--- strongswan-4.3.2.orig/src/medsrv/controller/peer_controller.c +++ strongswan-4.3.2/src/medsrv/controller/peer_controller.c @@ -23,6 +23,8 @@ #include #include #include +#include +#include typedef struct private_peer_controller_t private_peer_controller_t; --- strongswan-4.3.2.orig/src/starter/y.tab.c +++ strongswan-4.3.2/src/starter/y.tab.c @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton implementation for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton implementation for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,7 +28,7 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ @@ -47,7 +46,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.3" +#define YYBISON_VERSION "2.4.1" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -55,45 +54,20 @@ /* Pure parsers. */ #define YYPURE 0 -/* Using locations. */ -#define YYLSP_NEEDED 0 - +/* Push parsers. */ +#define YYPUSH 0 +/* Pull parsers. */ +#define YYPULL 1 -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - EQUAL = 258, - FIRST_SPACES = 259, - EOL = 260, - CONFIG = 261, - SETUP = 262, - CONN = 263, - CA = 264, - INCLUDE = 265, - FILE_VERSION = 266, - STRING = 267 - }; -#endif -/* Tokens. */ -#define EQUAL 258 -#define FIRST_SPACES 259 -#define EOL 260 -#define CONFIG 261 -#define SETUP 262 -#define CONN 263 -#define CA 264 -#define INCLUDE 265 -#define FILE_VERSION 266 -#define STRING 267 - +/* Using locations. */ +#define YYLSP_NEEDED 0 /* Copy the first part of user declarations. */ + +/* Line 189 of yacc.c */ #line 1 "./parser.y" /* strongSwan config file parser (parser.y) @@ -148,6 +122,9 @@ +/* Line 189 of yacc.c */ +#line 127 "y.tab.c" + /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -166,25 +143,63 @@ # define YYTOKEN_TABLE 0 #endif + +/* Tokens. */ +#ifndef YYTOKENTYPE +# define YYTOKENTYPE + /* Put the tokens into the symbol table, so that GDB and other debuggers + know about them. */ + enum yytokentype { + EQUAL = 258, + FIRST_SPACES = 259, + EOL = 260, + CONFIG = 261, + SETUP = 262, + CONN = 263, + CA = 264, + INCLUDE = 265, + FILE_VERSION = 266, + STRING = 267 + }; +#endif +/* Tokens. */ +#define EQUAL 258 +#define FIRST_SPACES 259 +#define EOL 260 +#define CONFIG 261 +#define SETUP 262 +#define CONN 263 +#define CA 264 +#define INCLUDE 265 +#define FILE_VERSION 266 +#define STRING 267 + + + + #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 214 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 187 of yacc.c. */ -#line 175 "y.tab.c" - YYSTYPE; + char *s; + + +/* Line 214 of yacc.c */ +#line 191 "y.tab.c" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif - /* Copy the second part of user declarations. */ -/* Line 216 of yacc.c. */ -#line 188 "y.tab.c" +/* Line 264 of yacc.c */ +#line 203 "y.tab.c" #ifdef short # undef short @@ -259,14 +274,14 @@ #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static int -YYID (int i) +YYID (int yyi) #else static int -YYID (i) - int i; +YYID (yyi) + int yyi; #endif { - return i; + return yyi; } #endif @@ -347,9 +362,9 @@ /* A type that is properly aligned for any stack member. */ union yyalloc { - yytype_int16 yyss; - YYSTYPE yyvs; - }; + yytype_int16 yyss_alloc; + YYSTYPE yyvs_alloc; +}; /* The size of the maximum gap between one aligned stack and the next. */ # define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) @@ -383,12 +398,12 @@ elements in the stack, and YYPTR gives the new location of the stack. Advance YYPTR to a properly aligned location for the next stack. */ -# define YYSTACK_RELOCATE(Stack) \ +# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ do \ { \ YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ + YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ + Stack = &yyptr->Stack_alloc; \ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ yyptr += yynewbytes / sizeof (*yyptr); \ } \ @@ -484,7 +499,7 @@ { "$end", "error", "$undefined", "EQUAL", "FIRST_SPACES", "EOL", "CONFIG", "SETUP", "CONN", "CA", "INCLUDE", "FILE_VERSION", "STRING", "$accept", - "config_file", "section_or_include", "@1", "@2", "@3", "@4", + "config_file", "section_or_include", "$@1", "$@2", "$@3", "$@4", "kw_section", "statement_kw", 0 }; #endif @@ -758,17 +773,20 @@ #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) +yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) #else static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; +yy_stack_print (yybottom, yytop) + yytype_int16 *yybottom; + yytype_int16 *yytop; #endif { YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); + for (; yybottom <= yytop; yybottom++) + { + int yybot = *yybottom; + YYFPRINTF (stderr, " %d", yybot); + } YYFPRINTF (stderr, "\n"); } @@ -802,11 +820,11 @@ /* The symbols being reduced. */ for (yyi = 0; yyi < yynrhs; yyi++) { - fprintf (stderr, " $%d = ", yyi + 1); + YYFPRINTF (stderr, " $%d = ", yyi + 1); yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], &(yyvsp[(yyi + 1) - (yynrhs)]) ); - fprintf (stderr, "\n"); + YYFPRINTF (stderr, "\n"); } } @@ -1086,10 +1104,8 @@ break; } } - /* Prevent warnings from -Wmissing-prototypes. */ - #ifdef YYPARSE_PARAM #if defined __STDC__ || defined __cplusplus int yyparse (void *YYPARSE_PARAM); @@ -1105,11 +1121,10 @@ #endif /* ! YYPARSE_PARAM */ - -/* The look-ahead symbol. */ +/* The lookahead symbol. */ int yychar; -/* The semantic value of the look-ahead symbol. */ +/* The semantic value of the lookahead symbol. */ YYSTYPE yylval; /* Number of syntax errors so far. */ @@ -1117,9 +1132,9 @@ -/*----------. -| yyparse. | -`----------*/ +/*-------------------------. +| yyparse or yypush_parse. | +`-------------------------*/ #ifdef YYPARSE_PARAM #if (defined __STDC__ || defined __C99__FUNC__ \ @@ -1143,14 +1158,39 @@ #endif #endif { - - int yystate; + + + int yystate; + /* Number of tokens to shift before error messages enabled. */ + int yyerrstatus; + + /* The stacks and their tools: + `yyss': related to states. + `yyvs': related to semantic values. + + Refer to the stacks thru separate pointers, to allow yyoverflow + to reallocate them elsewhere. */ + + /* The state stack. */ + yytype_int16 yyssa[YYINITDEPTH]; + yytype_int16 *yyss; + yytype_int16 *yyssp; + + /* The semantic value stack. */ + YYSTYPE yyvsa[YYINITDEPTH]; + YYSTYPE *yyvs; + YYSTYPE *yyvsp; + + YYSIZE_T yystacksize; + int yyn; int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; + /* Lookahead token as an internal (translated) token number. */ + int yytoken; + /* The variables used to return semantic value and location from the + action routines. */ + YYSTYPE yyval; + #if YYERROR_VERBOSE /* Buffer for error messages, and its allocated size. */ char yymsgbuf[128]; @@ -1158,51 +1198,28 @@ YYSIZE_T yymsg_alloc = sizeof yymsgbuf; #endif - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - #define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - /* The number of symbols on the RHS of the reduced rule. Keep to zero when no symbol should be popped. */ int yylen = 0; + yytoken = 0; + yyss = yyssa; + yyvs = yyvsa; + yystacksize = YYINITDEPTH; + YYDPRINTF ((stderr, "Starting parse\n")); yystate = 0; yyerrstatus = 0; yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ + yychar = YYEMPTY; /* Cause a token to be read. */ /* Initialize stack pointers. Waste one element of value and location stack so that they stay on the same level as the state stack. The wasted elements are never initialized. */ - yyssp = yyss; yyvsp = yyvs; @@ -1232,7 +1249,6 @@ YYSTYPE *yyvs1 = yyvs; yytype_int16 *yyss1 = yyss; - /* Each stack pointer address is followed by the size of the data in use in that stack, in bytes. This used to be a conditional around just the two extra args, but that might @@ -1240,7 +1256,6 @@ yyoverflow (YY_("memory exhausted"), &yyss1, yysize * sizeof (*yyssp), &yyvs1, yysize * sizeof (*yyvsp), - &yystacksize); yyss = yyss1; @@ -1263,9 +1278,8 @@ (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); if (! yyptr) goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - + YYSTACK_RELOCATE (yyss_alloc, yyss); + YYSTACK_RELOCATE (yyvs_alloc, yyvs); # undef YYSTACK_RELOCATE if (yyss1 != yyssa) YYSTACK_FREE (yyss1); @@ -1276,7 +1290,6 @@ yyssp = yyss + yysize - 1; yyvsp = yyvs + yysize - 1; - YYDPRINTF ((stderr, "Stack size increased to %lu\n", (unsigned long int) yystacksize)); @@ -1286,6 +1299,9 @@ YYDPRINTF ((stderr, "Entering state %d\n", yystate)); + if (yystate == YYFINAL) + YYACCEPT; + goto yybackup; /*-----------. @@ -1294,16 +1310,16 @@ yybackup: /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ + lookahead token if we need one and don't already have one. */ - /* First try to decide what to do without reference to look-ahead token. */ + /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; if (yyn == YYPACT_NINF) goto yydefault; - /* Not known => get a look-ahead token if don't already have one. */ + /* Not known => get a lookahead token if don't already have one. */ - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ + /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */ if (yychar == YYEMPTY) { YYDPRINTF ((stderr, "Reading a token: ")); @@ -1335,20 +1351,16 @@ goto yyreduce; } - if (yyn == YYFINAL) - YYACCEPT; - /* Count tokens shifted since error; after three, turn off error status. */ if (yyerrstatus) yyerrstatus--; - /* Shift the look-ahead token. */ + /* Shift the lookahead token. */ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; + /* Discard the shifted token. */ + yychar = YYEMPTY; yystate = yyn; *++yyvsp = yylval; @@ -1388,6 +1400,8 @@ switch (yyn) { case 4: + +/* Line 1455 of yacc.c */ #line 71 "./parser.y" { free((yyvsp[(2) - (3)].s)); @@ -1395,6 +1409,8 @@ break; case 5: + +/* Line 1455 of yacc.c */ #line 75 "./parser.y" { _parser_kw = &(_parser_cfg->config_setup); @@ -1403,6 +1419,8 @@ break; case 7: + +/* Line 1455 of yacc.c */ #line 80 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1422,6 +1440,8 @@ break; case 9: + +/* Line 1455 of yacc.c */ #line 96 "./parser.y" { section_list_t *section = malloc_thing(section_list_t); @@ -1440,6 +1460,8 @@ break; case 11: + +/* Line 1455 of yacc.c */ #line 111 "./parser.y" { extern void _parser_y_include (const char *f); @@ -1449,6 +1471,8 @@ break; case 16: + +/* Line 1455 of yacc.c */ #line 126 "./parser.y" { kw_list_t *new; @@ -1477,6 +1501,8 @@ break; case 17: + +/* Line 1455 of yacc.c */ #line 151 "./parser.y" { free((yyvsp[(1) - (2)].s)); @@ -1484,8 +1510,9 @@ break; -/* Line 1267 of yacc.c. */ -#line 1489 "y.tab.c" + +/* Line 1455 of yacc.c */ +#line 1516 "y.tab.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1496,7 +1523,6 @@ *++yyvsp = yyval; - /* Now `shift' the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ @@ -1561,7 +1587,7 @@ if (yyerrstatus == 3) { - /* If just tried and failed to reuse look-ahead token after an + /* If just tried and failed to reuse lookahead token after an error, discard it. */ if (yychar <= YYEOF) @@ -1578,7 +1604,7 @@ } } - /* Else will try to reuse look-ahead token after shifting the error + /* Else will try to reuse lookahead token after shifting the error token. */ goto yyerrlab1; @@ -1635,9 +1661,6 @@ YY_STACK_PRINT (yyss, yyssp); } - if (yyn == YYFINAL) - YYACCEPT; - *++yyvsp = yylval; @@ -1662,7 +1685,7 @@ yyresult = 1; goto yyreturn; -#ifndef yyoverflow +#if !defined(yyoverflow) || YYERROR_VERBOSE /*-------------------------------------------------. | yyexhaustedlab -- memory exhaustion comes here. | `-------------------------------------------------*/ @@ -1673,7 +1696,7 @@ #endif yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) + if (yychar != YYEMPTY) yydestruct ("Cleanup: discarding lookahead", yytoken, &yylval); /* Do not reclaim the symbols of the rule which action triggered @@ -1699,6 +1722,8 @@ } + +/* Line 1675 of yacc.c */ #line 157 "./parser.y" --- strongswan-4.3.2.orig/src/starter/y.tab.h +++ strongswan-4.3.2/src/starter/y.tab.h @@ -1,24 +1,23 @@ -/* A Bison parser, made by GNU Bison 2.3. */ -/* Skeleton interface for Bison's Yacc-like parsers in C +/* A Bison parser, made by GNU Bison 2.4.1. */ - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +/* Skeleton interface for Bison's Yacc-like parsers in C + + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify + + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ + along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work @@ -29,10 +28,11 @@ special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. - + This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ + /* Tokens. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE @@ -68,15 +68,21 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE +{ + +/* Line 1676 of yacc.c */ #line 54 "./parser.y" -{ char *s; } -/* Line 1489 of yacc.c. */ -#line 75 "y.tab.h" - YYSTYPE; + char *s; + + +/* Line 1676 of yacc.c */ +#line 80 "y.tab.h" +} YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 #endif extern YYSTYPE yylval; + --- strongswan-4.3.2.orig/debian/control +++ strongswan-4.3.2/debian/control @@ -0,0 +1,101 @@ +Source: strongswan +Section: net +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Rene Mayrhofer +Standards-Version: 3.8.1 +Build-Depends: debhelper (>= 7.0.0), libtool, libgmp3-dev, libssl-dev (>= 0.9.8), libcurl4-openssl-dev | libcurl3-dev | libcurl2-dev, libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, dpatch, bzip2, po-debconf, hardening-wrapper, network-manager-dev, libfcgi-dev, clearsilver-dev, libxml2-dev, libsqlite3-dev, network-manager-dev (>= 0.7), libnm-glib-dev (>= 0.7), libnm-util-dev (>= 0.7) +Homepage: http://www.strongswan.org + +Package: strongswan +Architecture: all +Depends: strongswan-ikev1, strongswan-ikev2 +Suggests: network-manager-strongswan +Description: IPsec VPN solution metapackage + The strongSwan VPN suite is based on the IPsec stack in standard Linux 2.6 + kernels. It supports both the IKEv1 and IKEv2 protocols. + . + StrongSwan is one of the two remaining forks of the original FreeS/WAN + project and focuses on IKEv2 support, X.509 authentication and complete PKI + support. For a focus on Opportunistic Encryption (OE) and interoperability + with non-standard IPsec features, see Openswan. + . + This metapackage installs the packages required to maintain IKEv1 and IKEv2 + connections via ipsec.conf or ipsec.secrets. + +Package: libstrongswan +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, openssl +Conflicts: strongswan (< 4.2.12-1) +Description: strongSwan utility and crypto library + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This package provides the underlying library of charon and other strongSwan + components. It is built in a modular way and is extendable through various + plugins. + +Package: strongswan-starter +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-ikev1 | strongswan-ikev2 +Conflicts: strongswan (< 4.2.12-1) +Description: strongSwan daemon starter and configuration file parser + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + The starter and the associated "ipsec" script control both pluto and charon + from the command line. It parses ipsec.conf and loads the configurations to + the daemons. While the IKEv2 daemon can use other configuration backends, the + IKEv1 daemon is limited to configurations from ipsec.conf. + +Package: strongswan-ikev1 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, strongswan-starter, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (< 4.2.12-1) +Replaces: openswan +Description: strongSwan Internet Key Exchange (v1) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Pluto is an IPsec IKEv1 daemon. It was inherited from the FreeS/WAN + project, but provides improved X.509 certificate support and other features. + . + Pluto can run in parallel with charon, the newer IKEv2 daemon. + +Package: strongswan-ikev2 +Architecture: any +Pre-Depends: debconf | debconf-2.0 +Depends: ${shlibs:Depends}, ${misc:Depends}, libstrongswan, strongswan-starter | strongswan-nm, bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute +Suggests: curl +Provides: ike-server +Conflicts: freeswan (<< 2.04-12), openswan, strongswan (< 4.2.12-1) +Description: strongSwan Internet Key Exchange (v2) daemon + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + Charon is an IPsec IKEv2 daemon. It is + written from scratch using a fully multi-threaded design and a modular + architecture. Various plugins provide additional functionality. + . + This build of charon can run in parallel with pluto, the IKEv1 daemon. + +Package: strongswan-nm +Architecture: any +Depends: ${shlibs:Depends}, strongswan-ikev2 +Recommends: network-manager-strongswan +Description: strongSwan plugin to interact with NetworkManager + StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the + native IPsec stack and runs on any recent 2.6 kernel (no patching required). + It supports both IKEv1 and the newer IKEv2 protocols. + . + This plugin provides an interface which allows NetworkManager to configure + and control the IKEv2 daemon directly through D-Bus. It is designed to work + in conjunction with the network-manager-strongswan package, providing + a simple graphical frontend to configure IPsec based VPNs. --- strongswan-4.3.2.orig/debian/use-bash2.diff +++ strongswan-4.3.2/debian/use-bash2.diff @@ -0,0 +1,4 @@ +1c1 +< #!/bin/sh +--- +> #!