--- strongswan-4.3.2.orig/debian/strongswan-starter.postinst +++ strongswan-4.3.2/debian/strongswan-starter.postinst @@ -0,0 +1,313 @@ +#! /bin/bash +# postinst script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +CONF_FILE=/var/lib/strongswan/ipsec.conf.inc +SECRETS_FILE=/var/lib/strongswan/ipsec.secrets.inc + +insert_private_key_filename() { + if [ ! -e $SECRETS_FILE ] || ! grep -q ": RSA $1" $SECRETS_FILE; then + echo ": RSA $1" >> $SECRETS_FILE + fi +} + +IPSEC_SECRETS_PATTERN_1=': RSA {' +IPSEC_SECRETS_PATTERN_2=' # yyy' +IPSEC_SECRETS_PATTERN_3=' }' +IPSEC_SECRETS_PATTERN_4='# do not change the indenting of that "}"' + +# remove old, misguided attempts at a default ipsec.secrets files +repair_legacy_secrets() { + if [ -e $SECRETS_FILE ] && grep -A 2 "$IPSEC_SECRETS_PATTERN_1" $SECRETS_FILE | + tail --lines=2 | + grep -A 1 "$IPSEC_SECRETS_PATTERN_2" | + tail --lines=1 | + grep "$IPSEC_SECRETS_PATTERN_3" >/dev/null; then + echo "Old default config file detected, removing the old defaults now." + umask 077 ; ( + # this is ugly, and someone maybe can formulate this in sed, but + # this was the quickest way for me + line=`grep -n "$IPSEC_SECRETS_PATTERN_2" $SECRETS_FILE | cut -d':' -f1` + until=`expr $line - 1` + head -n $until $SECRETS_FILE + sum=`wc -l $SECRETS_FILE | cut -d ' ' -f1` + from=`expr $sum - $line -1` + tail -n $from $SECRETS_FILE + ) > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + grep -v "$IPSEC_SECRETS_PATTERN_4" $SECRETS_FILE > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + fi +} + +make_x509_cert() { + if [ $# -ne 12 ]; then + echo "Error in creating X.509 certificate" + exit 1 + fi + + case $5 in + false) + certreq=$4.req + selfsigned="" + ;; + true) + certreq=$4 + selfsigned="-x509" + ;; + *) + echo "Error in creating X.509 certificate" + exit 1 + ;; + esac + + echo -e "$6\n$7\n$8\n$9\n${10}\n${11}\n${12}\n\n\n" | \ + /usr/bin/openssl req -new -outform PEM -out $certreq \ + -newkey rsa:$1 -nodes -keyout $3 -keyform PEM \ + -days $2 $selfsigned >/dev/null +} + +enable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Enabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE; then + sed "s/${daemon}start=no/${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ -e $CONF_FILE ] && egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE; then + sed "s/^\w+#\w*${daemon}start=(yes|no)\w*$/\t${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +disable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Disabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && ( egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE || + egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE ); then + echo "already disabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + sed "s/${daemon}start=yes/${daemon}start=no/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +. /usr/share/debconf/confmodule + +case "$1" in + configure) + db_get strongswan/create_rsa_key + if [ "$RET" = "true" ]; then + repair_legacy_secrets + # OK, ipsec.secrets should now be correct + # create a new keypair + host=`hostname` + newkeyfile="/etc/ipsec.d/private/${host}Key.pem" + newcertfile="/etc/ipsec.d/certs/${host}Cert.pem" + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # create a new certificate + db_get strongswan/rsa_key_length + keylength=$RET + db_get strongswan/x509_self_signed + selfsigned=$RET + db_get strongswan/x509_country_code + countrycode=$RET + if [ -z "$countrycode" ]; then countrycode="."; fi + db_get strongswan/x509_state_name + statename=$RET + if [ -z "$statename" ]; then statename="."; fi + db_get strongswan/x509_locality_name + localityname=$RET + if [ -z "$localityname" ]; then localityname="."; fi + db_get strongswan/x509_organization_name + orgname=$RET + if [ -z "$orgname" ]; then orgname="."; fi + db_get strongswan/x509_organizational_unit + orgunit=$RET + if [ -z "$orgunit" ]; then orgunit="."; fi + db_get strongswan/x509_common_name + commonname=$RET + if [ -z "$commonname" ]; then commonname="."; fi + db_get strongswan/x509_email_address + email=$RET + if [ -z "$email" ]; then email="."; fi + make_x509_cert $keylength 1500 "$newkeyfile" "$newcertfile" "$selfsigned" "$countrycode" "$statename" "$localityname" "$orgname" "$orgunit" "$commonname" "$email" + chmod 0600 "$newkeyfile" + umask 077 + insert_private_key_filename "$newkeyfile" + echo "Successfully created x509 certificate." + fi + else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # existing certificate - use it + db_get strongswan/existing_x509_certificate_filename + certfile=$RET + db_get strongswan/existing_x509_key_filename + keyfile=$RET + if [ ! -r $certfile ] || [ ! -r $keyfile ]; then + echo "Either the certificate or the key file could not be read !" + else + cp "$certfile" /etc/ipsec.d/certs + umask 077 + cp "$keyfile" "/etc/ipsec.d/private" + newkeyfile="/etc/ipsec.d/private/`basename $keyfile`" + chmod 0600 "$newkeyfile" + insert_private_key_filename "$newkeyfile" + echo "Successfully extracted RSA key from existing x509 certificate." + fi + fi + fi + fi + + # figure out the correct start time + db_get strongswan/start_level + if [ "$RET" = "earliest" ]; then + LEVELS="start 41 S . stop 34 0 6 ." + elif [ "$RET" = "after NFS" ]; then + LEVELS="start 15 2 3 4 5 . stop 30 0 1 6 ." + else + LEVELS="start 21 2 3 4 5 . stop 19 0 1 6 ." + fi + update-rc.d ipsec $LEVELS > /dev/null + + db_get strongswan/enable-oe + if [ "$RET" != "true" ]; then + echo -n "Disabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/include \/etc\/ipsec.d\/examples\/oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "#include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + echo "already disabled" + fi + else + echo -n "Enabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^#.*include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/#.*include \/etc\/ipsec.d\/examples\/oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + cat <> $CONF_FILE +#Enable Opportunistic Encryption +include /etc/ipsec.d/examples/oe.conf +EOF + echo "done" + fi + fi + + # disabled for now, until we can solve the don't-edit-conffiles issue + #db_get strongswan/ikev1 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "pluto" "IKEv1" + #else + # disable_daemon_start "pluto" "IKEv1" + #fi + #db_get strongswan/ikev2 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "charon" "IKEv2" + #else + # disable_daemon_start "charon" "IKEv2" + #fi + + if [ -z "$2" ]; then + # no old configured version - start strongswan now + invoke-rc.d ipsec start || true + else + # does the user wish strongswan to restart? + db_get strongswan/restart + if [ "$RET" = "true" ]; then + invoke-rc.d ipsec restart || true # sure, we'll restart it for you + fi + fi + + db_stop + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument '$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically + +#DEBHELPER# + +exit 0 --- strongswan-4.3.2.orig/debian/logcheck.ignore.paranoid +++ strongswan-4.3.2/debian/logcheck.ignore.paranoid @@ -0,0 +1,20 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: regenerating DH private secret --- strongswan-4.3.2.orig/debian/logcheck.ignore.server +++ strongswan-4.3.2/debian/logcheck.ignore.server @@ -0,0 +1,25 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: added connection description +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: .* SA established +pluto.*: .* SA expired +pluto.*: replacing stale .* SA +pluto.*: initiating Quick Mode +pluto.*: regenerating DH private secret --- strongswan-4.3.2.orig/debian/watch +++ strongswan-4.3.2/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2 --- strongswan-4.3.2.orig/debian/strongswan-starter.config +++ strongswan-4.3.2/debian/strongswan-starter.config @@ -0,0 +1,47 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium strongswan/start_level || true + +# disable for now, until we can deal with the don't-edit-conffiles situation +#db_input high strongswan/ikev1 || true +#db_input high strongswan/ikev2 || true + +db_input medium strongswan/restart || true + +db_input high strongswan/enable-oe || true + +db_input high strongswan/create_rsa_key || true +db_go || true + +db_get strongswan/create_rsa_key +if [ "$RET" = "true" ]; then + # create a new certificate + db_input medium strongswan/rsa_key_length || true + db_input high strongswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium strongswan/x509_country_code || true + db_go || true + db_get strongswan/x509_country_code + countrycode="$RET" + done + db_input medium strongswan/x509_state_name || true + db_input medium strongswan/x509_locality_name || true + db_input medium strongswan/x509_organization_name || true + db_input medium strongswan/x509_organizational_unit || true + db_input medium strongswan/x509_common_name || true + db_input medium strongswan/x509_email_address || true + db_go || true +else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + # existing certificate - use it + db_input critical strongswan/existing_x509_certificate_filename || true + db_input critical strongswan/existing_x509_key_filename || true + db_go || true + fi +fi --- strongswan-4.3.2.orig/debian/strongswan-ikev2.install +++ strongswan-4.3.2/debian/strongswan-ikev2.install @@ -0,0 +1,8 @@ +usr/lib/ipsec/charon usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-eap*.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-agent.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-curl.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-ldap.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medsrv.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medcli.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/changelog +++ strongswan-4.3.2/debian/changelog @@ -0,0 +1,444 @@ +strongswan (4.3.2-1.1ubuntu1) lucid; urgency=low + + * Merge from Debian testing (LP: #492396), remaining changes: + - Build depend on libnm-glib-dev instead of libnm-glib-vpn-dev to + match the network manager package naming in Ubuntu + + -- Ilya Barygin Fri, 04 Dec 2009 20:59:13 +0300 + +strongswan (4.3.2-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix incomplete fix for CVE-2009-2185 leading to a denial of service + via malformed ASN.1 data (CVE-2009-2661; Closes: #540144). + * Use dh_prep instead of dh_clean in install target + + Fixes bug where the arch: all package is not included in .changes + + -- Raphael Geissert Tue, 08 Sep 2009 18:37:35 -0500 + +strongswan (4.3.2-1ubuntu3) karmic; urgency=low + + * No change rebuild against libnm-glib + Fixes libnm-glib API change (LP: #459073) + + -- Martin Willi Fri, 23 Oct 2009 15:02:23 +0200 + +strongswan (4.3.2-1ubuntu2) karmic; urgency=low + + * No change rebuild against libnm-glib. + + -- Onkar Shinde Wed, 30 Sep 2009 14:23:07 +0530 + +strongswan (4.3.2-1ubuntu1) karmic; urgency=low + + * Build depend on libnm-glib-dev instead of libnm-glib-vpn-dev to match + the network manager package naming in Ubuntu + + -- Scott Kitterman Sat, 12 Sep 2009 17:57:44 -0400 + +strongswan (4.3.2-1) unstable; urgency=HIGH + + Urgency high because of security issue and FTBFS. + * New upstream release, fixes security bug. + * Fix padlock handling for i386 in debian/rules. + Closes: #525652 (FTBFS on i386) + * Acknowledge NMUs by security team. + Closes: #533837, #531612 + * Add "Conflicts: strongswan (< 4.2.12-1)" to libstrongswan, + strongswan-starter, strongswan-ikev1, and strongswan-ikev2 to force + update of the strongswan package on installation and avoid conflicts + caused by package restructuring. + Closes: #526037: strongswan-ikev2 and strongswan: error when trying to + install together + Closes: #526486: strongswan and libstrongswan: error when trying to + install together + Closes: #526487: strongswan-ikev1 and strongswan: error when trying to + install together + Closes: #526488: strongswan-starter and strongswan: error when trying to + install together + * Debconf templates and debian/control reviewed by the debian-l10n- + english team as part of the Smith review project. Closes: #528073 + * Debconf translation updates: + Closes: #525234: [INTL:ja] Update po-debconf template translation (ja.po) + Closes: #528323: [INTL:sv] po-debconf file for strongswan + Closes: #528370: [INTL:vi] Vietnamese debconf templates translation update + Closes: #529027: [INTL:pt] Updated Portuguese translation for debconf messages + Closes: #529071: [INTL:fr] French debconf templates translation update + Closes: #529592: nb translation of debconf PO for strongSWAN + Closes: #529638: [INTL:ru] Russian debconf templates translation + Closes: #529661: Updated Czech translation of strongswan debconf messages + Closes: #529742: [INTL:eu] strongswan debconf basque translation + Closes: #530273: [INTL:fi] Finnish translation of the debconf templates + Closes: #529063: [INTL:gl] strongswan 4.2.14-2 debconf translation update + + -- Rene Mayrhofer Sat, 18 Apr 2009 20:28:51 +0200 + +strongswan (4.2.14-1.2) unstable; urgency=high + + * Non-maintainer upload. + * Fix build on i386 + Closes: #525652: FTBFS on i386: + libstrongswan-padlock.so*': No such file or directory + * Fix Two Denial of Service Vulnerabilities + Closes: #533837: strongSwan Two Denial of Service Vulnerabilities + + -- Ruben Puettmann Sun, 21 Jun 2009 17:50:02 +0200 + +strongswan (4.2.14-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix two possible null pointer dereferences leading to denial + of service via crafted IKE_SA_INIT, CREATE_CHILD_SA or + IKE_AUTH request (CVE-2009-1957; CVE-2009-1958; Closes: #531612). + + -- Nico Golde Mon, 15 Jun 2009 13:06:05 +0200 + +strongswan (4.2.14-1) unstable; urgency=low + + * New upstream release, which incorporates the fix. Removed dpatch for it. + Closes: #521950: CVE-2009-0790: DoS + * New support for EAP RADIUS authentication, enabled for this package. + + -- Rene Mayrhofer Wed, 01 Apr 2009 22:17:52 +0200 + +strongswan (4.2.13-2) unstable; urgency=low + + * Fix DoS issue via malicious Dead Peer Detection packet. Thanks to the + security team for providing the patch. + Closes: #521950: CVE-2009-0790: DoS + Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone + to a denial of service attack via a malicious packet. + + -- Rene Mayrhofer Tue, 31 Mar 2009 12:00:51 +0200 + +strongswan (4.2.13-1) unstable; urgency=low + + * New upstream release. This is now compatible with network-manager 0.7 + in Debian, so start building the strongswan-side support. The actual + plugin will need to be another source package. + + -- Rene Mayrhofer Sun, 22 Mar 2009 10:59:31 +0100 + +strongswan (4.2.12-1) unstable; urgency=low + + * New upstream release. Starting with this version, the strongswan + packages is modularized and includes support for plugins like the + NetworkManager plugin. Many details were adopted from Martin Willi's + packages. + * Dropping support for raw RSA public/private keypairs, as charon does + not support it. + * Explicitly remove directories /etc/ipsec.d and /var/run/pluto on purge. + + -- Rene Mayrhofer Sun, 01 Mar 2009 10:46:08 +0000 + +strongswan (4.2.9-1) unstable; urgency=low + + * New upstream release, fixes a MOBIKE issue. + Closes: #507542: strongswan: endless loop + * Explicitly enable compilation with libcurl for CRL fetching + Closes: #497756: strongswan: not compiled with curl support; crl + fetching not available + * Enable compilation with SSH agent support. + + -- Rene Mayrhofer Fri, 05 Dec 2008 17:21:42 +0100 + +strongswan (4.2.4-5) unstable; urgency=high + + Reason for urgency high: this is potentially security relevant. + * Patch backported from 4.2.7 to fix a potential DoS issue. + Thanks to Thomas Kallenberg for the patch. + + -- Rene Mayrhofer Mon, 29 Sep 2008 10:35:30 +0200 + +strongswan (4.2.4-4) unstable; urgency=low + + * Tweaked configure options for lenny to remove somewhat experimental, + incomplete, or unnecessary features. Removed --enable-xml, + --enable-padlock, and --enable-manager and added --disable-aes, + --disable-des, --disable-fips-prf, --disable-gmp, --disable-md5, + --disable-sha1, and --disable-sha2 because openssl already + contains this code, we depend on it and thus don't need it twice. + Padlock support does not do much, because the bulk encryption uses + it anyway (being done internally in the kernel) and using padlock + for IKEv2 key agreement adds complexity for little gain. + Thanks to Thomas Kallenberg of strongswan upstream team for + suggesting these changes. The package is now noticable smaller. + * Also remove dbus dependency, which is no longer necessary. + + -- Rene Mayrhofer Mon, 01 Sep 2008 08:59:10 +0200 + +strongswan (4.2.4-3) unstable; urgency=low + + * Changed configure option to build peer-to-peer service again. + Closes: #494678: strongswan: configure option --enable-p2p changed to + --enable-mediation + + -- Rene Mayrhofer Tue, 12 Aug 2008 20:08:26 +0200 + +strongswan (4.2.4-2) unstable; urgency=medium + + Urgency medium because this fixes an FTFBS bug on non-i386. + * Only compile padlock crypto acceleration support for i386. Thanks for + the patch! + Closes: #492455: strongswan: FTBFS: Uses i386 assembler on non-i386 + arches. + * Updated Swedish debconf translation. + Closes: #492902: [INTL:sv] po-debconf file for strongswan + + -- Rene Mayrhofer Thu, 07 Aug 2008 13:02:54 +0200 + +strongswan (4.2.4-1) unstable; urgency=medium + + Urgency medium because this new upstream versions no longer uses + dbus and thus fixed the grave bug from the last Debian package. This + version should transit to testing. + * New upstream release. Starting with version 4.2.0, crypto algorithms have + beeen modularized with existing code ported over. Among other improvments, + this version now supports AES-CCM (e.g. with esp=aes128ccm12) and AES-GCM + (e.g. with esp=aes256gcm16) starting with kernel 2.6.25 and enables dead + peer detection by default. + Note that charon (IKEv2) now uses the new /etc/strongswan.conf. + * Enabled building of VIA Padlock and openssl crypto plugins. + * Drop patch to rename AES_cbc_encrypt so as not to conflict with an + openssl method of the same name. This has been applied upstream. + * This new upstream version no longer uses dbus. + Closes: #475098: charon needs dbus but strongswan does not depend on dbus + Closes: #475099: charon does not work any more + * This new upstream version no longer prints error messages in its + init script. + Closes: #465718: strongswan: startup on booting returns error messages + * Apply patch to ipsec init script to fix bashism. + Closes: #473703: strongswan: bashism in /bin/sh script + * Updated Czech debconf translation. + Closes: #480928: [l10n] Updated Czech translation of strongswan debconf + messages + + -- Rene Mayrhofer Thu, 10 Jul 2008 14:40:43 +0200 + +strongswan (4.1.11-1) unstable; urgency=low + + * New upstream release. + * DBUS support now interacts with network-manager, so need to build-depend + on network-manager-dev. + * The web interface has been improved and now requires libfcgi-dev and + clearsilver-dev to compile, so build-depend on them. Also build-depend + on libxml2-dev, libdbus-1-dev, libtool, and libsqlite3-dev (which were + all build-deps before but were not listed explicitly so far - fix that). + * Add patch to rename internal AES_cbc_encrypt function and thus avoid + conflict with the openssl function. + Closes: #470721: pluto segfaults when using pkcs11 library linked with + OpenSSL + + -- Rene Mayrhofer Sun, 30 Mar 2008 10:35:16 +0200 + +strongswan (4.1.10-2) unstable; urgency=low + + * Enable new configure options: dbus, xml, nonblocking, thread, peer- + to-peer NAT-traversal and the manager interface support. + * Also set the default path to the opensc-pkcs11 engine explicitly. + + -- Rene Mayrhofer Fri, 15 Feb 2008 10:25:49 +0100 + +strongswan (4.1.10-1) unstable; urgency=low + + * New upstream release. + Closes: #455711: New upstream version 4.1.9 + * Updated Japanese debconf translation. + Closes: #463321: strongswan: [INTL:ja] Update po-debconf template + translation (ja.po) + + -- Rene Mayrhofer Thu, 07 Feb 2008 15:15:14 +0100 + +strongswan (4.1.8-3) unstable; urgency=low + + * Force use of hardening-wrapper when building the package by setting + a Build-Dep to it and setting export DEB_BUILD_HARDENING=1 in + debian/rules. + + -- Rene Mayrhofer Thu, 07 Feb 2008 14:14:48 +0100 + +strongswan (4.1.8-2) unstable; urgency=medium + + * Ship our own init script, since upstream no longer does. This is still + installed as /etc/init.d/ipsec (and not /etc/init.d/strongswan) to be + backwards compatible. + Really closes: #442880: strongswan: postinst failure (missing + /etc/init.d/ipsec) + * Actually, need to be smarter with ipsec.conf and ipsec.secrets. Not + marking them as conffiles isn't the right thing either. Instead, now + use the includes feature to pull in config snippets that are + modified by debconf. It's not perfect, though, as the IKEv1/IKEv2 + protocols can't be enabled/disabled with includes. Therefore don't + support this option in debconf for the time being, but default to + enabled for both IKE versions. The files edited with debconf are kept + under /var/lib/strongswan. + * Cleanup debian/rules: no longer need to remove leftover files from + patching, as currently there are no Debian-specific patches (fortunately). + * More cleanup: drop debconf translations hack for woody compatibility, + depend on build-stamp instead of build in the install-strongswan target, + and remove the now unnecessary dh_clean -k call in install-strongswan so + that configure shouldn't run twice during building the package. + * Update French debconf translation. + Closes: #448327: strongswan: [INTL:fr] French debconf templates + translation update + + -- Rene Mayrhofer Fri, 02 Nov 2007 21:55:29 +0100 + +strongswan (4.1.8-1) unstable; urgency=low + + The "I'm back from my long semi-vacation, and strongswan is now bug-free + again" release. + * New upstream release. + Closes: #442880: strongswan: postinst failure (missing /etc/init.d/ipsec) + Closes: #431874: strongswan - FTBFS: cannot create regular file + `/etc/ipsec.conf': Permission denied + * Explicitly use debhalper compatbility version 5m now using debian/compat + instead of DH_COMPAT. + * Since there's no configurability in dh_installdeb's mania to flag + everything below /etc as a conffile, now hack DEBIAN/conffiles directly + to remove ipsec.conf and ipsec.secrets. + Closes: #442929: strongswan: Maintainer script modifies conffiles + * Add/update debconf translations. + Closes: #432189: strongswan: [INTL:de] updated German debconf translation + Closes: #432212: [l10n] Updated Czech translation of strongswan debconf + messages + Closes: #432642: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #444710: strongswan: [INTL:pt] Updated Portuguese translation for + debconf messages + + -- Rene Mayrhofer Fri, 26 Oct 2007 16:16:51 +0200 + +strongswan (4.1.4-1) unstable; urgency=low + + * New upstream release. + * Fixed debconf descriptions. + Closes: #431157: strongswan: Minor errors in Debconf template + * Include Portugese and + Closes: #415178: strongswan: [INTL:pt] Portuguese translation for debconf + messages + Closes: #431154: strongswan: [INTL:de] initial German debconf translation + + -- Rene Mayrhofer Thu, 05 Jul 2007 00:53:01 +0100 + +strongswan (4.1.3-1) unreleased; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 03 Jun 2007 18:39:11 +0100 + +strongswan (4.1.1-1) unreleased; urgency=low + + Major new upstream release: + * IKEv2 support with the new "charon" daemon in addition to the old "pluto" + which is still used for IKEv1. + * Switches to auto* tools build system. + * The postinst script is still not quite as complete in updating the 2.8.x + config automatically to a new 4.x config, but I don't want to wait any + longer with the upload. It can be improved later on. + + -- Rene Mayrhofer Thu, 12 Apr 2007 21:33:56 +0100 + +strongswan (2.8.3-1) unstable; urgency=low + + * New upstream release with fixes for the SHA-512-HMAC function and + added SHA-384 and SHA-2 implementations. + + -- Rene Mayrhofer Thu, 22 Feb 2007 20:19:45 +0000 + +strongswan (2.8.2-1) unstable; urgency=low + + * New upstream release with interoperability fixes for some VPN + clients. + + -- Rene Mayrhofer Tue, 30 Jan 2007 12:21:20 +0000 + +strongswan (2.8.1+dfsg-1) unstable; urgency=low + + * New upstream release, now with XAUTH support. + * Explicitly enable smartcard and vendorid options as well as a + few more in debian/rules. + Closes: #407449: strongswan: smartcard support is disabled + + -- Rene Mayrhofer Sun, 28 Jan 2007 21:06:25 +0000 + +strongswan (2.8.1-1) UNRELEASED; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 28 Jan 2007 20:59:11 +0000 + +strongswan (2.8.0+dfsg-1) unstable; urgency=low + + * New upstream release. + * Update debconf templates. + Closes: #388672: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #389253: [l10n] Updated Czech translation of strongswan + debconf messages + Closes: #391457: [INTL:nl] Updated dutch po-debconf translation + Closes: #396179: strongswan: [INTL:ja] Updated Japanese po-debconf + template translation (ja.po) + * Fix broken reference to a now non-existing config file. no_oe.conf + has been replaced by oe.conf, with the opposite meaning. Changed + postinst to deal with it correctly now, and also try to convert + older config file lines to newer (e.g. when updating from openswan + to strongswan). + Closes: #391565: fails to start : /etc/ipsec.conf:46: include + files found no matches + [/etc/ipsec.d/examples/no_oe.conf] + + -- Rene Mayrhofer Mon, 6 Nov 2006 19:01:58 +0000 + +strongswan (2.7.3+dfsg-1) unstable; urgency=low + + * New upstream release. Another try on getting it into unstable. