongswan/ikev2 || true + +db_input medium strongswan/restart || true + +db_input high strongswan/enable-oe || true + +db_input high strongswan/create_rsa_key || true +db_go || true + +db_get strongswan/create_rsa_key +if [ "$RET" = "true" ]; then + # create a new certificate + db_input medium strongswan/rsa_key_length || true + db_input high strongswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium strongswan/x509_country_code || true + db_go || true + db_get strongswan/x509_country_code + countrycode="$RET" + done + db_input medium strongswan/x509_state_name || true + db_input medium strongswan/x509_locality_name || true + db_input medium strongswan/x509_organization_name || true + db_input medium strongswan/x509_organizational_unit || true + db_input medium strongswan/x509_common_name || true + db_input medium strongswan/x509_email_address || true + db_go || true +else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + # existing certificate - use it + db_input critical strongswan/existing_x509_certificate_filename || true + db_input critical strongswan/existing_x509_key_filename || true + db_go || true + fi +fi --- strongswan-4.2.14.orig/debian/strongswan-starter.dirs +++ strongswan-4.2.14/debian/strongswan-starter.dirs @@ -0,0 +1,10 @@ +/etc +/etc/ipsec.d +/etc/ipsec.d/cacerts +/etc/ipsec.d/ocspcerts +/etc/ipsec.d/crls +/etc/ipsec.d/private +/etc/ipsec.d/policies +/etc/init.d +/var/lock/subsys +/var/lib/strongswan --- strongswan-4.2.14.orig/debian/strongswan.docs +++ strongswan-4.2.14/debian/strongswan.docs @@ -0,0 +1,2 @@ +README +CREDITS --- strongswan-4.2.14.orig/debian/libstrongswan.dirs +++ strongswan-4.2.14/debian/libstrongswan.dirs @@ -0,0 +1,5 @@ +/etc/logcheck/ignore.d.paranoid +/etc/logcheck/ignore.d.server +/etc/logcheck/ignore.d.workstation +/etc/logcheck/violations.ignore.d +/usr/share/lintian/overrides --- strongswan-4.2.14.orig/debian/strongswan-starter.ipsec.init +++ strongswan-4.2.14/debian/strongswan-starter.ipsec.init @@ -0,0 +1,133 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: vpn +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Strongswan IPsec services +### END INIT INFO + +# Author: Rene Mayrhofer + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="strongswan IPsec services" +NAME=ipsec +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- start \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # give the proper signal to stop + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- stop \ + || return 2 + # but kill if that didn't work + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +do_reload() { + $DAEMON reload + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + $DAEMON status + ;; + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac + +: --- strongswan-4.2.14.orig/debian/strongswan-nm.install +++ strongswan-4.2.14/debian/strongswan-nm.install @@ -0,0 +1 @@ +usr/lib/ipsec/plugins/libstrongswan-nm.so* usr/lib/ipsec/plugins/ --- strongswan-4.2.14.orig/debian/strongswan-ikev2.install +++ strongswan-4.2.14/debian/strongswan-ikev2.install @@ -0,0 +1,8 @@ +usr/lib/ipsec/charon usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-eap*.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-agent.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-curl.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-ldap.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medsrv.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medcli.so* usr/lib/ipsec/plugins/ --- strongswan-4.2.14.orig/debian/strongswan-starter.install +++ strongswan-4.2.14/debian/strongswan-starter.install @@ -0,0 +1,24 @@ +# starter +usr/lib/ipsec/starter usr/lib/ipsec/ +usr/lib/ipsec/_copyright usr/lib/ipsec/ +usr/sbin/ipsec usr/sbin/ +etc/ipsec.d etc/ +etc/ipsec.conf etc/ +usr/share/man/man8/ipsec.8 usr/share/man/man8/ +usr/share/man/man8/_copyright.8 usr/share/man/man8/ +usr/share/man/man5/ipsec.conf.5 usr/share/man/man5/ +usr/share/man/man5/ipsec.secrets.5 usr/share/man/man5/ +# updown +usr/lib/ipsec/plugins/libstrongswan-updown.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/_updown usr/lib/ipsec/ +usr/lib/ipsec/_updown_espmark usr/lib/ipsec/ +usr/share/man/man8/_updown.8 usr/share/man/man8/ +usr/share/man/man8/_updown_espmark.8 usr/share/man/man8/ +# tools +usr/lib/ipsec/scepclient usr/lib/ipsec/ +usr/lib/ipsec/openac usr/lib/ipsec/ +usr/share/man/man8/scepclient.8 usr/share/man/man8/ +usr/share/man/man8/openac.8 usr/share/man/man8/ +# stroke +usr/lib/ipsec/stroke usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-stroke.so* usr/lib/ipsec/plugins/ --- strongswan-4.2.14.orig/debian/ipsec.secrets.proto +++ strongswan-4.2.14/debian/ipsec.secrets.proto @@ -0,0 +1,11 @@ +# This file holds shared secrets or RSA private keys for inter-Pluto +# authentication. See ipsec_pluto(8) manpage, and HTML documentation. + +# RSA private key for this host, authenticating it to any other host +# which knows the public part. Suitable public keys, for ipsec.conf, DNS, +# or configuration of other implementations, can be extracted conveniently +# with "ipsec showhostkey". + +# this file is managed with debconf and will contain the automatically created private key +include /var/lib/strongswan/ipsec.secrets.inc + --- strongswan-4.2.14.orig/debian/logcheck.ignore.server +++ strongswan-4.2.14/debian/logcheck.ignore.server @@ -0,0 +1,25 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: added connection description +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: .* SA established +pluto.*: .* SA expired +pluto.*: replacing stale .* SA +pluto.*: initiating Quick Mode +pluto.*: regenerating DH private secret --- strongswan-4.2.14.orig/debian/use-bash2.diff +++ strongswan-4.2.14/debian/use-bash2.diff @@ -0,0 +1,4 @@ +1c1 +< #!/bin/sh +--- +> #!/bin/bash --- strongswan-4.2.14.orig/debian/strongswan-ikev1.install +++ strongswan-4.2.14/debian/strongswan-ikev1.install @@ -0,0 +1,4 @@ +usr/lib/ipsec/pluto usr/lib/ipsec/ +usr/lib/ipsec/_pluto_adns usr/lib/ipsec/ +usr/lib/ipsec/whack usr/lib/ipsec/ +usr/share/man/man8/pluto.8 usr/share/man/man8/ --- strongswan-4.2.14.orig/debian/strongswan-starter.postinst +++ strongswan-4.2.14/debian/strongswan-starter.postinst @@ -0,0 +1,313 @@ +#! /bin/bash +# postinst script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +CONF_FILE=/var/lib/strongswan/ipsec.conf.inc +SECRETS_FILE=/var/lib/strongswan/ipsec.secrets.inc + +insert_private_key_filename() { + if [ ! -e $SECRETS_FILE ] || ! grep -q ": RSA $1" $SECRETS_FILE; then + echo ": RSA $1" >> $SECRETS_FILE + fi +} + +IPSEC_SECRETS_PATTERN_1=': RSA {' +IPSEC_SECRETS_PATTERN_2=' # yyy' +IPSEC_SECRETS_PATTERN_3=' }' +IPSEC_SECRETS_PATTERN_4='# do not change the indenting of that "}"' + +# remove old, misguided attempts at a default ipsec.secrets files +repair_legacy_secrets() { + if [ -e $SECRETS_FILE ] && grep -A 2 "$IPSEC_SECRETS_PATTERN_1" $SECRETS_FILE | + tail --lines=2 | + grep -A 1 "$IPSEC_SECRETS_PATTERN_2" | + tail --lines=1 | + grep "$IPSEC_SECRETS_PATTERN_3" >/dev/null; then + echo "Old default config file detected, removing the old defaults now." + umask 077 ; ( + # this is ugly, and someone maybe can formulate this in sed, but + # this was the quickest way for me + line=`grep -n "$IPSEC_SECRETS_PATTERN_2" $SECRETS_FILE | cut -d':' -f1` + until=`expr $line - 1` + head -n $until $SECRETS_FILE + sum=`wc -l $SECRETS_FILE | cut -d ' ' -f1` + from=`expr $sum - $line -1` + tail -n $from $SECRETS_FILE + ) > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + grep -v "$IPSEC_SECRETS_PATTERN_4" $SECRETS_FILE > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + fi +} + +make_x509_cert() { + if [ $# -ne 12 ]; then + echo "Error in creating X.509 certificate" + exit 1 + fi + + case $5 in + false) + certreq=$4.req + selfsigned="" + ;; + true) + certreq=$4 + selfsigned="-x509" + ;; + *) + echo "Error in creating X.509 certificate" + exit 1 + ;; + esac + + echo -e "$6\n$7\n$8\n$9\n${10}\n${11}\n${12}\n\n\n" | \ + /usr/bin/openssl req -new -outform PEM -out $certreq \ + -newkey rsa:$1 -nodes -keyout $3 -keyform PEM \ + -days $2 $selfsigned >/dev/null +} + +enable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Enabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE; then + sed "s/${daemon}start=no/${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ -e $CONF_FILE ] && egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE; then + sed "s/^\w+#\w*${daemon}start=(yes|no)\w*$/\t${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +disable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Disabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && ( egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE || + egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE ); then + echo "already disabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + sed "s/${daemon}start=yes/${daemon}start=no/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +. /usr/share/debconf/confmodule + +case "$1" in + configure) + db_get strongswan/create_rsa_key + if [ "$RET" = "true" ]; then + repair_legacy_secrets + # OK, ipsec.secrets should now be correct + # create a new keypair + host=`hostname` + newkeyfile="/etc/ipsec.d/private/${host}Key.pem" + newcertfile="/etc/ipsec.d/certs/${host}Cert.pem" + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # create a new certificate + db_get strongswan/rsa_key_length + keylength=$RET + db_get strongswan/x509_self_signed + selfsigned=$RET + db_get strongswan/x509_country_code + countrycode=$RET + if [ -z "$countrycode" ]; then countrycode="."; fi + db_get strongswan/x509_state_name + statename=$RET + if [ -z "$statename" ]; then statename="."; fi + db_get strongswan/x509_locality_name + localityname=$RET + if [ -z "$localityname" ]; then localityname="."; fi + db_get strongswan/x509_organization_name + orgname=$RET + if [ -z "$orgname" ]; then orgname="."; fi + db_get strongswan/x509_organizational_unit + orgunit=$RET + if [ -z "$orgunit" ]; then orgunit="."; fi + db_get strongswan/x509_common_name + commonname=$RET + if [ -z "$commonname" ]; then commonname="."; fi + db_get strongswan/x509_email_address + email=$RET + if [ -z "$email" ]; then email="."; fi + make_x509_cert $keylength 1500 "$newkeyfile" "$newcertfile" "$selfsigned" "$countrycode" "$statename" "$localityname" "$orgname" "$orgunit" "$commonname" "$email" + chmod 0600 "$newkeyfile" + umask 077 + insert_private_key_filename "$newkeyfile" + echo "Successfully created x509 certificate." + fi + else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # existing certificate - use it + db_get strongswan/existing_x509_certificate_filename + certfile=$RET + db_get strongswan/existing_x509_key_filename + keyfile=$RET + if [ ! -r $certfile ] || [ ! -r $keyfile ]; then + echo "Either the certificate or the key file could not be read !" + else + cp "$certfile" /etc/ipsec.d/certs + umask 077 + cp "$keyfile" "/etc/ipsec.d/private" + newkeyfile="/etc/ipsec.d/private/`basename $keyfile`" + chmod 0600 "$newkeyfile" + insert_private_key_filename "$newkeyfile" + echo "Successfully extracted RSA key from existing x509 certificate." + fi + fi + fi + fi + + # figure out the correct start time + db_get strongswan/start_level + if [ "$RET" = "earliest" ]; then + LEVELS="start 41 S . stop 34 0 6 ." + elif [ "$RET" = "after NFS" ]; then + LEVELS="start 15 2 3 4 5 . stop 30 0 1 6 ." + else + LEVELS="start 21 2 3 4 5 . stop 19 0 1 6 ." + fi + update-rc.d ipsec $LEVELS > /dev/null + + db_get strongswan/enable-oe + if [ "$RET" != "true" ]; then + echo -n "Disabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/include \/etc\/ipsec.d\/examples\/oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "#include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + echo "already disabled" + fi + else + echo -n "Enabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^#.*include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/#.*include \/etc\/ipsec.d\/examples\/oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + cat <> $CONF_FILE +#Enable Opportunistic Encryption +include /etc/ipsec.d/examples/oe.conf +EOF + echo "done" + fi + fi + + # disabled for now, until we can solve the don't-edit-conffiles issue + #db_get strongswan/ikev1 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "pluto" "IKEv1" + #else + # disable_daemon_start "pluto" "IKEv1" + #fi + #db_get strongswan/ikev2 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "charon" "IKEv2" + #else + # disable_daemon_start "charon" "IKEv2" + #fi + + if [ -z "$2" ]; then + # no old configured version - start strongswan now + invoke-rc.d ipsec start || true + else + # does the user wish strongswan to restart? + db_get strongswan/restart + if [ "$RET" = "true" ]; then + invoke-rc.d ipsec restart || true # sure, we'll restart it for you + fi + fi + + db_stop + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument '$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically + +#DEBHELPER# + +exit 0 --- strongswan-4.2.14.orig/debian/libstrongswan.install +++ strongswan-4.2.14/debian/libstrongswan.install @@ -0,0 +1,9 @@ +usr/lib/libstrongswan.so* usr/lib/ +usr/lib/ipsec/plugins/libstrongswan-gmp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-x509.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pubkey.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-hmac.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xcbc.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-random.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-openssl.so* usr/lib/ipsec/plugins/ +etc/strongswan.conf etc/ --- strongswan-4.2.14.orig/debian/rules +++ strongswan-4.2.14/debian/rules @@ -0,0 +1,174 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DH_OPTIONS + +# this is a security-critical package, set all the options we can +export DEB_BUILD_HARDENING=1 + +CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ + --libexecdir=/usr/lib \ + --enable-ldap --enable-curl \ + --enable-nonblocking --enable-thread \ + --enable-smartcard --enable-cisco-quirks \ + --with-default-pkcs11=/usr/lib/opensc-pkcs11.so \ + --enable-mediation --enable-medsrv --enable-medcli \ + --enable-openssl --enable-agent \ + --enable-eap-radius --enable-eap-identity --enable-eap-md5 \ + --enable-eap-gtc --enable-eap-aka --enable-eap-mschapv2 \ + --enable-sql \ + --disable-aes --disable-des --disable-fips-prf --disable-gmp \ + --disable-md5 --disable-sha1 --disable-sha2 \ + --enable-nm + # Could enable --enable-nat-transport, but this is actually insecure, + # so don't! + # And for --enable-eap-sim we would need the library, which we don't + # have right now. + +DEB_BUILD_ARCH_CPU ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH_CPU) + +ifeq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif +# the padlock plugin only makes sense on i386 +# but it actually doesn't do much, so maybe we don't need it +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + CONFIGURE_ARGS += --enable-padlock +endif + +patch: + dh_testdir + #dpatch apply-all + +unpatch: + #dpatch deapply-all + +build: build-stamp +build-stamp: patch + dh_testdir + ./configure $(CONFIGUREARGS) + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" + touch build-stamp + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) clean + #-$(MAKE) -C programs/fswcert/ clean + # after a make clean, no binaries _should_ be left, but .... + -find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm + -find $(CURDIR)/lib/libcrypto -name "*.a" | xargs --no-run-if-empty rm + + # Really clean (#356716) + # This is a hack: should be better implemented + rm -f lib/libstrongswan/libstrongswan.a || true + rm -f lib/libstrongswan/liboswlog.a || true + + # just in case something went wrong + rm -f $(CURDIR)/debian/ipsec.secrets + + # and make sure that template are up-to-date + debconf-updatepo + + dh_clean + +install: build-stamp + dh_testdir + dh_testroot + dh_clean + dh_installdirs + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + + # install files from debian/tmp into proper package dirs + dh_install + # special handling for padlock, as it is only built on i386 +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + install $(CURDIR)/debian/tmp/usr/lib/ipsec/plugins/libstrongswan-padlock.so* $(CURDIR)/debian/libstrongswan/usr/lib/ipsec/plugins/ +endif + + # and additional files not covered by upstream makefile... + install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + # also "patch" ipsec.conf to include the debconf-managed file + echo >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + echo "include /var/lib/strongswan/ipsec.conf.inc" >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # and to enable both IKEv1 and IKEv2 by default + sed -r 's/^[ \t]+# *plutostart=(yes|no) */\tplutostart=yes/;s/^[ \t]+# *charonstart=(yes|no) */\tcharonstart=yes/' < $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf > $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp + mv $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # set permissions on ipsec.secrets + chmod 600 $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + chmod 700 -R $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/private/ + # don't know why they come with +x set by default... + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/policies/* + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/examples/* + + # this is handled by update-rc.d + rm -rf $(CURDIR)/debian/strongswan-starter/etc/rc?.d + + dh_installdocs -pstrongswan -n + # change the paths in the installed doc files (but only in regular + # files, not in links to the outside of the build tree !) + # TODO: check if we still need this + ( cd $(CURDIR)/debian/strongswan/; \ + for f in `grep "/usr/local/" --recursive --files-with-match *`; \ + do \ + if [ -f $$f -a ! -L $$f ]; then \ + cp $$f $$f.old; \ + sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \ + rm $$f.old; \ + fi; \ + done ) + + # the logcheck ignore files + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.paranoid/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.server/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.workstation/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/libstrongswan/etc/logcheck/violations.ignore.d/strongswan + + # more lintian cleanups + find $(CURDIR)/debian/*strongswan*/ -name ".cvsignore" | xargs --no-run-if-empty rm -f + find $(CURDIR)/debian/*strongswan*/ -name "/.svn/" | xargs --no-run-if-empty rm -rf + + # and lintian overrides + install --mode=0644 $(CURDIR)/debian/strongswan.lintian-overrides $(CURDIR)/debian/libstrongswan/usr/share/lintian/overrides/strongswan + +binary-common: + dh_testdir + dh_testroot + dh_installdirs + dh_installinit --name=ipsec + dh_installdebconf + dh_installchangelogs NEWS + dh_installdocs README + dh_link + dh_strip + dh_compress + dh_fixperms -X etc/ipsec.secrets -X etc/ipsec.d + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-indep: + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-i + +binary-arch: install + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-a + +binary-%: build-stamp install + make -f debian/rules binary-common DH_OPTIONS=-p$* + +binary: binary-indep binary-arch +.PHONY: clean binary-indep binary-arch --- strongswan-4.2.14.orig/debian/copyright +++ strongswan-4.2.14/debian/copyright @@ -0,0 +1,418 @@ +This package was debianized by Rene Mayrhofer on +Thu, 10 Aug 2000 10:50:33 +0200. + +The Debian package was created from scratch with some hints taken from +previous freeswan packages by Tommi Virtanen and Aaron Johnson. +The upstream software was downloaded from http://www.freeswan.org/ + +After the FreeS/WAN folks decided to cease development, we used the forked +code base at http://www.strongswan.org/. + +This project has multiple authors, please see the file CREDITS for details. +However, all of the code is DFSG-free and, since 2002-09-16, +the LICENSE file in the upstream distribution includes a special GPL addition +to allow linking with libdes (which contains an advertising clause). +This LICENSE file was added to the Debian package of freeswan version 1.98b +by me, but has been authorized by Michael Richardson of freeswan upstream +(who sent the file to a mailing list). + +The contents of this LICENSE file are: +------------------------------------------------------------------------------ +Except for the DES library, this software is under the GNU Public License, +see the file COPYING. + +The DES library is under a BSD style license, see + linux/crypto/ciphers/des/COPYRIGHT. +Note that this software has a advertising clause in it. + +In addition to the terms set out under the GPL, permission is granted to +link the software against the libdes library just mentioned. +------------------------------------------------------------------------------ +A copy of this COPYRIGHT file can be found below, starting with the copyright +by Eric Young. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +Rene Mayrhofer, 2006-08-25 + + + +These are various licenses from the code: + +--8<-- + * Copyright (C) 1996, 1997 John Ioannidis. + * Copyright (C) 1998, 1999 Richard Guy Briggs. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. +--8<-- + +The source tarball also includes several miscellanous libraries. + + + +An MD5 implementation: + +--8<-- +The MD5 implementation is from RSADSI, so this package must include the +following phrase: "derived from the RSA Data Security, Inc. MD5 +Message-Digest Algorithm". It is not under the GPL; see details in +klips/net/ipsec/ipsec_md5c.c. +--8<-- + +--8<-- +/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +rights reserved. + +License to copy and use this software is granted provided that it +is identified as the "RSA Data Security, Inc. MD5 Message-Digest +Algorithm" in all material mentioning or referencing this software +or this function. + +License is also granted to make and use derivative works provided +that such works are identified as "derived from the RSA Data +Security, Inc. MD5 Message-Digest Algorithm" in all material +mentioning or referencing the derived work. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ +--8<-- + + + +An implementation of DES: + +--8<-- +The LIBDES library by Eric Young is used. It is not under the GPL -- see +details in libdes/COPYRIGHT -- although he has graciously waived the +advertising clause for FreeS/WAN use of LIBDES. +--8<-- + +--8<-- +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@cryptsoft.com). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. +--8<-- + +--8<-- +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- + +An implementation of SHA-1: + +--8<-- +The SHA-1 code is derived from Steve Reid's; it is public domain. +--8<-- + +--8<-- +/* + * The rest of the code is derived from sha1.c by Steve Reid, which is + * public domain. + * Minor cosmetic changes to accommodate it in the Linux kernel by ji. + */ +--8<-- + + + +Portions of Linux kernel source code: + +--8<-- +Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c, +are used in heavily modified forms. +--8<-- + +The Linux kernel is licensed under the Gnu General Public License. + + + +Radix-tree library: + +--8<-- +The radix-tree code from 4.4BSD is used in a modified form. It is not +under the GPL; see details in klips/net/ipsec/radij.c. +--8<-- + +--8<-- +/* + * Copyright (c) 1988, 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)radix.c 8.2 (Berkeley) 1/4/94 + */ +--8<-- + + +The license from the OpenSSL code that is included in the extension algorithm +patch (the kernel-patch-freeswan-ext package): + +--8<-- + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- --- strongswan-4.2.14.orig/debian/watch +++ strongswan-4.2.14/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2 --- strongswan-4.2.14.orig/debian/strongswan-starter.prerm +++ strongswan-4.2.14/debian/strongswan-starter.prerm @@ -0,0 +1,40 @@ +#! /bin/sh +# prerm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + upgrade) + ;; + remove|deconfigure) + invoke-rc.d ipsec stop || true +# install-info --quiet --remove /usr/info/strongswan.info.gz + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- strongswan-4.2.14.orig/debian/use-bash1.diff +++ strongswan-4.2.14/debian/use-bash1.diff @@ -0,0 +1,4 @@ +1c1 +< #! /bin/sh +--- +> #!/bin/bash --- strongswan-4.2.14.orig/debian/logcheck.ignore.paranoid +++ strongswan-4.2.14/debian/logcheck.ignore.paranoid @@ -0,0 +1,20 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: regenerating DH private secret --- strongswan-4.2.14.orig/debian/strongswan-starter.postrm +++ strongswan-4.2.14/debian/strongswan-starter.postrm @@ -0,0 +1,44 @@ +#! /bin/sh +# postrm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + # update the menu system +# if [ -x /usr/bin/update-menus ]; then update-menus; fi + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 + +esac + +if [ "$1" = "purge" ] ; then + update-rc.d ipsec remove >/dev/null + rm -rf /etc/ipsec.d/ + rm -rf /var/run/pluto/ +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- strongswan-4.2.14.orig/debian/changelog +++ strongswan-4.2.14/debian/changelog @@ -0,0 +1,349 @@ +strongswan (4.2.14-1) unstable; urgency=low + + * New upstream release, which incorporates the fix. Removed dpatch for it. + Closes: #521950: CVE-2009-0790: DoS + * New support for EAP RADIUS authentication, enabled for this package. + + -- Rene Mayrhofer Wed, 01 Apr 2009 22:17:52 +0200 + +strongswan (4.2.13-2) unstable; urgency=low + + * Fix DoS issue via malicious Dead Peer Detection packet. Thanks to the + security team for providing the patch. + Closes: #521950: CVE-2009-0790: DoS + Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone + to a denial of service attack via a malicious packet. + + -- Rene Mayrhofer Tue, 31 Mar 2009 12:00:51 +0200 + +strongswan (4.2.13-1) unstable; urgency=low + + * New upstream release. This is now compatible with network-manager 0.7 + in Debian, so start building the strongswan-side support. The actual + plugin will need to be another source package. + + -- Rene Mayrhofer Sun, 22 Mar 2009 10:59:31 +0100 + +strongswan (4.2.12-1) unstable; urgency=low + + * New upstream release. Starting with this version, the strongswan + packages is modularized and includes support for plugins like the + NetworkManager plugin. Many details were adopted from Martin Willi's + packages. + * Dropping support for raw RSA public/private keypairs, as charon does + not support it. + * Explicitly remove directories /etc/ipsec.d and /var/run/pluto on purge. + + -- Rene Mayrhofer Sun, 01 Mar 2009 10:46:08 +0000 + +strongswan (4.2.9-1) unstable; urgency=low + + * New upstream release, fixes a MOBIKE issue. + Closes: #507542: strongswan: endless loop + * Explicitly enable compilation with libcurl for CRL fetching + Closes: #497756: strongswan: not compiled with curl support; crl + fetching not available + * Enable compilation with SSH agent support. + + -- Rene Mayrhofer Fri, 05 Dec 2008 17:21:42 +0100 + +strongswan (4.2.4-5) unstable; urgency=high + + Reason for urgency high: this is potentially security relevant. + * Patch backported from 4.2.7 to fix a potential DoS issue. + Thanks to Thomas Kallenberg for the patch. + + -- Rene Mayrhofer Mon, 29 Sep 2008 10:35:30 +0200 + +strongswan (4.2.4-4) unstable; urgency=low + + * Tweaked configure options for lenny to remove somewhat experimental, + incomplete, or unnecessary features. Removed --enable-xml, + --enable-padlock, and --enable-manager and added --disable-aes, + --disable-des, --disable-fips-prf, --disable-gmp, --disable-md5, + --disable-sha1, and --disable-sha2 because openssl already + contains this code, we depend on it and thus don't need it twice. + Padlock support does not do much, because the bulk encryption uses + it anyway (being done internally in the kernel) and using padlock + for IKEv2 key agreement adds complexity for little gain. + Thanks to Thomas Kallenberg of strongswan upstream team for + suggesting these changes. The package is now noticable smaller. + * Also remove dbus dependency, which is no longer necessary. + + -- Rene Mayrhofer Mon, 01 Sep 2008 08:59:10 +0200 + +strongswan (4.2.4-3) unstable; urgency=low + + * Changed configure option to build peer-to-peer service again. + Closes: #494678: strongswan: configure option --enable-p2p changed to + --enable-mediation + + -- Rene Mayrhofer Tue, 12 Aug 2008 20:08:26 +0200 + +strongswan (4.2.4-2) unstable; urgency=medium + + Urgency medium because this fixes an FTFBS bug on non-i386. + * Only compile padlock crypto acceleration support for i386. Thanks for + the patch! + Closes: #492455: strongswan: FTBFS: Uses i386 assembler on non-i386 + arches. + * Updated Swedish debconf translation. + Closes: #492902: [INTL:sv] po-debconf file for strongswan + + -- Rene Mayrhofer Thu, 07 Aug 2008 13:02:54 +0200 + +strongswan (4.2.4-1) unstable; urgency=medium + + Urgency medium because this new upstream versions no longer uses + dbus and thus fixed the grave bug from the last Debian package. This + version should transit to testing. + * New upstream release. Starting with version 4.2.0, crypto algorithms have + beeen modularized with existing code ported over. Among other improvments, + this version now supports AES-CCM (e.g. with esp=aes128ccm12) and AES-GCM + (e.g. with esp=aes256gcm16) starting with kernel 2.6.25 and enables dead + peer detection by default. + Note that charon (IKEv2) now uses the new /etc/strongswan.conf. + * Enabled building of VIA Padlock and openssl crypto plugins. + * Drop patch to rename AES_cbc_encrypt so as not to conflict with an + openssl method of the same name. This has been applied upstream. + * This new upstream version no longer uses dbus. + Closes: #475098: charon needs dbus but strongswan does not depend on dbus + Closes: #475099: charon does not work any more + * This new upstream version no longer prints error messages in its + init script. + Closes: #465718: strongswan: startup on booting returns error messages + * Apply patch to ipsec init script to fix bashism. + Closes: #473703: strongswan: bashism in /bin/sh script + * Updated Czech debconf translation. + Closes: #480928: [l10n] Updated Czech translation of strongswan debconf + messages + + -- Rene Mayrhofer Thu, 10 Jul 2008 14:40:43 +0200 + +strongswan (4.1.11-1) unstable; urgency=low + + * New upstream release. + * DBUS support now interacts with network-manager, so need to build-depend + on network-manager-dev. + * The web interface has been improved and now requires libfcgi-dev and + clearsilver-dev to compile, so build-depend on them. Also build-depend + on libxml2-dev, libdbus-1-dev, libtool, and libsqlite3-dev (which were + all build-deps before but were not listed explicitly so far - fix that). + * Add patch to rename internal AES_cbc_encrypt function and thus avoid + conflict with the openssl function. + Closes: #470721: pluto segfaults when using pkcs11 library linked with + OpenSSL + + -- Rene Mayrhofer Sun, 30 Mar 2008 10:35:16 +0200 + +strongswan (4.1.10-2) unstable; urgency=low + + * Enable new configure options: dbus, xml, nonblocking, thread, peer- + to-peer NAT-traversal and the manager interface support. + * Also set the default path to the opensc-pkcs11 engine explicitly. + + -- Rene Mayrhofer Fri, 15 Feb 2008 10:25:49 +0100 + +strongswan (4.1.10-1) unstable; urgency=low + + * New upstream release. + Closes: #455711: New upstream version 4.1.9 + * Updated Japanese debconf translation. + Closes: #463321: strongswan: [INTL:ja] Update po-debconf template + translation (ja.po) + + -- Rene Mayrhofer Thu, 07 Feb 2008 15:15:14 +0100 + +strongswan (4.1.8-3) unstable; urgency=low + + * Force use of hardening-wrapper when building the package by setting + a Build-Dep to it and setting export DEB_BUILD_HARDENING=1 in + debian/rules. + + -- Rene Mayrhofer Thu, 07 Feb 2008 14:14:48 +0100 + +strongswan (4.1.8-2) unstable; urgency=medium + + * Ship our own init script, since upstream no longer does. This is still + installed as /etc/init.d/ipsec (and not /etc/init.d/strongswan) to be + backwards compatible. + Really closes: #442880: strongswan: postinst failure (missing + /etc/init.d/ipsec) + * Actually, need to be smarter with ipsec.conf and ipsec.secrets. Not + marking them as conffiles isn't the right thing either. Instead, now + use the includes feature to pull in config snippets that are + modified by debconf. It's not perfect, though, as the IKEv1/IKEv2 + protocols can't be enabled/disabled with includes. Therefore don't + support this option in debconf for the time being, but default to + enabled for both IKE versions. The files edited with debconf are kept + under /var/lib/strongswan. + * Cleanup debian/rules: no longer need to remove leftover files from + patching, as currently there are no Debian-specific patches (fortunately). + * More cleanup: drop debconf translations hack for woody compatibility, + depend on build-stamp instead of build in the install-strongswan target, + and remove the now unnecessary dh_clean -k call in install-strongswan so + that configure shouldn't run twice during building the package. + * Update French debconf translation. + Closes: #448327: strongswan: [INTL:fr] French debconf templates + translation update + + -- Rene Mayrhofer Fri, 02 Nov 2007 21:55:29 +0100 + +strongswan (4.1.8-1) unstable; urgency=low + + The "I'm back from my long semi-vacation, and strongswan is now bug-free + again" release. + * New upstream release. + Closes: #442880: strongswan: postinst failure (missing /etc/init.d/ipsec) + Closes: #431874: strongswan - FTBFS: cannot create regular file + `/etc/ipsec.conf': Permission denied + * Explicitly use debhalper compatbility version 5m now using debian/compat + instead of DH_COMPAT. + * Since there's no configurability in dh_installdeb's mania to flag + everything below /etc as a conffile, now hack DEBIAN/conffiles directly + to remove ipsec.conf and ipsec.secrets. + Closes: #442929: strongswan: Maintainer script modifies conffiles + * Add/update debconf translations. + Closes: #432189: strongswan: [INTL:de] updated German debconf translation + Closes: #432212: [l10n] Updated Czech translation of strongswan debconf + messages + Closes: #432642: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #444710: strongswan: [INTL:pt] Updated Portuguese translation for + debconf messages + + -- Rene Mayrhofer Fri, 26 Oct 2007 16:16:51 +0200 + +strongswan (4.1.4-1) unstable; urgency=low + + * New upstream release. + * Fixed debconf descriptions. + Closes: #431157: strongswan: Minor errors in Debconf template + * Include Portugese and + Closes: #415178: strongswan: [INTL:pt] Portuguese translation for debconf + messages + Closes: #431154: strongswan: [INTL:de] initial German debconf translation + + -- Rene Mayrhofer Thu, 05 Jul 2007 00:53:01 +0100 + +strongswan (4.1.3-1) unreleased; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 03 Jun 2007 18:39:11 +0100 + +strongswan (4.1.1-1) unreleased; urgency=low + + Major new upstream release: + * IKEv2 support with the new "charon" daemon in addition to the old "pluto" + which is still used for IKEv1. + * Switches to auto* tools build system. + * The postinst script is still not quite as complete in updating the 2.8.x + config automatically to a new 4.x config, but I don't want to wait any + longer with the upload. It can be improved later on. + + -- Rene Mayrhofer Thu, 12 Apr 2007 21:33:56 +0100 + +strongswan (2.8.3-1) unstable; urgency=low + + * New upstream release with fixes for the SHA-512-HMAC function and + added SHA-384 and SHA-2 implementations. + + -- Rene Mayrhofer Thu, 22 Feb 2007 20:19:45 +0000 + +strongswan (2.8.2-1) unstable; urgency=low + + * New upstream release with interoperability fixes for some VPN + clients. + + -- Rene Mayrhofer Tue, 30 Jan 2007 12:21:20 +0000 + +strongswan (2.8.1+dfsg-1) unstable; urgency=low + + * New upstream release, now with XAUTH support. + * Explicitly enable smartcard and vendorid options as well as a + few more in debian/rules. + Closes: #407449: strongswan: smartcard support is disabled + + -- Rene Mayrhofer Sun, 28 Jan 2007 21:06:25 +0000 + +strongswan (2.8.1-1) UNRELEASED; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 28 Jan 2007 20:59:11 +0000 + +strongswan (2.8.0+dfsg-1) unstable; urgency=low + + * New upstream release. + * Update debconf templates. + Closes: #388672: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #389253: [l10n] Updated Czech translation of strongswan + debconf messages + Closes: #391457: [INTL:nl] Updated dutch po-debconf translation + Closes: #396179: strongswan: [INTL:ja] Updated Japanese po-debconf + template translation (ja.po) + * Fix broken reference to a now non-existing config file. no_oe.conf + has been replaced by oe.conf, with the opposite meaning. Changed + postinst to deal with it correctly now, and also try to convert + older config file lines to newer (e.g. when updating from openswan + to strongswan). + Closes: #391565: fails to start : /etc/ipsec.conf:46: include + files found no matches + [/etc/ipsec.d/examples/no_oe.conf] + + -- Rene Mayrhofer Mon, 6 Nov 2006 19:01:58 +0000 + +strongswan (2.7.3+dfsg-1) unstable; urgency=low + + * New upstream release. Another try on getting it into unstable. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * Call debian-updatepo in the clean target, in line with the openswan + change for its version 2.4.6+dfsg-1. + * Remove man2html, htmldoc, and lynx from the Build-Deps because we no + longer rebuild the documentation tree. + * Starting shipping a lintian overrides file to finally silence the + warnings about non-standard-(file|dir)-perms (they are intentional). + * Clean up /usr/lib/ipsec somehow, again owing to lintian warnings. + * Add po-debconf to build dependencies. + + -- Rene Mayrhofer Wed, 23 Aug 2006 21:23:36 +0100 + +strongswan (2.7.2+dfsg-1) unstable; urgency=low + + * First upload to the main Debian archive. This does no longer build + the linux-patch-strongswan and strongswan-modules-source packages, + as KLIPS will be removed from the strongswan upstream source anyway + for the next major release. However, the openswan KLIPS could should + be interoperable with strongswan user space. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * This upload removes the draft RFCs, as they are not considered free under + the DFSG. + + -- Rene Mayrhofer Sun, 9 Jul 2006 12:40:34 +0100 + +strongswan (2.7.2-1) unstable; urgency=low + + * New upstream release. This release fixes a potential DoS problem. + + -- Rene Mayrhofer Mon, 26 Jun 2006 12:34:43 +0100 + +strongswan (2.7.0-1) unstable; urgency=low + + * Initial Debian packaging of strongswan. This is directly based on my + Debian package of openswan 2.4.5-3. + * Do not compile and ship fswcert right now, because it is not included + in strongswan upstream. If it turns out to be necessary for supporting + easy-to-use OE in the future (i.e. for generating the DNS format for the + public keys from generated X.509 certificates), I will re-add it to the + Debian package. + * Also disabled my patches to use /etc/default instead of /etc/sysconfig for + now. Something like that will be necessary in the future, but those parts + of strongswan differ significanty from openswan. + + -- Rene Mayrhofer Mon, 22 May 2006 07:37:00 +0100 + +Local variables: +mode: debian-changelog +End: --- strongswan-4.2.14.orig/debian/strongswan-starter.templates +++ strongswan-4.2.14/debian/strongswan-starter.templates @@ -0,0 +1,202 @@ +Template: strongswan/start_level +Type: select +_Choices: earliest, "after NFS", "after PCMCIA" +Default: earliest +_Description: When to start strongSwan: + There are three possibilities when strongSwan can start: before or + after the NFS services and after the PCMCIA services. The correct answer + depends on your specific setup. + . + If you do not have your /usr tree mounted via NFS (either you only mount + other, less vital trees via NFS or don't use NFS mounted trees at all) and + don't use a PCMCIA network card, then it's best to start strongSwan at + the earliest possible time, thus allowing the NFS mounts to be secured by + IPSec. In this case (or if you don't understand or care about this + issue), answer "earliest" to this question (the default). + . + If you have your /usr tree mounted via NFS and don't use a PCMCIA network + card, then you will need to start strongSwan after NFS so that all + necessary files are available. In this case, answer "after NFS" to this + question. Please note that the NFS mount of /usr can not be secured by + IPSec in this case. + . + If you use a PCMCIA network card for your IPSec connections, then you only + have to choose to start it after the PCMCIA services. Answer "after + PCMCIA" in this case. This is also the correct answer if you want to fetch + keys from a locally running DNS server with DNSSec support. + +Template: strongswan/restart +Type: boolean +Default: true +_Description: Do you wish to restart strongSwan? + Restarting strongSwan is a good idea, since if there is a security fix, it + will not be fixed until the daemon restarts. Most people expect the daemon + to restart, so this is generally a good idea. However this might take down + existing connections and then bring them back up. + +Template: strongswan/ikev1 +Type: boolean +Default: true +_Description: Do you wish to support IKEv1? + strongSwan supports both versions of the Internet Key Exchange protocol, + IKEv1 and IKEv2. Do you want to start the "pluto" daemon for IKEv1 support + when strongSwan is started? + +Template: strongswan/ikev2 +Type: boolean +Default: true +_Description: Do you wish to support IKEv2? + strongSwan supports both versions of the Internet Key Exchange protocol, + IKEv1 and IKEv2. Do you want to start the "charon" daemon for IKEv2 support + when strongSwan is started? + +Template: strongswan/create_rsa_key +Type: boolean +Default: true +_Description: Do you want to create a RSA public/private keypair for this host? + This installer can automatically create a RSA public/private keypair + with an X.509 certificate for this host. This can be used to authenticate + IPSec connections to other hosts and is the preferred way for building