/bin/bash --- strongswan-4.3.2.orig/debian/strongswan-starter.dirs +++ strongswan-4.3.2/debian/strongswan-starter.dirs @@ -0,0 +1,10 @@ +/etc +/etc/ipsec.d +/etc/ipsec.d/cacerts +/etc/ipsec.d/ocspcerts +/etc/ipsec.d/crls +/etc/ipsec.d/private +/etc/ipsec.d/policies +/etc/init.d +/var/lock/subsys +/var/lib/strongswan --- strongswan-4.3.2.orig/debian/watch +++ strongswan-4.3.2/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2 --- strongswan-4.3.2.orig/debian/strongswan-starter.postrm +++ strongswan-4.3.2/debian/strongswan-starter.postrm @@ -0,0 +1,44 @@ +#! /bin/sh +# postrm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + # update the menu system +# if [ -x /usr/bin/update-menus ]; then update-menus; fi + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 + +esac + +if [ "$1" = "purge" ] ; then + update-rc.d ipsec remove >/dev/null + rm -rf /etc/ipsec.d/ + rm -rf /var/run/pluto/ +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- strongswan-4.3.2.orig/debian/svn-deblayout +++ strongswan-4.3.2/debian/svn-deblayout @@ -0,0 +1,8 @@ +buildArea=/home/rene/amw/src/packages/build-area +origDir=/home/rene/amw/src/packages/tarballs +origUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/tarballs +tagsUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan +trunkDir=/home/rene/amw/src/packages/strongswan +trunkUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/trunk/debian/strongswan +upsCurrentUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/branches/source-dist/debian/strongswan +upsTagUrl=svn+ssh://svn.gibraltar.at/svn/debian-packages/tags/strongswan --- strongswan-4.3.2.orig/debian/libstrongswan.dirs +++ strongswan-4.3.2/debian/libstrongswan.dirs @@ -0,0 +1,5 @@ +/etc/logcheck/ignore.d.paranoid +/etc/logcheck/ignore.d.server +/etc/logcheck/ignore.d.workstation +/etc/logcheck/violations.ignore.d +/usr/share/lintian/overrides --- strongswan-4.3.2.orig/debian/strongswan-starter.install +++ strongswan-4.3.2/debian/strongswan-starter.install @@ -0,0 +1,24 @@ +# starter +usr/lib/ipsec/starter usr/lib/ipsec/ +usr/lib/ipsec/_copyright usr/lib/ipsec/ +usr/sbin/ipsec usr/sbin/ +etc/ipsec.d etc/ +etc/ipsec.conf etc/ +usr/share/man/man8/ipsec.8 usr/share/man/man8/ +usr/share/man/man8/_copyright.8 usr/share/man/man8/ +usr/share/man/man5/ipsec.conf.5 usr/share/man/man5/ +usr/share/man/man5/ipsec.secrets.5 usr/share/man/man5/ +# updown +usr/lib/ipsec/plugins/libstrongswan-updown.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/_updown usr/lib/ipsec/ +usr/lib/ipsec/_updown_espmark usr/lib/ipsec/ +usr/share/man/man8/_updown.8 usr/share/man/man8/ +usr/share/man/man8/_updown_espmark.8 usr/share/man/man8/ +# tools +usr/lib/ipsec/scepclient usr/lib/ipsec/ +usr/lib/ipsec/openac usr/lib/ipsec/ +usr/share/man/man8/scepclient.8 usr/share/man/man8/ +usr/share/man/man8/openac.8 usr/share/man/man8/ +# stroke +usr/lib/ipsec/stroke usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-stroke.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/strongswan-starter.ipsec.init +++ strongswan-4.3.2/debian/strongswan-starter.ipsec.init @@ -0,0 +1,133 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: vpn +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Strongswan IPsec services +### END INIT INFO + +# Author: Rene Mayrhofer + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="strongswan IPsec services" +NAME=ipsec +DAEMON=/usr/sbin/$NAME +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- start \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # give the proper signal to stop + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- stop \ + || return 2 + # but kill if that didn't work + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +do_reload() { + $DAEMON reload + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + $DAEMON status + ;; + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac + +: --- strongswan-4.3.2.orig/debian/rules +++ strongswan-4.3.2/debian/rules @@ -0,0 +1,174 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DH_OPTIONS + +# this is a security-critical package, set all the options we can +export DEB_BUILD_HARDENING=1 + +CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ + --libexecdir=/usr/lib \ + --enable-ldap --enable-curl \ + --enable-nonblocking --enable-thread \ + --enable-smartcard --enable-cisco-quirks \ + --with-default-pkcs11=/usr/lib/opensc-pkcs11.so \ + --enable-mediation --enable-medsrv --enable-medcli \ + --enable-openssl --enable-agent \ + --enable-eap-radius --enable-eap-identity --enable-eap-md5 \ + --enable-eap-gtc --enable-eap-aka --enable-eap-mschapv2 \ + --enable-sql \ + --disable-aes --disable-des --disable-fips-prf --disable-gmp \ + --disable-md5 --disable-sha1 --disable-sha2 \ + --enable-nm + # Could enable --enable-nat-transport, but this is actually insecure, + # so don't! + # And for --enable-eap-sim we would need the library, which we don't + # have right now. + +DEB_BUILD_ARCH_CPU ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH_CPU) + +ifeq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif +# the padlock plugin only makes sense on i386 +# but it actually doesn't do much, so maybe we don't need it +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + CONFIGUREARGS += --enable-padlock +endif + +patch: + dh_testdir + #dpatch apply-all + +unpatch: + #dpatch deapply-all + +build: build-stamp +build-stamp: patch + dh_testdir + ./configure $(CONFIGUREARGS) + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" + touch build-stamp + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp + + [ ! -f Makefile ] || $(MAKE) clean + #-$(MAKE) -C programs/fswcert/ clean + # after a make clean, no binaries _should_ be left, but .... + -find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm + -find $(CURDIR)/lib/libcrypto -name "*.a" | xargs --no-run-if-empty rm + + # Really clean (#356716) + # This is a hack: should be better implemented + rm -f lib/libstrongswan/libstrongswan.a || true + rm -f lib/libstrongswan/liboswlog.a || true + + # just in case something went wrong + rm -f $(CURDIR)/debian/ipsec.secrets + + # and make sure that template are up-to-date + debconf-updatepo + + dh_clean + +install: build-stamp + dh_testdir + dh_testroot + dh_clean + dh_installdirs + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + + # install files from debian/tmp into proper package dirs + dh_install + # special handling for padlock, as it is only built on i386 +ifeq ($(DEB_BUILD_ARCH_CPU),i386) + install $(CURDIR)/debian/tmp/usr/lib/ipsec/plugins/libstrongswan-padlock.so* $(CURDIR)/debian/libstrongswan/usr/lib/ipsec/plugins/ +endif + + # and additional files not covered by upstream makefile... + install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + # also "patch" ipsec.conf to include the debconf-managed file + echo >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + echo "include /var/lib/strongswan/ipsec.conf.inc" >> $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # and to enable both IKEv1 and IKEv2 by default + sed -r 's/^[ \t]+# *plutostart=(yes|no) */\tplutostart=yes/;s/^[ \t]+# *charonstart=(yes|no) */\tcharonstart=yes/' < $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf > $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp + mv $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf.tmp $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + # set permissions on ipsec.secrets + chmod 600 $(CURDIR)/debian/strongswan-starter/etc/ipsec.secrets + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.conf + chmod 700 -R $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/private/ + # don't know why they come with +x set by default... + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/policies/* + #chmod 644 $(CURDIR)/debian/strongswan-starter/etc/ipsec.d/examples/* + + # this is handled by update-rc.d + rm -rf $(CURDIR)/debian/strongswan-starter/etc/rc?.d + + dh_installdocs -pstrongswan -n + # change the paths in the installed doc files (but only in regular + # files, not in links to the outside of the build tree !) + # TODO: check if we still need this + ( cd $(CURDIR)/debian/strongswan/; \ + for f in `grep "/usr/local/" --recursive --files-with-match *`; \ + do \ + if [ -f $$f -a ! -L $$f ]; then \ + cp $$f $$f.old; \ + sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \ + rm $$f.old; \ + fi; \ + done ) + + # the logcheck ignore files + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.paranoid/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.server/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/libstrongswan/etc/logcheck/ignore.d.workstation/strongswan + install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/libstrongswan/etc/logcheck/violations.ignore.d/strongswan + + # more lintian cleanups + find $(CURDIR)/debian/*strongswan*/ -name ".cvsignore" | xargs --no-run-if-empty rm -f + find $(CURDIR)/debian/*strongswan*/ -name "/.svn/" | xargs --no-run-if-empty rm -rf + + # and lintian overrides + install --mode=0644 $(CURDIR)/debian/strongswan.lintian-overrides $(CURDIR)/debian/libstrongswan/usr/share/lintian/overrides/strongswan + +binary-common: + dh_testdir + dh_testroot + dh_installdirs + dh_installinit --name=ipsec + dh_installdebconf + dh_installchangelogs NEWS + dh_installdocs README + dh_link + dh_strip + dh_compress + dh_fixperms -X etc/ipsec.secrets -X etc/ipsec.d + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-indep: + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-i + +binary-arch: install + $(MAKE) -f debian/rules binary-common DH_OPTIONS=-a + +binary-%: build-stamp install + make -f debian/rules binary-common DH_OPTIONS=-p$* + +binary: binary-indep binary-arch +.PHONY: clean binary-indep binary-arch --- strongswan-4.3.2.orig/debian/ipsec.secrets.proto +++ strongswan-4.3.2/debian/ipsec.secrets.proto @@ -0,0 +1,11 @@ +# This file holds shared secrets or RSA private keys for inter-Pluto +# authentication. See ipsec_pluto(8) manpage, and HTML documentation. + +# RSA private key for this host, authenticating it to any other host +# which knows the public part. Suitable public keys, for ipsec.conf, DNS, +# or configuration of other implementations, can be extracted conveniently +# with "ipsec showhostkey". + +# this file is managed with debconf and will contain the automatically created private key +include /var/lib/strongswan/ipsec.secrets.inc + --- strongswan-4.3.2.orig/debian/strongswan-ikev1.install +++ strongswan-4.3.2/debian/strongswan-ikev1.install @@ -0,0 +1,4 @@ +usr/lib/ipsec/pluto usr/lib/ipsec/ +usr/lib/ipsec/_pluto_adns usr/lib/ipsec/ +usr/lib/ipsec/whack usr/lib/ipsec/ +usr/share/man/man8/pluto.8 usr/share/man/man8/ --- strongswan-4.3.2.orig/debian/logcheck.ignore.paranoid +++ strongswan-4.3.2/debian/logcheck.ignore.paranoid @@ -0,0 +1,20 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: regenerating DH private secret --- strongswan-4.3.2.orig/debian/strongswan-starter.config +++ strongswan-4.3.2/debian/strongswan-starter.config @@ -0,0 +1,47 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium strongswan/start_level || true + +# disable for now, until we can deal with the don't-edit-conffiles situation +#db_input high strongswan/ikev1 || true +#db_input high strongswan/ikev2 || true + +db_input medium strongswan/restart || true + +db_input high strongswan/enable-oe || true + +db_input high strongswan/create_rsa_key || true +db_go || true + +db_get strongswan/create_rsa_key +if [ "$RET" = "true" ]; then + # create a new certificate + db_input medium strongswan/rsa_key_length || true + db_input high strongswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium strongswan/x509_country_code || true + db_go || true + db_get strongswan/x509_country_code + countrycode="$RET" + done + db_input medium strongswan/x509_state_name || true + db_input medium strongswan/x509_locality_name || true + db_input medium strongswan/x509_organization_name || true + db_input medium strongswan/x509_organizational_unit || true + db_input medium strongswan/x509_common_name || true + db_input medium strongswan/x509_email_address || true + db_go || true +else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + # existing certificate - use it + db_input critical strongswan/existing_x509_certificate_filename || true + db_input critical strongswan/existing_x509_key_filename || true + db_go || true + fi +fi --- strongswan-4.3.2.orig/debian/changelog +++ strongswan-4.3.2/debian/changelog @@ -0,0 +1,413 @@ +strongswan (4.3.2-1ubuntu1) karmic; urgency=low + + * Build depend on libnm-glib-dev instead of libnm-glib-vpn-dev to match + the network manager package naming in Ubuntu + + -- Scott Kitterman Sat, 12 Sep 2009 17:57:44 -0400 + +strongswan (4.3.2-1) unstable; urgency=HIGH + + Urgency high because of security issue and FTBFS. + * New upstream release, fixes security bug. + * Fix padlock handling for i386 in debian/rules. + Closes: #525652 (FTBFS on i386) + * Acknowledge NMUs by security team. + Closes: #533837, #531612 + * Add "Conflicts: strongswan (< 4.2.12-1)" to libstrongswan, + strongswan-starter, strongswan-ikev1, and strongswan-ikev2 to force + update of the strongswan package on installation and avoid conflicts + caused by package restructuring. + Closes: #526037: strongswan-ikev2 and strongswan: error when trying to + install together + Closes: #526486: strongswan and libstrongswan: error when trying to + install together + Closes: #526487: strongswan-ikev1 and strongswan: error when trying to + install together + Closes: #526488: strongswan-starter and strongswan: error when trying to + install together + * Debconf templates and debian/control reviewed by the debian-l10n- + english team as part of the Smith review project. Closes: #528073 + * Debconf translation updates: + Closes: #525234: [INTL:ja] Update po-debconf template translation (ja.po) + Closes: #528323: [INTL:sv] po-debconf file for strongswan + Closes: #528370: [INTL:vi] Vietnamese debconf templates translation update + Closes: #529027: [INTL:pt] Updated Portuguese translation for debconf messages + Closes: #529071: [INTL:fr] French debconf templates translation update + Closes: #529592: nb translation of debconf PO for strongSWAN + Closes: #529638: [INTL:ru] Russian debconf templates translation + Closes: #529661: Updated Czech translation of strongswan debconf messages + Closes: #529742: [INTL:eu] strongswan debconf basque translation + Closes: #530273: [INTL:fi] Finnish translation of the debconf templates + Closes: #529063: [INTL:gl] strongswan 4.2.14-2 debconf translation update + + -- Rene Mayrhofer Sat, 18 Apr 2009 20:28:51 +0200 + +strongswan (4.2.14-1.2) unstable; urgency=high + + * Non-maintainer upload. + * Fix build on i386 + Closes: #525652: FTBFS on i386: + libstrongswan-padlock.so*': No such file or directory + * Fix Two Denial of Service Vulnerabilities + Closes: #533837: strongSwan Two Denial of Service Vulnerabilities + + -- Ruben Puettmann Sun, 21 Jun 2009 17:50:02 +0200 + +strongswan (4.2.14-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix two possible null pointer dereferences leading to denial + of service via crafted IKE_SA_INIT, CREATE_CHILD_SA or + IKE_AUTH request (CVE-2009-1957; CVE-2009-1958; Closes: #531612). + + -- Nico Golde Mon, 15 Jun 2009 13:06:05 +0200 + +strongswan (4.2.14-1) unstable; urgency=low + + * New upstream release, which incorporates the fix. Removed dpatch for it. + Closes: #521950: CVE-2009-0790: DoS + * New support for EAP RADIUS authentication, enabled for this package. + + -- Rene Mayrhofer Wed, 01 Apr 2009 22:17:52 +0200 + +strongswan (4.2.13-2) unstable; urgency=low + + * Fix DoS issue via malicious Dead Peer Detection packet. Thanks to the + security team for providing the patch. + Closes: #521950: CVE-2009-0790: DoS + Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone + to a denial of service attack via a malicious packet. + + -- Rene Mayrhofer Tue, 31 Mar 2009 12:00:51 +0200 + +strongswan (4.2.13-1) unstable; urgency=low + + * New upstream release. This is now compatible with network-manager 0.7 + in Debian, so start building the strongswan-side support. The actual + plugin will need to be another source package. + + -- Rene Mayrhofer Sun, 22 Mar 2009 10:59:31 +0100 + +strongswan (4.2.12-1) unstable; urgency=low + + * New upstream release. Starting with this version, the strongswan + packages is modularized and includes support for plugins like the + NetworkManager plugin. Many details were adopted from Martin Willi's + packages. + * Dropping support for raw RSA public/private keypairs, as charon does + not support it. + * Explicitly remove directories /etc/ipsec.d and /var/run/pluto on purge. + + -- Rene Mayrhofer Sun, 01 Mar 2009 10:46:08 +0000 + +strongswan (4.2.9-1) unstable; urgency=low + + * New upstream release, fixes a MOBIKE issue. + Closes: #507542: strongswan: endless loop + * Explicitly enable compilation with libcurl for CRL fetching + Closes: #497756: strongswan: not compiled with curl support; crl + fetching not available + * Enable compilation with SSH agent support. + + -- Rene Mayrhofer Fri, 05 Dec 2008 17:21:42 +0100 + +strongswan (4.2.4-5) unstable; urgency=high + + Reason for urgency high: this is potentially security relevant. + * Patch backported from 4.2.7 to fix a potential DoS issue. + Thanks to Thomas Kallenberg for the patch. + + -- Rene Mayrhofer Mon, 29 Sep 2008 10:35:30 +0200 + +strongswan (4.2.4-4) unstable; urgency=low + + * Tweaked configure options for lenny to remove somewhat experimental, + incomplete, or unnecessary features. Removed --enable-xml, + --enable-padlock, and --enable-manager and added --disable-aes, + --disable-des, --disable-fips-prf, --disable-gmp, --disable-md5, + --disable-sha1, and --disable-sha2 because openssl already + contains this code, we depend on it and thus don't need it twice. + Padlock support does not do much, because the bulk encryption uses + it anyway (being done internally in the kernel) and using padlock + for IKEv2 key agreement adds complexity for little gain. + Thanks to Thomas Kallenberg of strongswan upstream team for + suggesting these changes. The package is now noticable smaller. + * Also remove dbus dependency, which is no longer necessary. + + -- Rene Mayrhofer Mon, 01 Sep 2008 08:59:10 +0200 + +strongswan (4.2.4-3) unstable; urgency=low + + * Changed configure option to build peer-to-peer service again. + Closes: #494678: strongswan: configure option --enable-p2p changed to + --enable-mediation + + -- Rene Mayrhofer Tue, 12 Aug 2008 20:08:26 +0200 + +strongswan (4.2.4-2) unstable; urgency=medium + + Urgency medium because this fixes