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * Call debian-updatepo in the clean target, in line with the openswan + change for its version 2.4.6+dfsg-1. + * Remove man2html, htmldoc, and lynx from the Build-Deps because we no + longer rebuild the documentation tree. + * Starting shipping a lintian overrides file to finally silence the + warnings about non-standard-(file|dir)-perms (they are intentional). + * Clean up /usr/lib/ipsec somehow, again owing to lintian warnings. + * Add po-debconf to build dependencies. + + -- Rene Mayrhofer Wed, 23 Aug 2006 21:23:36 +0100 + +strongswan (2.7.2+dfsg-1) unstable; urgency=low + + * First upload to the main Debian archive. This does no longer build + the linux-patch-strongswan and strongswan-modules-source packages, + as KLIPS will be removed from the strongswan upstream source anyway + for the next major release. However, the openswan KLIPS could should + be interoperable with strongswan user space. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * This upload removes the draft RFCs, as they are not considered free under + the DFSG. + + -- Rene Mayrhofer Sun, 9 Jul 2006 12:40:34 +0100 + +strongswan (2.7.2-1) unstable; urgency=low + + * New upstream release. This release fixes a potential DoS problem. + + -- Rene Mayrhofer Mon, 26 Jun 2006 12:34:43 +0100 + +strongswan (2.7.0-1) unstable; urgency=low + + * Initial Debian packaging of strongswan. This is directly based on my + Debian package of openswan 2.4.5-3. + * Do not compile and ship fswcert right now, because it is not included + in strongswan upstream. If it turns out to be necessary for supporting + easy-to-use OE in the future (i.e. for generating the DNS format for the + public keys from generated X.509 certificates), I will re-add it to the + Debian package. + * Also disabled my patches to use /etc/default instead of /etc/sysconfig for + now. Something like that will be necessary in the future, but those parts + of strongswan differ significanty from openswan. + + -- Rene Mayrhofer Mon, 22 May 2006 07:37:00 +0100 + +Local variables: +mode: debian-changelog +End: --- strongswan-4.3.2.orig/debian/strongswan-starter.templates +++ strongswan-4.3.2/debian/strongswan-starter.templates @@ -0,0 +1,176 @@ +# These templates have been reviewed by the debian-l10n-english +# team +# +# If modifications/additions/rewording are needed, please ask +# debian-l10n-english@lists.debian.org for advice. +# +# Even minor modifications require translation updates and such +# changes should be coordinated with translators and reviewers. + +Template: strongswan/start_level +Type: select +__Choices: earliest, after NFS, after PCMCIA +Default: earliest +_Description: When to start strongSwan: + StrongSwan starts during system startup so that it can protect filesystems + that are automatically mounted. + . + * earliest: if /usr is not mounted through NFS and you don't use a + PCMCIA network card, it is best to start strongSwan as soon as + possible, so that NFS mounts can be secured by IPSec; + * after NFS: recommended when /usr is mounted through NFS and no + PCMCIA network card is used; + * after PCMCIA: recommended if the IPSec connection uses a PCMCIA + network card or if it needs keys to be fetched from a locally running DNS + server with DNSSec support. + +Template: strongswan/restart +Type: boolean +Default: true +_Description: Restart strongSwan now? + Restarting strongSwan is recommended, because if there is a security fix, it + will not be applied until the daemon restarts. However, this might close + existing connections and then bring them back up. + . + If you don't restart strongSwan now, you should do so manually at the first + opportunity. + +Template: strongswan/ikev1 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv1 daemon? + The pluto daemon must be running to support version 1 of the Internet Key + Exchange protocol. + +Template: strongswan/ikev2 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv2 daemon? + The charon daemon must be running to support version 2 of the Internet Key + Exchange protocol. + +Template: strongswan/create_rsa_key +Type: boolean +Default: true +_Description: Create an RSA public/private keypair for this host? + StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate + IPSec connections to other hosts. RSA authentication is generally considered + more secure and is easier to administer. You can use PSK and RSA authentication + simultaneously. + . + If you do not want to create a new public/private keypair, you can choose to + use an existing one in the next step. + +Template: strongswan/existing_x509_certificate +Type: boolean +Default: false +_Description: Use an existing X.509 certificate for strongSwan? + The required information can automatically be extracted from an + existing X.509 certificate with a matching RSA private key. Both parts can + be in one file, if it is in PEM format. + You should choose this option if you have such an existing + certificate and key file and want to use it for authenticating IPSec + connections. + +Template: strongswan/existing_x509_certificate_filename +Type: string +_Description: File name of your X.509 certificate in PEM format: + Please enter the full location of the file containing your X.509 + certificate in PEM format. + +Template: strongswan/existing_x509_key_filename +Type: string +_Description: File name of your existing X.509 private key in PEM format: + Please enter the full location of the file containing the private RSA key + matching your X.509 certificate in PEM format. This can be the same file + as the X.509 certificate. + +Template: strongswan/rsa_key_length +Type: string +Default: 2048 +_Description: RSA key length: + Please enter the length of RSA key you wish to generate. A value of less than + 1024 bits is not considered secure. A value of more than 2048 bits will + probably affect performance. + +Template: strongswan/x509_self_signed +Type: boolean +Default: true +_Description: Create a self-signed X.509 certificate? + Only self-signed X.509 certificates can be created + automatically, because otherwise a certificate authority is needed to sign + the certificate request. + . + If you accept this option, the certificate created can be used + immediately to connect to other IPSec hosts that support authentication via + an X.509 certificate. However, using strongSwan's PKI features requires a + trust path to be created by having all X.509 certificates signed by a single + authority. + . + If you do not accept this option, only the RSA private key will be created, + along with a certificate request which you will need to have signed by a + certificate authority. + +Template: strongswan/x509_country_code +Type: string +Default: AT +_Description: Country code for the X.509 certificate request: + Please enter the two-letter ISO3166 country code that should be + used in the certificate request. + . + This field is mandatory; otherwise a certificate cannot be generated. + +Template: strongswan/x509_state_name +Type: string +Default: +_Description: State or province name for the X.509 certificate request: + Please enter the full name of the state or province to include in + the certificate request. + +Template: strongswan/x509_locality_name +Type: string +Default: +_Description: Locality name for the X.509 certificate request: + Please enter the locality name (often a city) + that should be used in the certificate request. + +Template: strongswan/x509_organization_name +Type: string +Default: +_Description: Organization name for the X.509 certificate request: + Please enter the organization name (often a company) + that should be used in the certificate request. + +Template: strongswan/x509_organizational_unit +Type: string +Default: +_Description: Organizational unit for the X.509 certificate request: + Please enter the organizational unit name (often a department) + that should be used in the certificate request. + +Template: strongswan/x509_common_name +Type: string +Default: +_Description: Common name for the X.509 certificate request: + Please enter the common name (such as the host name of this machine) + that should be used in the certificate request. + +Template: strongswan/x509_email_address +Type: string +Default: +_Description: Email address for the X.509 certificate request: + Please enter the email address (for the individual or organization responsible) + that should be used in the certificate request. + +Template: strongswan/enable-oe +Type: boolean +Default: false +_Description: Enable opportunistic encryption? + This version of strongSwan supports opportunistic encryption (OE), which stores + IPSec authentication information in + DNS records. Until this is widely deployed, activating it will + cause a significant delay for every new outgoing connection. + . + You should only enable opportunistic encryption if you are sure you want it. + It may break the Internet connection (default route) as the pluto daemon + starts. --- strongswan-4.3.2.orig/debian/ipsec.secrets.proto +++ strongswan-4.3.2/debian/ipsec.secrets.proto @@ -0,0 +1,11 @@ +# This file holds shared secrets or RSA private keys for inter-Pluto +# authentication. See ipsec_pluto(8) manpage, and HTML documentation. + +# RSA private key for this host, authenticating it to any other host +# which knows the public part. Suitable public keys, for ipsec.conf, DNS, +# or configuration of other implementations, can be extracted conveniently +# with "ipsec showhostkey". + +# this file is managed with debconf and will contain the automatically created private key +include /var/lib/strongswan/ipsec.secrets.inc + --- strongswan-4.3.2.orig/debian/svn-deblayout +++ strongswan-4.3.2/debian/svn-deblayout @@ -0,0 +1,8 @@ +buildArea=/home/rene/amw/src/packages/build-area +origDir=/home/rene/amw/src/packages/tarballs +origUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/tarballs +tagsUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan +trunkDir=/home/rene/amw/src/packages/strongswan +trunkUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/strongswan +upsCurrentUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/branches/source-dist/debian/strongswan +upsTagUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan --- strongswan-4.3.2.orig/debian/strongswan-starter.postrm +++ strongswan-4.3.2/debian/strongswan-starter.postrm @@ -0,0 +1,44 @@ +#! /bin/sh +# postrm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + # update the menu system +# if [ -x /usr/bin/update-menus ]; then update-menus; fi + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 + +esac + +if [ "$1" = "purge" ] ; then + update-rc.d ipsec remove >/dev/null + rm -rf /etc/ipsec.d/ + rm -rf /var/run/pluto/ +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- strongswan-4.3.2.orig/debian/strongswan-starter.dirs +++ strongswan-4.3.2/debian/strongswan-starter.dirs @@ -0,0 +1,10 @@ +/etc +/etc/ipsec.d +/etc/ipsec.d/cacerts +/etc/ipsec.d/ocspcerts +/etc/ipsec.d/crls +/etc/ipsec.d/private +/etc/ipsec.d/policies +/etc/init.d +/var/lock/subsys +/var/lib/strongswan --- strongswan-4.3.2.orig/debian/strongswan-starter.prerm +++ strongswan-4.3.2/debian/strongswan-starter.prerm @@ -0,0 +1,40 @@ +#! /bin/sh +# prerm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + upgrade) + ;; + remove|deconfigure) + invoke-rc.d ipsec stop || true +# install-info --quiet --remove /usr/info/strongswan.info.gz + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- strongswan-4.3.2.orig/debian/strongswan-starter.ipsec.init +++ strongswan-4.3.2/debian/strongswan-starter.ipsec.init @@ -0,0 +1,133 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: vpn +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Strongswan IPsec services +### END INIT INFO + +# Author: Rene Mayrhofer + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="strongswan IPsec services" +NAME=ipsec +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- start \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # give the proper signal to stop + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- stop \ + || return 2 + # but kill if that didn't work + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +do_reload() { + $DAEMON reload + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + $DAEMON status + ;; + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac + +: --- strongswan-4.3.2.orig/debian/copyright +++ strongswan-4.3.2/debian/copyright @@ -0,0 +1,418 @@ +This package was debianized by Rene Mayrhofer on +Thu, 10 Aug 2000 10:50:33 +0200. + +The Debian package was created from scratch with some hints taken from +previous freeswan packages by Tommi Virtanen and Aaron Johnson. +The upstream software was downloaded from http://www.freeswan.org/ + +After the FreeS/WAN folks decided to cease development, we used the forked +code base at http://www.strongswan.org/. + +This project has multiple authors, please see the file CREDITS for details. +However, all of the code is DFSG-free and, since 2002-09-16, +the LICENSE file in the upstream distribution includes a special GPL addition +to allow linking with libdes (which contains an advertising clause). +This LICENSE file was added to the Debian package of freeswan version 1.98b +by me, but has been authorized by Michael Richardson of freeswan upstream +(who sent the file to a mailing list). + +The contents of this LICENSE file are: +------------------------------------------------------------------------------ +Except for the DES library, this software is under the GNU Public License, +see the file COPYING. + +The DES library is under a BSD style license, see + linux/crypto/ciphers/des/COPYRIGHT. +Note that this software has a advertising clause in it. + +In addition to the terms set out under the GPL, permission is granted to +link the software against the libdes library just mentioned. +------------------------------------------------------------------------------ +A copy of this COPYRIGHT file can be found below, starting with the copyright +by Eric Young. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +Rene Mayrhofer, 2006-08-25 + + + +These are various licenses from the code: + +--8<-- + * Copyright (C) 1996, 1997 John Ioannidis. + * Copyright (C) 1998, 1999 Richard Guy Briggs. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. +--8<-- + +The source tarball also includes several miscellanous libraries. + + + +An MD5 implementation: + +--8<-- +The MD5 implementation is from RSADSI, so this package must include the +following phrase: "derived from the RSA Data Security, Inc. MD5 +Message-Digest Algorithm". It is not under the GPL; see details in +klips/net/ipsec/ipsec_md5c.c. +--8<-- + +--8<-- +/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +rights reserved. + +License to copy and use this software is granted provided that it +is identified as the "RSA Data Security, Inc. MD5 Message-Digest +Algorithm" in all material mentioning or referencing this software +or this function. + +License is also granted to make and use derivative works provided +that such works are identified as "derived from the RSA Data +Security, Inc. MD5 Message-Digest Algorithm" in all material +mentioning or referencing the derived work. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ +--8<-- + + + +An implementation of DES: + +--8<-- +The LIBDES library by Eric Young is used. It is not under the GPL -- see +details in libdes/COPYRIGHT -- although he has graciously waived the +advertising clause for FreeS/WAN use of LIBDES. +--8<-- + +--8<-- +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@cryptsoft.com). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. +--8<-- + +--8<-- +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- + +An implementation of SHA-1: + +--8<-- +The SHA-1 code is derived from Steve Reid's; it is public domain. +--8<-- + +--8<-- +/* + * The rest of the code is derived from sha1.c by Steve Reid, which is + * public domain. + * Minor cosmetic changes to accommodate it in the Linux kernel by ji. + */ +--8<-- + + + +Portions of Linux kernel source code: + +--8<-- +Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c, +are used in heavily modified forms. +--8<-- + +The Linux kernel is licensed under the Gnu General Public License. + + + +Radix-tree library: + +--8<-- +The radix-tree code from 4.4BSD is used in a modified form. It is not +under the GPL; see details in klips/net/ipsec/radij.c. +--8<-- + +--8<-- +/* + * Copyright (c) 1988, 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)radix.c 8.2 (Berkeley) 1/4/94 + */ +--8<-- + + +The license from the OpenSSL code that is included in the extension algorithm +patch (the kernel-patch-freeswan-ext package): + +--8<-- + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- --- strongswan-4.3.2.orig/debian/compat +++ strongswan-4.3.2/debian/compat @@ -0,0 +1 @@ +7 --- strongswan-4.3.2.orig/debian/strongswan-ikev1.install +++ strongswan-4.3.2/debian/strongswan-ikev1.install @@ -0,0 +1,4 @@ +usr/lib/ipsec/pluto usr/lib/ipsec/ +usr/lib/ipsec/_pluto_adns usr/lib/ipsec/ +usr/lib/ipsec/whack usr/lib/ipsec/ +usr/share/man/man8/pluto.8 usr/share/man/man8/ --- strongswan-4.3.2.orig/debian/strongswan.lintian-overrides +++ strongswan-4.3.2/debian/strongswan.lintian-overrides @@ -0,0 +1,3 @@ +strongswan: non-standard-file-perm etc/ipsec.secrets 0600 != 0644 +strongswan: non-standard-dir-perm etc/ipsec.d/examples/ 0775 != 0755 +strongswan: non-standard-dir-perm etc/ipsec.d/private/ 0700 != 0755 --- strongswan-4.3.2.orig/debian/logcheck.violations.ignore +++ strongswan-4.3.2/debian/logcheck.violations.ignore @@ -0,0 +1 @@ +ipsec_setup: KLIPS debug `none' --- strongswan-4.3.2.orig/debian/use-bash1.diff +++ strongswan-4.3.2/debian/use-bash1.diff @@ -0,0 +1,4 @@ +1c1 +< #! /bin/sh +--- +> #!/bin/bash --- strongswan-4.3.2.orig/debian/libstrongswan.dirs +++ strongswan-4.3.2/debian/libstrongswan.dirs @@ -0,0 +1,5 @@ +/etc/logcheck/ignore.d.paranoid +/etc/logcheck/ignore.d.server +/etc/logcheck/ignore.d.workstation +/etc/logcheck/violations.ignore.d +/usr/share/lintian/overrides --- strongswan-4.3.2.orig/debian/README.Debian +++ strongswan-4.3.2/debian/README.Debian @@ -0,0 +1,124 @@ +strongswan for Debian +---------------------- + +1) General Remarks + +This package has been created from the openswan package, which was again +created from the freeswan package, which was created from scratch with some +ideas from the freeswan 1.3 package by Tommi Virtanen and the freeswan 1.5 +package by Aaron Johnson merged in. + +The differences between the strongSwan and the Openswan packages are +documented at http://www.strongswan.org/ . + +2) Kernel Support + +Note: This package can make use of the in-kernel IPSec stack, which is +available in the stock Debian kernel images (>=2.4.24 and 2.6.x). + +If you want to use the strongswan utilities, you will need the appropriate +kernel modules. The Debian default kernel native IPSec stack (which is +included in Linux 2.6 kernels and has been backported to Debian's 2.4 kernels) +can be used out-of-the-box with strongswan pluto, the key management daemon. +This native Linux IPSec stack is of high quality, has all of the features of +the latest Debian freeswan and openswan packages (i.e. support for other +ciphers like AES and NAT Traversal support) and is well integrated into the +kernel networking subsystem (which is not true for the freeswan kernel +modules). This is the recommended kernel support for strongswan. + +If you do not want to use the in-kernel IPSec stack of newer 2.6 kernels or +are building a custom 2.4 kernel, then the KLIPS kernel part can be used. +strongswan no longer ships this part, but is instead focussing on the newer +native IPSec stack. However, strongswan is interoperable with the KLIPS part +shipped with openswan, both for 2.4 and 2.6 series kernels. Please install +either the linux-patch-openswan or the openswan-modules-source packages and +follow their respective README.Debian files when you want to use KLIPS. + +3) Getting Started + +For connecting two Debian boxes using this strongswan package, the +simplest connection block on each side would look something like this: + +On host A, use + +conn to_hostb + left=%defaultroute + right=hostb.example.com + leftcert=hosta.pem + rightcert=hostb.pem + keyexchange=ikev2 + type=transport + auto=add + +On host B, use +conn to_hosta + left=%defaultroute + right=hosta.example.com + leftcert=hostb.pem + rightcert=hosta.pem + keyexchange=ikev2 + type=transport + auto=add + +This assumes that the respective hostnames hosta.example.com and +hostb.example.com can be resolved and that the internal hostnames are hosta +and hostb (and thus installing the strongswan package created the certificates +hosta.pem and hostb.pem, respectively). +Then the certificates (and not the private keys!) need to be exchanged between +the hosts, e.g. with + scp /etc/ipsec.d/certs/hosta.pem hostb.example.com:/etc/ipsec.d/certs/ + scp hostb.example.com:/etc/ipsec.d/certs/hostb.com /etc/ipsec.d/certs/ +from host A. The IPSec transport connection (that is, no subnets behind these +hosts that should be tunneled) can be started from either side using +"ipsec up to_hostb" (e.g. from host A). +Note that this example explicitly uses IKEv2 due to its nicer error messages. + +A more complicated example is to connect a "roadwarrior" (e.g. laptop) +to an internal network wbile it is behind another NAT. On the gateway +side, i.e. for the internal network the roadwarrior should connect to, +the configuration block could look something like this: + +conn roadwwarrior + left=%defaultroute + leftcert=gatewayCert.pem + rightcert=laptopCert.pem + rightrsasigkey=%cert + leftrsasigkey=%cert + auto=add + leftsubnet=10.0.0.0/24 + rightsubnetwithin=0.0.0.0/0 + right=%any + compress=yes + type=tunnel + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + +On the laptop side, you could use something along the lines: + +conn %default + rightrsasigkey=%cert + leftrsasigkey=%cert + authby=rsasig + leftcert=laptopCert.pem + leftsendcert=always + leftsubnet= + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + esp=aes128-sha1 + ike=aes128-sha1-modp2048 + +conn esys + left=%defaultroute + right=gateway.example.com + rightsubnet=10.0.0.0/24 + rightcert=gatewayCert.pem + auto=add + +Then load these new configuration blocks on both sides using "ipsec reload" +and, on the laptop, start the tunnel with "ipsec up mynetwork". +These configuration blocks assume host names "gateway" and "laptop" and an +inner subnet of 10.0.0.0/24. + +-- Rene Mayrhofer , Sun, Jul 09 12:31:00 2006 --- strongswan-4.3.2.orig/debian/strongswan-starter.install +++ strongswan-4.3.2/debian/strongswan-starter.install @@ -0,0 +1,24 @@ +# starter +usr/lib/ipsec/starter usr/lib/ipsec/ +usr/lib/ipsec/_copyright usr/lib/ipsec/ +usr/sbin/ipsec usr/sbin/ +etc/ipsec.d etc/ +etc/ipsec.conf etc/ +usr/share/man/man8/ipsec.8 usr/share/man/man8/ +usr/share/man/man8/_copyright.8 usr/share/man/man8/ +usr/share/man/man5/ipsec.conf.5 usr/share/man/man5/ +usr/share/man/man5/ipsec.secrets.5 usr/share/man/man5/ +# updown +usr/lib/ipsec/plugins/libstrongswan-updown.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/_updown usr/lib/ipsec/ +usr/lib/ipsec/_updown_espmark usr/lib/ipsec/ +usr/share/man/man8/_updown.8 usr/share/man/man8/ +usr/share/man/man8/_updown_espmark.8 usr/share/man/man8/ +# tools +usr/lib/ipsec/scepclient usr/lib/ipsec/ +usr/lib/ipsec/openac usr/lib/ipsec/ +usr/share/man/man8/scepclient.8 usr/share/man/man8/ +usr/share/man/man8/openac.8 usr/share/man/man8/ +# stroke +usr/lib/ipsec/stroke usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-stroke.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/libstrongswan.install +++ strongswan-4.3.2/debian/libstrongswan.install @@ -0,0 +1,9 @@ +usr/lib/libstrongswan.so* usr/lib/ +usr/lib/ipsec/plugins/libstrongswan-gmp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-x509.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pubkey.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-hmac.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xcbc.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-random.