up + secure IPSec connections. The other possibility would be to use pre-shared + secrets (PSKs, passwords that are the same on both sides of the tunnel) for + authenticating an connection, but for a larger number of connections RSA + authentication is easier to administer and more secure. Note that + having a keypair allows to use both X.509 and PSK authentication for IPsec + tunnels. + . + If you do not want to create a new public/private keypair, you can choose to + use an existing one in the next step. + +Template: strongswan/existing_x509_certificate +Type: boolean +Default: false +_Description: Do you have an existing X.509 certificate file for strongSwan? + This installer can automatically extract the needed information from an + existing X.509 certificate with a matching RSA private key. Both parts can + be in one file, if it is in PEM format. If you have such an existing + certificate and key file and want to use it for authenticating IPSec + connections, then please answer yes. + +Template: strongswan/existing_x509_certificate_filename +Type: string +_Description: File name of your X.509 certificate in PEM format: + Please enter the full location of the file containing your X.509 + certificate in PEM format. + +Template: strongswan/existing_x509_key_filename +Type: string +_Description: File name of your X.509 private key in PEM format: + Please enter the full location of the file containing the private RSA key + matching your X.509 certificate in PEM format. This can be the same file + that contains the X.509 certificate. + +Template: strongswan/rsa_key_length +Type: string +Default: 2048 +_Description: The length of the created RSA key (in bits): + Please enter the length of the created RSA key. It should not be less than + 1024 bits because this should be considered unsecure and you will probably + not need anything more than 2048 bits because it only slows the + authentication process down and is not needed at the moment. + +Template: strongswan/x509_self_signed +Type: boolean +Default: true +_Description: Do you want to create a self-signed X.509 certificate? + This installer can only create self-signed X.509 certificates + automatically, because otherwise a certificate authority is needed to sign + the certificate request. If you want to create a self-signed certificate, + you can use it immediately to connect to other IPSec hosts that support + X.509 certificate for authentication of IPSec connections. However, if you + want to use the new PKI features of strongSwan >= 1.91, you will need to + have all X.509 certificates signed by a single certificate authority to + create a trust path. + . + If you do not want to create a self-signed certificate, then this + installer will only create the RSA private key and the certificate request + and you will have to get the certificate request signed by your certificate + authority. + +Template: strongswan/x509_country_code +Type: string +Default: AT +_Description: Country code for the X.509 certificate request: + Please enter the 2 letter country code for your country. This code will be + placed in the certificate request. + . + You really need to enter a valid country code here, because openssl will + refuse to generate certificates without one. An empty field is allowed for + any other field of the X.509 certificate, but not for this one. + . + Example: AT + +Template: strongswan/x509_state_name +Type: string +Default: +_Description: State or province name for the X.509 certificate request: + Please enter the full name of the state or province you live in. This name + will be placed in the certificate request. + . + Example: Upper Austria + +Template: strongswan/x509_locality_name +Type: string +Default: +_Description: Locality name for the X.509 certificate request: + Please enter the locality (e.g. city) where you live. This name will be + placed in the certificate request. + . + Example: Vienna + +Template: strongswan/x509_organization_name +Type: string +Default: +_Description: Organization name for the X.509 certificate request: + Please enter the organization (e.g. company) that the X.509 certificate + should be created for. This name will be placed in the certificate + request. + . + Example: Debian + +Template: strongswan/x509_organizational_unit +Type: string +Default: +_Description: Organizational unit for the X.509 certificate request: + Please enter the organizational unit (e.g. section) that the X.509 + certificate should be created for. This name will be placed in the + certificate request. + . + Example: security group + +Template: strongswan/x509_common_name +Type: string +Default: +_Description: Common name for the X.509 certificate request: + Please enter the common name (e.g. the host name of this machine) for + which the X.509 certificate should be created for. This name will be placed + in the certificate request. + . + Example: gateway.debian.org + +Template: strongswan/x509_email_address +Type: string +Default: +_Description: Email address for the X.509 certificate request: + Please enter the email address of the person or organization who is + responsible for the X.509 certificate. This address will be placed in the + certificate request. + +Template: strongswan/enable-oe +Type: boolean +Default: false +_Description: Do you wish to enable opportunistic encryption in strongSwan? + strongSwan comes with support for opportunistic encryption (OE), which stores + IPSec authentication information (i.e. RSA public keys) in (preferably + secure) DNS records. Until this is widely deployed, activating it will + cause a significant slow-down for every new, outgoing connection. Since + version 2.0, strongSwan upstream comes with OE enabled by default and is thus + likely to break your existing connection to the Internet (i.e. your default + route) as soon as pluto (the strongSwan keying daemon) is started. + . + Please choose whether you want to enable support for OE. If unsure, do not + enable it. --- strongswan-4.2.14.orig/debian/compat +++ strongswan-4.2.14/debian/compat @@ -0,0 +1 @@ +7 --- strongswan-4.2.14.orig/debian/svn-deblayout +++ strongswan-4.2.14/debian/svn-deblayout @@ -0,0 +1,8 @@ +buildArea=/home/rene/amw/src/packages/build-area +origDir=/home/rene/amw/src/packages/tarballs +origUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/tarballs +tagsUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan +trunkDir=/home/rene/amw/src/packages/strongswan +trunkUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/strongswan +upsCurrentUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/branches/source-dist/debian/strongswan +upsTagUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan --- strongswan-4.2.14.orig/debian/README.Debian +++ strongswan-4.2.14/debian/README.Debian @@ -0,0 +1,124 @@ +strongswan for Debian +---------------------- + +1) General Remarks + +This package has been created from the openswan package, which was again +created from the freeswan package, which was created from scratch with some +ideas from the freeswan 1.3 package by Tommi Virtanen and the freeswan 1.5 +package by Aaron Johnson merged in. + +The differences between the strongSwan and the Openswan packages are +documented at http://www.strongswan.org/ . + +2) Kernel Support + +Note: This package can make use of the in-kernel IPSec stack, which is +available in the stock Debian kernel images (>=2.4.24 and 2.6.x). + +If you want to use the strongswan utilities, you will need the appropriate +kernel modules. The Debian default kernel native IPSec stack (which is +included in Linux 2.6 kernels and has been backported to Debian's 2.4 kernels) +can be used out-of-the-box with strongswan pluto, the key management daemon. +This native Linux IPSec stack is of high quality, has all of the features of +the latest Debian freeswan and openswan packages (i.e. support for other +ciphers like AES and NAT Traversal support) and is well integrated into the +kernel networking subsystem (which is not true for the freeswan kernel +modules). This is the recommended kernel support for strongswan. + +If you do not want to use the in-kernel IPSec stack of newer 2.6 kernels or +are building a custom 2.4 kernel, then the KLIPS kernel part can be used. +strongswan no longer ships this part, but is instead focussing on the newer +native IPSec stack. However, strongswan is interoperable with the KLIPS part +shipped with openswan, both for 2.4 and 2.6 series kernels. Please install +either the linux-patch-openswan or the openswan-modules-source packages and +follow their respective README.Debian files when you want to use KLIPS. + +3) Getting Started + +For connecting two Debian boxes using this strongswan package, the +simplest connection block on each side would look something like this: + +On host A, use + +conn to_hostb + left=%defaultroute + right=hostb.example.com + leftcert=hosta.pem + rightcert=hostb.pem + keyexchange=ikev2 + type=transport + auto=add + +On host B, use +conn to_hosta + left=%defaultroute + right=hosta.example.com + leftcert=hostb.pem + rightcert=hosta.pem + keyexchange=ikev2 + type=transport + auto=add + +This assumes that the respective hostnames hosta.example.com and +hostb.example.com can be resolved and that the internal hostnames are hosta +and hostb (and thus installing the strongswan package created the certificates +hosta.pem and hostb.pem, respectively). +Then the certificates (and not the private keys!) need to be exchanged between +the hosts, e.g. with + scp /etc/ipsec.d/certs/hosta.pem hostb.example.com:/etc/ipsec.d/certs/ + scp hostb.example.com:/etc/ipsec.d/certs/hostb.com /etc/ipsec.d/certs/ +from host A. The IPSec transport connection (that is, no subnets behind these +hosts that should be tunneled) can be started from either side using +"ipsec up to_hostb" (e.g. from host A). +Note that this example explicitly uses IKEv2 due to its nicer error messages. + +A more complicated example is to connect a "roadwarrior" (e.g. laptop) +to an internal network wbile it is behind another NAT. On the gateway +side, i.e. for the internal network the roadwarrior should connect to, +the configuration block could look something like this: + +conn roadwwarrior + left=%defaultroute + leftcert=gatewayCert.pem + rightcert=laptopCert.pem + rightrsasigkey=%cert + leftrsasigkey=%cert + auto=add + leftsubnet=10.0.0.0/24 + rightsubnetwithin=0.0.0.0/0 + right=%any + compress=yes + type=tunnel + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + +On the laptop side, you could use something along the lines: + +conn %default + rightrsasigkey=%cert + leftrsasigkey=%cert + authby=rsasig + leftcert=laptopCert.pem + leftsendcert=always + leftsubnet= + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + esp=aes128-sha1 + ike=aes128-sha1-modp2048 + +conn esys + left=%defaultroute + right=gateway.example.com + rightsubnet=10.0.0.0/24 + rightcert=gatewayCert.pem + auto=add + +Then load these new configuration blocks on both sides using "ipsec reload" +and, on the laptop, start the tunnel with "ipsec up mynetwork". +These configuration blocks assume host names "gateway" and "laptop" and an +inner subnet of 10.0.0.0/24. + +-- Rene Mayrhofer , Sun, Jul 09 12:31:00 2006 --- strongswan-4.2.14.orig/debian/control +++ strongswan-4.2.14/debian/control @@ -0,0 +1,100 @@ +Source: strongswan +Section: net +Priority: optional +Maintainer: Rene Mayrhofer +Standards-Version: 3.8.1 +Build-Depends: debhelper (>= 7.0.0), libtool, libgmp3-dev, libssl-dev (>= 0.9.8), libcurl4-openssl-dev | libcurl3-dev | libcurl2-dev, libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, dpatch, bzip2, po-debconf, hardening-wrapper, network-manager-dev, libfcgi-dev, clearsilver-dev, libxml2-dev, libsqlite3-dev, network-manager-dev (>= 0.7), libnm-glib-vpn-dev (>= 0.7), libnm-util-dev (>= 0.7) +Homepage: http://www.strongswan.org + +Package: strongswan +Architecture: all +Depends: strongswan-ikev1, strongswan-ikev2 +Suggests: network-manager-strongswan +Description: IPsec VPN solution metapackage + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + strongSwan is one of the two remaining forks of the original FreeS/WAN + project and focuses on IKEv2 support, X.509 authentication and complete PKI + support. For a focus on Opportunistic Encryption (OE) and interoperability + with non-standard IPsec features, see Openswan. + . + This metapackage has dependencies to the IKEv1 daemon pluto and IKEv2 daemon + charon. It installs the required packages to run IKEv1 and IKEv2 connections + using a ipsec.conf/ipsec.secrets based configuration. + +Package: libstrongswan +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, openssl +Description: strongSwan utility and crypto library + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + libstrongswan is the underlying library of charon and other strongSwan + components. It is built in a modular way and is extendable through various + plugins. + +Package: strongswan-starter +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-ikev1 | strongswan-ikev2 +Description: strongSwan daemon starter and configuration file parser + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + The starter and the associated "ipsec" script control both pluto and charon + from the command line. It parses ipsec.conf and loads the configurations to + the daemons. While the IKEv2 daemon can use other configuration backends, the + IKEv1 daemon is limited to configurations from ipsec.conf. + +Package: strongswan-ikev1 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-starter, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan +Replaces: openswan +Description: strongSwan IKEv1 keying daemon + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Pluto is a IPsec IKEv1 keying daemon. It was inherited from the FreeS/WAN + project, but provides improved X.509 certificate support and other features. + . + Pluto can run in parallel with charon, the newer IKEv2 daemon. + +Package: strongswan-ikev2 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-starter | strongswan-nm, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan +Description: strongSwan IKEv2 keying daemon + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Charon is the IPsec IKEv2 keying daemon of the strongSwan project. It is + written from scratch using a fully multi-threaded design and a modular + architecture. Various plugins provide additional functionality. + . + This build of charon can run in parallel with pluto, the IKEv1 daemon. + +Package: strongswan-nm +Architecture: any +Depends: ${shlibs:Depends}, strongswan-ikev2 +Recommends: network-manager-strongswan +Description: strongSwan plugin to interact with NetworkManager + strongSwan is a IPsec based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This plugin provides an interface which allows NetworkManager to configure + and control the IKEv2 daemon directly through DBUS. It is designed to work + in conjunction with the network-manager-strongswan package, providing + a simple graphical frontend to configure IPsec based VPNs. --- strongswan-4.2.14.orig/debian/strongswan.lintian-overrides +++ strongswan-4.2.14/debian/strongswan.lintian-overrides @@ -0,0 +1,3 @@ +strongswan: non-standard-file-perm etc/ipsec.secrets 0600 != 0644 +strongswan: non-standard-dir-perm etc/ipsec.d/examples/ 0775 != 0755 +strongswan: non-standard-dir-perm etc/ipsec.d/private/ 0700 != 0755 --- strongswan-4.2.14.orig/debian/po/ja.po +++ strongswan-4.2.14/debian/po/ja.po @@ -0,0 +1,618 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.1.8-2\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2008-01-31 06:52+0900\n" +"Last-Translator: Hideki Yamane (Debian-JP) \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "å¯èƒ½ãªé™ã‚Šæ—©ã, \"NFS 起動後\", \"PCMCIA 起動後\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "strongSwan ã®èµ·å‹•ã‚¿ã‚¤ãƒŸãƒ³ã‚°:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"strongSwan ã‚’èµ·å‹•ã•ã›ã‚‹ã‚¿ã‚¤ãƒŸãƒ³ã‚°ã®é¸æŠžè‚¢ã¨ã—ã¦ã¯3ã¤ãŒè€ƒãˆã‚‰ã‚Œã¾ã™: NFS サー" +"ビスã®é–‹å§‹å‰ãƒ»é–‹å§‹å¾Œãƒ»PCMCIA サービスã®é–‹å§‹å¾Œã€ã§ã™ã€‚正解ã¯ã‚ãªãŸã®è¨­å®šæ¬¡ç¬¬ã§" +"ã™ã€‚" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"NFS 経由㧠/usr をマウントã›ãš (ä»–ã®ãƒ‘ーティションやã‚ã¾ã‚Šé‡è¦ã§ã¯ãªã„パー" +"ティションを NFS 経由ã§ãƒžã‚¦ãƒ³ãƒˆã™ã‚‹ã‹ã€ã¾ãŸã¯ NFS マウントを全ã使ã‚ãªã„)ã€åŠ " +"ãˆã¦ PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’利用ã—ã¦ã„ãªã„å ´åˆã€å¯èƒ½ãªé™ã‚Šæ—©ã„タイミング" +"㧠strongSwan ã‚’èµ·å‹•ã™ã‚‹ã®ãŒãƒ™ã‚¹ãƒˆã§ã™ã€‚ã“ã®è¨­å®šã«ã‚ˆã£ã¦ã€NFS ã§ã®ãƒžã‚¦ãƒ³ãƒˆã¯ " +"IPSec ã§ä¿è­·ã•ã‚Œã¾ã™ã€‚ã“ã®å ´åˆ (ã¾ãŸã¯ã“ã®å•é¡Œã‚’ç†è§£ã—ã¦ã„ãªã„ã‹ç‰¹ã«æ°—ã«ã—ãª" +"ã„å ´åˆ) ã€\"å¯èƒ½ãªé™ã‚Šæ—©ã\"ã¨è³ªå•ã«ç­”ãˆã¦ãã ã•ã„ (標準設定ã§ã™) 。" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"NFS 経由㧠/usr をマウントã—ã¦ã„㦠PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’使用ã—ã¦ã„ãªã„" +"å ´åˆã¯ã€å¿…è¦ãªãƒ•ã‚¡ã‚¤ãƒ«ã‚’利用å¯èƒ½ã«ã™ã‚‹ãŸã‚ã« strongSwan ã‚’ NFS ã®å¾Œã§èµ·å‹•ã—ãª" +"ã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。ã“ã®å ´åˆã€\"NFS 起動後\" ã¨ç­”ãˆã¦ãã ã•ã„。ã“ã®æ™‚ã« NFS 経" +"ç”±ã§ãƒžã‚¦ãƒ³ãƒˆã•ã‚Œã‚‹ /usr ã¯ã€IPSec ã«ã‚ˆã‚‹ã‚»ã‚­ãƒ¥ã‚¢ãªçŠ¶æ…‹ã«ã¯ãªã‚‰ãªã„ã¨ã„ã†ã“ã¨" +"ã«æ³¨æ„ã—ã¦ãã ã•ã„。" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"IPSec 接続㫠PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’利用ã—ã¦ã„ãŸå ´åˆã€PCMCIA サービスã®èµ·" +"動後㫠strongSwan ã‚’èµ·å‹•ã™ã‚‹ä»¥å¤–ã«é¸æŠžã¯ã‚ã‚Šã¾ã›ã‚“。ã“ã®å ´åˆã€\"PCMCIA 起動後" +"\" ã¨ç­”ãˆã¦ãã ã•ã„。ローカルã§å‹•ä½œã—ã¦ã„ã‚‹ DNSSec 機能を使用ã—ã¦ã„ã‚‹ DNS " +"サーãƒã‹ã‚‰éµã‚’å–å¾—ã—ãŸã„å ´åˆã§ã‚‚ã€ã“ã®ç­”ãˆã‚’ã—ã¦ãã ã•ã„。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "strongSwan ã‚’å†èµ·å‹•ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"セキュリティ修正ãŒã‚ã£ãŸå ´åˆã«ã¯ãƒ‡ãƒ¼ãƒ¢ãƒ³ãŒå†èµ·å‹•ã•ã‚Œã‚‹ã¾ã§ä¿®æ­£ãŒå映ã•ã‚Œã¾ã›" +"ん。ã§ã™ã®ã§ã€strongSwan ã‚’å†èµ·å‹•ã™ã‚‹ã®ã¯è‰¯ã„考ãˆã§ã™ã€‚ã»ã¨ã‚“ã©ã®äººã¯ãƒ‡ãƒ¼ãƒ¢ãƒ³" +"ã‚’å†èµ·å‹•ã—よã†ã¨ã—ã¾ã™ãŒã€ã“ã‚Œã¯å¤§æŠµå•é¡Œã‚ã‚Šã¾ã›ã‚“。ã—ã‹ã—ã€ã“ã®ä½œæ¥­ã§ç¾åœ¨ã®" +"接続ã¯åˆ‡æ–­ã•ã‚Œã€å†åº¦ç¹‹ãŽãªãŠã™ã“ã¨ã«ãªã‚Šã¾ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "IKEv1 をサãƒãƒ¼ãƒˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"strongSwan 㯠IKEv1 㨠IKEv2 ã®ä¸¡æ–¹ã®ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆéµäº¤æ›ãƒ—ロトコルをサãƒãƒ¼ãƒˆ" +"ã—ã¦ã„ã¾ã™ã€‚strongSwan ãŒèµ·å‹•ã™ã‚‹éš›ã€IKEv1 サãƒãƒ¼ãƒˆã®ãŸã‚ \"pluto\" デーモン" +"ã‚’èµ·å‹•ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "IKEv2 をサãƒãƒ¼ãƒˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"strongSwan 㯠IKEv1 㨠IKEv2 ã®ä¸¡æ–¹ã®ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆéµäº¤æ›ãƒ—ロトコルをサãƒãƒ¼ãƒˆ" +"ã—ã¦ã„ã¾ã™ã€‚strongSwan ãŒèµ·å‹•ã™ã‚‹éš›ã€IKEv2 サãƒãƒ¼ãƒˆã®ãŸã‚ \"pluto\" デーモン" +"ã‚’èµ·å‹•ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "ã“ã®ãƒ›ã‚¹ãƒˆã® RSA 公開éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’生æˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã¯ã“ã®ãƒ›ã‚¹ãƒˆã® RSA 公開éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’自動的ã«ç”Ÿæˆã§ã" +"ã¾ã™ã€‚ã“ã®ã‚­ãƒ¼ãƒšã‚¢ã¯ä»–ã®ãƒ›ã‚¹ãƒˆã¨ã® IPSec 通信ã§ã®èªè¨¼ã«åˆ©ç”¨å¯èƒ½ã§ã€ã‚»ã‚­ãƒ¥ã‚¢" +"㪠IPSec 通信を確立ã™ã‚‹æ–¹æ³•ã¨ã—ã¦å¥½ã¾ã‚Œã¦ã„ã¾ã™ã€‚ä»–ã«åˆ©ç”¨å¯èƒ½ãªæ–¹æ³•ã¨ã—ã¦ã¯å…±" +"é€šéµ (トンãƒãƒ«ã®åŒæ–¹ã§åŒã˜ãƒ‘スワード) を通信ã®èªè¨¼ã«åˆ©ç”¨ã™ã‚‹ã¨ã„ã†ã®ãŒã‚ã‚Šã¾" +"ã™ãŒã€å¤šæ•°ã®æŽ¥ç¶šã«å¯¾ã—ã¦ã¯ã€RSA èªè¨¼ã®ã»ã†ãŒç®¡ç†ãŒã‚ˆã‚Šç°¡å˜ã§ã€ã‚ˆã‚Šã‚»ã‚­ãƒ¥ã‚¢ã§" +"ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"æ–°ãŸãªå…¬é–‹éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’生æˆã—ãŸããªã„å ´åˆã¯ã€æ—¢å­˜ã®ã‚­ãƒ¼ãƒšã‚¢ã®åˆ©ç”¨ã‚’" +"é¸æŠžã™ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "æ—¢ã«å­˜åœ¨ã—ã¦ã„ã‚‹ X509 証明書ファイルを strongSwan ã§åˆ©ç”¨ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã¯æ—¢ã«å­˜åœ¨ã—ã¦ã„ã‚‹ X509 証明書ã‹ã‚‰ RSA 秘密éµã¨ç…§ã‚‰ã—åˆã‚ã›ã¦" +"å¿…è¦ãªæƒ…報を自動的ã«å±•é–‹ã™ã‚‹äº‹ãŒå¯èƒ½ã§ã™ã€‚ PEM å½¢å¼ã®å ´åˆã€åŒæ–¹ã‚’一ã¤ã®ãƒ•ã‚¡ã‚¤" +"ルã«ã¾ã¨ã‚ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚ãã®ã‚ˆã†ãªè¨¼æ˜Žæ›¸ã¨éµã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒã‚ã‚Šã€ã“れらを " +"IPSec 通信ã§ã®èªè¨¼ã«ä½¿ç”¨ã—ãŸã„å ´åˆã¯ã€Œã¯ã„ã€ã¨ç­”ãˆã¦ãã ã•ã„。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "PEM å½¢å¼ã® X509 証明書ã®ãƒ•ã‚¡ã‚¤ãƒ«å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"PEM å½¢å¼ã® X509 証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®å ´æ‰€ã‚’絶対パスã§å…¥åŠ›ã—ã¦ãã ã•ã„。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "PEM å½¢å¼ã® X509 秘密éµã®ãƒ•ã‚¡ã‚¤ãƒ«å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"PEM å½¢å¼ã® X509 証明書ã«å¯¾å¿œã™ã‚‹ RSA 秘密éµã‚’å«ã‚“ã§ã„るファイルã®å ´æ‰€ã‚’絶対パ" +"スã§å…¥åŠ›ã—ã¦ãã ã•ã„。ã“れ㯠X509 証明書をå«ã‚“ã§ã„るファイルã¨åŒã˜ã§æ§‹ã„ã¾ã›" +"ん。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "RSA éµã®éµé•·ï¼ˆãƒ“ット数):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"生æˆã™ã‚‹ RSA éµã®é•·ã•ã‚’入力ã—ã¦ãã ã•ã„。安全ã®ãŸã‚ã€1024 ビット未満ã«ã™ã¹ã" +"ã§ã¯ã‚ã‚Šã¾ã›ã‚“。2048 ビットより大ããªã‚‚ã®ã«ã™ã‚‹å¿…è¦ã‚‚ãªã„ã§ã—ょã†ã€‚èªè¨¼ãƒ—ロセ" +"スãŒé…ããªã‚Šã¾ã™ã—ã€ç¾æ™‚点ã§ã¯ãŠãらãå¿…è¦ã‚ã‚Šã¾ã›ã‚“。