an FTFBS bug on non-i386. + * Only compile padlock crypto acceleration support for i386. Thanks for + the patch! + Closes: #492455: strongswan: FTBFS: Uses i386 assembler on non-i386 + arches. + * Updated Swedish debconf translation. + Closes: #492902: [INTL:sv] po-debconf file for strongswan + + -- Rene Mayrhofer Thu, 07 Aug 2008 13:02:54 +0200 + +strongswan (4.2.4-1) unstable; urgency=medium + + Urgency medium because this new upstream versions no longer uses + dbus and thus fixed the grave bug from the last Debian package. This + version should transit to testing. + * New upstream release. Starting with version 4.2.0, crypto algorithms have + beeen modularized with existing code ported over. Among other improvments, + this version now supports AES-CCM (e.g. with esp=aes128ccm12) and AES-GCM + (e.g. with esp=aes256gcm16) starting with kernel 2.6.25 and enables dead + peer detection by default. + Note that charon (IKEv2) now uses the new /etc/strongswan.conf. + * Enabled building of VIA Padlock and openssl crypto plugins. + * Drop patch to rename AES_cbc_encrypt so as not to conflict with an + openssl method of the same name. This has been applied upstream. + * This new upstream version no longer uses dbus. + Closes: #475098: charon needs dbus but strongswan does not depend on dbus + Closes: #475099: charon does not work any more + * This new upstream version no longer prints error messages in its + init script. + Closes: #465718: strongswan: startup on booting returns error messages + * Apply patch to ipsec init script to fix bashism. + Closes: #473703: strongswan: bashism in /bin/sh script + * Updated Czech debconf translation. + Closes: #480928: [l10n] Updated Czech translation of strongswan debconf + messages + + -- Rene Mayrhofer Thu, 10 Jul 2008 14:40:43 +0200 + +strongswan (4.1.11-1) unstable; urgency=low + + * New upstream release. + * DBUS support now interacts with network-manager, so need to build-depend + on network-manager-dev. + * The web interface has been improved and now requires libfcgi-dev and + clearsilver-dev to compile, so build-depend on them. Also build-depend + on libxml2-dev, libdbus-1-dev, libtool, and libsqlite3-dev (which were + all build-deps before but were not listed explicitly so far - fix that). + * Add patch to rename internal AES_cbc_encrypt function and thus avoid + conflict with the openssl function. + Closes: #470721: pluto segfaults when using pkcs11 library linked with + OpenSSL + + -- Rene Mayrhofer Sun, 30 Mar 2008 10:35:16 +0200 + +strongswan (4.1.10-2) unstable; urgency=low + + * Enable new configure options: dbus, xml, nonblocking, thread, peer- + to-peer NAT-traversal and the manager interface support. + * Also set the default path to the opensc-pkcs11 engine explicitly. + + -- Rene Mayrhofer Fri, 15 Feb 2008 10:25:49 +0100 + +strongswan (4.1.10-1) unstable; urgency=low + + * New upstream release. + Closes: #455711: New upstream version 4.1.9 + * Updated Japanese debconf translation. + Closes: #463321: strongswan: [INTL:ja] Update po-debconf template + translation (ja.po) + + -- Rene Mayrhofer Thu, 07 Feb 2008 15:15:14 +0100 + +strongswan (4.1.8-3) unstable; urgency=low + + * Force use of hardening-wrapper when building the package by setting + a Build-Dep to it and setting export DEB_BUILD_HARDENING=1 in + debian/rules. + + -- Rene Mayrhofer Thu, 07 Feb 2008 14:14:48 +0100 + +strongswan (4.1.8-2) unstable; urgency=medium + + * Ship our own init script, since upstream no longer does. This is still + installed as /etc/init.d/ipsec (and not /etc/init.d/strongswan) to be + backwards compatible. + Really closes: #442880: strongswan: postinst failure (missing + /etc/init.d/ipsec) + * Actually, need to be smarter with ipsec.conf and ipsec.secrets. Not + marking them as conffiles isn't the right thing either. Instead, now + use the includes feature to pull in config snippets that are + modified by debconf. It's not perfect, though, as the IKEv1/IKEv2 + protocols can't be enabled/disabled with includes. Therefore don't + support this option in debconf for the time being, but default to + enabled for both IKE versions. The files edited with debconf are kept + under /var/lib/strongswan. + * Cleanup debian/rules: no longer need to remove leftover files from + patching, as currently there are no Debian-specific patches (fortunately). + * More cleanup: drop debconf translations hack for woody compatibility, + depend on build-stamp instead of build in the install-strongswan target, + and remove the now unnecessary dh_clean -k call in install-strongswan so + that configure shouldn't run twice during building the package. + * Update French debconf translation. + Closes: #448327: strongswan: [INTL:fr] French debconf templates + translation update + + -- Rene Mayrhofer Fri, 02 Nov 2007 21:55:29 +0100 + +strongswan (4.1.8-1) unstable; urgency=low + + The "I'm back from my long semi-vacation, and strongswan is now bug-free + again" release. + * New upstream release. + Closes: #442880: strongswan: postinst failure (missing /etc/init.d/ipsec) + Closes: #431874: strongswan - FTBFS: cannot create regular file + `/etc/ipsec.conf': Permission denied + * Explicitly use debhalper compatbility version 5m now using debian/compat + instead of DH_COMPAT. + * Since there's no configurability in dh_installdeb's mania to flag + everything below /etc as a conffile, now hack DEBIAN/conffiles directly + to remove ipsec.conf and ipsec.secrets. + Closes: #442929: strongswan: Maintainer script modifies conffiles + * Add/update debconf translations. + Closes: #432189: strongswan: [INTL:de] updated German debconf translation + Closes: #432212: [l10n] Updated Czech translation of strongswan debconf + messages + Closes: #432642: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #444710: strongswan: [INTL:pt] Updated Portuguese translation for + debconf messages + + -- Rene Mayrhofer Fri, 26 Oct 2007 16:16:51 +0200 + +strongswan (4.1.4-1) unstable; urgency=low + + * New upstream release. + * Fixed debconf descriptions. + Closes: #431157: strongswan: Minor errors in Debconf template + * Include Portugese and + Closes: #415178: strongswan: [INTL:pt] Portuguese translation for debconf + messages + Closes: #431154: strongswan: [INTL:de] initial German debconf translation + + -- Rene Mayrhofer Thu, 05 Jul 2007 00:53:01 +0100 + +strongswan (4.1.3-1) unreleased; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 03 Jun 2007 18:39:11 +0100 + +strongswan (4.1.1-1) unreleased; urgency=low + + Major new upstream release: + * IKEv2 support with the new "charon" daemon in addition to the old "pluto" + which is still used for IKEv1. + * Switches to auto* tools build system. + * The postinst script is still not quite as complete in updating the 2.8.x + config automatically to a new 4.x config, but I don't want to wait any + longer with the upload. It can be improved later on. + + -- Rene Mayrhofer Thu, 12 Apr 2007 21:33:56 +0100 + +strongswan (2.8.3-1) unstable; urgency=low + + * New upstream release with fixes for the SHA-512-HMAC function and + added SHA-384 and SHA-2 implementations. + + -- Rene Mayrhofer Thu, 22 Feb 2007 20:19:45 +0000 + +strongswan (2.8.2-1) unstable; urgency=low + + * New upstream release with interoperability fixes for some VPN + clients. + + -- Rene Mayrhofer Tue, 30 Jan 2007 12:21:20 +0000 + +strongswan (2.8.1+dfsg-1) unstable; urgency=low + + * New upstream release, now with XAUTH support. + * Explicitly enable smartcard and vendorid options as well as a + few more in debian/rules. + Closes: #407449: strongswan: smartcard support is disabled + + -- Rene Mayrhofer Sun, 28 Jan 2007 21:06:25 +0000 + +strongswan (2.8.1-1) UNRELEASED; urgency=low + + * New upstream release. + + -- Rene Mayrhofer Sun, 28 Jan 2007 20:59:11 +0000 + +strongswan (2.8.0+dfsg-1) unstable; urgency=low + + * New upstream release. + * Update debconf templates. + Closes: #388672: strongswan: [INTL:fr] French debconf templates + translation update + Closes: #389253: [l10n] Updated Czech translation of strongswan + debconf messages + Closes: #391457: [INTL:nl] Updated dutch po-debconf translation + Closes: #396179: strongswan: [INTL:ja] Updated Japanese po-debconf + template translation (ja.po) + * Fix broken reference to a now non-existing config file. no_oe.conf + has been replaced by oe.conf, with the opposite meaning. Changed + postinst to deal with it correctly now, and also try to convert + older config file lines to newer (e.g. when updating from openswan + to strongswan). + Closes: #391565: fails to start : /etc/ipsec.conf:46: include + files found no matches + [/etc/ipsec.d/examples/no_oe.conf] + + -- Rene Mayrhofer Mon, 6 Nov 2006 19:01:58 +0000 + +strongswan (2.7.3+dfsg-1) unstable; urgency=low + + * New upstream release. Another try on getting it into unstable. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * Call debian-updatepo in the clean target, in line with the openswan + change for its version 2.4.6+dfsg-1. + * Remove man2html, htmldoc, and lynx from the Build-Deps because we no + longer rebuild the documentation tree. + * Starting shipping a lintian overrides file to finally silence the + warnings about non-standard-(file|dir)-perms (they are intentional). + * Clean up /usr/lib/ipsec somehow, again owing to lintian warnings. + * Add po-debconf to build dependencies. + + -- Rene Mayrhofer Wed, 23 Aug 2006 21:23:36 +0100 + +strongswan (2.7.2+dfsg-1) unstable; urgency=low + + * First upload to the main Debian archive. This does no longer build + the linux-patch-strongswan and strongswan-modules-source packages, + as KLIPS will be removed from the strongswan upstream source anyway + for the next major release. However, the openswan KLIPS could should + be interoperable with strongswan user space. + Closes: #372267: ITP: strongswan -- second fork of freeswan. + * This upload removes the draft RFCs, as they are not considered free under + the DFSG. + + -- Rene Mayrhofer Sun, 9 Jul 2006 12:40:34 +0100 + +strongswan (2.7.2-1) unstable; urgency=low + + * New upstream release. This release fixes a potential DoS problem. + + -- Rene Mayrhofer Mon, 26 Jun 2006 12:34:43 +0100 + +strongswan (2.7.0-1) unstable; urgency=low + + * Initial Debian packaging of strongswan. This is directly based on my + Debian package of openswan 2.4.5-3. + * Do not compile and ship fswcert right now, because it is not included + in strongswan upstream. If it turns out to be necessary for supporting + easy-to-use OE in the future (i.e. for generating the DNS format for the + public keys from generated X.509 certificates), I will re-add it to the + Debian package. + * Also disabled my patches to use /etc/default instead of /etc/sysconfig for + now. Something like that will be necessary in the future, but those parts + of strongswan differ significanty from openswan. + + -- Rene Mayrhofer Mon, 22 May 2006 07:37:00 +0100 + +Local variables: +mode: debian-changelog +End: --- strongswan-4.3.2.orig/debian/strongswan-starter.prerm +++ strongswan-4.3.2/debian/strongswan-starter.prerm @@ -0,0 +1,40 @@ +#! /bin/sh +# prerm script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + upgrade) + ;; + remove|deconfigure) + invoke-rc.d ipsec stop || true +# install-info --quiet --remove /usr/info/strongswan.info.gz + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- strongswan-4.3.2.orig/debian/use-bash1.diff +++ strongswan-4.3.2/debian/use-bash1.diff @@ -0,0 +1,4 @@ +1c1 +< #! /bin/sh +--- +> #!/bin/bash --- strongswan-4.3.2.orig/debian/strongswan-nm.install +++ strongswan-4.3.2/debian/strongswan-nm.install @@ -0,0 +1 @@ +usr/lib/ipsec/plugins/libstrongswan-nm.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/strongswan-starter.postinst +++ strongswan-4.3.2/debian/strongswan-starter.postinst @@ -0,0 +1,313 @@ +#! /bin/bash +# postinst script for strongswan +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +CONF_FILE=/var/lib/strongswan/ipsec.conf.inc +SECRETS_FILE=/var/lib/strongswan/ipsec.secrets.inc + +insert_private_key_filename() { + if [ ! -e $SECRETS_FILE ] || ! grep -q ": RSA $1" $SECRETS_FILE; then + echo ": RSA $1" >> $SECRETS_FILE + fi +} + +IPSEC_SECRETS_PATTERN_1=': RSA {' +IPSEC_SECRETS_PATTERN_2=' # yyy' +IPSEC_SECRETS_PATTERN_3=' }' +IPSEC_SECRETS_PATTERN_4='# do not change the indenting of that "}"' + +# remove old, misguided attempts at a default ipsec.secrets files +repair_legacy_secrets() { + if [ -e $SECRETS_FILE ] && grep -A 2 "$IPSEC_SECRETS_PATTERN_1" $SECRETS_FILE | + tail --lines=2 | + grep -A 1 "$IPSEC_SECRETS_PATTERN_2" | + tail --lines=1 | + grep "$IPSEC_SECRETS_PATTERN_3" >/dev/null; then + echo "Old default config file detected, removing the old defaults now." + umask 077 ; ( + # this is ugly, and someone maybe can formulate this in sed, but + # this was the quickest way for me + line=`grep -n "$IPSEC_SECRETS_PATTERN_2" $SECRETS_FILE | cut -d':' -f1` + until=`expr $line - 1` + head -n $until $SECRETS_FILE + sum=`wc -l $SECRETS_FILE | cut -d ' ' -f1` + from=`expr $sum - $line -1` + tail -n $from $SECRETS_FILE + ) > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + grep -v "$IPSEC_SECRETS_PATTERN_4" $SECRETS_FILE > $SECRETS_FILE.tmp + mv $SECRETS_FILE.tmp $SECRETS_FILE + fi +} + +make_x509_cert() { + if [ $# -ne 12 ]; then + echo "Error in creating X.509 certificate" + exit 1 + fi + + case $5 in + false) + certreq=$4.req + selfsigned="" + ;; + true) + certreq=$4 + selfsigned="-x509" + ;; + *) + echo "Error in creating X.509 certificate" + exit 1 + ;; + esac + + echo -e "$6\n$7\n$8\n$9\n${10}\n${11}\n${12}\n\n\n" | \ + /usr/bin/openssl req -new -outform PEM -out $certreq \ + -newkey rsa:$1 -nodes -keyout $3 -keyform PEM \ + -days $2 $selfsigned >/dev/null +} + +enable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Enabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE; then + sed "s/${daemon}start=no/${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ -e $CONF_FILE ] && egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE; then + sed "s/^\w+#\w*${daemon}start=(yes|no)\w*$/\t${daemon}start=yes/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +disable_daemon_start() { + daemon=$1 + protocol=$2 + + echo -n "Disabling ${protocol} support by pluto ... " + if [ -e $CONF_FILE ] && ( egrep -q "^\w+${daemon}start=no\w*$" $CONF_FILE || + egrep -q "^\w+#\w*${daemon}start=(yes|no)\w*$" $CONF_FILE ); then + echo "already disabled" + elif [ -e $CONF_FILE ] && egrep -q "^\w+${daemon}start=yes\w*$" $CONF_FILE; then + sed "s/${daemon}start=yes/${daemon}start=no/" < $CONF_FILE > $CONF_FILE.tmp + cp $CONF_FILE.tmp $CONF_FILE + rm $CONF_FILE.tmp + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo -e "\t${daemon}start=yes" > $CONF_FILE + else + echo "ERROR: unknown or nonexistant ${daemon}start= directive, please fix manually!" + fi +} + +. /usr/share/debconf/confmodule + +case "$1" in + configure) + db_get strongswan/create_rsa_key + if [ "$RET" = "true" ]; then + repair_legacy_secrets + # OK, ipsec.secrets should now be correct + # create a new keypair + host=`hostname` + newkeyfile="/etc/ipsec.d/private/${host}Key.pem" + newcertfile="/etc/ipsec.d/certs/${host}Cert.pem" + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # create a new certificate + db_get strongswan/rsa_key_length + keylength=$RET + db_get strongswan/x509_self_signed + selfsigned=$RET + db_get strongswan/x509_country_code + countrycode=$RET + if [ -z "$countrycode" ]; then countrycode="."; fi + db_get strongswan/x509_state_name + statename=$RET + if [ -z "$statename" ]; then statename="."; fi + db_get strongswan/x509_locality_name + localityname=$RET + if [ -z "$localityname" ]; then localityname="."; fi + db_get strongswan/x509_organization_name + orgname=$RET + if [ -z "$orgname" ]; then orgname="."; fi + db_get strongswan/x509_organizational_unit + orgunit=$RET + if [ -z "$orgunit" ]; then orgunit="."; fi + db_get strongswan/x509_common_name + commonname=$RET + if [ -z "$commonname" ]; then commonname="."; fi + db_get strongswan/x509_email_address + email=$RET + if [ -z "$email" ]; then email="."; fi + make_x509_cert $keylength 1500 "$newkeyfile" "$newcertfile" "$selfsigned" "$countrycode" "$statename" "$localityname" "$orgname" "$orgunit" "$commonname" "$email" + chmod 0600 "$newkeyfile" + umask 077 + insert_private_key_filename "$newkeyfile" + echo "Successfully created x509 certificate." + fi + else + db_get strongswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + if [ -e $newcertfile -o -e $newkeyfile ]; then + echo "Error: $newcertfile or $newkeyfile already exists." + echo "Please remove them first an re-run dpkg-reconfigure to create a new keypair." + else + # existing certificate - use it + db_get strongswan/existing_x509_certificate_filename + certfile=$RET + db_get strongswan/existing_x509_key_filename + keyfile=$RET + if [ ! -r $certfile ] || [ ! -r $keyfile ]; then + echo "Either the certificate or the key file could not be read !" + else + cp "$certfile" /etc/ipsec.d/certs + umask 077 + cp "$keyfile" "/etc/ipsec.d/private" + newkeyfile="/etc/ipsec.d/private/`basename $keyfile`" + chmod 0600 "$newkeyfile" + insert_private_key_filename "$newkeyfile" + echo "Successfully extracted RSA key from existing x509 certificate." + fi + fi + fi + fi + + # figure out the correct start time + db_get strongswan/start_level + if [ "$RET" = "earliest" ]; then + LEVELS="start 41 S . stop 34 0 6 ." + elif [ "$RET" = "after NFS" ]; then + LEVELS="start 15 2 3 4 5 . stop 30 0 1 6 ." + else + LEVELS="start 21 2 3 4 5 . stop 19 0 1 6 ." + fi + update-rc.d ipsec $LEVELS > /dev/null + + db_get strongswan/enable-oe + if [ "$RET" != "true" ]; then + echo -n "Disabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/include \/etc\/ipsec.d\/examples\/oe.conf/#include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "#include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + echo "already disabled" + fi + else + echo -n "Enabling opportunistic encryption (OE) in config file ... " + if [ -e $CONF_FILE ] && egrep -q "include /etc/ipsec.d/examples/no_oe.conf$" $CONF_FILE; then + # also update to new-style config + sed 's/.