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-openssl.so* usr/lib/ipsec/plugins/ +etc/strongswan.conf etc/ --- strongswan-4.3.2.orig/debian/rules +++ strongswan-4.3.2/debian/rules @@ -0,0 +1,174 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DH_OPTIONS + +# this is a security-critical package, set all the options we can +export DEB_BUILD_HARDENING=1 + +CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ + --libexecdir=/usr/lib \ + --enable-ldap --enable-curl \ + --enable-nonblocking --enable-thread \ + --enable-smartcard --enable-cisco-quirks \ + --with-default-pkcs11=/usr/lib/opensc-pkcs11.so \ + --enable-mediation --enable-medsrv --enable-medcli \ + --enable-openssl --enable-agent \ + --enable-eap-radius --enable-eap-identity --enable-eap-md5 \ + --enable-eap-gtc --enable-eap-aka --enable-eap-mschapv2 \ + --enable-sql \ + --disable-aes --disable-des --disable-fips-prf --disable-gmp \ + --disable-md5 --disable-sha1 --disable-sha2 \ + --enable-nm + # Could enable --enable-nat-transport, but this is actually insecure, + # so don't! + # And for --enable-eap-sim we would need the library, which we don't + # have right now. + +DEB_BUILD_ARCH_CPU ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH_CPU) + +ifeq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif +# the padlock plugin only makes sense on i386 +# but it actually doesn't do much, so maybe we don't need it +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + CONFIGUREARGS += --enable-padlock +endif + +patch: + dh_testdir + #dpatch apply-all + +unpatch: + #dpatch deapply-all + +build: build-stamp +build-stamp: patch + dh_testdir + ./configure $(CONFIGUREARGS) + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" + touch build-stamp + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) clean + #-$(MAKE) -C programs/fswcert/ clean + # after a make clean, no binaries _should_ be left, but .... + -find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm + -find $(CURDIR)/lib/libcrypto -name "*.a" | xargs --no-run-if-empty rm + + # Really clean (#356716) + # This is a hack: should be better implemented + rm -f lib/libstrongswan/libstrongswan.a || true + rm -f lib/libstrongswan/liboswlog.a || true + + # just in case something went wrong + rm -f $(CURDIR)/debian/ipsec.secrets + + # and make sure that template are up-to-date + debconf-updatepo + + dh_clean + +install: build-stamp + dh_testdir + dh_testroot + dh_prep + dh_installdirs + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + + # install files from debian/tmp into proper package dirs + dh_install + # special handling for padlock, as it is only built on i386 +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + install $(CURDIR)/debian/tmp/usr/lib/ipsec/plugins/libstrongswan-padlock.so* $(CURDIR)/debian/libstrongswan/usr/lib/ipsec/plugins/ +endif + + # and additional files not covered by upstream makefile... + install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + # also "patch" ipsec.conf to include the debconf-managed file + echo >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + echo "include /var/lib/strongswan/ipsec.conf.inc" >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # and to enable both IKEv1 and IKEv2 by default + sed -r 's/^[ \t]+# *plutostart=(yes|no) */\tplutostart=yes/;s/^[ \t]+# *charonstart=(yes|no) */\tcharonstart=yes/' < $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf > $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp + mv $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # set permissions on ipsec.secrets + chmod 600 $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + chmod 700 -R $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/private/ + # don't know why they come with +x set by default... + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/policies/* + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/examples/* + + # this is handled by update-rc.d + rm -rf $(CURDIR)/debian/strongswan-starter/etc/rc?.d + + dh_installdocs -pstrongswan -n + # change the paths in the installed doc files (but only in regular + # files, not in links to the outside of the build tree !) + # TODO: check if we still need this + ( cd $(CURDIR)/debian/strongswan/; \ + for f in `grep "/usr/local/" --recursive --files-with-match *`; \ + do \ + if [ -f $$f -a ! -L $$f ]; then \ + cp $$f $$f.old; \ + sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \ + rm $$f.old; \ + fi; \ + done ) + + # the logcheck ignore files + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.paranoid/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.server/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.workstation/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/libstrongswan/etc/logcheck/violations.ignore.d/strongswan + + # more lintian cleanups + find $(CURDIR)/debian/*strongswan*/ -name ".cvsignore" | xargs --no-run-if-empty rm -f + find $(CURDIR)/debian/*strongswan*/ -name "/.svn/" | xargs --no-run-if-empty rm -rf + + # and lintian overrides + install --mode=0644 $(CURDIR)/debian/strongswan.lintian-overrides $(CURDIR)/debian/libstrongswan/usr/share/lintian/overrides/strongswan + +binary-common: + dh_testdir + dh_testroot + dh_installdirs + dh_installinit --name=ipsec + dh_installdebconf + dh_installchangelogs NEWS + dh_installdocs README + dh_link + dh_strip + dh_compress + dh_fixperms -X etc/ipsec.secrets -X etc/ipsec.d + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-indep: + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-i + +binary-arch: install + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-a + +binary-%: build-stamp install + make -f debian/rules binary-common DH_OPTIONS=-p$* + +binary: binary-indep binary-arch +.PHONY: clean binary-indep binary-arch --- strongswan-4.3.2.orig/debian/strongswan-nm.install +++ strongswan-4.3.2/debian/strongswan-nm.install @@ -0,0 +1 @@ +usr/lib/ipsec/plugins/libstrongswan-nm.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/strongswan.docs +++ strongswan-4.3.2/debian/strongswan.docs @@ -0,0 +1,2 @@ +README +CREDITS --- strongswan-4.3.2.orig/debian/use-bash2.diff +++ strongswan-4.3.2/debian/use-bash2.diff @@ -0,0 +1,4 @@ +1c1 +< #!/bin/sh +--- +> #!/bin/bash --- strongswan-4.3.2.orig/debian/control +++ strongswan-4.3.2/debian/control @@ -0,0 +1,101 @@ +Source: strongswan +Section: net +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Rene Mayrhofer +Standards-Version: 3.8.1 +Build-Depends: debhelper (>= 7.0.0), libtool, libgmp3-dev, libssl-dev (>= 0.9.8), libcurl4-openssl-dev | libcurl3-dev | libcurl2-dev, libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, dpatch, bzip2, po-debconf, hardening-wrapper, network-manager-dev, libfcgi-dev, clearsilver-dev, libxml2-dev, libsqlite3-dev, network-manager-dev (>= 0.7), libnm-glib-dev (>= 0.7), libnm-util-dev (>= 0.7) +Homepage: http://www.strongswan.org + +Package: strongswan +Architecture: all +Depends: strongswan-ikev1, strongswan-ikev2 +Suggests: network-manager-strongswan +Description: IPsec VPN solution metapackage + The strongSwan VPN suite is based on the IPsec stack in standard Linux 2.6 + kernels. It supports both the IKEv1 and IKEv2 protocols. + . + StrongSwan is one of the two remaining forks of the original FreeS/WAN + project and focuses on IKEv2 support, X.509 authentication and complete PKI + support. For a focus on Opportunistic Encryption (OE) and interoperability + with non-standard IPsec features, see Openswan. + . + This metapackage installs the packages required to maintain IKEv1 and IKEv2 + connections via ipsec.conf or ipsec.secrets. + +Package: libstrongswan +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, openssl +Conflicts: strongswan (< 4.2.12-1) +Description: strongSwan utility and crypto library + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This package provides the underlying library of charon and other strongSwan + components. It is built in a modular way and is extendable through various + plugins. + +Package: strongswan-starter +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-ikev1 | strongswan-ikev2 +Conflicts: strongswan (< 4.2.12-1) +Description: strongSwan daemon starter and configuration file parser + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + The starter and the associated "ipsec" script control both pluto and charon + from the command line. It parses ipsec.conf and loads the configurations to + the daemons. While the IKEv2 daemon can use other configuration backends, the + IKEv1 daemon is limited to configurations from ipsec.conf. + +Package: strongswan-ikev1 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-starter, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (< 4.2.12-1) +Replaces: openswan +Description: strongSwan Internet Key Exchange (v1) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Pluto is an IPsec IKEv1 daemon. It was inherited from the FreeS/WAN + project, but provides improved X.509 certificate support and other features. + . + Pluto can run in parallel with charon, the newer IKEv2 daemon. + +Package: strongswan-ikev2 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-starter | strongswan-nm, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (< 4.2.12-1) +Description: strongSwan Internet Key Exchange (v2) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Charon is an IPsec IKEv2 daemon. It is + written from scratch using a fully multi-threaded design and a modular + architecture. Various plugins provide additional functionality. + . + This build of charon can run in parallel with pluto, the IKEv1 daemon. + +Package: strongswan-nm +Architecture: any +Depends: ${shlibs:Depends}, strongswan-ikev2 +Recommends: network-manager-strongswan +Description: strongSwan plugin to interact with NetworkManager + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This plugin provides an interface which allows NetworkManager to configure + and control the IKEv2 daemon directly through D-Bus. It is designed to work + in conjunction with the network-manager-strongswan package, providing + a simple graphical frontend to configure IPsec based VPNs. --- strongswan-4.3.2.orig/debian/po/ja.po +++ strongswan-4.3.2/debian/po/ja.po @@ -0,0 +1,650 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-04-23 06:52+0900\n" +"Last-Translator: Hideki Yamane (Debian-JP) \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "strongSwan ã®èµ·å‹•ã‚¿ã‚¤ãƒŸãƒ³ã‚°:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "strongSwan ã®èµ·å‹•ã‚¿ã‚¤ãƒŸãƒ³ã‚°:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"セキュリティ修正ãŒã‚ã£ãŸå ´åˆã«ã¯ãƒ‡ãƒ¼ãƒ¢ãƒ³ãŒå†èµ·å‹•ã•ã‚Œã‚‹ã¾ã§ä¿®æ­£ãŒå映ã•ã‚Œã¾ã›" +"ん。ã§ã™ã®ã§ã€strongSwan ã‚’å†èµ·å‹•ã™ã‚‹ã®ã¯è‰¯ã„考ãˆã§ã™ã€‚ã»ã¨ã‚“ã©ã®äººã¯ãƒ‡ãƒ¼ãƒ¢ãƒ³" +"ã‚’å†èµ·å‹•ã—よã†ã¨ã—ã¾ã™ãŒã€ã“ã‚Œã¯å¤§æŠµå•é¡Œã‚ã‚Šã¾ã›ã‚“。ã—ã‹ã—ã€ã“ã®ä½œæ¥­ã§ç¾åœ¨ã®" +"接続ã¯åˆ‡æ–­ã•ã‚Œã€å†åº¦ç¹‹ãŽãªãŠã™ã“ã¨ã«ãªã‚Šã¾ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "ã“ã®ãƒ›ã‚¹ãƒˆã® RSA 公開éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’生æˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"æ–°ãŸãªå…¬é–‹éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢ã‚’生æˆã—ãŸããªã„å ´åˆã¯ã€æ¬¡ã®æ®µéšŽã§æ—¢å­˜ã®ã‚­ãƒ¼ãƒš" +"ã‚¢ã®åˆ©ç”¨ã‚’é¸æŠžã™ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "æ—¢ã«å­˜åœ¨ã—ã¦ã„ã‚‹ X.509 証明書ファイルを strongSwan ã§åˆ©ç”¨ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X.509 certificate with a matching RSA private key. Both parts " +#| "can be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã¯æ—¢ã«å­˜åœ¨ã—ã¦ã„ã‚‹ X.509 証明書ã‹ã‚‰ RSA 秘密éµã¨ç…§ã‚‰ã—åˆã‚ã›" +"ã¦å¿…è¦ãªæƒ…報を自動的ã«å±•é–‹ã™ã‚‹äº‹ãŒå¯èƒ½ã§ã™ã€‚ PEM å½¢å¼ã®å ´åˆã€åŒæ–¹ã‚’一ã¤ã®ãƒ•ã‚¡" +"イルã«ã¾ã¨ã‚ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚ãã®ã‚ˆã†ãªè¨¼æ˜Žæ›¸ã¨éµã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒã‚ã‚Šã€ã“れらを " +"IPSec 通信ã§ã®èªè¨¼ã«ä½¿ç”¨ã—ãŸã„å ´åˆã¯ã€Œã¯ã„ã€ã¨ç­”ãˆã¦ãã ã•ã„。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "PEM å½¢å¼ã® X.509 証明書ã®ãƒ•ã‚¡ã‚¤ãƒ«å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"PEM å½¢å¼ã® X.509 証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®å ´æ‰€ã‚’絶対パスã§å…¥åŠ›ã—ã¦ãã ã•ã„。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X.509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "PEM å½¢å¼ã® X.509 秘密éµã®ãƒ•ã‚¡ã‚¤ãƒ«å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X.509 certificate in PEM format. This can be the same file " +#| "that contains the X.509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"PEM å½¢å¼ã® X.509 証明書ã«å¯¾å¿œã™ã‚‹ RSA 秘密éµã‚’å«ã‚“ã§ã„るファイルã®å ´æ‰€ã‚’絶対" +"パスã§å…¥åŠ›ã—ã¦ãã ã•ã„。ã“れ㯠X.509 証明書をå«ã‚“ã§ã„るファイルã¨åŒã˜ã§æ§‹ã„ã¾" +"ã›ã‚“。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X.509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "自己署å X.509 証明書を生æˆã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to get the certificate request signed by your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"自己署å証明書を生æˆã—ãŸããªã„ã¨ã„ã†å ´åˆã¯ã€ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã§ã¯ RSA 秘密éµã¨" +"証明書è¦æ±‚ã®ã¿ã‚’生æˆã—ã¾ã™ã€‚ãã®ãŸã‚ã€èªè¨¼å±€ã«è¨¼æ˜Žæ›¸è¦æ±‚ã¸ç½²åã‚’ã—ã¦ã‚‚らã†å¿…" +"è¦ãŒã‚ã‚Šã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹å›½ã‚³ãƒ¼ãƒ‰:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"ã‚ãªãŸã®å›½ã®å›½ã‚³ãƒ¼ãƒ‰ã‚’2文字ã§å…¥åŠ›ã—ã¦ãã ã•ã„。ã“ã®ã‚³ãƒ¼ãƒ‰ã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•" +"ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹éƒ½é“府県å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"ã‚ãªãŸãŒåœ¨ä½ã—ã¦ã„る都é“府県を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾" +"ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹åœ°åŸŸå:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"ã‚ãªãŸã®åœ¨ä½ã—ã¦ã„る地域ã®åå‰ (例: 市町æ‘å) を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Ž" +"書è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹çµ„ç¹”å:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X.509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"X.509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ã組織 (例: 会社) を入力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼" +"明書è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹çµ„ç¹”å˜ä½:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X.509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"X.509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ã組織å˜ä½ (例: 部署å) を入力ã—ã¦ãã ã•ã„。ã“" +"ã‚Œã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹ã‚³ãƒ¢ãƒ³ãƒãƒ¼ãƒ :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X.509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"X.509 証明書ã®ç”Ÿæˆå¯¾è±¡ã¨ãªã‚‹ã¹ãコモンãƒãƒ¼ãƒ  (例: ã“ã®ãƒžã‚·ãƒ³ã®ãƒ›ã‚¹ãƒˆå) ã‚’å…¥" +"力ã—ã¦ãã ã•ã„。ã“ã‚Œã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 証明書è¦æ±‚ã«è¨˜è¼‰ã™ã‚‹ãƒ¡ãƒ¼ãƒ«ã‚¢ãƒ‰ãƒ¬ã‚¹:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X.509 certificate. This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"X.509 証明書ã®è²¬ä»»è€…ã¨ãªã‚‹äººç‰©ãƒ»å›£ä½“ã®ãƒ¡ãƒ¼ãƒ«ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’入力ã—ã¦ãã ã•ã„。ã“ã®" +"アドレスã¯è¨¼æ˜Žæ›¸è¦æ±‚ã«è¨˜è¼‰ã•ã‚Œã¾ã™ã€‚" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "strongSwan 㧠opportunistic encryption を有効ã«ã—ã¾ã™ã‹?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "å¯èƒ½ãªé™ã‚Šæ—©ã, \"NFS 起動後\", \"PCMCIA 起動後\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "strongSwan ã‚’èµ·å‹•ã•ã›ã‚‹ã‚¿ã‚¤ãƒŸãƒ³ã‚°ã®é¸æŠžè‚¢ã¨ã—ã¦ã¯3ã¤ãŒè€ƒãˆã‚‰ã‚Œã¾ã™: NFS " +#~ "サービスã®é–‹å§‹å‰ãƒ»é–‹å§‹å¾Œãƒ»PCMCIA サービスã®é–‹å§‹å¾Œã€ã§ã™ã€‚正解ã¯ã‚ãªãŸã®è¨­" +#~ "定次第ã§ã™ã€‚" + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "NFS 経由㧠/usr をマウントã›ãš (ä»–ã®ãƒ‘ーティションやã‚ã¾ã‚Šé‡è¦ã§ã¯ãªã„パー" +#~ "ティションを NFS 経由ã§ãƒžã‚¦ãƒ³ãƒˆã™ã‚‹ã‹ã€ã¾ãŸã¯ NFS マウントを全ã使ã‚ãª" +#~ "ã„)ã€åŠ ãˆã¦ PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’利用ã—ã¦ã„ãªã„å ´åˆã€å¯èƒ½ãªé™ã‚Šæ—©ã„" +#~ "タイミング㧠strongSwan ã‚’èµ·å‹•ã™ã‚‹ã®ãŒãƒ™ã‚¹ãƒˆã§ã™ã€‚ã“ã®è¨­å®šã«ã‚ˆã£ã¦ã€NFS ã§" +#~ "ã®ãƒžã‚¦ãƒ³ãƒˆã¯ IPSec ã§ä¿è­·ã•ã‚Œã¾ã™ã€‚ã“ã®å ´åˆ (ã¾ãŸã¯ã“ã®å•é¡Œã‚’ç†è§£ã—ã¦ã„ãª" +#~ "ã„ã‹ç‰¹ã«æ°—ã«ã—ãªã„å ´åˆ) ã€\"å¯èƒ½ãªé™ã‚Šæ—©ã\"ã¨è³ªå•ã«ç­”ãˆã¦ãã ã•ã„ (標準設" +#~ "定ã§ã™) 。" + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "NFS 経由㧠/usr をマウントã—ã¦ã„㦠PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’使用ã—ã¦ã„ãª" +#~ "ã„å ´åˆã¯ã€å¿…è¦ãªãƒ•ã‚¡ã‚¤ãƒ«ã‚’利用å¯èƒ½ã«ã™ã‚‹ãŸã‚ã« strongSwan ã‚’ NFS ã®å¾Œã§èµ·" +#~ "å‹•ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。ã“ã®å ´åˆã€\"NFS 起動後\" ã¨ç­”ãˆã¦ãã ã•ã„。ã“ã®æ™‚" +#~ "ã« NFS 経由ã§ãƒžã‚¦ãƒ³ãƒˆã•ã‚Œã‚‹ /usr ã¯ã€IPSec ã«ã‚ˆã‚‹ã‚»ã‚­ãƒ¥ã‚¢ãªçŠ¶æ…‹ã«ã¯ãªã‚‰ãª" +#~ "ã„ã¨ã„ã†ã“ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„。" + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "IPSec 接続㫠PCMCIA ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚«ãƒ¼ãƒ‰ã‚’利用ã—ã¦ã„ãŸå ´åˆã€PCMCIA サービス" +#~ "ã®èµ·å‹•å¾Œã« strongSwan ã‚’èµ·å‹•ã™ã‚‹ä»¥å¤–ã«é¸æŠžã¯ã‚ã‚Šã¾ã›ã‚“。ã“ã®å ´åˆã€" +#~ "\"PCMCIA 起動後\" ã¨ç­”ãˆã¦ãã ã•ã„。ローカルã§å‹•ä½œã—ã¦ã„ã‚‹ DNSSec 機能を使" +#~ "用ã—ã¦ã„ã‚‹ DNS サーãƒã‹ã‚‰éµã‚’å–å¾—ã—ãŸã„å ´åˆã§ã‚‚ã€ã“ã®ç­”ãˆã‚’ã—ã¦ãã ã•ã„。" + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "strongSwan ã‚’å†èµ·å‹•ã—ã¾ã™ã‹?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "IKEv1 をサãƒãƒ¼ãƒˆã—ã¾ã™ã‹?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan 㯠IKEv1 㨠IKEv2 ã®ä¸¡æ–¹ã®ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆéµäº¤æ›ãƒ—ロトコルをサ" +#~ "ãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã™ã€‚strongSwan ãŒèµ·å‹•ã™ã‚‹éš›ã€IKEv1 サãƒãƒ¼ãƒˆã®ãŸã‚ \"pluto\" " +#~ "デーモンを起動ã—ã¾ã™ã‹?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "IKEv2 をサãƒãƒ¼ãƒˆã—ã¾ã™ã‹?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan 㯠IKEv1 㨠IKEv2 ã®ä¸¡æ–¹ã®ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆéµäº¤æ›ãƒ—ロトコルをサ" +#~ "ãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã™ã€‚strongSwan ãŒèµ·å‹•ã™ã‚‹éš›ã€IKEv2 サãƒãƒ¼ãƒˆã®ãŸã‚ \"pluto\" " +#~ "デーモンを起動ã—ã¾ã™ã‹?" + +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã¯ã“ã®ãƒ›ã‚¹ãƒˆã® X.509 èªè¨¼ç”¨ã® RSA 公開éµãƒ»ç§˜å¯†éµã®ã‚­ãƒ¼ãƒšã‚¢" +#~ "を自動的ã«ç”Ÿæˆã§ãã¾ã™ã€‚ã“ã®ã‚­ãƒ¼ãƒšã‚¢ã¯ä»–ã®ãƒ›ã‚¹ãƒˆã¨ã® IPSec 通信ã§ã®èªè¨¼ã«" +#~ "利用å¯èƒ½ã§ã€ã‚»ã‚­ãƒ¥ã‚¢ãª IPSec 通信を確立ã™ã‚‹æ–¹æ³•ã¨ã—ã¦å¥½ã¾ã‚Œã¦ã„ã¾ã™ã€‚ä»–ã«" +#~ "利用å¯èƒ½ãªæ–¹æ³•ã¨ã—ã¦ã¯äº‹å‰ã«è¨­å®šã—ã¦ã‚ã‚‹å…±é€šéµ (PSKã€ãƒˆãƒ³ãƒãƒ«ã®åŒæ–¹ã§åŒã˜" +#~ "パスワードをを利用ã™ã‚‹) を通信ã®èªè¨¼ã«åˆ©ç”¨ã™ã‚‹ã¨ã„ã†ã®ãŒã‚ã‚Šã¾ã™ãŒã€å¤šæ•°ã®" +#~ "接続ã«å¯¾ã—ã¦ã¯ã€RSA èªè¨¼ã®ã»ã†ãŒç®¡ç†ãŒã‚ˆã‚Šç°¡å˜ã§ã‚ˆã‚Šã‚»ã‚­ãƒ¥ã‚¢ã§ã™ã€‚キーペア" +#~ "を利用ã™ã‚‹ã“ã¨ã¯ã€X.509 èªè¨¼ã¨ PSK èªè¨¼ã®åŒæ–¹ã‚’ IPsec トンãƒãƒ«ã«è¨±å¯ã™ã‚‹ã“" +#~ "ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„。" + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "RSA éµã®éµé•·ï¼ˆãƒ“ット数):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "生æˆã™ã‚‹ RSA éµã®é•·ã•ã‚’入力ã—ã¦ãã ã•ã„。安全ã®ãŸã‚ã€1024 ビット未満ã«ã™ã¹" +#~ "ãã§ã¯ã‚ã‚Šã¾ã›ã‚“。2048 ビットより大ããªã‚‚ã®ã«ã™ã‚‹å¿…è¦ã‚‚ãªã„ã§ã—ょã†ã€‚èªè¨¼" +#~ "プロセスãŒé…ããªã‚Šã¾ã™ã—ã€ç¾æ™‚点ã§ã¯ãŠãらãå¿…è¦ã‚ã‚Šã¾ã›ã‚“。" + +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "証明書è¦æ±‚ã«ç½²åã™ã‚‹ãŸã‚ã«ã¯èªè¨¼å±€ãŒå¿…è¦ã¨ãªã‚‹ã®ã§ã€ã“ã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã§ã¯è‡ª" +#~ "己署å X.509 証明書を自動的ã«ç”Ÿæˆã™ã‚‹äº‹ã ã‘ãŒå¯èƒ½ã§ã™ã€‚自己署å証明書を生" +#~ "æˆã—ãŸã„å ´åˆã€ã“れを使用ã—ã¦ã™ãã« X.509 証明書をサãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹ä»–ã® " +#~ "IPSec ホストã«æŽ¥ç¶šå¯èƒ½ã§ã™ã€‚ã—ã‹ã—ã€strongSwan ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 1.91 以上ã§ã®æ–°" +#~ "ã—ã„ PKI 機能を使ã„ãŸã„å ´åˆã¯ã€trust path を生æˆã™ã‚‹ãŸã‚ã«å˜ä¸€ã®èªè¨¼å±€ã«" +#~ "よã£ã¦ã™ã¹ã¦ã® X.509 証明書ã«ç½²åã—ã¦ã‚‚らã†å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚" + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "openssl ãŒå›½ã‚³ãƒ¼ãƒ‰ãªã—ã§ã¯è¨¼æ˜Žæ›¸ã®ç”Ÿæˆã‚’æ‹’å¦ã™ã‚‹ã®ã§ã€æ­£ã—ã„国コードをã“ã“" +#~ "ã§å…¥åŠ›ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚X.509 証明書ã§ã¯ã€ä»–ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¤ã„ã¦ã¯ç©ºã§ã‚‚" +#~ "構ã„ã¾ã›ã‚“ãŒã€ã“ã‚Œã«ã¤ã„ã¦ã¯è¨±å¯ã•ã‚Œã¦ã„ã¾ã›ã‚“。" + +#~ msgid "Example: AT" +#~ msgstr "例: JP" + +#~ msgid "Example: Upper Austria" +#~ msgstr "例: Tokyo" + +#~ msgid "Example: Vienna" +#~ msgstr "例: Shinjuku-ku" + +#~ msgid "Example: Debian" +#~ msgstr "例: Debian" + +#~ msgid "Example: security group" +#~ msgstr "例: security group" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "例: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan ã¯ã€IPSec èªè¨¼æƒ…å ± (例: RSA 公開éµ) ã‚’ (願ã‚ãã¯ã‚»ã‚­ãƒ¥ã‚¢ãª) " +#~ "DNS レコード内ã«ä¿å­˜ã™ã‚‹ opportunistic encryption (OE) をサãƒãƒ¼ãƒˆã—ã¦ã„ã¾" +#~ "ã™ã€‚ã“ã‚Œã¯åºƒã利用ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚‹ã¾ã§ã€æœ‰åŠ¹ã«ã™ã‚‹ã¨å¤–部ã¸ã®æ–°è¦æŽ¥ç¶šã¯å…¨ã¦" +#~ "格段ã«é…ããªã‚Šã¾ã™ã€‚ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 2.0 より strongSwan ã®é–‹ç™ºå…ƒã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ " +#~ "OE を有効ã«ã—ã¦ã„ã¾ã™ã€‚ãã®ãŸã‚ pluto (strongSwan éµç½²åデーモン) ãŒé–‹å§‹ã™" +#~ "ã‚‹ã¨ã™ãã€æ—¢å­˜ã®ã‚¤ãƒ³ã‚¿ãƒ¼ãƒãƒƒãƒˆæŽ¥ç¶š (ã¤ã¾ã‚Šãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒ«ãƒ¼ãƒˆ) ãŒä¸­æ–­ã•ã‚Œã‚‹ã‹" +#~ "ã‚‚ã—ã‚Œã¾ã›ã‚“。" + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "OE ã®ã‚µãƒãƒ¼ãƒˆã‚’有効ã«ã™ã‚‹ã‹ã©ã†ã‹ã‚’é¸ã‚“ã§ãã ã•ã„。よãã‚ã‹ã‚‰ãªã„å ´åˆã¯ã€" +#~ "有効ã«ã¯ã—ãªã„ã§ãã ã•ã„。" --- strongswan-4.3.2.orig/debian/po/eu.po +++ strongswan-4.3.2/debian/po/eu.po @@ -0,0 +1,467 @@ +# translation of eu.po to Euskara +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Piarres Beobide , 2009. +msgid "" +msgstr "" +"Project-Id-Version: eu\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-21 11:16+0200\n" +"Last-Translator: Piarres Beobide \n" +"Language-Team: Euskara \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: eu\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "abioan" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "NFS ondoren" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "PCMCIA ondoren" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "StrongSwan abiaraztean:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan sistema abioan abiarazten da horrela automatikoki muntatzen diren " +"fitxategi-sistemak babesteko." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * abioan: /usr ez badago NFS bidez muntaturik eta PCMCIA sare txartelik\n" +" erabiltzen ez baduzu, hobe da strongSwan ahalik eta azkarren\n" +" abiaraztea, horrela NFS muntatzeak IPSec bidez babestu daitezke;\n" +" * NFS ondoren: /usr NFS bidez muntaturik dagoenean eta PCMCIA\n" +" sare txartelik erabiltzen ez bada gomendagarria;\n" +" * PCMCIA ondoren: IPSec konexioak PCMCIA sare txartela bat erabiltzean\n" +" edo gakoak DNSSec onartzen duen DNS zerbitzari lkokaletik eskuratu behar " +"direnean\n" +" gomendagarria." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "StrongSwan orain berrabiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"StrongSwan berrabiaraztea gomendagarria da segurtasun konpontze bat badago " +"ez bait da ezarriko deabrua berrabiarazi artean. Hala ere, honek martxan " +"dauden konexioak itxi eta gero berriz abiaraziko ditu." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "If you don't restart strongSwan now, you should do so manually at the " +#| "first opportunity." +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Ez baduzu strongSwan orain berrabiarazten, eskuz egin beharko zenuke ahal " +"bezain laster." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "StrongSwan-ren IKEv1 deabrua abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto deabrua martxan egon behar da Internet gako trukatze (IKE) " +"protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "StrongSwan-ren IKEv2 deabrua abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon deabrua martxan egon behar da Internet gako trukatze (IKE) " +"protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Sortu RSA publiko/pribatu gako pare bat ostalari honentzako?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan-ek Pre-Shared Key (PSK) edo RSA gako-parea erabil dezake beste " +"ostalariekiko IPSec konexioak autentifikatzeko. RSA autentifikazioa " +"arruntean seguruago da eta errazago kudeatzen da. PSK eta RSA " +"autentifikazioak batera erabili ditzakezu." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Ez baduzu gako-pare publiko/pribatu berririk sortu nahi. dagoeneko sorturik " +"dagoen bat hautatu dezakezu hurrengo urratsean." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "DAgoen X.509 ziurtagiria erabili strongSwan-rentzat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Beharrezko informazioa automatikoki dagoen dagokion RSA gako pribatuaz X.509 " +"ziurtagiritik atera daiteke. Bi zatiak fitxategi bakar batean egon daitezke, " +"PEM formatuan badago. Aukera hau hautatu beharko zenuke dagoeneko " +"ziurtagirik eta gako fitxategia badituzu eta IPSec konexioen " +"autentifikaziorako erabili nahi badituzu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "X.509 ziurtagiriaren fitxategi-izena PEM formatuan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Mesedez idatzi zure X.509 ziurtagiria duen fitxategiaren kokapen osoa PEM " +"formatuan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "X.509 gako pribatuaren fitxategi-izena PEM formatuan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Mesedez idatzi zure X.509 ziurtagiriaren pareko RSA gako pribatua duen " +"fitxategiaren kokapen osoa PEM formatuan. Hau X.509 ziurtagiriaren berdina " +"izan daiteke." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA gako luzapena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "Please enter the length of RSA key you wish to generate. A value of less " +#| "than 1024 bits is not considered secure. A value of more than 2048 bits " +#| "will probably affect performance." +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Mesedez zehaztu sortu nahi duzun RSA gakoaren luzapena. 1024 bit-etik " +"beherako balioak ez dira segurutzat ematen. 2048 bit-tik gorako balioek " +"ziurrenik performantzian eragingo dute." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Sortu auto-sinatutako X.509 ziurtagiria?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Auto-sinatutako X.509 ziurtagiriak bakarrik sor daitezke automatikoki, beste " +"modu batetara ziurtagiri autoritate batek ziurtagiri eskaera sinatzea behar " +"da eta." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako organizazio unitatea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako organizazio unitatea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Mesedez idatzi ziurtagiri eskaeran erabili behar den izen arrunta (makina " +"honen ostalari izena bezalakoa)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako eposta helbidea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Mesedez idatzi ziurtagiri eskaeran erabili behar den eposta helbidea " +"(banakako edo erakunde buruarena)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Aukerako enkriptazioa gaitu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwan bertsio honek aukerako enkriptatze (opportunistic encryption, OE) " +"euskarria du, honek IPSec autentifikazio informazioa DNS erregistroetan " +"gordetzen ditu. Hau guztiz garatua ez dagoenez gaitzeak kanporako konexio " +"berri guztien atzerapen esanguratsu bat eragin dezake." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Aukerako enkriptatzea behar duzula ziur bazaude bakarrik gaitu beharko " +"zenuke. Internet konexioak moztuko dira (lehenetsitako atebidea) pluto " +"deabrua abiaraztean." + +#~ msgid "Please enter the organization name (often a company)" +#~ msgstr "Mesedez idatzi organizazio izena (ziurrenik konpainia)" --- strongswan-4.3.2.orig/debian/po/de.po +++ strongswan-4.3.2/debian/po/de.po @@ -0,0 +1,759 @@ +# German translation of strongswan templates +# Helge Kreutzmann , 2007. +# This file is distributed under the same license as the strongswan package. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.1.4-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2007-07-08 12:01+0200\n" +"Last-Translator: Helge Kreutzmann \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Wann soll strongSwan gestartet werden:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "Wann soll strongSwan gestartet werden:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Es ist eine gute Idee, strongSwan neuzustarten, da eine Sicherheitskorrektur " +"erst nach dem Neustart des Daemons greift. Die meisten Leute erwarten, dass " +"der Daemon neu startet, daher ist diese Wahl eine gute Idee. Er kann " +"allerdings existierende Verbindungen beenden und erneut aufbauen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Möchten Sie ein öffentlich/privates RSA-Schlüsselpaar für diesen Rechner " +"erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Falls Sie kein neues öffentliches/privates Schlüsselpaar erstellen wollen, " +"können Sie ein existierendes auswählen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Verfügen Sie über ein existierendes X509-Zertifikat für strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Dieses Installationsprogramm kann automatisch die benötigten Informationen " +"aus einem existierenden X509-Zertifikat mit passendem privatem RSA-Schlüssel " +"extrahieren. Beide Teile können in einer Datei sein, falls sie im PEM-Format " +"vorliegt. Falls Sie über solch ein existierendes Zertifikat und eine solche " +"Schlüsseldatei verfügen, und diese für die Authentifizierung von IPSec-" +"Verbindungen verwenden möchten, stimmen Sie bitte zu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Dateiname Ihres X509-Zertifikates im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die Ihr X509-Zertifikat im " +"PEM-Format enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Dateiname Ihres privaten X509-Schlüssels im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die den privaten RSA-" +"Schlüssel enthält, der zu Ihrem X509-Zertifikat im PEM-Format passt. Dies " +"kann die gleiche Datei sein, die auch das X509-Zertifikat enthält." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Möchten Sie ein selbst-signiertes X509-Zertifikat erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to get the certificate request signed by your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Falls Sie kein selbst-signiertes Zertifikat erstellen möchten, wird dieses " +"Installationsprogramm nur einen privaten RSA-Schlüssel und die " +"Zertifikatsanfrage erstellen und Sie müssen die Zertifikatsanfrage von Ihrer " +"Zertifizierungsstelle signiert bekommen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Ländercode für die X509-Zertifizierungsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Bitte geben Sie den zweibuchstabigen Ländercode für Ihr Land ein. Dieser " +"Code wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Name des Landes oder der Provinz für diese X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Bitte geben Sie den kompletten Namen des Landes oder der Provinz ein, in der " +"Sie leben. Dieser Name wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Örtlichkeitsangabe für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Bitte geben Sie die Örtlichkeit (z.B. Stadt) ein, in der Sie leben. Dieser " +"Name wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsname für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Bitte geben Sie die Organisationseinheit (z.B. Bereich) ein, für die das " +"X509-Zertifikat erstellt werden soll. Dieser Name wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationseinheit für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Bitte geben Sie die Organisationseinheit (z.B. Bereich) ein, für die das " +"X509-Zertifikat erstellt werden soll. Dieser Name wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Allgemeiner Name für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Bitte geben Sie den allgemeinen Namen (z.B. den Rechnernamen dieser " +"Maschine) ein, für den das X509-Zertifikat erstellt werden soll. Dieser Name " +"wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-Mail-Adresse für die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Bitte geben Sie die E-Mail-Adresse der Person oder Organisation ein, die für " +"das X509-Zertifikat verantwortlich ist. Diese Adresse wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "Möchten Sie opportunistische Verschlüsselung in strongSwan aktivieren?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "frühestmöglich, »nach NFS«, »nach PCMCIA«" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Es gibt drei Möglichkeiten, wann strongSwan starten kann: vor oder nach " +#~ "den NFS-Diensten und nach den PCMCIA-Diensten. Die richtige Antwort hängt " +#~ "von Ihrer spezifischen Einrichtung ab." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum nicht über NFS eingehängt haben (entweder weil " +#~ "Sie nur andere, weniger lebenswichtige Bäume über NFS einhängen, oder " +#~ "falls Sie NFS überhaupt nicht verwenden) und keine PCMCIA-Netzwerkkarte " +#~ "benutzen, ist es am besten, strongSwan so früh wie möglich zu starten und " +#~ "damit durch IPSec gesicherte NFS-Einhängungen zu erlauben. In diesem Fall " +#~ "(oder falls Sie dieses Problem nicht verstehen oder es Ihnen egal ist), " +#~ "antworten Sie »frühestmöglich« (Standardwert) auf diese Frage." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum über NFS eingehängt haben und keine PCMCIA-" +#~ "Netzwerkkarte benutzen, müssen Sie strongSwan nach NFS starten, so dass " +#~ "alle benötigten Dateien verfügbar sind. In diesem Fall antworten Sie " +#~ "»nach NFS« auf diese Frage. Bitte beachten Sie, dass NFS-Einhängungen von /" +#~ "usr in diesem Fall nicht über IPSec gesichert werden können." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Falls Sie eine PCMCIA-Netzwerkkarte für Ihre IPSec-Verbindungen benutzen, " +#~ "dann müssen Sie nur auswählen, dass er nach den PCMCIA-Diensten startet. " +#~ "Antworten Sie in diesem Fall »nach PCMCIA«. Dies ist auch die richtige " +#~ "Antwort, falls Sie Schlüssel von einem lokal laufenden DNS-Server mit " +#~ "DNSSec-Unterstützung abholen wollen." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Möchten Sie strongSwan neustarten?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Möchten Sie IKEv1 unterstützen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan unterstützt beide Versionen des »Internet Key Exchange«-" +#~ "Protokolls (Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten " +#~ "Sie den »pluto«-Daemon für IKEv1-Unterstützung starten, wenn strongSwan " +#~ "gestartet wird." + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Möchten Sie IKEv2 unterstützen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan unterstützt beide Versionen des »Internet Key Exchange«-" +#~ "Protokolls (Schlüsselaustausch über Internet), IKEv1 und IKEv2. Möchten " +#~ "Sie den »charon«-Daemon für IKEv2-Unterstützung starten, wenn strongSwan " +#~ "gestartet wird." + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Das Installationsprogramm kann automatisch ein öffentliches/privates RSA-" +#~ "Schlüsselpaar für diesen Rechner erstellen. Dieses Schlüsselpaar kann zur " +#~ "Authentifizierung von IPSec-Verbindungen anderer Rechner verwendet werden " +#~ "und ist die bevorzugte Art, sichere IPSec-Verbindungen aufzubauen. Die " +#~ "andere Möglichkeit besteht darin, vorab-verteilte Geheimnisse " +#~ "(Passwörter, die auf beiden Seiten des Tunnels identisch sind) zur " +#~ "Authentifizierung einer Verbindung zu verwenden, aber für eine größere " +#~ "Anzahl an Verbindungen ist die RSA-Authentifizierung einfacher zu " +#~ "administrieren und sicherer." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Die Länge des erstellten RSA-Schlüssels (in Bits):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Bitte geben Sie die Länge des erstellten RSA-Schlüssels an. Er sollte " +#~ "nicht kürzer als 1024 Bits sein, da dies als unsicher betrachtet werden " +#~ "könnte und Sie benötigen nicht mehr als 2048 Bits, da dies nur den " +#~ "Authentifizierungs-Prozess verlangsamt und derzeit nicht benötigt wird." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Das Installationsprogramm kann nur selbst-signierte X509-Zertifikate " +#~ "automatisch erstellen, da andernfalls eine Zertifizierungsstelle zur " +#~ "Signatur der Zertifikatsanfrage benötigt wird. Falls Sie ein selbst-" +#~ "signiertes Zertifikat erstellen möchten, können Sie es sofort zur " +#~ "Verbindung mit anderen IPSec-Rechnern verwenden, die X509-Zertifikate zur " +#~ "Authentifizierung von IPSec-Verbindungen verwenden. Falls Sie allerdings " +#~ "die neuen PKI-Funktionalitäten von strongSwan >= 1.91 verwenden möchten, " +#~ "müssen alle X509-Zertifikate von einer einzigen Zertifizierungsstelle " +#~ "signiert sein, um einen vertrauensvollen Pfad zu etablieren." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Sie müssen wirklich einen gültigen Ländercode hier eingeben, da OpenSSL " +#~ "es ablehnen wird, Zertifikate ohne diese zu erstellen. Jedes andere Feld " +#~ "im X509-Zertifikat darf leer bleiben; dieses aber nicht." + +#~ msgid "Example: AT" +#~ msgstr "Beispiel: AT" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Beispiel: Oberösterreich" + +#~ msgid "Example: Vienna" +#~ msgstr "Beispiel: Wien" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Bitte geben Sie die Organisation (z.B. Firma) ein, für die das X509-" +#~ "Zertifikat erstellt werden soll. Dieser Name wird in der " +#~ "Zertifikatsanfrage verwandt." + +#~ msgid "Example: Debian" +#~ msgstr "Beispiel: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Beispiel: Sicherheitsgruppe" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Beispiel: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan enthält Unterstützung für opportunistische Verschlüsselung " +#~ "(OV), die Authentifizierungsinformationen von IPSec (z.B. öffentliche RSA-" +#~ "Schlüssel) in DNS-Datensätzen speichert. Solange dies nicht weit " +#~ "verbreitet ist, wird jede neue ausgehende Verbindung signifikant " +#~ "verlangsamt, falls diese Option aktiviert ist. Seit Version 2.0 wird " +#~ "strongSwan von den Autoren mit aktiviertem OV ausgeliefert und wird daher " +#~ "wahrscheinlich Ihre existierenden Verbindungen ins Internet (d.h. Ihre " +#~ "Standard-Route) stören, sobald Pluto (der strongSwan Schlüssel-Daemon) " +#~ "gestartet wird." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Bitte wählen Sie aus, ob Sie OV aktivieren möchten. Falls Sie unsicher " +#~ "sind, aktivieren Sie es nicht." + +#~ msgid "x509, plain" +#~ msgstr "x509, einfach" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Die Art des RSA-Schlüsselpaars, das erstellt werden soll:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Es besteht die Möglichkeit, ein einfaches öffentliches/privates " +#~ "Schlüsselpaar für den Einsatz mit strongSwan oder eine X509-" +#~ "Zertifikatsdatei zu erstellen, die den öffentlichen Schlüssel und " +#~ "zusätzlich den zugehörigen privaten Schlüssel enthält." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Falls Sie nur IPSec-Verbindungen zu Rechnern aufbauen wollen, auf denen " +#~ "auch strongSwan läuft, könnte es etwas einfacher sein, einfache RSA-" +#~ "Schlüsselpaare zu verwenden. Falls Sie aber mit anderen IPSec-" +#~ "Implementierungen Verbindungen aufnehmen wollen, benötigen Sie ein X509-" +#~ "Zertifikat. Es besteht auch die Möglichkeit, hier ein X509-Zertifikat zu " +#~ "erstellen und den öffentlichen RSA-Schlüssel im einfachen Format zu " +#~ "extrahieren, falls die andere Seite strongSwan ohne X509-" +#~ "Zertifikatsunterstützung betreibt." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daher wird ein X509-Zertifikat empfohlen, da es flexibler ist und dieses " +#~ "Installationsprogramm in der Lage sein sollte, die komplexe Erstellung " +#~ "des X509-Zertifikates und seinen Einsatz in strongSwan zu verstecken." --- strongswan-4.3.2.orig/debian/po/sv.po +++ strongswan-4.3.2/debian/po/sv.po @@ -0,0 +1,442 @@ +# translation of strongswan_sv.po to Swedish +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Martin Ågren , 2008, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan_sv\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-12 08:19+0200\n" +"Last-Translator: Martin Ågren \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: swe\n" +"X-Poedit-Country: swe\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "tidigt" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "efter NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "efter PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "När strongSwan ska startas om:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan startar under systemuppstart så att det kan skydda filsystem som " +"monteras automatiskt." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * tidigt: om /usr inte monteras genom NFS och om du inte vill använda\n" +" ett PCMCIA-nätverkskort, är det bäst att starta strongSwan så snart\n" +" som möjligt, så att NFS-monteringar kan säkras med IPSec;\n" +" * efter NFS: rekommenderas när /usr monteras genom NFS och inget\n" +" PCMCIA-nätvärkskort används;\n" +" * efter PCMCIA: rekommenderas om IPSec-uppkopplingen använder ett\n" +" PCMCIA-nätverkskort eller om det behöver hämta nycklar från en\n" +" DNS-server som kör lokalt med DNSSec-stöd." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Starta om strongSwan nu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Att starta om strongSwan rekommenderas eftersom en eventuell " +"säkerhetsrättning inte kommer användas förrän demonen startats om. Detta kan " +"dock eventuellt stänga existerande anslutningar och sedan ta upp dem igen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Om du inte startar om strongSwan nu, ska du göra det manuellt så snart " +"tillfälle ges." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Starta strongSwans IKEv1-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-demonen måste köras för att stödja version 1 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Starta strongSwans IKEv2-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-demonen måste köras för att stödja version 2 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Vill du skapa ett RSA-nyckelpar för denna värdmaskin?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan kan använda en förutdelad nyckel (Pre-Shared Key, PSK) eller ett " +"RSA-nyckelpar för att autentisera IPSec-uppkopplingar till andra " +"värdmaskiner. RSA-autentisering anses generellt vara mer säkert och är " +"enklare att administrera. Du kan använda PSK- och RSA-autentisering " +"samtidigt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Om du inte vill skapa ett nytt nyckelpar kan du välja att använda ett " +"existerande par i nästa steg." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Vill du använda ett existerande X.509-certifikat för strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Den information som behövs kan plockas ut automatiskt från ett existerande " +"X.509-certifikat med en matchande privat RSA-nyckel. Båda delarna kan vara i " +"en fil om den är i PEM-format. Välj detta alternativ om du har ett sådant " +"certifikat och nyckelfil och vill använda det för att autentisera IPSec-" +"anslutningar." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Namn på filen med ditt X.509-certifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Ange platsen för den fil som innehåller ditt X.509-certifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Namn på filen med din privata X.509-nyckel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Ange platsen för den fil som innehåller den privata RSA-nyckel som matchar " +"ditt X.509-certifikat i PEM-format. Detta kan vara samma fil som innehåller " +"X.509-certifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA-nyckellängd:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Ange längden på nyckeln du vill generera. Ett värde mindre än 1024 bitar " +"anses inte säkert. Ett värde på mer än 2048 bitar kommer antagligen påverka " +"prestanda." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Vill du skapa ett självsignerat X.509-certifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Endast självsignerade X.509-certifikat kan skapas automatiskt, eftersom det " +"annars behövs en certifikatsutställare som signerar certifikatsförfrågan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Om du väljer detta alternativ, kan certifikatet omedelbart användas för att " +"ansluta över IPSec-värdmaskiner som stödjer autentisering via ett X.509-" +"certifikat. Används strongSwans PKI-funktioner krävs däremot att en " +"tillitsväg (eng. trust path) skapas genom att alla X.509-certifikat signeras " +"av en särskild certifikatsutställare." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Om du inte väljer detta alternativ, kommer endast den privata RSA-nyckeln " +"skapas tillsammans med den certifikatsförfrågan som du behöver få signerad " +"av din certifikatsutställare." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landskod för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Ange den ISO3166-landskod med 2 bokstäver som ska användas i " +"certifikatsförfrågan. (Sverige har landskod SE.)" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Detta är fält är obligatoriskt; annars kan inget certifikat skapas." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Region eller län för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Ange namnet på regionen eller landet som ska användas i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Lokaliteten för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Ange lokaliteten (ofta en stad) som ska användas i certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsnamnet för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Ange organisationsnamnet (ofta ett företag) som ska användas i " +"certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationsenheten för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Ange organisationsenheten (ofta en avdelning) som ska användas i " +"certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Namnet på X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Ange namnet (exempelvis värdnamnet för denna maskin) som ska användas i " +"certifikatsförfrågan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadressen för X.509-certifikatsförfrågan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Ange den e-postadress (till den ansvariga personen eller organisationen) som " +"ska användas i certifikatsförfrågan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Vill du aktivera opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denna version av strongSwan stödjer opportunistisk kryptering (OE), som " +"lagrar IPSec-autentiseringsinformation i DNS-registret. Till dess detta " +"används i stor utsträckning, kommer aktivering av det att orsaka betydande " +"fördröjningar för varje ny utgående anslutning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du ska bara aktivera opportunistisk kryptering om du är säker på att du vill " +"ha det. Det kan bryta internetanslutningen (standardvägen) när pluto-demonen " +"startas." --- strongswan-4.3.2.orig/debian/po/cs.po +++ strongswan-4.3.2/debian/po/cs.po @@ -0,0 +1,685 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:47+0100\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "co nejdříve" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "po NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "po PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Kdy spustit strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"strongSwan se spouÅ¡tí pÅ™i zavádÄ›ní systému, takže může chránit automaticky " +"pÅ™ipojované souborové systémy." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * co nejdříve: pokud není /usr pÅ™ipojeno pÅ™es NFS a nepoužíváte\n" +" síťovou kartu PCMCIA, je lepší spustit strongSwan co nejdříve,\n" +" aby bylo NFS chránÄ›no pomocí IPSec;\n" +" * po NFS: doporuÄeno, pokud je /usr pÅ™ipojeno pÅ™es NFS a pokud\n" +" nepoužíváte síťovou kartu PCMCIA;\n" +" * po PCMCIA: doporuÄeno pokud IPSec spojení používá síťovou kartu\n" +" PCMCIA, nebo pokud vyžaduje stažení klíÄů z lokálnÄ› běžícího DNS\n" +" serveru s podporou DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Restartovat nyní strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Restartování strongSwan je dobrý nápad, protože v případÄ›, že aktualizace " +"obsahuje bezpeÄnostní záplatu, nebude tato funkÄní, dokud se démon " +"nerestartuje. NicménÄ› je možné, že existující spojení budou ukonÄena a poté " +"znovu nahozena." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Pokud nerestartujete strongSwan nyní, mÄ›li byste to provést pÅ™i nejbližší " +"příležitosti." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Spustit strongSwan daemon IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 1. verze protokolu Internet Key Exchange musí běžet daemon pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Spustit strongSwan daemon IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 2. verze protokolu Internet Key Exchange musí běžet daemon " +"charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "VytvoÅ™it veÅ™ejný/soukromý pár RSA klíÄů pro tento poÄítaÄ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"strongSwan může pro autentizaci IPSec spojení s jinými poÄítaÄi používat " +"pÅ™edsdílený klÃ­Ä (PSK), nebo veÅ™ejný/soukromý pár RSA klíÄů. RSA autentizace " +"se považuje za bezpeÄnÄ›jší a jednodušší na správu. Autentizace PSK a RSA " +"můžete používat souÄasnÄ›." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Jestliže si nepÅ™ejete vytvoÅ™it nový pár klíÄů pro tento poÄítaÄ, můžete si v " +"příštím kroku zvolit existující klíÄe." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Použít pro strongSwan existující certifikát X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"PotÅ™ebné informace lze získat automaticky z existujícího certifikátu X.509 s " +"odpovídajícím soukromým RSA klíÄem. Jedná-li se o formát PEM, mohou být obÄ› " +"Äásti v jednom souboru. Vlastníte-li takový certifikát a soubor s klíÄem a " +"chcete-li je použít pro autentizaci IPSec spojení, odpovÄ›zte kladnÄ›." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Jméno souboru s certifikátem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Zadejte celou cestu k souboru obsahujícímu váš certifikát X.509 ve formátu " +"PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Jméno souboru se soukromým klíÄem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Zadejte prosím absolutní cestu k souboru obsahujícímu soukromý RSA klÃ­Ä ve " +"formátu PEM odpovídající vaÅ¡emu certifikátu X.509. Může to být stejný soubor " +"jako ten, ve kterém se nachází certifikát X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Délka RSA klíÄe:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Zadejte prosím délku vytvářeného RSA klíÄe. Z důvodu bezpeÄnosti by nemÄ›la " +"být menší než 1024 bitů. Hodnota vÄ›tší než 2048 bitů může ovlivnit výkon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "VytvoÅ™it certifikát X.509 podepsaný sám sebou?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Automaticky lze vytvoÅ™it pouze certifikát podepsaný sám sebou, protože jinak " +"je zapotÅ™ebí certifikaÄní autorita, která by podepsala požadavek na " +"certifikát." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Odpovíte-li kladnÄ›, můžete nový certifikát ihned použít k pÅ™ipojení na další " +"poÄítaÄe s IPSec, které podporují autentizaci pomocí certifikátu X.509. " +"NicménÄ› pro využití PKI možností ve strongSwanu je nutné, aby byly vÅ¡echny " +"certifikáty v cestÄ› důvÄ›ry podepsány stejnou autoritou." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Jestliže nechcete vytvoÅ™it certifikát podepsaný sebou samým, vytvoří se " +"pouze soukromý RSA klÃ­Ä a požadavek na certifikát. Vy potom musíte podepsat " +"požadavek svou certifikaÄní autoritou." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Kód zemÄ› pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Zadejte dvoumístný ISO3166 kód své zemÄ›. Tento kód bude umístÄ›n do požadavku " +"na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Toto pole je povinné, bez nÄ›j není možné certifikát vytvoÅ™it." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Jméno státu nebo oblasti pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Zadejte celé jméno státu nebo oblasti, které se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Jméno lokality pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Zadejte jméno lokality (napÅ™. mÄ›sta), které se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Název organizace pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Zadejte název organizace (firmy), který se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Název organizaÄní jednotky pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Zadejte název organizaÄní jednotky (napÅ™. oddÄ›lení), který se má použít v " +"požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Obvyklé jméno pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Zadejte běžné jméno (napÅ™. jméno poÄítaÄe), které se má použít v požadavku " +"na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Emailová adresa pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Zadejte emailovou adresu osoby nebo organizace, která se má použít v " +"požadavku na certifikát." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Povolit oportunistické Å¡ifrování?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Tato verze strongSwan podporuje oportunistické Å¡ifrování (OE), které " +"uchovává autentizaÄní informace IPSecu (napÅ™. veÅ™ejné RSA klíÄe) v DNS " +"záznamech. Dokud nebude tato schopnost více rozšířena, způsobí její aktivace " +"výrazné zpomalení každého nového odchozího spojení." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Oportunistické Å¡ifrování byste mÄ›li povolit pouze v případÄ›, že ho opravdu " +"chcete. PÅ™i startu daemona pluto je možné, že se vaÅ¡e probíhající spojení do " +"Internetu pÅ™eruší (pÅ™esnÄ›ji pÅ™estane fungovat výchozí cesta)." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"co nejdříve\", \"po NFS\", \"po PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Existují tÅ™i možnosti, kdy se dá strongSwan spouÅ¡tÄ›t: pÅ™ed NFS službami, " +#~ "po NFS službách nebo po PCMCIA službách. Správná odpovÄ›Ä závisí na vaÅ¡em " +#~ "konkrétním nastavení." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Jestliže nemáte svůj strom /usr pÅ™ipojen skrz NFS (buÄ pÅ™es NFS " +#~ "pÅ™ipojujete jiné, ne tak důležité stromy, nebo NFS vůbec nepoužíváte) a " +#~ "nepoužíváte síťovou kartu PCMCIA, je nejlepší spouÅ¡tÄ›t strongSwan co " +#~ "nejdříve, Äímž umožníte aby byly NFS svazky chránÄ›ny pomocí IPSec. V " +#~ "takovém případÄ› (nebo pokud si nejste jisti, nebo pokud vám na tom " +#~ "nezáleží) na otázku odpovÄ›zte „co nejdříve“ (výchozí)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Jestliže máte strom /usr pÅ™ipojen skrz NFS a nepoužíváte síťovou kartu " +#~ "PCMCIA, musíte spustit strongSwan po NFS, aby byly vÅ¡echny potÅ™ebné " +#~ "soubory dostupné. V tomto případÄ› na otázku odpovÄ›zte „po NFS“. UvÄ›domte " +#~ "si prosím, že v tomto případÄ› nemůže být NFS svazek /usr chránÄ›n pomocí " +#~ "IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Jestliže používáte PCMCIA síťovou kartu pro vaÅ¡e IPSec pÅ™ipojení, pak je " +#~ "jedinou možností jej spustit po PCMCIA službách. V tom případÄ› odpovÄ›zte " +#~ "„po PCMCIA“. Toto je také správná odpovÄ›Ä, pokud chcete získat klíÄe z " +#~ "lokálního DNS serveru s podporou DNSSec." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "PÅ™ejete si restartovat strongSwan?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "PÅ™ejete si podporu IKEv1?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). PÅ™ejete si pÅ™i startu strongSwanu spustit daemona „pluto“ " +#~ "podporujícího IKEv1?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "PÅ™ejete si podporu IKEv2?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). PÅ™ejete si pÅ™i startu strongSwanu spustit daemona " +#~ "„charon“ podporujícího IKEv2?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Tento instalátor může automaticky vytvoÅ™it veÅ™ejný/soukromý pár RSA klíÄů " +#~ "pro tento poÄítaÄ. Pár klíÄů může být využit k autentizaci IPSec spojení " +#~ "na další poÄítaÄe a je upÅ™ednostňovanou cestou pro sestavování bezpeÄných " +#~ "IPSec spojení. Další možností autentizace je využití sdílených tajemství " +#~ "(hesel, která jsou stejná na obou stranách tunelu), ale pro vÄ›tší poÄet " +#~ "spojení je RSA autentizace snazší pro správu a mnohem bezpeÄnÄ›jší." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Délka vytvoÅ™eného RSA klíÄe (v bitech):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Zadejte prosím délku vytvářeného RSA klíÄe. Kvůli bezpeÄnosti by nemÄ›la " +#~ "být menší než 1024 bitů a pravdÄ›podobnÄ› nepotÅ™ebujete víc než 2048 bitů, " +#~ "protože to již zpomaluje proces autentizace." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Tento instalátor může automaticky vytvoÅ™it pouze certifikát X509 " +#~ "podepsaný sám sebou, jelikož v opaÄném případÄ› je k podpisu certifikátu " +#~ "potÅ™eba certifikaÄní autorita. Tento certifikát můžete ihned použít k " +#~ "pÅ™ipojení na další poÄítaÄe s IPSec, které podporují autentizaci pomocí " +#~ "certifikátu X509. NicménÄ› chcete-li využít nových PKI možností " +#~ "strongSwanu >= 1.91, budete k vytvoÅ™ení důvÄ›ryhodných cest potÅ™ebovat " +#~ "vÅ¡echny certifikáty X509 podepsané jedinou certifikaÄní autoritou." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Je opravdu nutné, abyste vložili správný kód zemÄ›, protože openssl jinak " +#~ "odmítne vygenerování certifikátu. Prázdné pole je dovoleno ve vÅ¡ech " +#~ "ostatních polích certifikátu X509 kromÄ› tohoto." + +#~ msgid "Example: AT" +#~ msgstr "Příklad: CZ" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Příklad: Morava" + +#~ msgid "Example: Vienna" +#~ msgstr "Příklad: Olomouc" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno " +#~ "bude umístÄ›no do požadavku na certifikát." + +#~ msgid "Example: Debian" +#~ msgstr "Příklad: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Příklad: bezpeÄnostní oddÄ›lení" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Příklad: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan pÅ™ichází s podporou pro oportunistické Å¡ifrování (OE), které " +#~ "uchovává autentizaÄní informace IPSecu (napÅ™. veÅ™ejné RSA klíÄe) v " +#~ "(nejlépe zabezpeÄených) DNS záznamech. Dokud nebude tato schopnost více " +#~ "rozšířena, způsobí její aktivace výrazné zpomalení každého nového " +#~ "odchozího spojení. Od verze 2.0 pÅ™ichází strongSwan s implicitnÄ› zapnutou " +#~ "podporou OE Äímž pravdÄ›podobnÄ› zruší vaÅ¡e probíhající spojení do " +#~ "Internetu (tj. vaÅ¡i výchozí cestu - default route) v okamžiku, kdy " +#~ "spustíte pluto (strongSwan keying démon)." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Prosím vyberte si zda chcete povolit podporu pro OE. Nejste-li si jisti, " +#~ "podporu nepovolujte." + +#~ msgid "x509, plain" +#~ msgstr "x509, prostý" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Typ páru RSA klíÄů, který se vytvoří:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Je možné vytvoÅ™it prostý pár RSA klíÄů pro použití se strongSwanem, nebo " +#~ "vytvoÅ™it soubor s certifikátem X509, který obsahuje veÅ™ejný RSA klÃ­Ä a " +#~ "dodateÄnÄ› uchovává odpovídající soukromý klíÄ." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Pokud chcete vytvoÅ™it IPSec spojení jen k poÄítaÄům, na kterých taktéž " +#~ "běží strongSwan, může být mnohem jednodušší použít pár prostých RSA " +#~ "klíÄů. Pokud se ale chcete pÅ™ipojit k jiným implementacím IPSec, budete " +#~ "potÅ™ebovat certifikát X509. Také je možné zde vytvoÅ™it certifikát X509 a " +#~ "pozdÄ›ji, pokud druhá strana používá strongSwan bez podpory certifikátů " +#~ "X509, z nÄ›j získat veÅ™ejný RSA klÃ­Ä v prostém formátu." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Certifikát X509 je proto doporuÄován zejména díky své flexibilitÄ›. Tento " +#~ "instalátor by v mÄ›l být schopen skrýt komplexnost vytváření a používání " +#~ "certifikátu ve strongSwanu." --- strongswan-4.3.2.orig/debian/po/vi.po +++ strongswan-4.3.2/debian/po/vi.po @@ -0,0 +1,430 @@ +# Vietnamese translation for StrongSwan. +# Copyright © 2009 Free Software Foundation, Inc. +# +# Clytie Siddall , 2005-2009, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-20\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 15:01+0100\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: LocFactoryEditor 1.8\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "sá»›m nhất" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "sau NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "sau PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "StrongSwan nên khởi chạy khi nào :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan khởi chạy trong tiến trình khởi Ä‘á»™ng hệ thống, để bảo vệ những hệ " +"thống tập tin được tá»± Ä‘á»™ng gắn kết." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" • sá»›m nhất\tNếu /usr không phải được gắn kết thông qua NFS,\n" +"\t\t\tvà máy này không dùng bo mạch mạng PCMCIA,\n" +"\t\t\tthì strongSwan nên khởi chạy sá»›m nhất có thể,\n" +"\t\t\tđể IPSec bảo mật những Ä‘iểm lắp NFS.\n" +" • sau NFS\tNếu /usr có phải được gắn kết thông qua NFS,\n" +"\t\t\tvà máy này không dùng bo mạch mạng PCMCIA.\n" +" • sau PCMCIA\t\tNếu kết nối IPSec dùng bo mạch mạng PCMCIA,\n" +"\t\t\t\thoặc nếu nó cần lấy khoá từ má»™t trình phục vụ DNS\n" +"\t\t\t\tchạy cục bá»™ có há»— trợ DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Khởi chạy lại strongSwan ngay bây giá» ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Khuyên khởi chạy lại strongSwan, vì phần má»m giải quyết vấn Ä‘á» bảo mật (nếu " +"có) chỉ được hiệu lá»±c khi trình ná»n khởi chạy lại. Ghi chú : hành vi khởi " +"chạy lại cÅ©ng có thể đóng và mở lại kết nối đã có." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Không khởi chạy lại strongSwan ngay bây giá» thì quản trị nên tá»± làm sá»›m nhất " +"có thể." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Khởi chạy trình ná»n IKEv1 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Äồng thá»i cÅ©ng cần phải chạy trình ná»n pluto, để há»— trợ phiên bản 1 của giao " +"thức Trao Äổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Khởi chạy trình ná»n IKEv2 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Äồng thá»i cÅ©ng cần phải chạy trình ná»n charon, để há»— trợ phiên bản 2 của " +"giao thức Trao Äổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Tạo má»™t cặp khoá công/riêng RSA cho máy này ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan có khả năng sá»­ dụng má»™t khoá chia sẻ sẵn (PSK) hay má»™t cặp khoá " +"RSA, để xác thức kết nối IPSec tá»›i máy khác. Quá trình xác thức RSA thÆ°á»ng " +"được xem là bảo mật hÆ¡n, cÅ©ng dá»… hÆ¡n quản trị. Có thể dùng đồng thá»i hai quá " +"trình xác thá»±c PSK và RSA." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Không muốn tạo má»™t cặp khóa công/riêng má»›i thì bÆ°á»›c kế tiếp cho bạn sá»­ dụng " +"má»™t khoá đã có." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Vá»›i strongSwan, dùng má»™t chứng nhận X.509 đã có ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Thông tin yêu cầu có thể được tá»± Ä‘á»™ng trích ra má»™t chứng nhận X.509 đã tồn " +"tại mà có má»™t cặp khoá RSA riêng tÆ°Æ¡ng ứng. Cả hai phần có thể nằm trong " +"cùng má»™t tập tin theo định dạng PEM. Nếu bạn có tập tin nhÆ° vậy chứa chứng " +"nhận và khoá, và muốn dùng nó để xác thá»±c kết nối IPSec, thì có nên bật tuỳ " +"chá»n này." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Tên tập tin chứng nhận X.509 có dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Hãy nhập Ä‘Æ°á»ng dẫn đầy đủ đến tập tin chứa chứng nhận X.509 của bạn, theo " +"định dạng PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Tên tập tin khoá riêng X.509 có dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Hãy nhập Ä‘Æ°á»ng dẫn đầy đủ đến tập tin chứa khoá RSA riêng tÆ°Æ¡ng ứng vá»›i " +"chứng nhận X.509 của bạn, theo định dạng PEM. (Äây có thể là cùng má»™t tập " +"tin vá»›i nó chứa chứng nhận X.509.)" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Äá»™ dài khoá RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Hãy nhập chiá»u dài của khoá RSA bạn muốn tạo. Giá trị này nên nằm giữa 1024 " +"và 2048 bit. Giá trị nhá» hÆ¡n 1024 không phải được xem là bảo mật. Giá trị " +"lá»›n hÆ¡n 2048 sẽ rất có thể giảm tốc Ä‘á»™ chạy máy tính." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Tạo má»™t chứng nhận X.509 tá»± ký ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Chỉ chứng nhận X.509 tá»± ký có thể được tá»± Ä‘á»™ng tạo, vì chứng nhận loại khác " +"yêu cầu chữ ký của má»™t nhà cầm quyá»n cấp chứng nhận (CA)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Bật tùy chá»n này thì chứng nhận đã tạo có thể được sá»­ dụng ngay lập tức để " +"kết nối tá»›i máy IPSec khác mà há»— trợ xác thá»±c thông qua má»™t chứng nhận " +"X.509. Tuy nhiên, để sá»­ dụng tính năng PKI của strongSwan cÅ©ng cần phải tạo " +"má»™t Ä‘Æ°á»ng dẫn tin cậy (tất cả các chứng nhận X.509 được ký bởi cùng má»™t nhà " +"cầm quyá»n)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Không bật tuỳ chá»n này thì chỉ khoá riêng RSA sẽ được tạo, cùng vá»›i má»™t lá»i " +"yêu cầu chứng nhận cho bạn xin chữ ký của má»™t nhà cầm quyá»n cấp chứng nhận " +"(CA)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Mã quốc gia cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Hãy nhập mã quốc gia hai chữ ISO-3166 (v.d. « vn ») của chá»— bạn, cho lá»i yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Không Ä‘iá»n vào trÆ°á»ng này thì không thể tạo chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Tên của bảng hay tỉnh cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Hãy nhập tên đầy đủ của bang hay tỉnh nÆ¡i bạn ở, để bao gồm trong lá»i yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Tên vùng cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Hãy nhập tên vùng (v.d. thành phố) nên dùng trong lá»i yêu cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Tên tổ chức cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Hãy nhập tên tổ chức (v.d. công ty, trÆ°á»ng há»c) nên dùng trong yêu cầu chứng " +"nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Tên Ä‘Æ¡n vị tổ chức cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Hãy nhập Ä‘Æ¡n vị tổ chức (v.d. phòng ban, khoa) nên dùng trong yêu cầu chứng " +"nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Tên chung cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Hãy nhập tên chung (v.d. tên máy của máy tính này) nên dùng trong yêu cầu " +"chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Äịa chỉ thÆ° cho lá»i yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Hãy nhập địa chỉ thÆ° Ä‘iện tá»­ (của ngÆ°á»i hay tổ chức chịu trách nhiệm vá» yêu " +"cầu này) nên dùng trong yêu cầu chứng nhận." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Bật mật mã cÆ¡ há»™i chủ nghÄ©a ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Phiên bản strongSwan này há»— trợ mật mã cÆ¡ há»™i chủ nghÄ©a (OE) mà cất giữ " +"thông tin xác thá»±c IPSec trong mục ghi DNS. Chức năng này chÆ°a phổ biến thì " +"vẫn còn làm trá»… má»—i kết nối má»›i gá»­i Ä‘i." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"ChÆ°a chắc thì không nên hiệu lá»±c chức năng mật mã cÆ¡ há»™i chủ nghÄ©a. Nó cÅ©ng " +"có thể đóng kết nối Internet (Ä‘Æ°á»ng dẫn mặc định) do trình ná»n pluto khởi " +"chạy." --- strongswan-4.3.2.orig/debian/po/templates.pot +++ strongswan-4.3.2/debian/po/templates.pot @@ -0,0 +1,362 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" --- strongswan-4.3.2.orig/debian/po/pt_BR.po +++ strongswan-4.3.2/debian/po/pt_BR.po @@ -0,0 +1,749 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: openswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2005-01-24 21:53-0200\n" +"Last-Translator: André Luís Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +#, fuzzy +msgid "When to start strongSwan:" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "Restart strongSwan now?" +msgstr "Você deseja reiniciar o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Reiniciar o Openswan é uma boa idéia, uma vez que caso exista um correção " +"para uma falha de segurança, o mesmo não será corrigido até que o daemon " +"seja reiniciado. A maioria das pessoas esperam que o daemon seja reiniciado, " +"portanto essa é geralmente uma boa idéia. Porém, reiniciar o Openswan pode " +"derrubar conexões existentes, mas posteriormente trazê-las de volta." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Você deseja criar um par de chaves RSA pública/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Você possui um arquivo de certificado X509 existente que você gostaria de " +"usar com o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Este instalador pode extrair automaticamente a informação necessária de um " +"certificado X509 existente com uma chave RSA privada adequada. Ambas as " +"partes podem estar em um arquivo, caso estejam no formato PEM. Você possui " +"um certificado existente e um arquivo de chave e quer usá-los para " +"autenticar conexões IPSec ?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" +"Por favor, informe a localização de seu certificado X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor, informe a localização do arquivo contendo seu certificado X509 no " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "" +"Por favor, informe a localização de sua chave privada X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Por favor, informe a localização do arquivo contendo a chave privada RSA que " +"casa com seu certificado X509 no formato PEM. Este pode ser o mesmo arquivo " +"que contém o certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +msgid "Create a self-signed X.509 certificate?" +msgstr "Deseja criar um certificado X509 auto-assinado ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Caso você não queira criar um certificado auto-assinado, este instalador irá " +"somente criar a chave privada RSA e a requisição de certificado e você terá " +"então que assinar a requisição de certificado junto a sua autoridade " +"certificadora." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +msgid "Country code for the X.509 certificate request:" +msgstr "" +"Por favor, informe o código de país para a requisição de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Por favor, informe o códifo de país de duas letras para seu país. Esse " +"código será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +msgid "State or province name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o estado ou nome de província para a requisição de " +"certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Por favor, informe o nome complete do estado ou província em que você mora. " +"Esse nome será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +msgid "Locality name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da localidade para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Por favor, informe a localidade (ou seja, cidade) onde você mora. Esse nome " +"será inserido na requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +msgid "Organization name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da organização para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Por favor, informe a unidade organizacional (ou seja, seção ou departamento) " +"para a qual este certificado deverá ser criado. Esse nome será inserido na " +"requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" +"Por favor, informe a unidade organizacional para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Por favor, informe a unidade organizacional (ou seja, seção ou departamento) " +"para a qual este certificado deverá ser criado. Esse nome será inserido na " +"requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +msgid "Common name for the X.509 certificate request:" +msgstr "Por favor, informe o nome comum para a requisição de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Por favor, informe o nome comum (ou seja, o nome do host dessa máquina) para " +"o qual o certificado X509 deverá ser criado. Esse nome será inserido na " +"requisição de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "Email address for the X.509 certificate request:" +msgstr "" +"Por favor, informe o endereço de e-mail para a requisição de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Por favor, informe o endereço de e-mail da pessoa ou organização responsável " +"pelo certificado X509. Esse endereço será inserido na requisição de " +"certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +msgid "Enable opportunistic encryption?" +msgstr "Você deseja habilitar a encriptação oportunística no Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "o quando antes, \"depois do NFS\", \"depois do PCMCIA\"" + +#, fuzzy +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Com os níveis de inicialização atuais do Debian (quase todos os serviços " +#~ "iniciando no nível 20) é impossível para o Openswan sempre iniciar no " +#~ "momento correto. Existem três possibilidades para quando iniciar o " +#~ "Openswan : antes ou depois dos serviços NFS e depois dos serviços PCMCIA. " +#~ "A resposta correta depende se sua configuração específica." + +#, fuzzy +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Caso você não possua sua àrvore /usr montada via NFS (você somente monta " +#~ "outras àrvores não vitais via NFS ou não usa àrvores montadas via NFS) e " +#~ "não use um cartão de rede PCMCIA, a melhor opção é iniciar o Openswan o " +#~ "quando antes, permitindo dessa forma que os pontos de montagem NFS " +#~ "estejam protegidos por IPSec. Nesse caso (ou caso você não compreenda ou " +#~ "não se importe com esse problema), responda \"o quando antes\" para esta " +#~ "pergunta (o que é o padrão)." + +#, fuzzy +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Caso você possua sua àrvore /usr montada via NFS e não use um cartão de " +#~ "rede PCMCIA, você precisará iniciar o Openswan depois do NFS de modo que " +#~ "todos os arquivos necessários estejam disponíveis. Nesse caso, responda " +#~ "\"depois do NFS\" para esta pergunta. Por favor, note que a montagem NFS " +#~ "de /usr não poderá ser protegida pelo IPSec nesse caso." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Caso você use um cartão de rede PCMCIA para suas conexões IPSec você " +#~ "precisará somente optar por iniciar o Opensan depois dos serviços PCMCIA. " +#~ "Responda \"depois do PCMCIA\" nesse caso. Esta é também a maneira correta " +#~ "de obter chaves de um servidor DNS sendo executado localmente e com " +#~ "suporte a DNSSec." + +#, fuzzy +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Este instalador pode automaticamente criar um par de chaves RSA pública/" +#~ "privada para este host. Esse par de chaves pode ser usado para autenticar " +#~ "conexões IPSec com outros hosts e é a maneira preferida de construir " +#~ "conexões IPSec seguras. A outra possibilidade seria usar segredos " +#~ "compartilhados (senhas que são iguais em ambos os lados do túnel) para " +#~ "autenticar uma conexão, mas para um grande número de conexões RSA a " +#~ "autenticação é mais fácil de administrar e mais segura." + +#, fuzzy +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Qual deve ser o tamanho da chave RSA criada ?" + +#, fuzzy +#~| msgid "" +#~| "Please enter the length of the created RSA key. it should not be less " +#~| "than 1024 bits because this should be considered unsecure and you will " +#~| "probably not need anything more than 2048 bits because it only slows the " +#~| "authentication process down and is not needed at the moment." +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Por favor, informe o tamanho da chave RSA a ser criada. A mesma não deve " +#~ "ser menor que 1024 bits devido a uma chave de tamanho menor que esse ser " +#~ "considerada insegura. Você também não precisará de nada maior que 2048 " +#~ "porque isso somente deixaria o processo de autenticação mais lento e não " +#~ "seria necessário no momento." + +#, fuzzy +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Este instalador pode criar automaticamente somente certificados X509 auto-" +#~ "assinados, devido a uma autoridade certificadora ser necessária para " +#~ "assinar a requisição de certificado. Caso você queira criar um " +#~ "certificado auto-assinado, você poderá usá-lo imediatamente para conexão " +#~ "com outros hosts IPSec que suportem certificados X509 para autenticação " +#~ "de conexões IPSec. Porém, caso você queira usar os novos recursos PKI do " +#~ "Openswan versão 1.91 ou superior, você precisará possuir todos seus " +#~ "certificados X509 assinados por uma única autoridade certificadora para " +#~ "criar um caminho de confiança." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Você realmente precisa informar um código de país válido aqui devido ao " +#~ "openssl se recusar a gerar certificados sem um código de país válido. Um " +#~ "campo em branco é permitido para qualquer outro campo do certificado " +#~ "X.509, mas não para esse campo." + +#~ msgid "Example: AT" +#~ msgstr "Exemplo: BR" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Exemplo : Sao Paulo" + +#~ msgid "Example: Vienna" +#~ msgstr "Exemplo : Sao Paulo" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Por favor, informe a organização (ou seja, a empresa) para a qual este " +#~ "certificado X509 deverá ser criado. Esse nome será inserido na requisição " +#~ "de certificado." + +#~ msgid "Example: Debian" +#~ msgstr "Exemplo : Debian" + +#~ msgid "Example: security group" +#~ msgstr "Exemplo : Grupo de Segurança" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Exemplo : gateway.debian.org" + +#, fuzzy +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "O Openswan suporta encriptação oportunística (OE), a qual armazena " +#~ "informações de autenticação IPSec (por exemplo, chaves públicas RSA) em " +#~ "registros DNS (preferivelmente seguros). Até que esse suporte esteja " +#~ "largamento sendo utilizado, ativá-lo irá causar uma signficante lentidão " +#~ "para cada nova conexão de saída. Iniciando a partir da versão 2.0, o " +#~ "Openswan, da forma como é distribuído pelos desenvolvedores oficiais, é " +#~ "fornecido com o suporte a OE habilitado por padrão e, portanto, " +#~ "provavelmente irá quebrar suas conexões existentes com a Internet (por " +#~ "exemplo, sua rota padrão) tão logo o pluto (o daemon de troca de chaves " +#~ "do Openswan) seja iniciado." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Por favor, informe se você deseja habilitar o suporte a OE. Em caso de " +#~ "dúvidas, não habilite esse suporte." + +#~ msgid "x509, plain" +#~ msgstr "x509, pura" + +#, fuzzy +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Qual tipo de par de chaves RSA você deseja criar ?" + +#, fuzzy +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "É possível criar um par de chaves RSA pública/privada pura (plain) para " +#~ "uso com o Openswan ou para criar um arquivo de certificado X509 que irá " +#~ "conter a chave RSA pública e adicionalmente armazenar a chave privada " +#~ "correspondente." + +#, fuzzy +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Caso você queira somente construir conexões IPsec para hosts e também " +#~ "executar o Openswan, pode ser um pouco mais fácil usar pares de chaves " +#~ "RSA puros (plain). Mas caso você queira se conectar a outras " +#~ "implementações IPSec, você precisará de um certificado X509. É também " +#~ "possível criar um certificado X509 aqui e extrair a chave pública em " +#~ "formato puro (plain) caso o outro lado execute o Openswan sem suporte a " +#~ "certificados X509." + +#, fuzzy +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Um certificado X509 é recomendado, uma vez que o mesmo é mais flexível e " +#~ "este instalador é capaz de simplificar a complexa criação do certificado " +#~ "X509 e seu uso com o Openswan." + +#, fuzzy +#~ msgid "Please choose the when to start strongSwan:" +#~ msgstr "Você deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "At which level do you wish to start strongSwan ?" +#~ msgstr "Em que nível você deseja iniciar o Openswan ?" + +#~ msgid "2048" +#~ msgstr "2048" --- strongswan-4.3.2.orig/debian/po/pt.po +++ strongswan-4.3.2/debian/po/pt.po @@ -0,0 +1,435 @@ +# translation of strongswan debconf to Portuguese +# Copyright (C) 2007 the strongswan's copyright holder +# This file is distributed under the same license as the strongswan package. +# +# Luísa Lourenço , 2007. +# Américo Monteiro , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-2\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:59+0100\n" +"Last-Translator: Américo Monteiro \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "mais cedo" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "após NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "após PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Quando se deve iniciar o strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"O strongSwan arranca durante o arranque do sistema para que possa proteger " +"os sistemas de ficheiros que são montados automaticamente." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * mais cedo: se o /usr não for montado através de NFS e você não usa uma\n" +" placa de rede PCMCIA, é melhor arrancar o strongSwan o mais cedo " +"possível,\n" +" para que as montagens NFS sejam seguras por IPSec;\n" +" * após NFS: recomendado quando o /usr é montado através de NFS e nenhuma\n" +" placa de rede PCMCIA é usada;\n" +" * após PCMCIA: recomendado se a ligação IPSec usa uma placa de rede PCMCIA\n" +" ou se necessita que sejam obtidas chaves a partir dum servidor DNS que\n" +" corre localmente com suporte a DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Reiniciar agora o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"É recomendado reiniciar o strongSwan, porque se existir uma correcção de " +"segurança, esta não será aplicada até que o daemon seja reiniciado. No " +"entanto isto poderá fechar ligações existentes e depois ligá-las de novo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Se você não reiniciar o strongSwan agora, deve fazê-lo manualmente na " +"primeira oportunidade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Iniciar o daemon IKEv1 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto precisa de estar a funcionar para suportar a versão 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Iniciar o daemon IKEv2 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon precisa de estar a funcionar para suportar a versão 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Criar um par de chaves pública/privada RSA para esta máquina?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"O strongSwan pode usar uma chave Pré-Partilhada (PSK) ou um par de chaves " +"RSA para autenticar ligações IPSec a outras máquinas. A autenticação RSA é " +"geralmente considerada mais segura e mais fácil de administrar. Você pode " +"usar autenticação PSK e RSA em simultâneo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Se não quiser criar um novo par de chaves pública/privada, pode escolher " +"usar um já existente no próximo passo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Usar um certificado X.509 existente para o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"A informação necessária pode ser extraída automaticamente de um certificado " +"X.509 existente com uma chave RSA privada coincidente. Ambas as partes podem " +"estar num ficheiro, se estiver no formato PEM. iDeve escolher esta opção se " +"tiver tal ficheiro de certificado e chave existente e quiser usá-lo para " +"autenticar ligações IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Nome de ficheiro do seu certificado X.509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém o seu " +"certificado X.509 em formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Nome do ficheiro da sua chave privada X.509 existente em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém a chave " +"privada RSA que coincide com o seu certificado X.509 em formato PEM. Este " +"pode ser o mesmo ficheiro do certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Comprimento da chave RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Por favor indique o comprimento da chave RSA que deseja gerar. Um valor " +"menor que 1024 bits não é considerado seguro. Um valor maior que 2048 bits " +"irá provavelmente afectar as performance." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Criar um certificado X.509 auto-assinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Apenas certificados X.509 auto-assinados podem ser gerados automaticamente, " +"porque de outro modo é necessário uma autoridade de certificados para " +"assinar o pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Se aceitar esta opção, o certificado criado pode ser usado imediatamente " +"para ligar a outros máquinas IPSec que suportam autenticação através de um " +"certificado X.509. No entanto, usar as funcionalidades PKI do strongSwan " +"necessita que um caminho de confiança seja criado ao ter todos os " +"certificados X.509 assinados por uma única autoridade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Se não aceitar esta opção, apenas será criada a chave RSA privada, " +"juntamente com um pedido de certificado o qual precisa de estar assinado por " +"uma autoridade de certificados." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Por favor insira o código de país ISO3166 de 2 letras que será usado no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Este campo é obrigatório: de outro modo não se pode gerar um certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado ou nome da província para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Por favor insira o nome completo do estado ou província a incluir no pedido " +"de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome da localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Por favor insira a localidade (geralmente uma cidade) que deverá ser usada " +"no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organização para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Por favor insira o nome da organização (geralmente uma companhia) que deverá " +"ser usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizativa para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Por favor insira o nome da unidade organizativa (geralmente um departamento) " +"que deverá ser usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nome comum para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Por favor insira o nome comum (tal como o nome desta máquina) que deverá ser " +"usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Endereço de email para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Por favor insira o endereço de email (da pessoa ou organização responsável) " +"que deverá ser usado no pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Activar encriptação oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versão do strongSwan suporta encriptação oportunista (OE), a qual " +"guarda informação de autenticação IPSec em registos DNS. Até que isto esteja " +"amplamente instalado, a sua activação irá causar um atraso significante em " +"cada nova ligação de saída." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Você deverá apenas activar a encriptação oportunista se tiver a certeza que " +"a quer. Pode quebrar a ligação à Internet (rota predefinida) assim que o " +"daemon pluto arrancar." --- strongswan-4.3.2.orig/debian/po/fi.po +++ strongswan-4.3.2/debian/po/fi.po @@ -0,0 +1,427 @@ +# Copyright (C) 2009 +# This file is distributed under the same license as the strongswan package. +# +# Esko Arajärvi , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:49+0100\n" +"Last-Translator: Esko Arajärvi \n" +"Language-Team: Finnish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "mahdollisimman aikaisin" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "NFS:n jälkeen" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "PCMCIA:n jälkeen" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Koska strongSwan käynnistetään:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan käynnistetään järjestelmän käynnistyessä, jotta se voi suojella " +"automaattisesti liitettäviä levyjärjestelmiä." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +"* mahdollisimman aikaisin: Jos hakemistoa /usr ei liitetä NFS:n avulla,\n" +" eikä käytössä ole PCMCIA-verkkokortteja, strongSwan kannattaa\n" +" käynnistää mahdollisimman aikaisin, jotta liitettävät NFS-järjestelmät\n" +" voidaan suojata IPSecillä.\n" +"* NFS:n jälkeen: suositeltava, kun käytössä ei ole PCMCIA-verkkokortteja\n" +" ja /usr liitetään NFS:n avulla.\n" +"* PCMCIA:n jälkeen: suositeltava, jos IPSec-yhteys käyttää\n" +" PCMCIA-verkkokorttia tai hakee avaimia paikalliselta DNS-palvelimelta\n" +" DNSSec-tuen avulla." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Käynnistetäänkö strongSwan uudelleen nyt?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"On suositeltavaa käynnistää strongSwan-taustaohjelma uudelleen, koska " +"mahdolliset tietoturvapäivitykset eivät tule käyttöön ennen tätä. Tämä " +"saattaa kuitenkin katkaista olemassa olevat yhteydet ja avata ne sitten " +"uudelleen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Jos et käynnistä strongSwania nyt uudelleen, tee se käsin mahdollisimman " +"pian." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv1-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 1 tuki vaatii, että pluto-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv2-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 2 tuki vaatii, että charon-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Luodaanko tälle koneelle julkisesta ja salaisesta avaimesta koostuva RSA-" +"avainpari?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan voi käyttää ennalta vaihdettua avainta (Pre-Shared Key, PSK) tai " +"RSA-avainparia varmentaessaan IPSec-yhteyksiä toisiin koneisiin. RSA-" +"varmennusta pidetään yleisesti turvallisempana ja helpommin ylläpidettävänä. " +"PSK- ja RSA-varmennuksia voidaan käyttää yhtä aikaa." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Jos et halua luoda uutta avainparia, voi valita olemassa olevan parin " +"seuraavassa vaiheessa." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Tulisiko strongSwanin käyttää olemassa olevaa X.509-varmennetiedostoa?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Vaadittavat tiedot voidaan automaattisesti erottaa olemassa olevasta X.509-" +"varmennetiedostosta täsmäävällä salaisella RSA-avaimella. Avaimen molemmat " +"osat voivat olla samassa tiedostossa, jos se on PEM-muodossa. Valitse tämä " +"vaihtoehto, jos tällaiset varmenne- ja avaintiedostot ovat olemassa ja " +"haluat käyttää niitä IPSec-yhteyksien varmentamiseen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "PEM-muodossa olevan X.509-varmennetiedoston nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston täydellinen " +"polku." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "PEM-muotoisen, olemassa olevan, salaisen X.509-avaimen tiedostonimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Anna PEM-muodossa olevaan X.509-varmenteeseen täsmäävän salaisen RSA-avaimen " +"täydellinen polku. Tämä voi olla sama tiedosto kuin X.509-varmenteen " +"sisältävä." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA-avaimen pituus:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Anna luotavan RSA-avaimen pituus. 1024 bittiä lyhyempiä avaimia ei pidetä " +"turvallisina. 2048 bittiä pidemmät avaimet luultavasti heikentävät " +"suorituskykyä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Luodaanko itseallekirjoitettu X.509-varmenne?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Vain itseallekirjoitettu X.509-varmenne voidaan luoda automaattisesti, koska " +"muussa tapauksessa tarvitaan ulkoinen varmentaja allekirjoittamaan " +"varmennepyyntö." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Jos valitset tämän vaihtoehdon, luotua varmennetta voidaan heti käyttää " +"yhteyksien ottamiseen toisiin IPSEc-koneisiin, jotka tukevat varmentamista " +"X.509-varmenteilla. StrongSwanin PKI-ominaisuuksien käyttö kuitenkin vaatii " +"varmennuspolun, jossa sama varmentaja on allekirjoittanut kaikki X.509-" +"varmenteet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Jos et valitse tätä vaihtoehtoa, luodaan vain salainen RSA-avain ja " +"varmennepyyntö, joka pitää lähettää ulkoisen varmentajan " +"allekirjoitettavaksi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön maakoodi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "Anna varmennepyynnössä käytettävä kaksikirjaiminen ISO-3166-maakoodi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Tämä kenttä on pakollinen. Ilman sitä varmennetta ei voida luoda." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön osavaltio, lääni tai maakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Anna varmennepyyntöön sisällytettävä osavaltion, läänin tai maakunnan koko " +"nimi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön paikkakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "Anna varmennepyynnössä käytettävä paikkakunnan nimi (usein kaupunki)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "Anna varmennepyynnössä käytettävä järjestön nimi (usein yritys)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön yksikkö:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "Valitse varmennepyynnössä käytettävä järjestön yksikkö (usein osasto)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön yleinen nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Anna varmennepyynnössä käytettävä yleinen nimi (kuten tämän koneen " +"verkkonimi)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön sähköpostiosoite:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Anna varmennepyynnössä käytettävä sähköpostiosoite (yksityinen ja järjestön)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Käytetäänkö opportunistista salausta?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwanin tämä versio tukee opportunistista salausta (opportunistic " +"encryption, OE), joka tallentaa IPSec-varmennustietoja DNS-tietueisiin. " +"Ennen kuin tämä käytäntö yleistyy laajalti, sen käyttö aiheuttaa merkittävän " +"viiveen jokaiseen uuteen ulospäin otettavaan yhteyteen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Valitse opportunistinen salaus vain, jos olet varma, että haluat sen " +"käyttöön. Se saattaa rikkoa Internet-yhteyden (oletusreitityksen), kun pluto-" +"taustaohjelma käynnistyy." --- strongswan-4.3.2.orig/debian/po/fr.po +++ strongswan-4.3.2/debian/po/fr.po @@ -0,0 +1,436 @@ +# Translation of strongswan debconf templates to French +# Copyright (C) 2005-2007 Christian Perrier +# This file is distributed under the same license as the strongswan package. +# +# Christian Perrier , 2005-2007, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:50+0100\n" +"Last-Translator: Christian Perrier \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: Plural-Forms: nplurals=2; plural=n>1;\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "Le plus tôt possible" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "Après NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "Après PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Moment de démarrage de strongSwan :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan est lancé au démarrage du système afin de pouvoir protéger les " +"systèmes de fichiers qui sont montés automatiquement." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" - Le plus tôt possible : conseillé si /usr n'est pas monté par NFS\n" +" et que vous n'utilisez pas de carte réseau PCMCIA ;\n" +" - Après NFS : recommandé si /usr est un montage NFS et qu'aucune\n" +" carte réseau PCMCIA n'est utilisée ;\n" +" - après PCMCIA : recommandé si la connexion IPSec utilise une carte\n" +" réseau PCMCIA ou s'il est nécessaire de récupérer des clés\n" +" depuis un serveur DNS qui gère DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Faut-il redémarrer StrongSwan maintenant ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Redémarrer strongSwan est préférable car un éventuel correctif de sécurité " +"ne prendra effet que si le démon est redémarré. Cependant, cela pourrait " +"interrompre provisoirement des connexions en cours." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Si vous ne redémarrez pas StrongSwan maintenant, il est conseillé de le " +"faire manuellement dès que possible." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Faut-il démarrer le démon IKEv1 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « pluto » doit fonctionner pour que la version 1 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Faut-il démarrer le démon IKEv2 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « charon » doit fonctionner pour que la version 2 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Faut-il créer une paire de clés RSA publique et privée pour cet hôte ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan peut utiliser une clé secrète partagée (PSK : « Pre-Shared Key ») " +"ou une paire de clés RSA pour gérer l'authentification des connexions IPSec " +"vers d'autres hôtes. L'authentification RSA est en général considérée comme " +"plus sûre et plus simple à administrer. Les deux modes d'authentification " +"peuvent être utilisés en même temps." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Si vous ne souhaitez pas créer une paire de clés publique et privée, vous " +"pouvez choisir d'en utiliser une existante." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Faut-il utiliser un fichier de certificat X.509 existant avec strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"L'information nécessaire peut être récupérée depuis un fichier de certificat " +"X.509 existant, avec la clé privée RSA correspondante. Les deux parties " +"peuvent se trouver dans un seul fichier, s'il est en format PEM. Vous " +"devriez choisir cette option si vous possédez un tel certificat ainsi que la " +"clé privée, et si vous souhaitez vous en servir pour l'authentification des " +"connexions IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Emplacement de votre certificat X.509 au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant votre certificat X.509 " +"au format PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Emplacement de votre clé privée X.509 actuelle au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant la clé privée RSA " +"correspondant à votre certificat X.509 au format PEM. Cela peut être le même " +"fichier que le certificat X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Taille de la clé RSA :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Veuillez indiquer la taille de la clé RSA que vous souhaitez créer. Une " +"valeur inférieure à 1024 bits n'est pas considérée comme sûre. Une valeur " +"supérieure à 2048 bits risque d'altérer les performances." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Faut-il créer un certificat X.509 auto-signé ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Seuls les certificats X.509 auto-signés peuvent être créés automatiquement " +"car, pour les autres certificats, une autorité de certification est " +"indispensable." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Si vous choisissez cette option, le certificat qui sera créé pourra être " +"utilisé immédiatement pour la connexion à d'autres hôtes IPSec qui gèrent " +"l'authentification par certificat X.509. Cependant l'utilisation des " +"fonctionnalités PKI (« Public Key Infrastructure » : infrastructure publique " +"de clés) de strongSwan impose la création d'un chemin de confiance avec tous " +"les certificats X.509 signés par la même autorité de certification." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Si vous ne choisissez pas cette option, seules la clé privée RSA et la " +"demande de certificat seront créées. Vous devrez ensuite faire signer cette " +"demande par une autorité de certification." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Code du pays pour le certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Veuillez indiquer le code ISO3166 à deux lettres du pays qui sera utilisé " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Ce champ est obligatoire, sinon le certificat ne pourra pas être créé." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "État ou province pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Veuillez indiquer le nom complet de l'état ou de la province qui sera inclus " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Localité pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Veuillez indiquer la localité (le plus souvent la ville) qui sera utilisée " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisme pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Veuillez indiquer le nom de l'organisme (le plus souvent un nom " +"d'entreprise) qui sera utilisé dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unité d'organisation pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Veuillez indiquer l'unité d'organisation (p. ex. département, division, " +"etc.) qui sera utilisée dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nom commun pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Veuillez indiquer le nom commun (p. ex. le nom réseau de cette machine) qui " +"sera utilisé dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Adresse électronique pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Veuillez indiquer l'adresse électronique (de la personne ou de l'organisme " +"responsable) qui sera utilisée dans la demande de certificat." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Faut-il activer le chiffrement opportuniste ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Cette version de strongSwan gère le chiffrement opportuniste (OE) qui " +"conserve les informations d'authentification IPSec dans des enregistrements " +"DNS. Tant que cette fonctionnalité n'est pas déployée largement, l'activer " +"augmentera notablement la durée d'établissement des connexions sortantes." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Vous ne devriez l'activer que s'il est indispensable de l'utiliser. Il est " +"possible que cela coupe la connexion Internet (la route par défaut) au " +"moment où le démon « pluto » démarre." --- strongswan-4.3.2.orig/debian/po/nb.po +++ strongswan-4.3.2/debian/po/nb.po @@ -0,0 +1,425 @@ +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Bjørn Steensrud , 2009. +msgid "" +msgstr "" +"Project-Id-Version: nb\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:59+0100\n" +"Last-Translator: Bjørn Steensrud \n" +"Language-Team: Norwegian BokmÃ¥l \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "tidligst" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "etter NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "etter PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "NÃ¥r strongSwan skal startes:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan starter under systemoppstart, slik at det kan beskytte " +"filsystemer som monteres automatisk." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * tidligst: hvis /usr ikke monteres via NFS og du ikke bruker et\n" +" PCMCIA nettverkskort, sÃ¥ er det best Ã¥ starte strongSwan\n" +" snarest mulig, slik at NFS-montering kan sikres med IPSec;\n" +" * etter NFS: anbefales nÃ¥r /usr monteres via NFS og det ikke\n" +" brukes noe PCMCIA nettverkskort.\n" +" * etter PCMCIA: anbefales hvis IPSec-tilkoblingen bruker et PCMCIA\n" +" nettverkskort eller om den trenger Ã¥ hente nøkler fra en lokal\n" +" DNS-tjener med DNSSec-støtte. " + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Start strongSwan pÃ¥ nytt nÃ¥" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Det anbefales Ã¥ starte strongSwan pÃ¥ nytt nÃ¥, for om det var en " +"sikkerhetsrettelse, sÃ¥ fÃ¥r den ikke effekt før daemonen startes pÃ¥ nytt. " +"Imidlertid kan dette lukke eksisterende forbindelser og deretter koble dem " +"opp igjen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Hvis du ikke gjør en omstart pÃ¥ strongSwan nÃ¥, sÃ¥ bør du gjøre det manuelt " +"ved første anledning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Skal strongSwans IKEv1-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-daemonen mÃ¥ kjøre for Ã¥ kunne støtte versjon 1 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Skal strongSwans IKEv2-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-daemonen mÃ¥ kjøre for Ã¥ kunne støtte versjon 2 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Skal det lages et offentlig/privat RSA-nøkkelpar for denne verten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan kan bruke en delt nøkkel (PSK) eller et RSA-nøkkelpar for Ã¥ " +"autentisere IPSec-forbindelser til andre verter. RSA-autentisering betraktes " +"for det meste som sikrere og lettere Ã¥ administrere. Du kan bruke PSK og RSA-" +"autentisering samtidig." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Hvis du ikke vil lage et nytt offentlig/privat nøkkelpar, sÃ¥ kan du velge Ã¥ " +"bruke et eksisterende nøkkelpar i neste steg." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Skal et eksisterende X.509-sertifikat brukes for strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Den informasjonen som trengs kan hentes automatisk fra et eksisterende X.509-" +"sertifikat med tilhørende privat RSA-nøkkel. Begge deler kan være i én fil, " +"hvis den er i PEM-format. Du bør velge dette hvis du har et slikt sertifikat " +"og vil bruke det til Ã¥ autentisere IPSec-forbindelser." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Filnavn for ditt X.509-sertifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Filnavn for din eksisterende private X.509-nøkkel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Oppgi full sti til fila som inneholder den private nøkkelen som tilsvarer " +"ditt X.509-sertifikat i PEM-format. Dette kan være den samme fila som X.509-" +"sertifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA nøkkellengde:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Oppgi lengde for RSA-nøkkelen du vil opprette. Kortere nøkler enn 1024 bit " +"betraktes ikke som sikre. En nøkkellengde pÃ¥ mer enn 2048 bit vil antakelig " +"gÃ¥ ut over ytelsen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Skal det lages et selvsignert X.509-sertifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Bare selvsignerte X.509-sertifikater kan lages automatisk, for ellers mÃ¥ en " +"sertifikatutsteder signere sertifikatsøknaden." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Hvis du godtar dette, sÃ¥ kan det sertifikatet som lages bli brukt straks til " +"Ã¥ kople til andre IPSec-verter som støtter autentisering via et X.509-" +"sertifikat. Men om strongSwans PKI-del skal brukes, mÃ¥ det lages en " +"tillitskjede ved at alle X.509-sertifikatene signeres av en enkelt utsteder." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Hvis du ikke godtar dette, sÃ¥ blir bare en privat RSA-nøkkel opprettet, " +"sammen med en sertifikatsøknad som du mÃ¥ fÃ¥ en sertifikatutsteder til Ã¥ " +"signere." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landskode for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Oppgi tobokstavers ISO3166 landskode som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Dette feltet er obligatorisk, uten det kan det ikke lages et sertifikat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Stat eller provinsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Oppgi fullt navn pÃ¥ stat eller provins som skal tas med i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Stedsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "Oppgi stedsnavn (ofte en by) som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisasjonsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Oppgi organisasjonsnavn (ofte et firma) som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisasjonsenhet for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Oppgi organisasjonsenhet (ofte en avdeling som skal brukes i " +"sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Vanlig navn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Oppgi vanlig navn (slik som vertsnavnet pÃ¥ denne maskinen) som skal brukes i " +"sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadresse for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Oppgi e-postadressen (for ansvarlig person eller organisasjon) som skal " +"brukes i sertifikatsøknaden." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "SlÃ¥ pÃ¥ opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denne versjonen av strongSwan støtter opportunistisk kryptering (OE), som " +"lagrer autentiseringsinformasjon for IPSec i DNS-data. Inntil dette er tatt " +"i vanlig bruk vil det gi en betydelig forsinkelse for hver ny utgÃ¥ende " +"tilkobling hvis dette er aktivert." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du bør bare slÃ¥ pÃ¥ opportunistisk kryptering hvis du er sikker pÃ¥ at du vil " +"ha det. Det kan koble ut Internett-forbindelsen (standardruten) nÃ¥r pluto." +"nissen starter." --- strongswan-4.3.2.orig/debian/po/gl.po +++ strongswan-4.3.2/debian/po/gl.po @@ -0,0 +1,431 @@ +# Copyright (C) 2009 THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# marce villarino , 2009. +msgid "" +msgstr "" +"Project-Id-Version: templates_[kI6655]\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:50+0100\n" +"Last-Translator: marce villarino \n" +"Language-Team: Galician \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.2\n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "o primeiro" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "despois do NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "despois do PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Cando iniciar strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan iniciase durante o arrinque do sistema de maneira que poda " +"protexer sistemas de ficheiros que se monten automaticamente." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * o primeiro: se /usr non se monta mediante NFS e non se emprega unha\n" +" tarxeta PCMCIA, é mellor iniciar strongSwan tan axiña como se poda,\n" +" para que as montaxes NFS podan asegurarse mediante IPSec,\n" +" * despois do NFS: recoméndase cando /usr se monte mediante NFS e non\n" +" se empregue ningunha tarxeta PCMCIA,\n" +" * despois do PCMCIA: recoméndase se a conexión IPSec emprega unha tarxeta\n" +" de rede PCMCIA ou se fose preciso que as chaves se obteñan desde un\n" +" servidor DNS a executarse localmente con soporte para DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Desexa reiniciar strongSwan agora?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Recoméndase reiniciar strongSwan porque se houbese algunha actualización de " +"seguridade non se aplicará até que se reinicie o daemon. Porén, pode pechar " +"as conexións existentes e logo volver a recuperalas." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Se non reinicia agora strongSwan debería facelo manualmente en canto poda." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Desexa iniciar o daemon IKEv1 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto debe estar en execución para soportar a versión 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Desexa iniciar o IKEv2 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon debe estar en execución para soportar a versión 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Desexa crear un par de chaves pública/privada RSA para este servidor?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan pode empregar unha chave precompartida (PSK) ou un par de chaves " +"RSA para autenticar as conexións IPSec con outros servidores. A " +"autenticación RSA xeralmente considérase máis segura e é máis fácil de " +"administrar. Pode empregar as autenticacións PSK e RSA á vez." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Se son quer crear un novo par de chaves pública/privada, no seguinte paso " +"pode escoller empregar unha xa existente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Desexa empregar un certificado X.509 xa existente para strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"A información requirida pode extraerse automaticamente a partir dun " +"certificado X.509 xa existente coa chave privada RSA que corresponda. Ambas " +"as partes poden estar nun ficheiro se este está no formato PEM. Debe " +"escoller esta opción se ten tal certificado e chave e quere empregalo para " +"autenticar conexións IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Nome do ficheiro do certificado X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Indique a rota completa ao ficheiro que contén o certificado X.509 en " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Nome do ficheiro coa chave privada X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Indique a rota completa ao ficheiro que contén a chave privada RSA que se " +"corresponde do certificado X.509 en formato PEM. Este pode ser o mesmo " +"ficheiro que o do certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Lonxitude da chave RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Indique a lonxitude da chave RSA que desexe xerar. Os valores menores de " +"1024 bits non se consideran seguros, mentres que os maiores de 2048 bits " +"posibelmente afecten ao rendemento." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Desexa crear un certificado X.509 autoasinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Só se poden crear automaticamente certificados X.509 autoasinados, porque " +"noutro caso é precisa unha autoridade de certificación para asinar o pedido " +"de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Se acepta esta opción o certificado que se cree pode empregarse " +"inmediatamente para conectarse con outros servidores IPSec que soporten a " +"autenticación mediante un certificado X.509. Porén, par empregar as " +"funcionalidades PKI de strongSwan requírese que se cree unha rota de " +"confianza asinando todos os certificados X.509 por unha única autoridade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Se non acepta esta opción só se creará a chave privada RSA, xunto cun pedido " +"de certificado que precisará que lle asine unha autoridade de certificación." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Indique o código de país ISO3166 de dúas letras que se debe empregar no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Este campo é obrigatorio, caso contrario non se poderá xerar un certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Nome do estado ou provincia para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Indique o nome completo do estado ou provincia a incluír no pedido de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome de localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Indique o nome da localidade (xeralmente unha cidade) que se debe empregar " +"no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organización para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Indique o nome da organización (xeralmente unha empresa) que se debe " +"empregar no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizacional para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Indique o nome da unidade organizacional (xeralmente un departamento) que " +"debe empregarse no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nome común para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Indique o nome común (como o nome desta máquina) que se debe empregar no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Enderezo de correo electrónico para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Indique o enderezo de correo electrónico (do individuo ou do responsábel da " +"organización) que se debe empregar no pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Desexa activar a cifraxe oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versión de strongSwan soporta a cifraxe oportunista (OE) que garda a " +"información de autenticación de IPSec en rexistros de DNS. Até que estea " +"amplamente utilizado activalo provocará un retardo significativo en cada " +"nova conexión saínte." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Só debería activar a cifraxe oportunista se está certo de que a desexa. Pode " +"estragar a conexión a Internet (a rota por omisión) segundo se inicie o " +"daemon pluto." --- strongswan-4.3.2.orig/debian/po/POTFILES.in +++ strongswan-4.3.2/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] strongswan-starter.templates --- strongswan-4.3.2.orig/debian/po/ru.po +++ strongswan-4.3.2/debian/po/ru.po @@ -0,0 +1,432 @@ +# translation of ru.po to Russian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Yuri Kozlov , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-2\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 15:00+0100\n" +"Last-Translator: Yuri Kozlov \n" +"Language-Team: Russian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%" +"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "как можно раньше" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "поÑле NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "поÑле PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Когда запуÑкать strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan запуÑкаетÑÑ Ð¿Ñ€Ð¸ загрузке ÑиÑтемы Ð´Ð»Ñ Ñ‚Ð¾Ð³Ð¾, чтобы можно было " +"защитить автоматичеÑки монтируемые файловые ÑиÑтемы." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * как можно раньше: еÑли /usr не монтируетÑÑ Ñ‡ÐµÑ€ÐµÐ· NFS и не иÑпользуетÑÑ\n" +" ÑÐµÑ‚ÐµÐ²Ð°Ñ ÐºÐ°Ñ€Ñ‚Ð° PCMCIA, то лучше вÑего запуÑкать strongSwan как можно\n" +" раньше Ð´Ð»Ñ Ñ‚Ð¾Ð³Ð¾, чтобы NFS можно было безопаÑно монтировать через IPSec;\n" +" * поÑле NFS: рекомендуетÑÑ, еÑли /usr монтируетÑÑ Ñ‡ÐµÑ€ÐµÐ· NFS и не\n" +" иÑпользуетÑÑ ÑÐµÑ‚ÐµÐ²Ð°Ñ ÐºÐ°Ñ€Ñ‚Ð° PCMCIA;\n" +" * поÑле PCMCIA: рекомендуетÑÑ, еÑли Ð´Ð»Ñ IPSec ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ð¸ÑпользуетÑÑ\n" +" ÑÐµÑ‚ÐµÐ²Ð°Ñ ÐºÐ°Ñ€Ñ‚Ð° PCMCIA, или еÑли Ð´Ð»Ñ Ñтого нужны ключи, получаемые Ñ " +"локально\n" +" запущенного DNS Ñервера Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ¾Ð¹ DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "ПерезапуÑтить strongSwan прÑмо ÑейчаÑ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"РекомендуетÑÑ Ð¿ÐµÑ€ÐµÐ·Ð°Ð¿ÑƒÑтить strongSwan так как, еÑли были иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð² " +"безопаÑноÑти, то они не будут задейÑтвованы без перезапуÑка Ñлужбы. Однако, " +"Ñто может вызвать переподключение ÑущеÑтвующих Ñоединений." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"ЕÑли вы не перезапуÑтите strongSwan ÑейчаÑ, то Ñделайте Ñто вручную при " +"первой возможноÑти." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "ЗапуÑтить Ñлужбу strongSwan IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Ð”Ð»Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ¸ 1-й верÑии протокола обмена ключами Интернет должна быть " +"запущена Ñлужба pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "ЗапуÑтить Ñлужбу strongSwan IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Ð”Ð»Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ¸ 2-й верÑии протокола обмена ключами Интернет должна быть " +"запущена Ñлужба charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Создать открытый/закрытый ключи RSA Ð´Ð»Ñ Ñтой машины?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"Ð”Ð»Ñ Ð°ÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ð¸ IPSec Ñоединений Ñ Ð´Ñ€ÑƒÐ³Ð¸Ð¼Ð¸ машинами в strongSwan можно " +"иÑпользовать общий ключ (PSK) или пару ключей RSA. ÐÑƒÑ‚ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ†Ð¸Ñ RSA " +"ÑчитаетÑÑ Ð±Ð¾Ð»ÐµÐµ безопаÑной и проÑтой в админиÑтрировании. Также вы можете " +"иÑпользовать аутентификации PSK и RSA одновременно." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"ЕÑли вы не хотите Ñоздавать новую пару открытых/закрытых ключей, то далее " +"Ñможете указать иÑпользовать имеющиеÑÑ." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "ИÑпользовать ÑущеÑтвующий Ñертификат X.509 Ð´Ð»Ñ strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Ð¢Ñ€ÐµÐ±ÑƒÐµÐ¼Ð°Ñ Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¼Ð¾Ð¶ÐµÑ‚ быть автоматичеÑки извлечена из ÑущеÑтвующего " +"Ñертификата X.509 Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ подходÑщего закрытого ключа RSA. Обе чаÑти могут " +"быть в одном файле, еÑли он имеет формат PEM. Ответьте утвердительно, еÑли у " +"Ð²Ð°Ñ ÐµÑÑ‚ÑŒ такой Ñертификат и файл Ñ ÐºÐ»ÑŽÑ‡Ð¾Ð¼, и вы хотите иÑпользовать его Ð´Ð»Ñ " +"аутентификации Ñоединений IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Ð˜Ð¼Ñ Ñ„Ð°Ð¹Ð»Ð° Ñертификата X.509 в формате PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Введите полный путь к файлу, Ñодержащему ваш Ñертификат X.509 в формате PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Ð˜Ð¼Ñ Ñ„Ð°Ð¹Ð»Ð° ÑущеÑтвующего закрытого ключа X.509 в формате PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Введите полный путь к файлу, Ñодержащему закрытый ключ RSA Ð´Ð»Ñ Ð²Ð°ÑˆÐµÐ³Ð¾ " +"Ñертификата X.509 в формате PEM. Это может быть тот же файл, что и Ð´Ð»Ñ " +"Ñертификата X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Длина ключа RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Введите длину генерируемого ключа RSA. Значение менее 1024 бит не ÑчитаетÑÑ " +"надёжным. Значение более 2048 бит, вероÑтно, повлиÑет на производительноÑÑ‚ÑŒ." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Создать ÑамоподпиÑанный Ñертификат X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"ÐвтоматичеÑки можно Ñоздавать только ÑамоподпиÑанные Ñертификаты X.509, так " +"как в противном Ñлучае нужно делать Ð·Ð°Ð¿Ñ€Ð¾Ñ Ð¿Ð¾Ð´Ð¿Ð¸Ñи Ñертификата в центре " +"Ñертификации." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"ЕÑли вы ответите утвердительно, то Ñозданный Ñертификат Ñразу можно " +"иÑпользовать Ð´Ð»Ñ Ð¿Ð¾Ð´ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ðº другим IPSec машинам, поддерживающим " +"аутентификацию Ñ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒÑŽ Ñертификатов X.509. Однако, Ð´Ð»Ñ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ PKI " +"возможноÑтей strongSwan требуетÑÑ Ñоздание пути довериÑ, где вÑе Ñертификаты " +"X.509 подпиÑаны одним центром." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"ЕÑли вы ответите отрицательно, то будет Ñоздан только закрытый ключ RSA, а " +"также Ð·Ð°Ð¿Ñ€Ð¾Ñ Ð´Ð»Ñ Ñертификата, который вам нужно подпиÑать в центре " +"Ñертификации." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Код Ñтраны Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Введите двухбуквенный код Ñтраны ÑоглаÑно ISO3166, который должен " +"иÑпользоватьÑÑ Ð² запроÑе Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Это поле обÑзательно; иначе Ñертификат не может быть Ñгенерирован." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Ðазвание облаÑти или округа Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Введите полное название облаÑти или округа Ð´Ð»Ñ Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² Ð·Ð°Ð¿Ñ€Ð¾Ñ " +"Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Ðазвание меÑта Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Введите название меÑта (обычно город) Ð´Ð»Ñ Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Ðазвание организации Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Введите название организации (обычно, название компании) Ð´Ð»Ñ Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² " +"Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Ðазвание Ñтруктурной единицы организации Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Введите название Ñтруктурной единицы организации (обычно, подразделение) Ð´Ð»Ñ " +"Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "ОбщеизвеÑтное название Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Введите общеизвеÑтное название (например, Ð¸Ð¼Ñ Ð´Ð°Ð½Ð½Ð¾Ð³Ð¾ компьютера) Ð´Ð»Ñ " +"Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "ÐÐ´Ñ€ÐµÑ Ñлектронной почты Ð´Ð»Ñ Ð·Ð°Ð¿Ñ€Ð¾Ñа Ñертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Введите Ð°Ð´Ñ€ÐµÑ Ñлектронной почты (человека или организации) Ð´Ð»Ñ Ð²ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ð² " +"Ð·Ð°Ð¿Ñ€Ð¾Ñ Ñертификата." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Включить поддержку гибкого шифрованиÑ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Эта верÑÐ¸Ñ strongSwan поддерживает гибкое шифрование (opportunistic " +"encryption, OE), при котором Ð¸Ð½Ñ„Ð¾Ñ€Ð¼Ð°Ñ†Ð¸Ñ Ð¾Ð± аутентификации IPSec хранитÑÑ Ð² " +"запиÑÑÑ… DNS. Пока Ñто широко не Ñтанет раÑпроÑтранено, Ð´Ð°Ð½Ð½Ð°Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ° " +"приведёт к значительной задержке при каждом новом иÑходÑщем Ñоединении." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Включайте гибкое шифрование, еÑли вам Ñто дейÑтвительно нужно. Это может " +"прервать Ñоединение Ñ Ð¸Ð½Ñ‚ÐµÑ€Ð½ÐµÑ‚Ð¾Ð¼ (маршрут по умолчанию) при запуÑке Ñлужбы " +"pluto." --- strongswan-4.3.2.orig/debian/po/nl.po +++ strongswan-4.3.2/debian/po/nl.po @@ -0,0 +1,754 @@ +# translation of strongswan_2.7.3+dfsg-1_nl.po to Dutch +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Luk Claes , 2005 +# Kurt De Bree , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan_2.7.3+dfsg-1_nl\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2006-09-28 19:50+0200\n" +"Last-Translator: Kurt De Bree \n" +"Language-Team: Dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"strongSwan herstarten is een goed idee omdat als er een " +"veiligheidsherstelling is, het pas echt hersteld zal zijn vanaf dat de " +"achtergronddienst is herstart. De meeste mensen verwachten dat de " +"achtergronddienst herstart, dus dit is meestal een goed idee. Hoewel, dit " +"kan bestaande verbindingen verbreken en ze dan opnieuw herstellen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "Wilt u een publiek/privaat RSA-sleutelpaar aanmaken voor deze host?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Indien u geen nieuw publiek/privaat sleutelpaar wenst aan te maken, kunt u " +"een bestaand sleutelpaar kiezen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Hebt u een bestaand X509-certificaatbestand dat u voor strongSwan wilt " +"gebruiken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Deze installatie kan de benodigde informatie automatisch extraheren van een " +"bestaand X509-certificaat met een bijhorende private RSA-sleutel. Beide " +"delen kunnen in één bestand zijn, als het in PEM-formaat is. Hebt u zo'n " +"bestaand certificaat en een sleutelbestand; en wilt u het voor de " +"authenticatie van IPSec-verbindingen gebruiken, antwoord dan met 'ja'" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Bestandsnaam van uw X509-certificaat in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +"formaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Bestandsnaam van uw private X509-sleutel in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Geef de volledige locatie van het bestand dat uw private RSA-sleutel bevat " +"die behoort bij uw X509-certificaat in PEM-formaat. Dit kan hetzelfde " +"bestand zijn als dat wat uw X509-certificaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Wilt u een door uzelf getekend X509-certificaat aanmaken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Als u geen door uzelf getekend certificaat wilt aanmaken, dan zal deze " +"installatie enkel de private RSA-sleutel en de certificaataanvraag aanmaken " +"en u zult de certificaataanvraag moeten laten tekenen door uw " +"certificaatautoriteit." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landcode van de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Geef de 2-letterige landcode voor uw land. Deze code zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Staat of provincie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Geef de volledige naam van de staat of provincie waarin u woont. Deze naam " +"zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Plaatsnaam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Geef de plaatsnaam (v.b. stad) waar u woont. Deze naam zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Naam van de organisatie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +"wordt aangemaakt. Deze naam zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisatie-eenheid voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +"wordt aangemaakt. Deze naam zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Naam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Geef de naam (v.b. computernaam van deze machine) waarvoor het X509-" +"certificaat wordt aangemaakt. Deze naam zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-mailadres voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Geef het e-mailadres van de persoon of organisatie die verantwoordelijk is " +"voor het X509-certificaat. Dit adres zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "Wilt u opportunistische encryptie aanschakelen in strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"zo vroeg mogelijk\", \"na NFS\", \"na PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Er zijn drie mogelijkheden wanneer stronSwan kan starten: vóór of na de " +#~ "NFS-diensten en na de PCMCIA-diensten. Het juiste antwoord is afhankelijk " +#~ "van uw specifieke installatie." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Als u uw /usr-boom niet via NFS heeft aangekoppeld (u koppelt enkel " +#~ "andere, minder vitale bomen via NFS of u gebruikt NFS helemaal niet om " +#~ "bomen aan te koppelen) en u gebruikt geen PCMCIA-netwerkkaart, dan is het " +#~ "best om strongSwan zo vroeg mogelijk te starten, dus toe te staan van de " +#~ "NFS-aankoppelingen te beveiligen door IPSec. In dit geval (of als u deze " +#~ "zaak niet verstaat of het u niet uitmaakt), antwoord dan \"zo vroeg " +#~ "mogelijk\" op deze vraag (de standaard)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Als u uw /usr-boom via NFS heeft aangekoppeld en u gebruikt geen PCMCIA-" +#~ "netwerkkaart, dan zult u strongSwan moeten starten na NFS zodat alle " +#~ "nodige bestanden aanwezig zijn. In dit geval, antwoord \"na NFS\" op deze " +#~ "vraag. Merk op dat in dit geval de NFS-aankoppeling van /usr niet kan " +#~ "worden beveiligd door IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Als u een PCMCIA-netwerkkaart gebruikt voor uw IPSec-verbindingen, dan " +#~ "hebt u enkel de keuze om te starten na de PCMCIA-diensten. Antwoord in " +#~ "dit geval \"na PCMCIA\". Dit is ook het correcte antwoord als u sleutels " +#~ "wilt afhalen van een lokaal draaiende DNS-server met DNSSec-ondersteuning." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Deze installatie kan automatisch een publiek/privaat RSA-sleutelpaar " +#~ "aanmaken voor deze host. Dit sleutelpaar kan worden gebruikt om IPSec-" +#~ "verbinden naar andere hosts te authenticeren en is de aanbevolen manier " +#~ "om veilige IPSec-verbindingen op te zetten. De andere mogelijkheid zou " +#~ "zijn om gedeelde geheimen (wachtwoorden die aan beide kanten van de " +#~ "tunnel hetzelfde zijn) te gebruiken voor het authenticeren van een " +#~ "verbinding, maar voor een groter aantal verbindingen is RSA-authenticatie " +#~ "makkelijker te beheren en veiliger." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Lengte van de aangemaakte RSA-sleutel (in bits):" + +#, fuzzy +#~| msgid "" +#~| "Please enter the length of the created RSA key. it should not be less " +#~| "than 1024 bits because this should be considered unsecure and you will " +#~| "probably not need anything more than 2048 bits because it only slows the " +#~| "authentication process down and is not needed at the moment." +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Geef de lengte van de aangemaakte RSA-sleutel. Het mag niet minder dan " +#~ "1024 bits zijn omdat dit als onveilig wordt beschouwd en u zult " +#~ "waarschijnlijk niet meer dan 2048 bits nodig hebben omdat het enkel het " +#~ "authenticatieproces vertraagt en op dit moment niet nodig is." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Deze installatie kan enkel een door uzelf getekend X509-certificaat " +#~ "automatischaanmaken omdat anders een certificaatautoriteit nodig is om de " +#~ "certificaataanvraag te tekenen. Als u een door uzelf getekend certificaat " +#~ "wilt aanmaken, dan kunt u het onmiddellijk gebruiken om een verbinding te " +#~ "leggen met andere IPSec-hosts die X509-certificaten ondersteunen voor " +#~ "IPSec-verbindingen. Hoewel, als u de nieuwe PKI-mogelijkheden wilt " +#~ "gebruiken van strongSwan >= 1.91, dan zult u alle X509-certificaten " +#~ "moeten laten tekenen door één enkele certificaatautoriteit om een " +#~ "vertrouwenspad aan te maken." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "U moet hier wel een geldige landcode opgeven omdat openssl anders zal " +#~ "weigeren om een certificaat aan te maken. Er is voor elke veld van het " +#~ "X509-certificaat een leeg veld toegestaan, maar niet voor dit veld." + +#~ msgid "Example: AT" +#~ msgstr "Voorbeeld: BE" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Voorbeeld: Limburg" + +#~ msgid "Example: Vienna" +#~ msgstr "Voorbeeld: Genk" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: Debian" +#~ msgstr "Voorbeeld: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Voorbeeld: dienst veiligheid" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Voorbeeld: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan heeft ondersteuning voor opportunistische encryptie (OE) die " +#~ "IPSec-authenticatie-informatie (v.b. publieke RSA-sleutels) bewaart in " +#~ "(liefst veilige) DNS-records. Totdat dit veelvuldig wordt toegepast zal " +#~ "dit activeren een significante vertraging veroorzaken voor elke nieuwe " +#~ "uitgaande verbinding. Omdat versie 2.0 van strongSwan standaard OE heeft " +#~ "aangeschakeld, wordt dus waarschijnlijk uw bestaande verbinding met het " +#~ "Internet (v.b. uw standaard route) verbroken vanaf dat pluto (de " +#~ "strongSwan-sleutelringachtergronddienst) wordt gestart." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Kiest of u OE-ondersteuning wilt aanschakelen. Indien onzeker, schakel " +#~ "het dan niet aan." + +#~ msgid "x509, plain" +#~ msgstr "x509, gewoon" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Aan te maken type RSA-sleutelpaar:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Het is mogelijk om een gewoon publiek/privaat RSA-sleutelpaar aan te " +#~ "maken om te gebruiken met strongSwan of om een X509-certificaatbestand " +#~ "aan te maken die de publieke RSA-sleutel bevat en de corresponderende " +#~ "private sleutel te bewaren." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Als u enkel IPSec-verbindingen wilt opzetten naar hosts die ook " +#~ "strongSwan draaien, dan is het misschien een beetje gemakkelijker om " +#~ "gewone RSA-sleutelparen te gebruiken. Maar als u verbindingen wilt leggen " +#~ "met andere IPSec-implementaties, dan zult u een X509-certificaat nodig " +#~ "hebben. Het is ook mogelijk om hier een X509-certificaat aan te maken en " +#~ "de publieke RSA-sleutel te extraheren in een gewoon formaat als de andere " +#~ "kant strongSwan draait zonder X509-certificaatondersteuning." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daarom wordt een X509-certificaat aanbevolen omdat het flexibeler is en " +#~ "deze installatie moet de complexe creatie van een X509-certificaat kunnen " +#~ "verbergen en het toch in strongSwan kunnen gebruiken." --- strongswan-4.3.2.orig/src/libstrongswan/asn1/asn1.c +++ strongswan-4.3.2/src/libstrongswan/asn1/asn1.c @@ -260,25 +260,32 @@ u_char n; size_t len; - /* advance from tag field on to length field */ - blob->ptr++; - blob->len--; - - /* read first octet of length field */ - n = *blob->ptr++; - blob->len--; + if (blob->len < 2) + { + DBG2("insufficient number of octets to parse ASN.1 length"); + return ASN1_INVALID_LENGTH; + } + + /* read length field, skip tag and length */ + n = blob->ptr[1]; + *blob = chunk_skip(*blob, 2); if ((n & 0x80) == 0) - {/* single length octet */ + { /* single length octet */ + if (n > blob->len) + { + DBG2("length is larger than remaining blob size"); + return ASN1_INVALID_LENGTH; + } return n; } /* composite length, determine number of length octets */ n &= 0x7f; - if (n > blob->len) + if (n == 0 || n > blob->len) { - DBG2("number of length octets is larger than ASN.1 object"); + DBG2("number of length octets invalid"); return ASN1_INVALID_LENGTH; } --- strongswan-4.3.2.orig/src/medsrv/controller/peer_controller.c +++ strongswan-4.3.2/src/medsrv/controller/peer_controller.c @@ -23,6 +23,8 @@ #include #include #include +#include +#include typedef struct private_peer_controller_t private_peer_controller_t; --- strongswan-4.3.2.orig/src/starter/y.tab.h +++ strongswan-4.3.2/src/starter/y.tab.h @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton interface for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton interface for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,10 +28,11 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ + /* Tokens. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE @@ -68,15 +68,21 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 1676 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 1489 of yacc.c. */ -#line 75 "y.tab.h" - YYSTYPE; + char *s; + + +/* Line 1676 of yacc.c */ +#line 80 "y.tab.h" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif extern YYSTYPE yylval; + --- strongswan-4.3.2.orig/src/starter/y.tab.c +++ strongswan-4.3.2/src/starter/y.tab.c @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton implementation for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton implementation for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,7 +28,7 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ @@ -47,7 +46,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.3" +#define YYBISON_VERSION "2.4.1" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -55,45 +54,20 @@ /* Pure parsers. */ #define YYPURE 0 -/* Using locations. */ -#define YYLSP_NEEDED 0 - +/* Push parsers. */ +#define YYPUSH 0 +/* Pull parsers. */ +#define YYPULL 1 -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - EQUAL = 258, - FIRST_SPACES = 259, - EOL = 260, - CONFIG = 261, - SETUP = 262, - CONN = 263, - CA = 264, - INCLUDE = 265, - FILE_VERSION = 266, - STRING = 267 - }; -#endif -/* Tokens. */ -#define EQUAL 258 -#define FIRST_SPACES 259 -#define EOL 260 -#define CONFIG 261 -#define SETUP 262 -#define CONN 263 -#define CA 264 -#define INCLUDE 265 -#define FILE_VERSION 266 -#define STRING 267 - +/* Using locations. */ +#define YYLSP_NEEDED 0 /* Copy the first part of user declarations. */ + +/* Line 189 of yacc.c */ #line 1 "./parser.y" /* strongSwan config file parser (parser.y) @@ -148,6 +122,9 @@ +/* Line 189 of yacc.c */ +#line 127 "y.tab.c" + /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -166,25 +143,63 @@ # define YYTOKEN_TABLE 0 #endif + +/* Tokens. */ +#ifndef YYTOKENTYPE +# define YYTOKENTYPE + /* Put the tokens into the symbol table, so that GDB and other debuggers + know about them. */ + enum yytokentype { + EQUAL = 258, + FIRST_SPACES = 259, + EOL = 260, + CONFIG = 261, + SETUP = 262, + CONN = 263, + CA = 264, + INCLUDE = 265, + FILE_VERSION = 266, + STRING = 267 + }; +#endif +/* Tokens. */ +#define EQUAL 258 +#define FIRST_SPACES 259 +#define EOL 260 +#define CONFIG 261 +#define SETUP 262 +#define CONN 263 +#define CA 264 +#define INCLUDE 265 +#define FILE_VERSION 266 +#define STRING 267 + + + + #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 214 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 187 of yacc.c. */ -#line 175 "y.tab.c" - YYSTYPE; + char *s; + + +/* Line 214 of yacc.c */ +#line 191 "y.tab.c" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif - /* Copy the second part of user declarations. */ -/* Line 216 of yacc.c. */ -#line 188 "y.tab.c" +/* Line 264 of yacc.c */ +#line 203 "y.tab.c" #ifdef short # undef short @@ -259,14 +274,14 @@ #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static int -YYID (int i) +YYID (int yyi) #else static int -YYID (i) - int i; +YYID (yyi) + int yyi; #endif { - return i; + return yyi; } #endif @@ -347,9 +362,9 @@ /* A type that is properly aligned for any stack member. */ union yyalloc { - yytype_int16 yyss; - YYSTYPE yyvs; - }; + yytype_int16 yyss_alloc; + YYSTYPE yyvs_alloc; +}; /* The size of the maximum gap between one aligned stack and the next. */ # define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) @@ -383,12 +398,12 @@ elements in the stack, and YYPTR gives the new location of the stack. Advance YYPTR to a properly aligned location for the next stack. */ -# define YYSTACK_RELOCATE(Stack) \ +# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ do \ { \ YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ + YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ + Stack = &yyptr->Stack_alloc; \ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ yyptr += yynewbytes / sizeof (*yyptr); \ } \ @@ -484,7 +499,7 @@ { "$end", "error", "$undefined", "EQUAL", "FIRST_SPACES", "EOL", "CONFIG", "SETUP", "CONN", "CA", "INCLUDE", "FILE_VERSION", "STRING", "$accept", - "config_file", "section_or_include", "@1", "@2", "@3", "@4", + "config_file", "section_or_include", "$@1", "$@2", "$@3", "$@4", "kw_section", "statement_kw", 0 }; #endif @@ -758,17 +773,20 @@ #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) +yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) #else static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; +yy_stack_print (yybottom, yytop) + yytype_int16 *yybottom; + yytype_int16 *yytop; #endif { YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); + for (; yybottom <= yytop; yybottom++) + { + int yybot = *yybottom; + YYFPRINTF (stderr, " %d", yybot); + } YYFPRINTF (stderr, "\n"); } @@ -802,11 +820,11 @@ /* The symbols being reduced. */ for (yyi = 0; yyi < yynrhs; yyi++) { - fprintf (stderr, " $%d = ", yyi + 1); + YYFPRINTF (stderr, " $%d = ", yyi + 1); yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], &(yyvsp[(yyi + 1) - (yynrhs)]) ); - fprintf (stderr, "\n"); + YYFPRINTF (stderr, "\n"); } } @@ -1086,10 +1104,8 @@ break; } } - /* Prevent warnings from -Wmissing-prototypes. */ - #ifdef YYPARSE_PARAM #if defined __STDC__ || defined __cplusplus int yyparse (void *YYPARSE_PARAM); @@ -1105,11 +1121,10 @@ #endif /* ! YYPARSE_PARAM */ - -/* The look-ahead symbol. */ +/* The lookahead symbol. */ int yychar; -/* The semantic value of the look-ahead symbol. */ +/* The semantic value of the lookahead symbol. */ YYSTYPE yylval; /* Number of syntax errors so far. */ @@ -1117,9 +1132,9 @@ -/*----------. -| yyparse. | -`----------*/ +/*-------------------------. +| yyparse or yypush_parse. | +`-------------------------*/ #ifdef YYPARSE_PARAM #if (defined __STDC__ || defined __C99__FUNC__ \ @@ -1143,14 +1158,39 @@ #endif #endif { - - int yystate; + + + int yystate; + /* Number of tokens to shift before error messages enabled. */ + int yyerrstatus; + + /* The stacks and their tools: + `yyss': related to states. + `yyvs': related to semantic values. + + Refer to the stacks thru separate pointers, to allow yyoverflow + to reallocate them elsewhere. */ + + /* The state stack. */ + yytype_int16 yyssa[YYINITDEPTH]; + yytype_int16 *yyss; + yytype_int16 *yyssp; + + /* The semantic value stack. */ + YYSTYPE yyvsa[YYINITDEPTH]; + YYSTYPE *yyvs; + YYSTYPE *yyvsp; + + YYSIZE_T yystacksize; + int yyn; int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; + /* Lookahead token as an internal (translated) token number. */ + int yytoken; + /* The variables used to return semantic value and location from the + action routines. */ + YYSTYPE yyval; + #if YYERROR_VERBOSE /* Buffer for error messages, and its allocated size. */ char yymsgbuf[128]; @@ -1158,51 +1198,28 @@ YYSIZE_T yymsg_alloc = sizeof yymsgbuf; #endif - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - #define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - /* The number of symbols on the RHS of the reduced rule. Keep to zero when no symbol should be popped. */ int yylen = 0; + yytoken = 0; + yyss = yyssa; + yyvs = yyvsa; + yystacksize = YYINITDEPTH; + YYDPRINTF ((stderr, "Starting parse\n")); yystate = 0; yyerrstatus = 0; yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ + yychar = YYEMPTY; /* Cause a token to be read. */ /* Initialize stack pointers. Waste one element of value and location stack so that they stay on the same level as the state stack. The wasted elements are never initialized. */ - yyssp = yyss; yyvsp = yyvs; @@ -1232,7 +1249,6 @@ YYSTYPE *yyvs1 = yyvs; yytype_int16 *yyss1 = yyss; - /* Each stack pointer address is followed by the size of the data in use in that stack, in bytes. This used to be a conditional around just the two extra args, but that might @@ -1240,7 +1256,6 @@ yyoverflow (YY_("memory exhausted"), &yyss1, yysize * sizeof (*yyssp), &yyvs1, yysize * sizeof (*yyvsp), - &yystacksize); yyss = yyss1; @@ -1263,9 +1278,8 @@ (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); if (! yyptr) goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - + YYSTACK_RELOCATE (yyss_alloc, yyss); + YYSTACK_RELOCATE (yyvs_alloc, yyvs); # undef YYSTACK_RELOCATE if (yyss1 != yyssa) YYSTACK_FREE (yyss1); @@ -1276,7 +1290,6 @@ yyssp = yyss + yysize - 1; yyvsp = yyvs + yysize - 1; - YYDPRINTF ((stderr, "Stack size increased to %lu\n", (unsigned long int) yystacksize)); @@ -1286,6 +1299,9 @@ YYDPRINTF ((stderr, "Entering state %d\n", yystate)); + if (yystate == YYFINAL) + YYACCEPT; + goto yybackup; /*-----------. @@ -1294,16 +1310,16 @@ yybackup: /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ + lookahead token if we need one and don't already have one. */ - /* First try to decide what to do without reference to look-ahead token. */ + /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; if (yyn == YYPACT_NINF) goto yydefault; - /* Not known => get a look-ahead token if don't already have one. */ + /* Not known => get a lookahead token if don't already have one. */ - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ + /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */ if (yychar == YYEMPTY) { YYDPRINTF ((stderr, "Reading a token: ")); @@ -1335,20 +1351,16 @@ goto yyreduce; } - if (yyn == YYFINAL) - YYACCEPT; - /* Count tokens shifted since error; after three, turn off error status. */ if (yyerrstatus) yyerrstatus--; - /* Shift the look-ahead token. */ + /* Shift the lookahead token. */ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; + /* Discard the shifted token. */ + yychar = YYEMPTY; yystate = yyn; *++yyvsp = yylval; @@ -1388,6 +1400,8 @@ switch (yyn) { case 4: + +/* Line 1455 of yacc.c */ #line 71 "./parser.y" { free((yyvsp[(2) - (3)].s)); @@ -1395,6 +1409,8 @@ break; case 5: + +/* Line 1455 of yacc.c */ #line 75 "./parser.y" { _parser_kw = &(_parser_cfg->config_setup); @@ -1403,6 +1419,8 @@ break; case 7: + +/* Line 1455 of yacc.c */ #line 80 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1422,6 +1440,8 @@ break; case 9: + +/* Line 1455 of yacc.c */ #line 96 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1440,6 +1460,8 @@ break; case 11: + +/* Line 1455 of yacc.c */ #line 111 "./parser.y" { extern void _parser_y_include (const char *f); @@ -1449,6 +1471,8 @@ break; case 16: + +/* Line 1455 of yacc.c */ #line 126 "./parser.y" { kw_list_t *new; @@ -1477,6 +1501,8 @@ break; case 17: + +/* Line 1455 of yacc.c */ #line 151 "./parser.y" { free((yyvsp[(1) - (2)].s)); @@ -1484,8 +1510,9 @@ break; -/* Line 1267 of yacc.c. */ -#line 1489 "y.tab.c" + +/* Line 1455 of yacc.c */ +#line 1516 "y.tab.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1496,7 +1523,6 @@ *++yyvsp = yyval; - /* Now `shift' the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ @@ -1561,7 +1587,7 @@ if (yyerrstatus == 3) { - /* If just tried and failed to reuse look-ahead token after an + /* If just tried and failed to reuse lookahead token after an error, discard it. */ if (yychar <= YYEOF) @@ -1578,7 +1604,7 @@ } } - /* Else will try to reuse look-ahead token after shifting the error + /* Else will try to reuse lookahead token after shifting the error token. */ goto yyerrlab1; @@ -1635,9 +1661,6 @@ YY_STACK_PRINT (yyss, yyssp); } - if (yyn == YYFINAL) - YYACCEPT; - *++yyvsp = yylval; @@ -1662,7 +1685,7 @@ yyresult = 1; goto yyreturn; -#ifndef yyoverflow +#if !defined(yyoverflow) || YYERROR_VERBOSE /*-------------------------------------------------. | yyexhaustedlab -- memory exhaustion comes here. | `-------------------------------------------------*/ @@ -1673,7 +1696,7 @@ #endif yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) + if (yychar != YYEMPTY) yydestruct ("Cleanup: discarding lookahead", yytoken, &yylval); /* Do not reclaim the symbols of the rule which action triggered @@ -1699,6 +1722,8 @@ } + +/* Line 1675 of yacc.c */ #line 157 "./parser.y"