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "自己署å X509 証明書を生æˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"証明書è¦æ±‚ã«ç½²åã™ã‚‹ãŸã‚ã«ã¯èªè¨¼å±€ãŒå¿…è¦ã¨ãªã‚‹ã®ã§ã€ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã§ã¯è‡ªå·±" +"ç½²å X509 証明書を自動的ã«ç”Ÿæˆã™ã‚‹äº‹ã ã‘ãŒå¯èƒ½ã§ã™ã€‚自己署å証明書を生æˆã—ãŸ" +"ã„å ´åˆã€ã“れを使用ã—ã¦ã™ãã« X509 証明書をサãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹ä»–ã® IPSec ホストã«" +"接続å¯èƒ½ã§ã™ã€‚ã—ã‹ã—ã€strongSwan ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 1.91 以上ã§ã®æ–°ã—ã„ PKI 機能を使" +"ã„ãŸã„å ´åˆã¯ã€trust path を生æˆã™ã‚‹ãŸã‚ã«å˜ä¸€ã®èªè¨¼å±€ã«ã‚ˆã£ã¦ã™ã¹ã¦ã® X509 証" +"明書ã«ç½²åã—ã¦ã‚‚らã†å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"自己署å証明書を生æˆã—ãŸããªã„ã¨ã„ã†å ´åˆã¯ã€ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã§ã¯ RSA 秘密éµã¨" +"証明書è¦æ±‚ã®ã¿ã‚’生æˆã—ã¾ã™ã€‚ãã®ãŸã‚ã€èªè¨¼å±€ã«è¨¼æ˜Žæ›¸è¦æ±‚ã¸ç½²åã‚’ã—ã¦ã‚‚らã†å¿…" +"è¦ãŒã‚ã‚Šã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹å›½ã‚³ãƒ¼ãƒ‰:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"ã‚ãªãŸã®å›½ã®å›½ã‚³ãƒ¼ãƒ‰ã‚’2文字ã§å…¥åŠ›ã—ã¦ãã ã•ã„。ã“ã®ã‚³ãƒ¼ãƒ‰ã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•" +"ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"openssl ãŒå›½ã‚³ãƒ¼ãƒ‰ãªã—ã§ã¯è¨¼æ˜Žæ›¸ã®ç”Ÿæˆã‚’æ‹’å¦ã™ã‚‹ã®ã§ã€æ­£ã—ã„国コードをã“ã“ã§" +"入力ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚X.509 証明書ã§ã¯ã€ä»–ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¤ã„ã¦ã¯ç©ºã§ã‚‚構ã„" +"ã¾ã›ã‚“ãŒã€ã“ã‚Œã«ã¤ã„ã¦ã¯è¨±å¯ã•ã‚Œã¦ã„ã¾ã›ã‚“。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "例: JP" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹éƒ½é“府県å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"ã‚ãªãŸãŒåœ¨ä½ã—ã¦ã„る都é“府県を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾" +"ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "例: Tokyo" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹åœ°åŸŸå:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"ã‚ãªãŸã®åœ¨ä½ã—ã¦ã„る地域ã®åå‰ (例: 市町æ‘å) を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Ž" +"書è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "例: Shinjuku-ku" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹çµ„ç¹”å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"X509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ã組織 (例: 会社) を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Ž" +"書è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "例: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹çµ„ç¹”å˜ä½:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"X509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ã組織å˜ä½ (例: 部署å) を入力ã—ã¦ãã ã•ã„。ã“ã‚Œ" +"ã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "例: security group" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹ã‚³ãƒ¢ãƒ³ãƒãƒ¼ãƒ :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"X509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ãコモンãƒãƒ¼ãƒ  (例: ã“ã®ãƒžã‚·ãƒ³ã®ãƒ›ã‚¹ãƒˆå) を入力" +"ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "例: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "X509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹ãƒ¡ãƒ¼ãƒ«ã‚¢ãƒ‰ãƒ¬ã‚¹:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"X509 証明書ã®è²¬ä»»è€…ã¨ãªã‚‹äººç‰©ãƒ»å›£ä½“ã®ãƒ¡ãƒ¼ãƒ«ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’入力ã—ã¦ãã ã•ã„。ã“ã®ã‚¢" +"ドレスã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "strongSwan 㧠opportunistic encryption を有効ã«ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"strongSwan ã¯ã€IPSec èªè¨¼æƒ…å ± (例: RSA 公開éµ) ã‚’ (願ã‚ãã¯ã‚»ã‚­ãƒ¥ã‚¢ãª) DNS レ" +"コード内ã«ä¿å­˜ã™ã‚‹ opportunistic encryption (OE) をサãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯" +"広ã利用ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚‹ã¾ã§ã€æœ‰åŠ¹ã«ã™ã‚‹ã¨å¤–部ã¸ã®æ–°è¦æŽ¥ç¶šã¯å…¨ã¦æ ¼æ®µã«é…ããª" +"ã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 2.0 より strongSwan ã®é–‹ç™ºå…ƒã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ OE を有効ã«ã—ã¦" +"ã„ã¾ã™ã€‚ãã®ãŸã‚ pluto (strongSwan éµç½²åデーモン) ãŒé–‹å§‹ã™ã‚‹ã¨ã™ãã€æ—¢å­˜ã®ã‚¤" +"ンターãƒãƒƒãƒˆæŽ¥ç¶š (ã¤ã¾ã‚Šãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒ«ãƒ¼ãƒˆ) ãŒä¸­æ–­ã•ã‚Œã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"OE ã®ã‚µãƒãƒ¼ãƒˆã‚’有効ã«ã™ã‚‹ã‹ã©ã†ã‹ã‚’é¸ã‚“ã§ãã ã•ã„。よãã‚ã‹ã‚‰ãªã„å ´åˆã¯ã€æœ‰åŠ¹" +"ã«ã¯ã—ãªã„ã§ãã ã•ã„。" + +#~ msgid "x509, plain" +#~ msgstr "x509, 通常ã®ã‚¿ã‚¤ãƒ—" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "生æˆã™ã‚‹ RSA キーペアã®ã‚¿ã‚¤ãƒ—:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "strongSwan ã§åˆ©ç”¨ã™ã‚‹é€šå¸¸ã® RSA 公開éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’作れã¾ã™ã€‚ã‚ã‚‹ã„" +#~ "㯠RSA å…¬é–‹éµ (ã•ã‚‰ã«ã¯ãã‚Œã«å¯¾å¿œã™ã‚‹ç§˜å¯†éµã‚‚) ã‚’å«ã‚€ X509 証明書ファイル" +#~ "ã‚‚åŒæ§˜ã§ã™ã€‚" + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "既㫠strongSwan を動作ã•ã›ã¦ã„るホスト㨠IPSec 通信を確立ã—ãŸã„ã ã‘ã®å ´åˆ" +#~ "ã¯ã€é€šå¸¸ã® RSA キーペアを使用ã™ã‚‹ã¨å¤šå°‘ç°¡å˜ã«ãªã‚Šã¾ã™ã€‚ã—ã‹ã—ã€ä»–ã® IPSec " +#~ "実装ã¨ã®æŽ¥ç¶šã‚’è¡Œã„ãŸã„å ´åˆã¯ X509 証明書ãŒå¿…è¦ã«ãªã‚Šã¾ã™ã€‚通信を行ã†å¯¾è±¡ã®" +#~ "ホスト㌠strongSwan ã‚’ X509 証明書ã®ã‚µãƒãƒ¼ãƒˆç„¡ã—ã§é‹ç”¨ã—ã¦ã„ãŸå ´åˆã€ã“ã“" +#~ "㧠X509 証明書を生æˆã—ã¦ã‹ã‚‰ã€å¾Œã»ã© RSA 公開éµã‚’通常ã®å½¢å¼ã«å±•é–‹ã™ã‚‹ã“ã¨" +#~ "ã‚‚å¯èƒ½ã§ã™ã€‚" + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "ã—ãŸãŒã£ã¦ X509 証明書ãŒãŠå‹§ã‚ã§ã™ã€‚ã“ã¡ã‚‰ã®ã»ã†ãŒæŸ”軟ã§ã™ã—ã€ã“ã®ã‚¤ãƒ³ã‚¹" +#~ "トーラを使ãˆã°ã€X509 証明書ã®ç”Ÿæˆã‚„ strongSwan ã§ã®åˆ©ç”¨ã«éš›ã—ã¦ã®é¢å€’ã•ã‚’" +#~ "隠蔽ã—ã¦ãれるã¯ãšã§ã™ã€‚" --- strongswan-4.2.14.orig/debian/po/fr.po +++ strongswan-4.2.14/debian/po/fr.po @@ -0,0 +1,641 @@ +# Translation of strongswan debconf templates to French +# Copyright (C) 2005-2007 Christian Perrier +# This file is distributed under the same license as the strongswan package. +# +# Christian Perrier , 2005-2007. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2007-07-05 07:28+0200\n" +"Last-Translator: Christian Perrier \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: Plural-Forms: nplurals=2; plural=n>1;\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "Le plus tôt possible, Après NFS, Après PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "Moment de démarrage de strongSwan :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Il existe trois moments où il est opportun de démarrer strongSwan : avant ou " +"après les services NFS, ou après les services PCMCIA. La réponse appropriée " +"dépend de vos réglages spécifiques." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Si votre arborescence /usr n'est pas un montage NFS (soit parce que vos " +"montages NFS sont à d'autres endroits, moins critiques, soit parce que vous " +"n'utilisez pas du tout de montage NFS) et si vous n'utilisez pas de carte " +"réseau PCMCIA, il est préférable de démarrer strongSwan le plus tôt " +"possible, ce qui permettra de sécuriser les montages NFS avec IPSec. Dans ce " +"cas (ou bien si vous ne comprenez pas l'objet de la question ou qu'elle ne " +"vous concerne pas), choisissez « le plus tôt possible », qui est le choix par " +"défaut." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Si /usr est un montage NFS et que vous n'utilisez pas de carte réseau " +"PCMCIA, vous devrez alors démarrer strongSwan après les services NFS afin " +"que tous les fichiers nécessaires soient disponibles. Dans ce cas, " +"choisissez « Après NFS ». Veuillez noter que le montage NFS de /usr n'est " +"alors pas sécurisé par IPSec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Si vous utilisez une carte PCMCIA pour vos connexions IPSec, votre seul " +"choix possible est le démarrage après les services PCMCIA. Choisissez alors " +"« Après PCMCIA ». Faites également ce choix si vous souhaitez récupérer les " +"clés d'authentification sur un serveur DNS reconnaissant DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "Souhaitez-vous redémarrer strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Redémarrer strongSwan est préférable car un éventuel correctif de sécurité " +"ne prendra effet que si le démon est redémarré. La plupart des utilisateurs " +"s'attendent à ce que le démon redémarre et c'est donc le plus souvent le " +"meilleur choix. Cependant, cela pourrait interrompre provisoirement des " +"connexions en cours." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "Souhaitez-vous gérer IKE v1 ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"StrongSwan gère les versions 1 et 2 du protocole d'échange de clés sur " +"Internet (IKE : « Internet Key Exchange »). Veuillez indiquer si le démon " +"« pluto », qui gère la version 1 du protocole, doit être lancé au démarrage " +"de strongSwan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "Souhaitez-vous gérer IKE v2 ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"StrongSwan gère les versions 1 et 2 du protocole d'échange de clés sur " +"Internet (IKE : « Internet Key Exchange »). Veuillez indiquer si le démon " +"« charon », qui gère la version 2 du protocole, doit être lancé au démarrage " +"de strongSwan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "" +"Souhaitez-vous créer une paire de clés RSA publique et privée pour cet hôte ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Cet outil d'installation peut créer automatiquement une paire de clés RSA " +"publique et privée pour cet hôte. Cette paire de clés peut servir à " +"authentifier des connexions IPSec vers d'autres hôtes. Cette méthode est la " +"méthode conseillée pour l'établissement de liaisons IPSec sûres. L'autre " +"possibilité d'authentification à la connexion est l'utilisation d'un secret " +"partagé (« pre-shared key » : des mots de passe identiques aux deux " +"extrémités du tunnel). Toutefois, pour de nombreuses connexions, " +"l'authentification RSA est plus simple à administrer et plus sûre." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Si vous ne souhaitez pas créer une paire de clés publique et privée, vous " +"pouvez choisir d'en utiliser une existante." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Possédez-vous un fichier de certificat X509 existant à utiliser avec " +"strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Cet outil d'installation est capable d'extraire automatiquement " +"l'information nécessaire d'un fichier de certificat X509 existant, avec la " +"clé privée RSA correspondante. Les deux parties peuvent se trouver dans un " +"seul fichier, s'il est en format PEM. Indiquez si vous possédez un tel " +"certificat ainsi que la clé privée, et si vous souhaitez vous en servir pour " +"l'authentification des connexions IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Emplacement de votre certificat X509 au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant votre certificat X509 " +"au format PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Emplacement de votre clé privée X509 au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant la clé privée RSA " +"correspondant à votre certificat X509 au format PEM. Cela peut être le " +"fichier qui contient le certificat X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "Longueur (en bits) de la clé RSA à créer :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Veuillez indiquer la longueur de la clé RSA qui sera créée. Elle ne doit pas " +"être inférieure à 1024 bits car cela serait considéré comme insuffisamment " +"sûr. Un choix excédant 2048 bits est probablement inutile car cela ne fait " +"essentiellement que ralentir le processus d'authentification sans avoir " +"d'intérêt actuellement." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Souhaitez-vous créer un certificat X509 autosigné ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Cet outil d'installation ne peut créer automatiquement qu'un certificat X509 " +"autosigné puisqu'une autorité de certification est indispensable pour signer " +"la demande de certificat. Si vous choisissez de créer un certificat " +"autosigné, vous pourrez vous en servir immédiatement pour vous connecter aux " +"hôtes qui authentifient les connexions IPSec avec des certificats X509. " +"Cependant, si vous souhaitez utiliser les nouvelles fonctionnalités PKI de " +"strongSwan >= 1.91, vous aurez besoin que tous les certificats X509 soient " +"signés par la même autorité de certification afin de créer un chemin de " +"confiance." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Si vous ne voulez pas créer de certificat autosigné, cet outil " +"d'installation ne fera que créer la clé privée RSA et la demande de " +"certificat, que vous devrez ensuite faire signer par votre autorité de " +"certification." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Code du pays :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Veuillez indiquer le code à deux lettres de votre pays. Ce code sera inclus " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Il est impératif de choisir ici un code de pays valide sinon OpenSSL " +"refusera de générer les certificats. Tous les autres champs d'un certificat " +"X.509 peuvent être vides, sauf celui-ci." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Exemple : FR" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "État, province ou région :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Veuillez indiquer le nom complet de l'état, de la province ou de la région " +"où vous résidez. Ce nom sera inclus dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "" +"Exemples : Rhône-Alpes, Brabant Wallon, Bouches du Rhône, Québec, Canton de " +"Vaud" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Localité :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Veuillez indiquer la localité (p. ex. la ville) où vous résidez. Ce nom sera " +"inclus dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Exemple : Saint-Étienne" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisme :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Veuillez indiquer l'organisme (p. ex. l'entreprise) pour qui sera créé le " +"certificat X509. Ce nom sera inclus dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Exemple : Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unité d'organisation :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Veuillez indiquer l'unité d'organisation (p. ex. département, division, " +"etc.) pour qui sera créé le certificat X509. Ce nom sera inclus dans la " +"demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Exemple : Département Réseaux et Informatique Scientifique" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Nom commun :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Veuillez indiquer le nom commun (p. ex. le nom réseau de cette machine) pour " +"qui sera créé le certificat X509. Ce nom sera inclus dans la demande de " +"certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Exemple : gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "Adresse électronique :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Veuillez indiquer l'adresse électronique de la personne ou de l'organisme " +"responsable du certificat X509. Cette adresse sera incluse dans la demande " +"de certificat." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Souhaitez-vous activer le chiffrement opportuniste dans strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"StrongSwan gère le chiffrement opportuniste (« opportunistic encryption » : " +"OE) qui permet de conserver les informations d'authentification IPSec (c'est-" +"à-dire les clés publiques RSA) dans des enregistrements DNS, de préférence " +"sécurisés. Tant que cette fonctionnalité ne sera pas déployée largement, son " +"activation provoquera un ralentissement significatif pour toute nouvelle " +"connexion sortante. À partir de la version 2.0, cette fonctionnalité est " +"activée par défaut dans strongSwan, ce qui peut interrompre le " +"fonctionnement de votre connexion à l'Internet (c'est-à-dire votre route par " +"défaut) dès le démarrage de pluto, le démon de gestion de clés de strongSwan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Veuillez choisir si vous souhaitez activer la gestion du chiffrement " +"opportuniste. Ne l'activez pas si vous n'êtes pas certain d'en avoir besoin." + +#~ msgid "x509, plain" +#~ msgstr "X509, Simple paire" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Type de paire de clés RSA à créer :" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Il est possible de créer une simple paire de clés destinée à être " +#~ "utilisée avec strongSwan ou de créer un fichier de certificat X509 qui " +#~ "contient la clé publique RSA et de conserver la clé privée correspondante " +#~ "par ailleurs." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Si vous ne prévoyez d'établir des connexions IPSec qu'avec des hôtes " +#~ "utilisant strongSwan, il sera probablement plus facile d'utiliser des " +#~ "clés RSA simples. Mais si vous souhaitez vous connecter à des hôtes " +#~ "utilisant d'autres implémentations d'IPSec, vous aurez besoin d'un " +#~ "certificat X509. Il est également possible de créer un certificat X509 " +#~ "puis d'en extraire une simple clé publique RSA, si l'autre extrémité de " +#~ "la connexion utilise Openswan sans la gestion des certificats X509." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Ainsi, il vous est conseillé d'utiliser un certificat X509 car cette " +#~ "méthode est plus souple. Cet outil d'installation devrait vous simplifier " +#~ "la tâche de création et d'utilisation de ce certificat X509 avec " +#~ "strongSwan." --- strongswan-4.2.14.orig/debian/po/de.po +++ strongswan-4.2.14/debian/po/de.po @@ -0,0 +1,631 @@ +# German translation of strongswan templates +# Helge Kreutzmann , 2007. +# This file is distributed under the same license as the strongswan package. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.1.4-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2007-07-08 12:01+0200\n" +"Last-Translator: Helge Kreutzmann \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "frühestmöglich, »nach NFS«, »nach PCMCIA«" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "Wann soll strongSwan gestartet werden:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Es gibt drei Möglichkeiten, wann strongSwan starten kann: vor oder nach den " +"NFS-Diensten und nach den PCMCIA-Diensten. Die richtige Antwort hängt von " +"Ihrer spezifischen Einrichtung ab." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Falls Sie Ihren /usr-Baum nicht über NFS eingehängt haben (entweder weil Sie " +"nur andere, weniger lebenswichtige Bäume über NFS einhängen, oder falls Sie " +"NFS überhaupt nicht verwenden) und keine PCMCIA-Netzwerkkarte benutzen, ist " +"es am besten, strongSwan so früh wie möglich zu starten und damit durch " +"IPSec gesicherte NFS-Einhängungen zu erlauben. In diesem Fall (oder falls " +"Sie dieses Problem nicht verstehen oder es Ihnen egal ist), antworten Sie " +"»frühestmöglich« (Standardwert) auf diese Frage." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Falls Sie Ihren /usr-Baum über NFS eingehängt haben und keine PCMCIA-" +"Netzwerkkarte benutzen, müssen Sie strongSwan nach NFS starten, so dass alle " +"benötigten Dateien verfügbar sind. In diesem Fall antworten Sie »nach NFS« " +"auf diese Frage. Bitte beachten Sie, dass NFS-Einhängungen von /usr in " +"diesem Fall nicht über IPSec gesichert werden können." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Falls Sie eine PCMCIA-Netzwerkkarte für Ihre IPSec-Verbindungen benutzen, " +"dann müssen Sie nur auswählen, dass er nach den PCMCIA-Diensten startet. " +"Antworten Sie in diesem Fall »nach PCMCIA«. Dies ist auch die richtige " +"Antwort, falls Sie Schlüssel von einem lokal laufenden DNS-Server mit DNSSec-" +"Unterstützung abholen wollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "Möchten Sie strongSwan neustarten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Es ist eine gute Idee, strongSwan neuzustarten, da eine Sicherheitskorrektur " +"erst nach dem Neustart des Daemons greift. Die meisten Leute erwarten, dass " +"der Daemon neu startet, daher ist diese Wahl eine gute Idee. Er kann " +"allerdings existierende Verbindungen beenden und erneut aufbauen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "Möchten Sie IKEv1 unterstützen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"strongSwan unterstützt beide Versionen des »Internet Key Exchange«-Protokolls " +"(Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten Sie den »pluto«-" +"Daemon für IKEv1-Unterstützung starten, wenn strongSwan gestartet wird." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "Möchten Sie IKEv2 unterstützen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"strongSwan unterstützt beide Versionen des »Internet Key Exchange«-Protokolls " +"(Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten Sie den »charon«-" +"Daemon für IKEv2-Unterstützung starten, wenn strongSwan gestartet wird." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "" +"Möchten Sie ein öffentlich/privates RSA-Schlüsselpaar für diesen Rechner " +"erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Das Installationsprogramm kann automatisch ein öffentliches/privates RSA-" +"Schlüsselpaar für diesen Rechner erstellen. Dieses Schlüsselpaar kann zur " +"Authentifizierung von IPSec-Verbindungen anderer Rechner verwendet werden " +"und ist die bevorzugte Art, sichere IPSec-Verbindungen aufzubauen. Die " +"andere Möglichkeit besteht darin, vorab-verteilte Geheimnisse (Passwörter, " +"die auf beiden Seiten des Tunnels identisch sind) zur Authentifizierung " +"einer Verbindung zu verwenden, aber für eine größere Anzahl an Verbindungen " +"ist die RSA-Authentifizierung einfacher zu administrieren und sicherer." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Falls Sie kein neues öffentliches/privates Schlüsselpaar erstellen wollen, " +"können Sie ein existierendes auswählen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "Verfügen Sie über ein existierendes X509-Zertifikat für strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Dieses Installationsprogramm kann automatisch die benötigten Informationen " +"aus einem existierenden X509-Zertifikat mit passendem privatem RSA-Schlüssel " +"extrahieren. Beide Teile können in einer Datei sein, falls sie im PEM-Format " +"vorliegt. Falls Sie über solch ein existierendes Zertifikat und eine solche " +"Schlüsseldatei verfügen, und diese für die Authentifizierung von IPSec-" +"Verbindungen verwenden möchten, stimmen Sie bitte zu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Dateiname Ihres X509-Zertifikates im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die Ihr X509-Zertifikat im " +"PEM-Format enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Dateiname Ihres privaten X509-Schlüssels im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die den privaten RSA-" +"Schlüssel enthält, der zu Ihrem X509-Zertifikat im PEM-Format passt. Dies " +"kann die gleiche Datei sein, die auch das X509-Zertifikat enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "Die Länge des erstellten RSA-Schlüssels (in Bits):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Bitte geben Sie die Länge des erstellten RSA-Schlüssels an. Er sollte nicht " +"kürzer als 1024 Bits sein, da dies als unsicher betrachtet werden könnte und " +"Sie benötigen nicht mehr als 2048 Bits, da dies nur den Authentifizierungs-" +"Prozess verlangsamt und derzeit nicht benötigt wird." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Möchten Sie ein selbst-signiertes X509-Zertifikat erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Das Installationsprogramm kann nur selbst-signierte X509-Zertifikate " +"automatisch erstellen, da andernfalls eine Zertifizierungsstelle zur " +"Signatur der Zertifikatsanfrage benötigt wird. Falls Sie ein selbst-" +"signiertes Zertifikat erstellen möchten, können Sie es sofort zur Verbindung " +"mit anderen IPSec-Rechnern verwenden, die X509-Zertifikate zur " +"Authentifizierung von IPSec-Verbindungen verwenden. Falls Sie allerdings die " +"neuen PKI-Funktionalitäten von strongSwan >= 1.91 verwenden möchten, müssen " +"alle X509-Zertifikate von einer einzigen Zertifizierungsstelle signiert " +"sein, um einen vertrauensvollen Pfad zu etablieren." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Falls Sie kein selbst-signiertes Zertifikat erstellen möchten, wird dieses " +"Installationsprogramm nur einen privaten RSA-Schlüssel und die " +"Zertifikatsanfrage erstellen und Sie müssen die Zertifikatsanfrage von Ihrer " +"Zertifizierungsstelle signiert bekommen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Ländercode für die X509-Zertifizierungsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Bitte geben Sie den zweibuchstabigen Ländercode für Ihr Land ein. Dieser " +"Code wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Sie müssen wirklich einen gültigen Ländercode hier eingeben, da OpenSSL es " +"ablehnen wird, Zertifikate ohne diese zu erstellen. Jedes andere Feld im " +"X509-Zertifikat darf leer bleiben; dieses aber nicht." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Beispiel: AT" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Name des Landes oder der Provinz für diese X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Bitte geben Sie den kompletten Namen des Landes oder der Provinz ein, in der " +"Sie leben. Dieser Name wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Beispiel: Oberösterreich" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Örtlichkeitsangabe für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Bitte geben Sie die Örtlichkeit (z.B. Stadt) ein, in der Sie leben. Dieser " +"Name wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Beispiel: Wien" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsname für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Bitte geben Sie die Organisation (z.B. Firma) ein, für die das X509-" +"Zertifikat erstellt werden soll. Dieser Name wird in der Zertifikatsanfrage " +"verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Beispiel: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationseinheit für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Bitte geben Sie die Organisationseinheit (z.B. Bereich) ein, für die das " +"X509-Zertifikat erstellt werden soll. Dieser Name wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Beispiel: Sicherheitsgruppe" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Allgemeiner Name für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Bitte geben Sie den allgemeinen Namen (z.B. den Rechnernamen dieser " +"Maschine) ein, für den das X509-Zertifikat erstellt werden soll. Dieser Name " +"wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Beispiel: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-Mail-Adresse für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Bitte geben Sie die E-Mail-Adresse der Person oder Organisation ein, die für " +"das X509-Zertifikat verantwortlich ist. Diese Adresse wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Möchten Sie opportunistische Verschlüsselung in strongSwan aktivieren?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"strongSwan enthält Unterstützung für opportunistische Verschlüsselung (OV), " +"die Authentifizierungsinformationen von IPSec (z.B. öffentliche RSA-" +"Schlüssel) in DNS-Datensätzen speichert. Solange dies nicht weit verbreitet " +"ist, wird jede neue ausgehende Verbindung signifikant verlangsamt, falls " +"diese Option aktiviert ist. Seit Version 2.0 wird strongSwan von den Autoren " +"mit aktiviertem OV ausgeliefert und wird daher wahrscheinlich Ihre " +"existierenden Verbindungen ins Internet (d.h. Ihre Standard-Route) stören, " +"sobald Pluto (der strongSwan Schlüssel-Daemon) gestartet wird." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Bitte wählen Sie aus, ob Sie OV aktivieren möchten. Falls Sie unsicher sind, " +"aktivieren Sie es nicht." + +#~ msgid "x509, plain" +#~ msgstr "x509, einfach" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Die Art des RSA-Schlüsselpaars, das erstellt werden soll:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Es besteht die Möglichkeit, ein einfaches öffentliches/privates " +#~ "Schlüsselpaar für den Einsatz mit strongSwan oder eine X509-" +#~ "Zertifikatsdatei zu erstellen, die den öffentlichen Schlüssel und " +#~ "zusätzlich den zugehörigen privaten Schlüssel enthält." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Falls Sie nur IPSec-Verbindungen zu Rechnern aufbauen wollen, auf denen " +#~ "auch strongSwan läuft, könnte es etwas einfacher sein, einfache RSA-" +#~ "Schlüsselpaare zu verwenden. Falls Sie aber mit anderen IPSec-" +#~ "Implementierungen Verbindungen aufnehmen wollen, benötigen Sie ein X509-" +#~ "Zertifikat. Es besteht auch die Möglichkeit, hier ein X509-Zertifikat zu " +#~ "erstellen und den öffentlichen RSA-Schlüssel im einfachen Format zu " +#~ "extrahieren, falls die andere Seite strongSwan ohne X509-" +#~ "Zertifikatsunterstützung betreibt." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daher wird ein X509-Zertifikat empfohlen, da es flexibler ist und dieses " +#~ "Installationsprogramm in der Lage sein sollte, die komplexe Erstellung " +#~ "des X509-Zertifikates und seinen Einsatz in strongSwan zu verstecken." --- strongswan-4.2.14.orig/debian/po/POTFILES.in +++ strongswan-4.2.14/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] strongswan-starter.templates --- strongswan-4.2.14.orig/debian/po/nl.po +++ strongswan-4.2.14/debian/po/nl.po @@ -0,0 +1,648 @@ +# translation of strongswan_2.7.3+dfsg-1_nl.po to Dutch +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Luk Claes , 2005 +# Kurt De Bree , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan_2.7.3+dfsg-1_nl\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2006-09-28 19:50+0200\n" +"Last-Translator: Kurt De Bree \n" +"Language-Team: Dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "\"zo vroeg mogelijk\", \"na NFS\", \"na PCMCIA\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Er zijn drie mogelijkheden wanneer stronSwan kan starten: vóór of na de NFS-" +"diensten en na de PCMCIA-diensten. Het juiste antwoord is afhankelijk van uw " +"specifieke installatie." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Als u uw /usr-boom niet via NFS heeft aangekoppeld (u koppelt enkel andere, " +"minder vitale bomen via NFS of u gebruikt NFS helemaal niet om bomen aan te " +"koppelen) en u gebruikt geen PCMCIA-netwerkkaart, dan is het best om " +"strongSwan zo vroeg mogelijk te starten, dus toe te staan van de NFS-" +"aankoppelingen te beveiligen door IPSec. In dit geval (of als u deze zaak " +"niet verstaat of het u niet uitmaakt), antwoord dan \"zo vroeg mogelijk\" op " +"deze vraag (de standaard)." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Als u uw /usr-boom via NFS heeft aangekoppeld en u gebruikt geen PCMCIA-" +"netwerkkaart, dan zult u strongSwan moeten starten na NFS zodat alle nodige " +"bestanden aanwezig zijn. In dit geval, antwoord \"na NFS\" op deze vraag. " +"Merk op dat in dit geval de NFS-aankoppeling van /usr niet kan worden " +"beveiligd door IPSec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Als u een PCMCIA-netwerkkaart gebruikt voor uw IPSec-verbindingen, dan hebt " +"u enkel de keuze om te starten na de PCMCIA-diensten. Antwoord in dit geval " +"\"na PCMCIA\". Dit is ook het correcte antwoord als u sleutels wilt afhalen " +"van een lokaal draaiende DNS-server met DNSSec-ondersteuning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "Wilt u strongSwan herstarten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"strongSwan herstarten is een goed idee omdat als er een " +"veiligheidsherstelling is, het pas echt hersteld zal zijn vanaf dat de " +"achtergronddienst is herstart. De meeste mensen verwachten dat de " +"achtergronddienst herstart, dus dit is meestal een goed idee. Hoewel, dit " +"kan bestaande verbindingen verbreken en ze dan opnieuw herstellen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "Do you wish to support IKEv1?" +msgstr "Wilt u strongSwan herstarten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +#, fuzzy +msgid "Do you wish to support IKEv2?" +msgstr "Wilt u strongSwan herstarten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "Wilt u een publiek/privaat RSA-sleutelpaar aanmaken voor deze host?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Deze installatie kan automatisch een publiek/privaat RSA-sleutelpaar " +"aanmaken voor deze host. Dit sleutelpaar kan worden gebruikt om IPSec-" +"verbinden naar andere hosts te authenticeren en is de aanbevolen manier om " +"veilige IPSec-verbindingen op te zetten. De andere mogelijkheid zou zijn om " +"gedeelde geheimen (wachtwoorden die aan beide kanten van de tunnel hetzelfde " +"zijn) te gebruiken voor het authenticeren van een verbinding, maar voor een " +"groter aantal verbindingen is RSA-authenticatie makkelijker te beheren en " +"veiliger." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Indien u geen nieuw publiek/privaat sleutelpaar wenst aan te maken, kunt u " +"een bestaand sleutelpaar kiezen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Hebt u een bestaand X509-certificaatbestand dat u voor strongSwan wilt " +"gebruiken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Deze installatie kan de benodigde informatie automatisch extraheren van een " +"bestaand X509-certificaat met een bijhorende private RSA-sleutel. Beide " +"delen kunnen in één bestand zijn, als het in PEM-formaat is. Hebt u zo'n " +"bestaand certificaat en een sleutelbestand; en wilt u het voor de " +"authenticatie van IPSec-verbindingen gebruiken, antwoord dan met 'ja'" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Bestandsnaam van uw X509-certificaat in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +"formaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Bestandsnaam van uw private X509-sleutel in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Geef de volledige locatie van het bestand dat uw private RSA-sleutel bevat " +"die behoort bij uw X509-certificaat in PEM-formaat. Dit kan hetzelfde " +"bestand zijn als dat wat uw X509-certificaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "Lengte van de aangemaakte RSA-sleutel (in bits):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the length of the created RSA key. it should not be less " +#| "than 1024 bits because this should be considered unsecure and you will " +#| "probably not need anything more than 2048 bits because it only slows the " +#| "authentication process down and is not needed at the moment." +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Geef de lengte van de aangemaakte RSA-sleutel. Het mag niet minder dan 1024 " +"bits zijn omdat dit als onveilig wordt beschouwd en u zult waarschijnlijk " +"niet meer dan 2048 bits nodig hebben omdat het enkel het authenticatieproces " +"vertraagt en op dit moment niet nodig is." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Wilt u een door uzelf getekend X509-certificaat aanmaken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Deze installatie kan enkel een door uzelf getekend X509-certificaat " +"automatischaanmaken omdat anders een certificaatautoriteit nodig is om de " +"certificaataanvraag te tekenen. Als u een door uzelf getekend certificaat " +"wilt aanmaken, dan kunt u het onmiddellijk gebruiken om een verbinding te " +"leggen met andere IPSec-hosts die X509-certificaten ondersteunen voor IPSec-" +"verbindingen. Hoewel, als u de nieuwe PKI-mogelijkheden wilt gebruiken van " +"strongSwan >= 1.91, dan zult u alle X509-certificaten moeten laten tekenen " +"door één enkele certificaatautoriteit om een vertrouwenspad aan te maken." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Als u geen door uzelf getekend certificaat wilt aanmaken, dan zal deze " +"installatie enkel de private RSA-sleutel en de certificaataanvraag aanmaken " +"en u zult de certificaataanvraag moeten laten tekenen door uw " +"certificaatautoriteit." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landcode van de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Geef de 2-letterige landcode voor uw land. Deze code zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"U moet hier wel een geldige landcode opgeven omdat openssl anders zal " +"weigeren om een certificaat aan te maken. Er is voor elke veld van het X509-" +"certificaat een leeg veld toegestaan, maar niet voor dit veld." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Voorbeeld: BE" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Staat of provincie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Geef de volledige naam van de staat of provincie waarin u woont. Deze naam " +"zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Voorbeeld: Limburg" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Plaatsnaam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Geef de plaatsnaam (v.b. stad) waar u woont. Deze naam zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Voorbeeld: Genk" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Naam van de organisatie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +"aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Voorbeeld: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisatie-eenheid voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +"wordt aangemaakt. Deze naam zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Voorbeeld: dienst veiligheid" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Naam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Geef de naam (v.b. computernaam van deze machine) waarvoor het X509-" +"certificaat wordt aangemaakt. Deze naam zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Voorbeeld: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-mailadres voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Geef het e-mailadres van de persoon of organisatie die verantwoordelijk is " +"voor het X509-certificaat. Dit adres zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Wilt u opportunistische encryptie aanschakelen in strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"strongSwan heeft ondersteuning voor opportunistische encryptie (OE) die " +"IPSec-authenticatie-informatie (v.b. publieke RSA-sleutels) bewaart in " +"(liefst veilige) DNS-records. Totdat dit veelvuldig wordt toegepast zal dit " +"activeren een significante vertraging veroorzaken voor elke nieuwe uitgaande " +"verbinding. Omdat versie 2.0 van strongSwan standaard OE heeft " +"aangeschakeld, wordt dus waarschijnlijk uw bestaande verbinding met het " +"Internet (v.b. uw standaard route) verbroken vanaf dat pluto (de strongSwan-" +"sleutelringachtergronddienst) wordt gestart." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Kiest of u OE-ondersteuning wilt aanschakelen. Indien onzeker, schakel het " +"dan niet aan." + +#~ msgid "x509, plain" +#~ msgstr "x509, gewoon" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Aan te maken type RSA-sleutelpaar:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Het is mogelijk om een gewoon publiek/privaat RSA-sleutelpaar aan te " +#~ "maken om te gebruiken met strongSwan of om een X509-certificaatbestand " +#~ "aan te maken die de publieke RSA-sleutel bevat en de corresponderende " +#~ "private sleutel te bewaren." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Als u enkel IPSec-verbindingen wilt opzetten naar hosts die ook " +#~ "strongSwan draaien, dan is het misschien een beetje gemakkelijker om " +#~ "gewone RSA-sleutelparen te gebruiken. Maar als u verbindingen wilt leggen " +#~ "met andere IPSec-implementaties, dan zult u een X509-certificaat nodig " +#~ "hebben. Het is ook mogelijk om hier een X509-certificaat aan te maken en " +#~ "de publieke RSA-sleutel te extraheren in een gewoon formaat als de andere " +#~ "kant strongSwan draait zonder X509-certificaatondersteuning." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daarom wordt een X509-certificaat aanbevolen omdat het flexibeler is en " +#~ "deze installatie moet de complexe creatie van een X509-certificaat kunnen " +#~ "verbergen en het toch in strongSwan kunnen gebruiken." --- strongswan-4.2.14.orig/debian/po/cs.po +++ strongswan-4.2.14/debian/po/cs.po @@ -0,0 +1,621 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2008-05-12 19:17+0200\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "\"co nejdříve\", \"po NFS\", \"po PCMCIA\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "Kdy spustit strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Existují tÅ™i možnosti, kdy se dá strongSwan spouÅ¡tÄ›t: pÅ™ed NFS službami, po " +"NFS službách nebo po PCMCIA službách. Správná odpovÄ›Ä závisí na vaÅ¡em " +"konkrétním nastavení." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Jestliže nemáte svůj strom /usr pÅ™ipojen skrz NFS (buÄ pÅ™es NFS pÅ™ipojujete " +"jiné, ne tak důležité stromy, nebo NFS vůbec nepoužíváte) a nepoužíváte " +"síťovou kartu PCMCIA, je nejlepší spouÅ¡tÄ›t strongSwan co nejdříve, Äímž " +"umožníte aby byly NFS svazky chránÄ›ny pomocí IPSec. V takovém případÄ› (nebo " +"pokud si nejste jisti, nebo pokud vám na tom nezáleží) na otázku odpovÄ›zte " +"„co nejdříve“ (výchozí)." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Jestliže máte strom /usr pÅ™ipojen skrz NFS a nepoužíváte síťovou kartu " +"PCMCIA, musíte spustit strongSwan po NFS, aby byly vÅ¡echny potÅ™ebné soubory " +"dostupné. V tomto případÄ› na otázku odpovÄ›zte „po NFS“. UvÄ›domte si prosím, " +"že v tomto případÄ› nemůže být NFS svazek /usr chránÄ›n pomocí IPSec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Jestliže používáte PCMCIA síťovou kartu pro vaÅ¡e IPSec pÅ™ipojení, pak je " +"jedinou možností jej spustit po PCMCIA službách. V tom případÄ› odpovÄ›zte „po " +"PCMCIA“. Toto je také správná odpovÄ›Ä, pokud chcete získat klíÄe z lokálního " +"DNS serveru s podporou DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "PÅ™ejete si restartovat strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Restartování strongSwan je dobrý nápad, protože v případÄ›, že aktualizace " +"obsahuje bezpeÄnostní záplatu, nebude opravena dokud se démon nerestartuje. " +"VÄ›tÅ¡ina lidí pÅ™edpokládá restartování démona, takže je to v každém případÄ› " +"správný postup. NicménÄ› je možné, že existující spojení budou shozena a poté " +"znovu nastavena." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "PÅ™ejete si podporu IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 (IKEv1, " +"IKEv2). PÅ™ejete si pÅ™i startu strongSwanu spustit daemona „pluto“ " +"podporujícího IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "PÅ™ejete si podporu IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 (IKEv1, " +"IKEv2). PÅ™ejete si pÅ™i startu strongSwanu spustit daemona „charon“ " +"podporujícího IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "PÅ™ejete si vytvoÅ™it veÅ™ejný/soukromý pár RSA klíÄů pro tento poÄítaÄ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Tento instalátor může automaticky vytvoÅ™it veÅ™ejný/soukromý pár RSA klíÄů " +"pro tento poÄítaÄ. Pár klíÄů může být využit k autentizaci IPSec spojení na " +"další poÄítaÄe a je upÅ™ednostňovanou cestou pro sestavování bezpeÄných IPSec " +"spojení. Další možností autentizace je využití sdílených tajemství (hesel, " +"která jsou stejná na obou stranách tunelu), ale pro vÄ›tší poÄet spojení je " +"RSA autentizace snazší pro správu a mnohem bezpeÄnÄ›jší." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Jestliže si nepÅ™ejete vytvoÅ™it nový pár klíÄů pro tento poÄítaÄ, můžete si " +"zvolit existující." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Vlastníte existující certifikát X509, který chcete použít pro strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Instalátor může automaticky získat potÅ™ebné informace z existujícího " +"certifikátu X509 s odpovídajícím soukromým RSA klíÄem. Jedná-li se o formát " +"PEM, mohou být obÄ› Äásti v jednom souboru. Vlastníte-li takový certifikát a " +"soubor s klíÄem a chcete-li je použít pro autentizaci IPSec spojení, " +"odpovÄ›zte kladnÄ›." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Jméno souboru s certifikátem X509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Zadejte prosím celou cestu k souboru obsahujícímu váš certifikát X509 ve " +"formátu PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Jméno souboru se soukromým klíÄem X509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Zadejte prosím absolutní cestu k souboru obsahujícímu soukromý RSA klÃ­Ä ve " +"formátu PEM odpovídající vaÅ¡emu certifikátu X509. Může to být stejný soubor " +"jako ten, ve kterém se nachází certifikát X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "Délka vytvoÅ™eného RSA klíÄe (v bitech):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Zadejte prosím délku vytvářeného RSA klíÄe. Kvůli bezpeÄnosti by nemÄ›la být " +"menší než 1024 bitů a pravdÄ›podobnÄ› nepotÅ™ebujete víc než 2048 bitů, protože " +"to již zpomaluje proces autentizace." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Chcete vytvoÅ™it certifikát X509 podepsaný sám sebou?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Tento instalátor může automaticky vytvoÅ™it pouze certifikát X509 podepsaný " +"sám sebou, jelikož v opaÄném případÄ› je k podpisu certifikátu potÅ™eba " +"certifikaÄní autorita. Tento certifikát můžete ihned použít k pÅ™ipojení na " +"další poÄítaÄe s IPSec, které podporují autentizaci pomocí certifikátu X509. " +"NicménÄ› chcete-li využít nových PKI možností strongSwanu >= 1.91, budete k " +"vytvoÅ™ení důvÄ›ryhodných cest potÅ™ebovat vÅ¡echny certifikáty X509 podepsané " +"jedinou certifikaÄní autoritou." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Jestliže nechcete vytvoÅ™it certifikát podepsaný sebou samým, vytvoří tento " +"instalátor jen soukromý RSA klÃ­Ä a požadavek na certifikát. Vy potom musíte " +"podepsat požadavek svojí certifikaÄní autoritou." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Kód zemÄ› pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Zadejte prosím dvoumístný kód vaší zemÄ›. Tento kód bude umístÄ›n do požadavku " +"na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Je opravdu nutné, abyste vložili správný kód zemÄ›, protože openssl jinak " +"odmítne vygenerování certifikátu. Prázdné pole je dovoleno ve vÅ¡ech " +"ostatních polích certifikátu X509 kromÄ› tohoto." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Příklad: CZ" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Jméno státu nebo oblasti pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Zadejte prosím celé jméno státu nebo oblasti kde žijete. Toto jméno bude " +"umístÄ›no do požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Příklad: Morava" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Jméno lokality pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Zadejte prosím lokalitu (napÅ™. mÄ›sto) kde žijete. Toto jméno bude umístÄ›no " +"do požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Příklad: Olomouc" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Název organizace pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno bude " +"umístÄ›no do požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Příklad: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Název organizaÄní jednotky pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Zadejte prosím organizaÄní jednotku pro kterou je certifikát vytvářen. Toto " +"jméno bude umístÄ›no do požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Příklad: bezpeÄnostní oddÄ›lení" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Obvyklé jméno pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Zadejte prosím běžné jméno (napÅ™. jméno poÄítaÄe) pro které je certifikát " +"vytvářen. Toto jméno bude umístÄ›no do požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Příklad: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "Emailová adresa pro požadavek na certifikát X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Zadejte prosím emailovou adresu osoby nebo organizace, která je zodpovÄ›dná " +"za certifikát X509. Toto jméno bude umístÄ›no do požadavku na certifikát." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Chcete ve strongSwanu povolit oportunistické Å¡ifrování?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"strongSwan pÅ™ichází s podporou pro oportunistické Å¡ifrování (OE), které " +"uchovává autentizaÄní informace IPSecu (napÅ™. veÅ™ejné RSA klíÄe) v (nejlépe " +"zabezpeÄených) DNS záznamech. Dokud nebude tato schopnost více rozšířena, " +"způsobí její aktivace výrazné zpomalení každého nového odchozího spojení. Od " +"verze 2.0 pÅ™ichází strongSwan s implicitnÄ› zapnutou podporou OE Äímž " +"pravdÄ›podobnÄ› zruší vaÅ¡e probíhající spojení do Internetu (tj. vaÅ¡i výchozí " +"cestu - default route) v okamžiku, kdy spustíte pluto (strongSwan keying " +"démon)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Prosím vyberte si zda chcete povolit podporu pro OE. Nejste-li si jisti, " +"podporu nepovolujte." + +#~ msgid "x509, plain" +#~ msgstr "x509, prostý" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Typ páru RSA klíÄů, který se vytvoří:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Je možné vytvoÅ™it prostý pár RSA klíÄů pro použití se strongSwanem, nebo " +#~ "vytvoÅ™it soubor s certifikátem X509, který obsahuje veÅ™ejný RSA klÃ­Ä a " +#~ "dodateÄnÄ› uchovává odpovídající soukromý klíÄ." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Pokud chcete vytvoÅ™it IPSec spojení jen k poÄítaÄům, na kterých taktéž " +#~ "běží strongSwan, může být mnohem jednodušší použít pár prostých RSA " +#~ "klíÄů. Pokud se ale chcete pÅ™ipojit k jiným implementacím IPSec, budete " +#~ "potÅ™ebovat certifikát X509. Také je možné zde vytvoÅ™it certifikát X509 a " +#~ "pozdÄ›ji, pokud druhá strana používá strongSwan bez podpory certifikátů " +#~ "X509, z nÄ›j získat veÅ™ejný RSA klÃ­Ä v prostém formátu." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Certifikát X509 je proto doporuÄován zejména díky své flexibilitÄ›. Tento " +#~ "instalátor by v mÄ›l být schopen skrýt komplexnost vytváření a používání " +#~ "certifikátu ve strongSwanu." --- strongswan-4.2.14.orig/debian/po/pt_BR.po +++ strongswan-4.2.14/debian/po/pt_BR.po @@ -0,0 +1,653 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: openswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2005-01-24 21:53-0200\n" +"Last-Translator: André Luís Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "o quando antes, \"depois do NFS\", \"depois do PCMCIA\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "When to start strongSwan:" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Com os níveis de inicialização atuais do Debian (quase todos os serviços " +"iniciando no nível 20) é impossível para o Openswan sempre iniciar no " +"momento correto. Existem três possibilidades para quando iniciar o " +"Openswan : antes ou depois dos serviços NFS e depois dos serviços PCMCIA. A " +"resposta correta depende se sua configuração específica." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Caso você não possua sua àrvore /usr montada via NFS (você somente monta " +"outras àrvores não vitais via NFS ou não usa àrvores montadas via NFS) e não " +"use um cartão de rede PCMCIA, a melhor opção é iniciar o Openswan o quando " +"antes, permitindo dessa forma que os pontos de montagem NFS estejam " +"protegidos por IPSec. Nesse caso (ou caso você não compreenda ou não se " +"importe com esse problema), responda \"o quando antes\" para esta pergunta " +"(o que é o padrão)." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Caso você possua sua àrvore /usr montada via NFS e não use um cartão de rede " +"PCMCIA, você precisará iniciar o Openswan depois do NFS de modo que todos os " +"arquivos necessários estejam disponíveis. Nesse caso, responda \"depois do " +"NFS\" para esta pergunta. Por favor, note que a montagem NFS de /usr não " +"poderá ser protegida pelo IPSec nesse caso." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Caso você use um cartão de rede PCMCIA para suas conexões IPSec você " +"precisará somente optar por iniciar o Opensan depois dos serviços PCMCIA. " +"Responda \"depois do PCMCIA\" nesse caso. Esta é também a maneira correta de " +"obter chaves de um servidor DNS sendo executado localmente e com suporte a " +"DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +#, fuzzy +msgid "Do you wish to restart strongSwan?" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +#, fuzzy +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Reiniciar o Openswan é uma boa idéia, uma vez que caso exista um correção " +"para uma falha de segurança, o mesmo não será corrigido até que o daemon " +"seja reiniciado. A maioria das pessoas esperam que o daemon seja reiniciado, " +"portanto essa é geralmente uma boa idéia. Porém, reiniciar o Openswan pode " +"derrubar conexões existentes, mas posteriormente trazê-las de volta." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "Do you wish to support IKEv1?" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +#, fuzzy +msgid "Do you wish to support IKEv2?" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "" +"Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Este instalador pode automaticamente criar um par de chaves RSA pública/" +"privada para este host. Esse par de chaves pode ser usado para autenticar " +"conexões IPSec com outros hosts e é a maneira preferida de construir " +"conexões IPSec seguras. A outra possibilidade seria usar segredos " +"compartilhados (senhas que são iguais em ambos os lados do túnel) para " +"autenticar uma conexão, mas para um grande número de conexões RSA a " +"autenticação é mais fácil de administrar e mais segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Você possui um arquivo de certificado X509 existente que você gostaria de " +"usar com o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Este instalador pode extrair automaticamente a informação necessária de um " +"certificado X509 existente com uma chave RSA privada adequada. Ambas as " +"partes podem estar em um arquivo, caso estejam no formato PEM. Você possui " +"um certificado existente e um arquivo de chave e quer usá-los para " +"autenticar conexões IPSec ?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" +"Por favor, informe a localização de seu certificado X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor, informe a localização do arquivo contendo seu certificado X509 no " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "File name of your X.509 private key in PEM format:" +msgstr "" +"Por favor, informe a localização de sua chave privada X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Por favor, informe a localização do arquivo contendo a chave privada RSA que " +"casa com seu certificado X509 no formato PEM. Este pode ser o mesmo arquivo " +"que contém o certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "The length of the created RSA key (in bits):" +msgstr "Qual deve ser o tamanho da chave RSA criada ?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the length of the created RSA key. it should not be less " +#| "than 1024 bits because this should be considered unsecure and you will " +#| "probably not need anything more than 2048 bits because it only slows the " +#| "authentication process down and is not needed at the moment." +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Por favor, informe o tamanho da chave RSA a ser criada. A mesma não deve ser " +"menor que 1024 bits devido a uma chave de tamanho menor que esse ser " +"considerada insegura. Você também não precisará de nada maior que 2048 " +"porque isso somente deixaria o processo de autenticação mais lento e não " +"seria necessário no momento." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Deseja criar um certificado X509 auto-assinado ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Este instalador pode criar automaticamente somente certificados X509 auto-" +"assinados, devido a uma autoridade certificadora ser necessária para assinar " +"a requisição de certificado. Caso você queira criar um certificado auto-" +"assinado, você poderá usá-lo imediatamente para conexão com outros hosts " +"IPSec que suportem certificados X509 para autenticação de conexões IPSec. " +"Porém, caso você queira usar os novos recursos PKI do Openswan versão 1.91 " +"ou superior, você precisará possuir todos seus certificados X509 assinados " +"por uma única autoridade certificadora para criar um caminho de confiança." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Caso você não queira criar um certificado auto-assinado, este instalador irá " +"somente criar a chave privada RSA e a requisição de certificado e você terá " +"então que assinar a requisição de certificado junto a sua autoridade " +"certificadora." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +msgid "Country code for the X.509 certificate request:" +msgstr "" +"Por favor, informe o código de país para a requisição de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Por favor, informe o códifo de país de duas letras para seu país. Esse " +"código será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Você realmente precisa informar um código de país válido aqui devido ao " +"openssl se recusar a gerar certificados sem um código de país válido. Um " +"campo em branco é permitido para qualquer outro campo do certificado X.509, " +"mas não para esse campo." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Exemplo: BR" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +msgid "State or province name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o estado ou nome de província para a requisição de " +"certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Por favor, informe o nome complete do estado ou província em que você mora. " +"Esse nome será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Exemplo : Sao Paulo" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +msgid "Locality name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da localidade para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Por favor, informe a localidade (ou seja, cidade) onde você mora. Esse nome " +"será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Exemplo : Sao Paulo" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +msgid "Organization name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da organização para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Por favor, informe a organização (ou seja, a empresa) para a qual este " +"certificado X509 deverá ser criado. Esse nome será inserido na requisição de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Exemplo : Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" +"Por favor, informe a unidade organizacional para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Por favor, informe a unidade organizacional (ou seja, seção ou departamento) " +"para a qual este certificado deverá ser criado. Esse nome será inserido na " +"requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Exemplo : Grupo de Segurança" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +msgid "Common name for the X.509 certificate request:" +msgstr "Por favor, informe o nome comum para a requisição de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Por favor, informe o nome comum (ou seja, o nome do host dessa máquina) para " +"o qual o certificado X509 deverá ser criado. Esse nome será inserido na " +"requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Exemplo : gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +msgid "Email address for the X.509 certificate request:" +msgstr "" +"Por favor, informe o endereço de e-mail para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Por favor, informe o endereço de e-mail da pessoa ou organização responsável " +"pelo certificado X509. Esse endereço será inserido na requisição de " +"certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Você deseja habilitar a encriptação oportunística no Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"O Openswan suporta encriptação oportunística (OE), a qual armazena " +"informações de autenticação IPSec (por exemplo, chaves públicas RSA) em " +"registros DNS (preferivelmente seguros). Até que esse suporte esteja " +"largamento sendo utilizado, ativá-lo irá causar uma signficante lentidão " +"para cada nova conexão de saída. Iniciando a partir da versão 2.0, o " +"Openswan, da forma como é distribuído pelos desenvolvedores oficiais, é " +"fornecido com o suporte a OE habilitado por padrão e, portanto, " +"provavelmente irá quebrar suas conexões existentes com a Internet (por " +"exemplo, sua rota padrão) tão logo o pluto (o daemon de troca de chaves do " +"Openswan) seja iniciado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Por favor, informe se você deseja habilitar o suporte a OE. Em caso de " +"dúvidas, não habilite esse suporte." + +#~ msgid "x509, plain" +#~ msgstr "x509, pura" + +#, fuzzy +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Qual tipo de par de chaves RSA você deseja criar ?" + +#, fuzzy +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "É possível criar um par de chaves RSA pública/privada pura (plain) para " +#~ "uso com o Openswan ou para criar um arquivo de certificado X509 que irá " +#~ "conter a chave RSA pública e adicionalmente armazenar a chave privada " +#~ "correspondente." + +#, fuzzy +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Caso você queira somente construir conexões IPsec para hosts e também " +#~ "executar o Openswan, pode ser um pouco mais fácil usar pares de chaves " +#~ "RSA puros (plain). Mas caso você queira se conectar a outras " +#~ "implementações IPSec, você precisará de um certificado X509. É também " +#~ "possível criar um certificado X509 aqui e extrair a chave pública em " +#~ "formato puro (plain) caso o outro lado execute o Openswan sem suporte a " +#~ "certificados X509." + +#, fuzzy +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Um certificado X509 é recomendado, uma vez que o mesmo é mais flexível e " +#~ "este instalador é capaz de simplificar a complexa criação do certificado " +#~ "X509 e seu uso com o Openswan." + +#, fuzzy +#~ msgid "Please choose the when to start strongSwan:" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "At which level do you wish to start strongSwan ?" +#~ msgstr "Em que nível você deseja iniciar o Openswan ?" + +#~ msgid "2048" +#~ msgstr "2048" --- strongswan-4.2.14.orig/debian/po/templates.pot +++ strongswan-4.2.14/debian/po/templates.pot @@ -0,0 +1,409 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 private key in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Country code for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "State or province name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Locality name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Organization name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Common name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Email address for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" --- strongswan-4.2.14.orig/debian/po/sv.po +++ strongswan-4.2.14/debian/po/sv.po @@ -0,0 +1,631 @@ +# translation of strongswan_4.2.4-1_sv.po to Swedish +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Martin Ågren , 2008. +msgid "" +msgstr "" +"Project-Id-Version: strongswan_4.2.4-1_sv\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2008-07-29 19:30+0200\n" +"Last-Translator: Martin Ågren \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: swe\n" +"X-Poedit-Country: swe\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "tidigast, \"efter NFS\", \"efter PCMCIA\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "När strongSwan ska startas om:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Det finns tre möjligheter för när strongSwan kan startas: före eller efter " +"NFS-tjänsterna samt efter PCMCIA-tjänsterna. Det rätta svaret beror på din " +"specifika konfiguration." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Om du inte har ditt /usr-träd monterat via NFS (antingen monterar du bara " +"andra, mindre viktiga träd via NFS eller så använder du inte NFS-monterade " +"träd alls) och inte använder ett PCMCIA-nätverkskort, är det bäst att starta " +"strongSwan så tidigt som möjligt och därmed tillåta säkra NFS-monteringar " +"via IPSec. I detta fall (eller om du inte förstår eller bryr dig om detta), " +"svara \"tidigast\" på denna fråga (standard)." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Om du har ditt /usr-träd monterat via NFS och inte använder ett PCMCIA-" +"nätverkskort, behöver du starta strongSwan efter NFS så att alla nödvändiga " +"filer finns tillgängliga. I detta fall, svara \"efter NFS\" på denna fråga. " +"Notera dock att NFS-monteringen av /usr inte kan säkras upp via IPSec i " +"detta fall." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Om du använder ett PCMCIA-nätverkskort för dina IPSec-anslutningar har du " +"bara valet att starta den efter PCMCIA-tjänsterna. Svara \"efter PCMCIA\" i " +"detta fall. Detta är också det rätta svaret om du vill hämta nycklar från en " +"lokalt körande DNS-server med DNSSec-stöd." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "Vill du starta om strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Att starta om strongSwan är en bra idé, eftersom en eventuell " +"säkerhetsrättning inte kommer rättas till förrän demonen är omstartad. De " +"flesta personer förväntar sig att demonen startar om så detta är generellt " +"sett en bra idé. Detta kan dock eventuellt ta ner existerande anslutningar " +"och sedan ta upp dem igen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "Vill du stödja IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"strongSwan stödjer båda versionerna av nyckelutbytesprotokollet IKE, IKEv1 " +"och IKEv2. Vill du starta \"pluto\"-demonen för IKEv1-stöd när strongSwan " +"startas?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "Vill du stödja IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"strongSwan stödjer båda versionerna av nyckelutbytesprotokollet IKE, IKEv1 " +"och IKEv2. Vill du starta \"charon\"-demonen för IKEv2-stöd när strongSwan " +"startas?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "Vill du skapa ett publik/privat RSA-nyckelpar för denna värdmaskin?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Denna installerare kan automatiskt skapa ett publik/privat RSA-nyckelpar för " +"denna värdmaskin. Detta nyckelpar kan användas för att autentisera IPSec-" +"anslutningar till andra värdar och är det sätt som föredras för att bygga " +"upp säkra IPSec-anslutningar. Den andra möjligheten skulle vara att använda " +"delade hemligheter (lösenord som är samma på båda sidor av tunneln) för att " +"autentisera en anslutning men för ett större antal anslutningar är RSA-" +"autentiseringar enklare att administrera och säkrare." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "Om du inte vill skapa ett nytt nyckelpar kan du välja ett existerande." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Har du en existerande X509-certifikatsfil som du vill använda för strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Denna installerare kan automatiskt plocka ut den information som behövs från " +"ett existerande X509-certifikat med en matchande privat RSA-nyckel. Båda " +"delarna kan vara i en fil om den är i PEM-format. Om du har ett sådant " +"existerande certifikat och nyckelfil och vill använda det för att " +"autentisera IPSec-anslutningar, svara ja på frågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Platsen för ditt X509-certifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Ange platsen för den fil som innehåller ditt X509-certifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Platsen för din privata X509-nyckel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Ange platsen för den fil som innehåller den privata RSA-nyckeln som matchar " +"ditt X509-certifikat i PEM-format. Detta kan vara samma fil som innehåller " +"X509-certifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "Längd på den skapade RSA-nyckeln (i bitar):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Ange längden för den skapade RSA-nyckeln. Den bör inte vara kortare än 1024 " +"bitar, eftersom detta anses som osäkert, och du vill antagligen inte ha " +"något längre än 2048 bitar, eftersom det bara gör autentiseringsprocessen " +"långsammare och inte är nödvändigt just nu." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Vill du skapa ett självsignerat X509-certifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Denna installerare kan bara skapa självsignerade X509-certifikat " +"automatiskt, eftersom det annars behövs en certifikatsutställare som kan " +"signera certifikatsförfrågan. Om du vill skapa ett självsignerat certifikat, " +"kan du använda det omedelbart för att ansluta till andra IPSec-värdar som " +"har stöd för X509-certifikat för autentisering för IPSec-anslutningar. Om du " +"vill använda de nya PKI-funktionerna i strongSwan >= 1.91, behöver du dock " +"ha alla X509-certifikat signerade av en enda certifikatsutställare för att " +"skapa en pålitlig väg." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Om du inte vill skapa ett självsignerat certifikat, kommer denna " +"installerare bara att skapa den privata RSA-nyckeln och den " +"certifikatsförfrågan som du behöver få signerad av din certifikatsutställare." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landskod för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Ange en landskod med 2 bokstäver för ditt land. Denna kod kommer att " +"placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Du behöver verkligen ange en giltig landskod här, eftersom openssl annars " +"kommer vägra att generera ett certifikat. Ett tomt fält är tillåtet för alla " +"andra fält i X509-certifikatet men inte för detta." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Exempel: SE" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Region eller län för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Ange det fulla namnet på regionen eller länet du bor i. Detta namn kommer " +"att placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Exempel: Centrala Sverige" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Lokaliteten för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Ange lokaliteten (exempelvis staden) där du bor. Detta namn kommer att " +"placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Exempel: Stockholm" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsnamnet för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Ange organisationen (exempelvis företaget) som X509-certifikatet ska skapas " +"för. Detta namn kommer att placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Exempel: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationsenheten för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Ange organisationsenheten (exempelvis avdelningen) som X509-certifikatet ska " +"skapas för. Detta namn kommer att placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Exempel: säkerhetsgruppen" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Namnet för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Ange namnet (exempelvis värdnamnet för denna maskin) som X509-certifikatet " +"ska skapas för. Detta namn kommer att placeras i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Exempel: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadressen för X509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Ange e-postadressen till den person eller organisation som ansvarar för X509-" +"certifikatet. Denna adress kommer att placeras i certifikatsförfrågan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Vill du aktivera opportunistisk kryptering i strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"strongSwan har stöd för opportunistisk kryptering (OE) som lagrar " +"information om IPSec-autentiseringen (exempelvis publika RSA-nycklar) i " +"(helst säkra) DNS-poster. Tills detta är en mer utbredd tjänst kan " +"aktivering av det orsaka en betydande hastighetssänkning för varje ny " +"utgående anslutning. Sedan version 2.0 kommer strongSwan från uppströms med " +"OE aktiverad som standard och kommer därför sannolikt att bryta din " +"existerande anslutning till Internet (exempelvis din standardrutt) så snart " +"som pluto (demonen för strongSwan-nycklar) startas." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Välj huruvida du vill aktivera stöd för OE. Om du är osäker bör du inte " +"aktivera det." + +#~ msgid "x509, plain" +#~ msgstr "x509, enkel" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Typ av RSA-nyckelpar som ska skapas:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Det är möjligt att skapa ett enkelt publik/privat RSA-nyckelpar för " +#~ "användning med strongSwan eller att skapa en X509-certifikatsfil som " +#~ "innehåller den publika RSA-nyckeln och dessutom lagrar motsvarande " +#~ "privata nyckel." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Om du bara vill bygga upp IPSec-anslutningar till värdmaskiner som också " +#~ "kör strongSwan kan det vara lite enklare att använda enkla RSA-nyckelpar. " +#~ "Men om du vill ansluta till andra IPSec-implementationer, kommer du " +#~ "behöva ett X509-certifikat. Det är också möjligt att skapa ett X509-" +#~ "certifikat här och plocka ut den publika RSA-nyckeln i enkelt format om " +#~ "den andra sidan kör strongSwan utan stöd för X509-certifikat." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Därför rekommenderas ett X509-certifikat eftersom det är mer flexibelt " +#~ "och denna installerare bör kunna gömma det komplexa skapandet av X509-" +#~ "certifikatet och dess användning i strongSwan ändå." --- strongswan-4.2.14.orig/debian/po/vi.po +++ strongswan-4.2.14/debian/po/vi.po @@ -0,0 +1,610 @@ +# Vietnamese translation for openswan. +# Copyright © 2005 Free Software Foundation, Inc. +# Clytie Siddall , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: openswan 1/2.2.0-10\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2005-07-03 13:49+0930\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0\n" +"X-Generator: LocFactoryEditor 1.2.2\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "sá»›m nhất, «sau NFS», «sau PCMCIA»" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "When to start strongSwan:" +msgstr "Bạn có muốn khởi chạy lại trình Openswan không?" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Trong những cấp khởi chạy Debian hiện thá»i (gần má»i trình khởi chạy trên cấp " +"20), không thể đảm bảo trình Openswan sẽ khởi chạy vào Ä‘iểm thá»i đúng. Có ba " +"lúc có thể khởi chạy trình Openswan: lúc trÆ°á»›c hay lúc sau dịch vụ NFS và " +"lúc sau dịch vụ PCMCIA. Giá trị đúng phụ thuá»™c vào thiết lập riêng của bạn." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Nếu bạn không có cây «/usr» mình được gắn thông qua NFS (hoặc bạn chỉ gắn cây " +"khác, ít quan trá»ng hÆ¡n, thông qua NFS, hoặc bạn không sá»­ dụng cây do NFS " +"gắn cách nào cả) và không sá»­ dụng má»™t thẻ mạng PCMCIA, thì tốt nhất là khởi " +"chạy trình Openswan càng sá»›m càng có thể, mà cho phép IPSec bảo vệ những " +"Ä‘iểm gắn NFS. Trong trÆ°á»ng hợp này (hoặc nếu bạn không hiểu được vấn Ä‘á» này, " +"hoặc không nghÄ© nó là quan trá»ng) thì hãy trả lá»i «sá»›m nhất» (earliest: giá " +"trị mặc định) cho câu há»i này." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +#, fuzzy +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Nếu bạn có cây «/usr» mình được gắn thông qua NFS và không sá»­ dụng má»™t thẻ " +"mạng PCMCIA, thì bạn sẽ cần phải khởi chạy Openswan sau NFS, để má»i tập tin " +"cần thiết có sẵn sàng. Trong trÆ°á»ng hợp này, hãy trả lá»i «sau NFS» (after " +"NFS) cho câu há»i này. Tuy nhiên, IPsec sẽ không thể bảo vệ Ä‘iểm gắn của «/" +"usr» trong trÆ°á»ng hợp này." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Nếu bạn sá»­ dụng thẻ PCMCIA để kết nối cách loại IPSec, thì chỉ hãy chá»n khởi " +"chạy FreeS/WAN sau những dịch vụ PCMCIA. Hãy trả lá»i «sau PCMCIA» trong " +"trÆ°á»ng hợp này. Trả lá»i này cÅ©ng đúng nếu bạn muốn gá»i khóa từ má»™t máy phục " +"vụ DNS chạy địa phÆ°Æ¡ng có loại há»— trợ DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +#, fuzzy +msgid "Do you wish to restart strongSwan?" +msgstr "Bạn có muốn khởi chạy lại trình Openswan không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +#, fuzzy +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Khởi chạy lại trình Openswan là má»™t ý kiến tốt, vì nó hiệu lá»±c việc sá»­a bảo " +"mật má»›i nào. Phần lá»›n ngÆ°á»i ngá» trình ná»n (dæmon) sẽ khởi chạy lại, thì nói " +"chung làm nhÆ° thế là má»™t ý kiến tốt. Tuy nhiên, việc khởi chạy lại có thể " +"ngắt các sá»± kết nối hiện thá»i, rồi kết nối chúng lại." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "Do you wish to support IKEv1?" +msgstr "Bạn có muốn khởi chạy lại trình Openswan không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +#, fuzzy +msgid "Do you wish to support IKEv2?" +msgstr "Bạn có muốn khởi chạy lại trình Openswan không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "Bạn có muốn tạo má»™t cặp khóa công/riêng RSA cho máy này không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Trình cài đặt này có thể tá»± Ä‘á»™ng tạo má»™t cặp khóa công/riêng RSA cho máy " +"này. Có thể sá»­ dụng cặp khóa này để xác thá»±c cách kết nối IPSec tá»›i máy " +"khác, và nó là cách Æ°a thích để xây dụng cách kết nối IPSec bảo mật. Hoặc có " +"thể sá»­ dụng «bí mật dùng chung» (shared secrets), mà có cùng má»™t mật khẩu tại " +"cả hai đầu và cuối Ä‘á»u Ä‘Æ°á»ng hầm, để xác thá»±c má»—i sá»± kết nối. Tuy nhiên, vá»›i " +"sá»± kết nối rất nhiá»u, dá»… hÆ¡n để sá»­ dụng cách xác thá»±c RSA và nó bảo mật hÆ¡n. " + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "Bạn có muốn tạo má»™t cặp khóa công/riêng RSA cho máy này không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "" +"Bạn có má»™t tập tin chứng nhận X509 mà bạn muốn sá»­ dụng vá»›i trình Openswan " +"chÆ°a?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Trình cài đặt này có thể tá»± Ä‘á»™ng giải mã thông tin cần thiết ra má»™t chứng " +"nhận X509 đã có, vá»›i khóa riêng RSA tÆ°Æ¡ng ứng. Cả hai Ä‘iá»u có thể trong cùng " +"má»™t tập tin, nếu nó có dạng PEM. Bạn có chứng nhận đã có nhÆ° vậy, và muốn sá»­ " +"dụng nó để xác thá»±c cách kết nối IPSec không?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Hãy nhập địa Ä‘iểm của chứng nhận X509 của bạn, có dạng PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Hãy nhập địa Ä‘iểm của tập tin chứa chứng nhận X509 của bạn, có dạng PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "File name of your X.509 private key in PEM format:" +msgstr "Hãy nhập địa Ä‘iểm của khóa riêng X509 của bạn, có dạng PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Hãy nhập địa Ä‘iểm của tập tin chứa khóa RSA riêng khá»›p vá»›i chứng nhận X509 " +"của bạn, có dạng PEM. Có thể là cùng má»™t tập tin chứa chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "The length of the created RSA key (in bits):" +msgstr "Khóa RSA má»›i được tạo nên có Ä‘á»™ dài nào?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the length of the created RSA key. it should not be less " +#| "than 1024 bits because this should be considered unsecure and you will " +#| "probably not need anything more than 2048 bits because it only slows the " +#| "authentication process down and is not needed at the moment." +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Hãy nhập Ä‘á»™ dài của khóa RSA má»›i được tạo. Nên có ít nhất 1024 bit, vì khóa " +"nào nhá» hÆ¡n kích thÆ°á»›c ấy không phải là bảo mật. Rất có thể là bạn sẽ không " +"cần sá»­ dụng Ä‘á»™ dài hÆ¡n 2048 bit, vì nó chỉ giảm tốc Ä‘á»™ tiến trình xác thá»±c, " +"và hiện thá»i không cần thiết." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Bạn có muốn tạo má»™t chứng nhận X509 tá»± ký không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Trình cài đặt này chỉ có thể tá»± Ä‘á»™ng tạo chứng nhận X509 tá»± ký, vì nếu không " +"thì má»™t nhà cầm quyá»n chứng nhận (Certificate Authority, CA) phải ký lá»i yêu " +"cầu chứng nhận ấy. Nếu bạn muốn tạo má»™t chứng nhận tá»± ký, bạn có thể sá»­ dụng " +"nó ngay lập tức để kết nối đến máy IPSec khác có há»— trợ sá»­ dụng chứng nhận " +"X509 để xác thá»±c sá»± kết nối IPSec. Tuy nhiên, nếu bạn muốn sá»­ dụng những " +"tính năng PKI má»›i của trình Openswan phiên bản ≥1.91, bạn sẽ phải có tất cả " +"những chứng nhận X509 được ký bởi má»™t nhà cầm quyá»n chứng nhận riêng lẻ, để " +"tạo má»™t «đưá»ng dẫn tin cây» (trust path)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Nếu bạn không muốn tạo má»™t chứng nhận tá»± ký, thì trình cài đặt này sẽ tạo " +"chỉ khóa RSA riêng và lá»i yêu cầu chứng nhận, và bạn sẽ phải ký lá»i yêu cầu " +"ấy dùng nhà cầm quyá»n chứng nhận bạn." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +msgid "Country code for the X.509 certificate request:" +msgstr "Hãy nhập mã quốc gia cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Hãy nhập mã hai chữ cho quốc gia bạn. Sẽ chèn mã này vào lá»i yêu cầu chứng " +"nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Bạn thật cần phải nhập má»™t mã quốc gia hợp lệ vào đây, vì trình OpenSSL sẽ " +"từ chối tạo ra chứng nhận nào khi không có mã ấy. Có thể bá» rá»—ng bất cứ " +"trÆ°á»ng nào khác cho chứng nhận X509, nhÆ°ng mà không phải trÆ°á»ng này." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Lấy thí dụ: VN" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +msgid "State or province name for the X.509 certificate request:" +msgstr "Hãy nhập tên bảng hay tỉnh cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Hãy nhập tên đầy đủ của bang hay tỉnh nÆ¡i bạn ở. Sẽ chèn tên này vào lá»i yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Lấy thí dụ: Bình Äịnh" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +msgid "Locality name for the X.509 certificate request:" +msgstr "Hãy nhập tên địa phÆ°Æ¡ng cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Hãy nhập địa phÆ°Æ¡ng (v.d. thành phố) nÆ¡i bạn ở. Sẽ chèn tên này vào lá»i yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Lấy thí dụ: Quy NhÆ¡n" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +msgid "Organization name for the X.509 certificate request:" +msgstr "Hãy nhập tên tổ chức cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Hãy nhập tổ chức (v.d. công ty) cho mà chứng nhận X509 nên được tạo. Sẽ chèn " +"tên này vào lá»i yêu cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Lấy thí dụ: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Hãy nhập tên Ä‘Æ¡n vị tổ chức cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Hãy nhập Ä‘Æ¡n vị tổ chức (v.d. phần) cho mà chứng nhận X509 nên được tạo. Sẽ " +"chèn tên này vào lá»i yêu cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Lấy thí dụ: nhóm Việt hóa" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +msgid "Common name for the X.509 certificate request:" +msgstr "Hãy nhập tên chung cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Hãy nhập tên chung (v.d. tên máy) cho mà chứng nhận X509 nên được tạo. Sẽ " +"chèn tên này vào lá»i yêu cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Lấy thí cụ: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +msgid "Email address for the X.509 certificate request:" +msgstr "Hãy nhập địa chỉ thÆ° Ä‘iện tá»­ chung cho lá»i yêu cầu chứng nhận X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Hãy nhập địa chỉ thÆ° Ä‘iện tá»­ của ngÆ°á»i hay tổ chức chịu trách nhiệm vá» chứng " +"nhận X509 này. Sẽ chèn địa chỉ này vào lá»i yêu cầu chứng nhận." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "" +"Bạn có muốn hiệu lá»±c mật mã loại cÆ¡ há»™i chủ nghÄ©a trong trình Openswan không?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"Trình Openswan há»— trợ có sẵn mật mã cÆ¡ há»™i chủ nghÄ©a (OE: opportunistic " +"encryption) mà cất giữ thông tin xác thá»±c IPSec (tức là khóa công RSA) trong " +"mục ghi DNS (thích hÆ¡n loại bảo mật). Cho đến khi tính năng này thÆ°á»ng dụng, " +"hoạt hóa nó sẽ giảm má»™t cách quan trá»ng má»—i sá»± kết nối ra má»›i. Từ phiên bản " +"2.0, trình Openswan gốc đã hiệu lá»±c OE theo mặc định, thì sẽ rất có thể ngắt " +"sá»± kết nối hiện thá»i đến Mạng của bạn (tức là Ä‘Æ°á»ng mặc định) má»™t khi khởi " +"chạy pluto (trình ná»n quản lý khóa Openswan)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Hãy chá»n có nên muốn hiệu lá»±c há»— trợ OE hay không. Nếu chÆ°a chắc thì đừng " +"bật nó." + +#~ msgid "x509, plain" +#~ msgstr "x509, giản dị" + +#, fuzzy +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Bạn có muốn tạo cặp khóa RSA loại nào?" + +#, fuzzy +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Có thể tạo má»™t cặp khóa công/riêng RSA thô để sá»­ dụng vá»›i trình Openswan, " +#~ "hoặc tạo má»™t tập tin chứng nhận X509 chứa khóa công RSA ấy và cÅ©ng cất " +#~ "giữ khóa riêng tÆ°Æ¡ng ứng." + +#, fuzzy +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Nếu bạn chỉ muốn xây dụng sá»± kết nối IPSec đến máy cÅ©ng chạy trình " +#~ "Openswan, có thể dá»… dàng hÆ¡n khi sá»­ dụng cặp khóa RSA thô. Còn nếu bạn " +#~ "muốn kết nối đến má»™t sá»± thá»±c hiện IPSec khác, thì bạn sẽ cần có má»™t chứng " +#~ "nhận loại X509. CÅ©ng có thể tạo má»™t chứng nhận X509 tại đây, rồi rút khóa " +#~ "công RSA có dạng thô, nếu bên khác có chạy trình Openswan không có há»— trợ " +#~ "chứng nhận X509." + +#, fuzzy +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Vì vậy khuyến khích má»™t chứng nhận X509, vì nó dẻo hÆ¡n và trình cài đặt " +#~ "này nên có thể ẩn việc phức tạp tạo chứng nhận X509 và cách dùng nó trong " +#~ "trình Openswan." + +#, fuzzy +#~ msgid "Please choose the when to start strongSwan:" +#~ msgstr "Bạn có muốn khởi chạy lại trình Openswan không?" + +#, fuzzy +#~ msgid "At which level do you wish to start strongSwan ?" +#~ msgstr "Bạn có muốn khởi chạy trình Openswan tại cấp nào?" --- strongswan-4.2.14.orig/debian/po/pt.po +++ strongswan-4.2.14/debian/po/pt.po @@ -0,0 +1,623 @@ +# Portuguese translation of strongswan's debconf messages. +# Copyright (C) 2007 +# This file is distributed under the same license as the strongswan package. +# Luísa Lourenço , 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 2.8.3-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-03-27 07:38+0100\n" +"PO-Revision-Date: 2007-09-30 15:02+0100\n" +"Last-Translator: Luísa Lourenço \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:1001 +msgid "earliest, \"after NFS\", \"after PCMCIA\"" +msgstr "o mais cedo possível, \"depois do NFS\", \"depois do PCMCIA\"" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "When to start strongSwan:" +msgstr "Quando iniciar o strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"There are three possibilities when strongSwan can start: before or after the " +"NFS services and after the PCMCIA services. The correct answer depends on " +"your specific setup." +msgstr "" +"Existem três possibilidades para iniciar o strongSwan: antes ou depois dos " +"serviços NFS e depois dos serviços PCMCIA. A resposta correcta depende da " +"sua configuração." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you do not have your /usr tree mounted via NFS (either you only mount " +"other, less vital trees via NFS or don't use NFS mounted trees at all) and " +"don't use a PCMCIA network card, then it's best to start strongSwan at the " +"earliest possible time, thus allowing the NFS mounts to be secured by IPSec. " +"In this case (or if you don't understand or care about this issue), answer " +"\"earliest\" to this question (the default)." +msgstr "" +"Se não tem a sua estrutura /usr montada via NFS (ou apenas outras estruturas " +"montadas, menos vitais, via NFS ou não usa de todo o NFS para estruturas " +"montadas) e não usar uma placa de rede PCMCIA, então é melhor iniciar o " +"strongSwan o mais cedo possível. Permitindo assim aos pontos de montagem NFS " +"serem protegidos por IPSec. Neste caso (ou se não entende ou não quer saber " +"deste assunto), responda \"o mais cedo possível\" a esta questão (é o " +"escolha pré-definida)." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +"card, then you will need to start strongSwan after NFS so that all necessary " +"files are available. In this case, answer \"after NFS\" to this question. " +"Please note that the NFS mount of /usr can not be secured by IPSec in this " +"case." +msgstr "" +"Se tem o sua estrutura /usr montada via NFS e não usa uma placa de rede " +"PCMCIA, então necessita iniciar o strongSwan depois do NFS para que todos os " +"ficheiros necessários estejam disponíveis. Neste caso, responda \"depois do " +"NFS\" a esta questão. Por favor note que, neste caso, o mount NFS do /usr " +"não pode ser segurado pelo IPSec." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:1002 +msgid "" +"If you use a PCMCIA network card for your IPSec connections, then you only " +"have to choose to start it after the PCMCIA services. Answer \"after PCMCIA" +"\" in this case. This is also the correct answer if you want to fetch keys " +"from a locally running DNS server with DNSSec support." +msgstr "" +"Se usa uma placa de rede PCMCIA para as suas ligações IPSec, então só tem de " +"escolher para iniciar depois do serviços PCMCIA. Responda \"depois do PCMCIA" +"\" neste caso. Esta também é a reposta correcta se quiser obter chaves de um " +"servidor de DNS a correr localmente com suporte para DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "Do you wish to restart strongSwan?" +msgstr "Deseja reiniciar o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:2001 +msgid "" +"Restarting strongSwan is a good idea, since if there is a security fix, it " +"will not be fixed until the daemon restarts. Most people expect the daemon " +"to restart, so this is generally a good idea. However this might take down " +"existing connections and then bring them back up." +msgstr "" +"Reiniciar o strongSwan é boa ideia, visto que se houver uma correcção de " +"segurança, não irá ser aplicada até o daemon reiniciar. A maioria das " +"pessoas espera que o daemon reinicie, por isso isto é geralmente uma boa " +"ideia. No entanto isto poderá deitar abaixo ligações existentes e depois " +"ligar de novo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Do you wish to support IKEv1?" +msgstr "Deseja suporte para o IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 support " +"when strongSwan is started?" +msgstr "" +"O strongSwan suporta ambas as versões do protocolo Internet Key Exchange, " +"IKEv1 e IKEv2. Deseja iniciar o daemon \"pluto\" para suporte ao IKEv1 " +"quando o strongSwan for iniciado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Do you wish to support IKEv2?" +msgstr "Deseja suporte para o IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"strongSwan supports both versions of the Internet Key Exchange protocol, " +"IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +"support when strongSwan is started?" +msgstr "" +"O strongSwan suporta ambas as versões do protocolo Internet Key Exchange, " +"IKEv1 e IKEv2. Deseja iniciar o daemon \"charon\" para suporte ao IKEv2 " +"quando o strongSwan for iniciado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Do you want to create a RSA public/private keypair for this host?" +msgstr "Deseja criar um par de chaves públicas/privadas RSA para esta máquina?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "This installer can automatically create a RSA public/private keypair for " +#| "this host. This keypair can be used to authenticate IPSec connections to " +#| "other hosts and is the preferred way for building up secure IPSec " +#| "connections. The other possibility would be to use shared secrets " +#| "(passwords that are the same on both sides of the tunnel) for " +#| "authenticating an connection, but for a larger number of connections RSA " +#| "authentication is easier to administer and more secure." +msgid "" +"This installer can automatically create a RSA public/private keypair with an " +"X.509 certificate for this host. This can be used to authenticate IPSec " +"connections to other hosts and is the preferred way for building up secure " +"IPSec connections. The other possibility would be to use pre-shared secrets " +"(PSKs, passwords that are the same on both sides of the tunnel) for " +"authenticating an connection, but for a larger number of connections RSA " +"authentication is easier to administer and more secure. Note that having a " +"keypair allows to use both X.509 and PSK authentication for IPsec tunnels." +msgstr "" +"Este instalador pode criar automaticamente um par de chaves públicas/" +"privadas RSA para esta máquina. Este par de chaves pode ser usado para " +"autenticar ligações IPSec a outras máquinas e é o método preferido para " +"criar ligações IPSec seguras. A outra possibilidade seria usar segredos " +"partilhados (palavras chaves que são as mesmas em ambos os sentidos do " +"túnel) para autenticação de uma ligação, mas para um largo número de " +"ligações a autenticação por RSA é mais fácil de administrar e mais segura." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Se não quiser criar um novo par de chaves pública/privada, pode escolher " +"usar um já existente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgstr "Tem um ficheiro de certificado X509 existente para o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"This installer can automatically extract the needed information from an " +"existing X.509 certificate with a matching RSA private key. Both parts can " +"be in one file, if it is in PEM format. If you have such an existing " +"certificate and key file and want to use it for authenticating IPSec " +"connections, then please answer yes." +msgstr "" +"Este instalador pode extrair automaticamente a informação necessária a " +"partir de um certificado X509 existente com uma chave privada RSA que " +"coincida. Ambas as partes podem estar num ficheiro, se estiver no formato " +"PEM. Se tiver tal ficheiro de certificado e chave existente e quiser usar " +"para autenticar conexões IPSec, então por favor responda sim." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Nome de ficheiro para o seu certificado X509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém o seu " +"certificado X509 em formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your X.509 private key in PEM format:" +msgstr "Nome do ficheiro da sua chave privada X509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file " +"that contains the X.509 certificate." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém a chave " +"privada RSA que coincide com o seu certificado X509 em formato PEM. Este " +"pode ser o mesmo ficheiro que contém o certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "The length of the created RSA key (in bits):" +msgstr "O tamanho da chave RSA criada (em bits):" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the length of the created RSA key. It should not be less than " +"1024 bits because this should be considered unsecure and you will probably " +"not need anything more than 2048 bits because it only slows the " +"authentication process down and is not needed at the moment." +msgstr "" +"Por favor insira o tamanho da chave RSA criada. Não deve ser menos do que " +"1024 bits porque seria considerada insegura e não irá provavelmente " +"necessitar de mais do que 2048 bits porque só torna o processo de " +"autenticação mais lento e não é necessário de momento." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Do you want to create a self-signed X.509 certificate?" +msgstr "Deseja criar um certificado X509 auto-assinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "This installer can only create self-signed X509 certificates " +#| "automatically, because otherwise a certificate authority is needed to " +#| "sign the certificate request. If you want to create a self-signed " +#| "certificate, you can use it immediately to connect to other IPSec hosts " +#| "that support X509 certificate for authentication of IPSec connections. " +#| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#| "you will need to have all X509 certificates signed by a single " +#| "certificate authority to create a trust path." +msgid "" +"This installer can only create self-signed X.509 certificates automatically, " +"because otherwise a certificate authority is needed to sign the certificate " +"request. If you want to create a self-signed certificate, you can use it " +"immediately to connect to other IPSec hosts that support X.509 certificate " +"for authentication of IPSec connections. However, if you want to use the new " +"PKI features of strongSwan >= 1.91, you will need to have all X.509 " +"certificates signed by a single certificate authority to create a trust path." +msgstr "" +"Este instalador só pode criar automaticamente certificados X509 auto-" +"assinados, porque de outra forma seria necessária uma autoridade de " +"certificados para assinar o pedido de certificado. Se quiser criar um " +"certificado auto-assinado, poderá usá-lo imediatamente para ligar a outras " +"máquinas IPSec que suportem certificados X509 para autenticação de ligações " +"IPSec. No entanto, se quiser usar as novas funcionalidades PKI do strongSwan " +">= 1.91, irá precisar de ter todos os certificados X509 assinados por uma só " +"autoridade de certificados para criar um caminho de confiança." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"If you do not want to create a self-signed certificate, then this installer " +"will only create the RSA private key and the certificate request and you " +"will have to get the certificate request signed by your certificate " +"authority." +msgstr "" +"Se não quiser criar um certificado auto-assinado, então este instalador só " +"irá criar a chave privada RSA e o pedido de certificado e você terá que ter " +"o pedido de certificado assinado pela sua autoridade de certificados." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Please enter the 2 letter country code for your country. This code will be " +"placed in the certificate request." +msgstr "" +"Por favor insira o código do país, de 2 letras, correspondente ao seu país. " +"Este código será colocado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"You really need to enter a valid country code here, because openssl will " +"refuse to generate certificates without one. An empty field is allowed for " +"any other field of the X.509 certificate, but not for this one." +msgstr "" +"Tem mesmo de inserir aqui um código de país válido, porque o openssl irá " +"recusar gerar certificados sem um. Um campo vazio é permitido para qualquer " +"outro campo do certificado X.509, mas não para este." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Example: AT" +msgstr "Exemplo: PT" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado ou nome da província para o pedido do certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the full name of the state or province you live in. This name " +"will be placed in the certificate request." +msgstr "" +"Por favor insira o nome completo do estado ou província em que vive. Este " +"nome será colocado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Example: Upper Austria" +msgstr "Exemplo: Trás-os-Montes" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome da localidade para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the locality (e.g. city) where you live. This name will be " +"placed in the certificate request." +msgstr "" +"Por favor insira a localidade (ex. cidade) onde vive. Este nome irá ser " +"colocado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "Example: Vienna" +msgstr "Exemplo: Vila Real" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organização para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization (e.g. company) that the X.509 certificate " +"should be created for. This name will be placed in the certificate request." +msgstr "" +"Por favor insira a organização (ex. firma) para o qual o certificado X509 " +"deve ser criado. Este nome irá ser colocado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Example: Debian" +msgstr "Exemplo: Debian" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade da organização para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit (e.g. section) that the X.509 " +"certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Por favor insira a unidade da organização (ex. departamento) para o qual o " +"certificado X509 deve ser criado. Este nome irá ser colocado no pedido de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Example: security group" +msgstr "Exemplo: grupo de segurança" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Nome comum para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (e.g. the host name of this machine) for which " +"the X.509 certificate should be created for. This name will be placed in the " +"certificate request." +msgstr "" +"Por favor insira o nome comum (ex. o nome desta máquina) para o qual o " +"certificado X509 deve ser criado. Este nome irá ser colocado no pedido de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Example: gateway.debian.org" +msgstr "Exemplo: gateway.debian.org" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "Endereço de email para o pedido de certificado X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address of the person or organization who is " +"responsible for the X.509 certificate. This address will be placed in the " +"certificate request." +msgstr "" +"Por favor insira o endereço de email da pessoa ou organização que é " +"responsável pelo certificado X509. Este endereço irá ser colocado no pedido " +"de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgstr "Deseja activar encriptação oportunística no strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"strongSwan comes with support for opportunistic encryption (OE), which " +"stores IPSec authentication information (i.e. RSA public keys) in " +"(preferably secure) DNS records. Until this is widely deployed, activating " +"it will cause a significant slow-down for every new, outgoing connection. " +"Since version 2.0, strongSwan upstream comes with OE enabled by default and " +"is thus likely to break your existing connection to the Internet (i.e. your " +"default route) as soon as pluto (the strongSwan keying daemon) is started." +msgstr "" +"O strongSwan vem com suporte para encriptação oportunística (OE), a qual " +"guarda informação de autenticação IPSec (i.e. chaves públicas RSA) em " +"(preferêncialmente seguros) registos DNS. Até que isto seja largamente " +"espalhado, activá-lo irá causar um abrandamento significativo para cada " +"nova, ligação de saída. Desde a versão 2.0, upstream, o strongSwan vem com o " +"OE activado por omissão e é por isso provável deitar abaixo a sua ligação " +"existente à internet (i.e a sua rota por omissão) assim que o pluto (o " +"keying daemon do strongSwan) for iniciado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please choose whether you want to enable support for OE. If unsure, do not " +"enable it." +msgstr "" +"Por favor escolha se quer activar ou não o suporte para OE. Se não tiver a " +"certeza, não o active." + +#~ msgid "x509, plain" +#~ msgstr "x509, simples" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "O tipo de par de chaves RSA a criar:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "É possível criar um par de chaves pública/privada RSA simples para uso " +#~ "com o strongSwan ou criar um ficheiro certificado X509 que contenha a " +#~ "chave pública RSA e que adicionalmente guarde a correspondente chave " +#~ "privada." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Se só quiser criar ligações IPSec para máquinas também a correr o " +#~ "strongSwan, poderá ser um pouco mais fácil usar pares de chaves RSA " +#~ "simples. Mas se quiser ligar a outras implementações IPSec, irá precisar " +#~ "de um certificado X509. Também é possível criar aqui um certificado X509 " +#~ "e extrair a chave pública RSA em formato simples se o outro lado correr o " +#~ "strongSwan sem suporte para certificados X509." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Assim sendo um certificado X509 é recomendado visto ser mais flexível e " +#~ "este instalador deve ser capaz de esconder a criação complexa do " +#~ "certificado X509 e o seu uso no strongSwan de qualquer das maneiras." --- strongswan-4.2.14.orig/src/starter/lex.yy.c +++ strongswan-4.2.14/src/starter/lex.yy.c @@ -691,7 +691,12 @@ /* Amount of stuff to slurp up with each read. */ #ifndef YY_READ_BUF_SIZE +#ifdef __ia64__ +/* On IA-64, the buffer size is 16k, not 8k */ +#define YY_READ_BUF_SIZE 16384 +#else #define YY_READ_BUF_SIZE 8192 +#endif /* __ia64__ */ #endif /* Copy whatever the last rule matched to the standard output. */ @@ -798,7 +803,7 @@ #line 135 "parser.l" -#line 802 "lex.yy.c" +#line 807 "lex.yy.c" if ( !(yy_init) ) { @@ -982,7 +987,7 @@ #line 185 "parser.l" ECHO; YY_BREAK -#line 986 "lex.yy.c" +#line 991 "lex.yy.c" case YY_END_OF_BUFFER: { @@ -1704,8 +1709,8 @@ /** Setup the input buffer state to scan the given bytes. The next call to yylex() will * scan from a @e copy of @a bytes. - * @param bytes the byte buffer to scan - * @param len the number of bytes in the buffer pointed to by @a bytes. + * @param yybytes the byte buffer to scan + * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes. * * @return the newly allocated buffer state object. */