*include \/etc\/ipsec.d\/examples\/no_oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo -n "converted old config line to new format" + fi + if [ -e $CONF_FILE ] && egrep -q "^include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + echo "already enabled" + elif [ -e $CONF_FILE ] && egrep -q "^#.*include /etc/ipsec.d/examples/oe.conf$" $CONF_FILE; then + sed 's/#.*include \/etc\/ipsec.d\/examples\/oe.conf/include \/etc\/ipsec.d\/examples\/oe.conf/' < $CONF_FILE > $CONF_FILE.tmp + mv $CONF_FILE.tmp $CONF_FILE + echo "done" + elif [ ! -e $CONF_FILE ]; then + echo "include /etc/ipsec.d/examples/oe.conf" > $CONF_FILE + else + cat <> $CONF_FILE +#Enable Opportunistic Encryption +include /etc/ipsec.d/examples/oe.conf +EOF + echo "done" + fi + fi + + # disabled for now, until we can solve the don't-edit-conffiles issue + #db_get strongswan/ikev1 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "pluto" "IKEv1" + #else + # disable_daemon_start "pluto" "IKEv1" + #fi + #db_get strongswan/ikev2 + #if [ "$RET" != "true" ]; then + # enable_daemon_start "charon" "IKEv2" + #else + # disable_daemon_start "charon" "IKEv2" + #fi + + if [ -z "$2" ]; then + # no old configured version - start strongswan now + invoke-rc.d ipsec start || true + else + # does the user wish strongswan to restart? + db_get strongswan/restart + if [ "$RET" = "true" ]; then + invoke-rc.d ipsec restart || true # sure, we'll restart it for you + fi + fi + + db_stop + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument '$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically + +#DEBHELPER# + +exit 0 --- strongswan-4.3.2.orig/debian/strongswan.lintian-overrides +++ strongswan-4.3.2/debian/strongswan.lintian-overrides @@ -0,0 +1,3 @@ +strongswan: non-standard-file-perm etc/ipsec.secrets 0600 != 0644 +strongswan: non-standard-dir-perm etc/ipsec.d/examples/ 0775 != 0755 +strongswan: non-standard-dir-perm etc/ipsec.d/private/ 0700 != 0755 --- strongswan-4.3.2.orig/debian/strongswan.docs +++ strongswan-4.3.2/debian/strongswan.docs @@ -0,0 +1,2 @@ +README +CREDITS --- strongswan-4.3.2.orig/debian/README.Debian +++ strongswan-4.3.2/debian/README.Debian @@ -0,0 +1,124 @@ +strongswan for Debian +---------------------- + +1) General Remarks + +This package has been created from the openswan package, which was again +created from the freeswan package, which was created from scratch with some +ideas from the freeswan 1.3 package by Tommi Virtanen and the freeswan 1.5 +package by Aaron Johnson merged in. + +The differences between the strongSwan and the Openswan packages are +documented at http://www.strongswan.org/ . + +2) Kernel Support + +Note: This package can make use of the in-kernel IPSec stack, which is +available in the stock Debian kernel images (>=2.4.24 and 2.6.x). + +If you want to use the strongswan utilities, you will need the appropriate +kernel modules. The Debian default kernel native IPSec stack (which is +included in Linux 2.6 kernels and has been backported to Debian's 2.4 kernels) +can be used out-of-the-box with strongswan pluto, the key management daemon. +This native Linux IPSec stack is of high quality, has all of the features of +the latest Debian freeswan and openswan packages (i.e. support for other +ciphers like AES and NAT Traversal support) and is well integrated into the +kernel networking subsystem (which is not true for the freeswan kernel +modules). This is the recommended kernel support for strongswan. + +If you do not want to use the in-kernel IPSec stack of newer 2.6 kernels or +are building a custom 2.4 kernel, then the KLIPS kernel part can be used. +strongswan no longer ships this part, but is instead focussing on the newer +native IPSec stack. However, strongswan is interoperable with the KLIPS part +shipped with openswan, both for 2.4 and 2.6 series kernels. Please install +either the linux-patch-openswan or the openswan-modules-source packages and +follow their respective README.Debian files when you want to use KLIPS. + +3) Getting Started + +For connecting two Debian boxes using this strongswan package, the +simplest connection block on each side would look something like this: + +On host A, use + +conn to_hostb + left=%defaultroute + right=hostb.example.com + leftcert=hosta.pem + rightcert=hostb.pem + keyexchange=ikev2 + type=transport + auto=add + +On host B, use +conn to_hosta + left=%defaultroute + right=hosta.example.com + leftcert=hostb.pem + rightcert=hosta.pem + keyexchange=ikev2 + type=transport + auto=add + +This assumes that the respective hostnames hosta.example.com and +hostb.example.com can be resolved and that the internal hostnames are hosta +and hostb (and thus installing the strongswan package created the certificates +hosta.pem and hostb.pem, respectively). +Then the certificates (and not the private keys!) need to be exchanged between +the hosts, e.g. with + scp /etc/ipsec.d/certs/hosta.pem hostb.example.com:/etc/ipsec.d/certs/ + scp hostb.example.com:/etc/ipsec.d/certs/hostb.com /etc/ipsec.d/certs/ +from host A. The IPSec transport connection (that is, no subnets behind these +hosts that should be tunneled) can be started from either side using +"ipsec up to_hostb" (e.g. from host A). +Note that this example explicitly uses IKEv2 due to its nicer error messages. + +A more complicated example is to connect a "roadwarrior" (e.g. laptop) +to an internal network wbile it is behind another NAT. On the gateway +side, i.e. for the internal network the roadwarrior should connect to, +the configuration block could look something like this: + +conn roadwwarrior + left=%defaultroute + leftcert=gatewayCert.pem + rightcert=laptopCert.pem + rightrsasigkey=%cert + leftrsasigkey=%cert + auto=add + leftsubnet=10.0.0.0/24 + rightsubnetwithin=0.0.0.0/0 + right=%any + compress=yes + type=tunnel + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + +On the laptop side, you could use something along the lines: + +conn %default + rightrsasigkey=%cert + leftrsasigkey=%cert + authby=rsasig + leftcert=laptopCert.pem + leftsendcert=always + leftsubnet= + dpddelay=30 + dpdtimeout=120 + dpdaction=clear + esp=aes128-sha1 + ike=aes128-sha1-modp2048 + +conn esys + left=%defaultroute + right=gateway.example.com + rightsubnet=10.0.0.0/24 + rightcert=gatewayCert.pem + auto=add + +Then load these new configuration blocks on both sides using "ipsec reload" +and, on the laptop, start the tunnel with "ipsec up mynetwork". +These configuration blocks assume host names "gateway" and "laptop" and an +inner subnet of 10.0.0.0/24. + +-- Rene Mayrhofer , Sun, Jul 09 12:31:00 2006 --- strongswan-4.3.2.orig/debian/compat +++ strongswan-4.3.2/debian/compat @@ -0,0 +1 @@ +7 --- strongswan-4.3.2.orig/debian/logcheck.violations.ignore +++ strongswan-4.3.2/debian/logcheck.violations.ignore @@ -0,0 +1 @@ +ipsec_setup: KLIPS debug `none' --- strongswan-4.3.2.orig/debian/libstrongswan.install +++ strongswan-4.3.2/debian/libstrongswan.install @@ -0,0 +1,9 @@ +usr/lib/libstrongswan.so* usr/lib/ +usr/lib/ipsec/plugins/libstrongswan-gmp.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-x509.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-pubkey.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-hmac.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-xcbc.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-random.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-openssl.so* usr/lib/ipsec/plugins/ +etc/strongswan.conf etc/ --- strongswan-4.3.2.orig/debian/strongswan-ikev2.install +++ strongswan-4.3.2/debian/strongswan-ikev2.install @@ -0,0 +1,8 @@ +usr/lib/ipsec/charon usr/lib/ipsec/ +usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-eap*.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-agent.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-curl.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-ldap.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medsrv.so* usr/lib/ipsec/plugins/ +usr/lib/ipsec/plugins/libstrongswan-medcli.so* usr/lib/ipsec/plugins/ --- strongswan-4.3.2.orig/debian/copyright +++ strongswan-4.3.2/debian/copyright @@ -0,0 +1,418 @@ +This package was debianized by Rene Mayrhofer on +Thu, 10 Aug 2000 10:50:33 +0200. + +The Debian package was created from scratch with some hints taken from +previous freeswan packages by Tommi Virtanen and Aaron Johnson. +The upstream software was downloaded from http://www.freeswan.org/ + +After the FreeS/WAN folks decided to cease development, we used the forked +code base at http://www.strongswan.org/. + +This project has multiple authors, please see the file CREDITS for details. +However, all of the code is DFSG-free and, since 2002-09-16, +the LICENSE file in the upstream distribution includes a special GPL addition +to allow linking with libdes (which contains an advertising clause). +This LICENSE file was added to the Debian package of freeswan version 1.98b +by me, but has been authorized by Michael Richardson of freeswan upstream +(who sent the file to a mailing list). + +The contents of this LICENSE file are: +------------------------------------------------------------------------------ +Except for the DES library, this software is under the GNU Public License, +see the file COPYING. + +The DES library is under a BSD style license, see + linux/crypto/ciphers/des/COPYRIGHT. +Note that this software has a advertising clause in it. + +In addition to the terms set out under the GPL, permission is granted to +link the software against the libdes library just mentioned. +------------------------------------------------------------------------------ +A copy of this COPYRIGHT file can be found below, starting with the copyright +by Eric Young. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +Rene Mayrhofer, 2006-08-25 + + + +These are various licenses from the code: + +--8<-- + * Copyright (C) 1996, 1997 John Ioannidis. + * Copyright (C) 1998, 1999 Richard Guy Briggs. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. +--8<-- + +The source tarball also includes several miscellanous libraries. + + + +An MD5 implementation: + +--8<-- +The MD5 implementation is from RSADSI, so this package must include the +following phrase: "derived from the RSA Data Security, Inc. MD5 +Message-Digest Algorithm". It is not under the GPL; see details in +klips/net/ipsec/ipsec_md5c.c. +--8<-- + +--8<-- +/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm + */ + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +rights reserved. + +License to copy and use this software is granted provided that it +is identified as the "RSA Data Security, Inc. MD5 Message-Digest +Algorithm" in all material mentioning or referencing this software +or this function. + +License is also granted to make and use derivative works provided +that such works are identified as "derived from the RSA Data +Security, Inc. MD5 Message-Digest Algorithm" in all material +mentioning or referencing the derived work. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ +--8<-- + + + +An implementation of DES: + +--8<-- +The LIBDES library by Eric Young is used. It is not under the GPL -- see +details in libdes/COPYRIGHT -- although he has graciously waived the +advertising clause for FreeS/WAN use of LIBDES. +--8<-- + +--8<-- +Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@cryptsoft.com). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@cryptsoft.com) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. +--8<-- + +--8<-- +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- + +An implementation of SHA-1: + +--8<-- +The SHA-1 code is derived from Steve Reid's; it is public domain. +--8<-- + +--8<-- +/* + * The rest of the code is derived from sha1.c by Steve Reid, which is + * public domain. + * Minor cosmetic changes to accommodate it in the Linux kernel by ji. + */ +--8<-- + + + +Portions of Linux kernel source code: + +--8<-- +Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c, +are used in heavily modified forms. +--8<-- + +The Linux kernel is licensed under the Gnu General Public License. + + + +Radix-tree library: + +--8<-- +The radix-tree code from 4.4BSD is used in a modified form. It is not +under the GPL; see details in klips/net/ipsec/radij.c. +--8<-- + +--8<-- +/* + * Copyright (c) 1988, 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)radix.c 8.2 (Berkeley) 1/4/94 + */ +--8<-- + + +The license from the OpenSSL code that is included in the extension algorithm +patch (the kernel-patch-freeswan-ext package): + +--8<-- + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +--8<-- --- strongswan-4.3.2.orig/debian/logcheck.ignore.server +++ strongswan-4.3.2/debian/logcheck.ignore.server @@ -0,0 +1,25 @@ +ipsec_setup: KLIPS debug \`none\' +ipsec_setup: Stopping FreeS/WAN IPsec\.\.\. +ipsec_setup: stop ordered +ipsec_setup: doing cleanup anywan... +ipsec_setup: \.\.\.FreeS/WAN IPsec stopped +ipsec_setup: Starting FreeS/WAN IPsec +ipsec_setup: \.\.\.FreeS/WAN IPsec started +ipsec_plutorun: .*: initiate +pluto.*: deleting state +pluto.*: forgetting secrets +pluto.*: shutting down +pluto.*: \| +pluto.*: .* bytes loaded +pluto.*: including X\.509 patch +pluto.*: Loading my X\.509 certificate +pluto.*: Starting pluto +pluto.*: added connection description +pluto.*: adding interface +pluto.*: listening for IKE messages +pluto.*: loading secrets +pluto.*: .* SA established +pluto.*: .* SA expired +pluto.*: replacing stale .* SA +pluto.*: initiating Quick Mode +pluto.*: regenerating DH private secret --- strongswan-4.3.2.orig/debian/strongswan-starter.templates +++ strongswan-4.3.2/debian/strongswan-starter.templates @@ -0,0 +1,176 @@ +# These templates have been reviewed by the debian-l10n-english +# team +# +# If modifications/additions/rewording are needed, please ask +# debian-l10n-english@lists.debian.org for advice. +# +# Even minor modifications require translation updates and such +# changes should be coordinated with translators and reviewers. + +Template: strongswan/start_level +Type: select +__Choices: earliest, after NFS, after PCMCIA +Default: earliest +_Description: When to start strongSwan: + StrongSwan starts during system startup so that it can protect filesystems + that are automatically mounted. + . + * earliest: if /usr is not mounted through NFS and you don't use a + PCMCIA network card, it is best to start strongSwan as soon as + possible, so that NFS mounts can be secured by IPSec; + * after NFS: recommended when /usr is mounted through NFS and no + PCMCIA network card is used; + * after PCMCIA: recommended if the IPSec connection uses a PCMCIA + network card or if it needs keys to be fetched from a locally running DNS + server with DNSSec support. + +Template: strongswan/restart +Type: boolean +Default: true +_Description: Restart strongSwan now? + Restarting strongSwan is recommended, because if there is a security fix, it + will not be applied until the daemon restarts. However, this might close + existing connections and then bring them back up. + . + If you don't restart strongSwan now, you should do so manually at the first + opportunity. + +Template: strongswan/ikev1 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv1 daemon? + The pluto daemon must be running to support version 1 of the Internet Key + Exchange protocol. + +Template: strongswan/ikev2 +Type: boolean +Default: true +_Description: Start strongSwan's IKEv2 daemon? + The charon daemon must be running to support version 2 of the Internet Key + Exchange protocol. + +Template: strongswan/create_rsa_key +Type: boolean +Default: true +_Description: Create an RSA public/private keypair for this host? + StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate + IPSec connections to other hosts. RSA authentication is generally considered + more secure and is easier to administer. You can use PSK and RSA authentication + simultaneously. + . + If you do not want to create a new public/private keypair, you can choose to + use an existing one in the next step. + +Template: strongswan/existing_x509_certificate +Type: boolean +Default: false +_Description: Use an existing X.509 certificate for strongSwan? + The required information can automatically be extracted from an + existing X.509 certificate with a matching RSA private key. Both parts can + be in one file, if it is in PEM format. + You should choose this option if you have such an existing + certificate and key file and want to use it for authenticating IPSec + connections. + +Template: strongswan/existing_x509_certificate_filename +Type: string +_Description: File name of your X.509 certificate in PEM format: + Please enter the full location of the file containing your X.509 + certificate in PEM format. + +Template: strongswan/existing_x509_key_filename +Type: string +_Description: File name of your existing X.509 private key in PEM format: + Please enter the full location of the file containing the private RSA key + matching your X.509 certificate in PEM format. This can be the same file + as the X.509 certificate. + +Template: strongswan/rsa_key_length +Type: string +Default: 2048 +_Description: RSA key length: + Please enter the length of RSA key you wish to generate. A value of less than + 1024 bits is not considered secure. A value of more than 2048 bits will + probably affect performance. + +Template: strongswan/x509_self_signed +Type: boolean +Default: true +_Description: Create a self-signed X.509 certificate? + Only self-signed X.509 certificates can be created + automatically, because otherwise a certificate authority is needed to sign + the certificate request. + . + If you accept this option, the certificate created can be used + immediately to connect to other IPSec hosts that support authentication via + an X.509 certificate. However, using strongSwan's PKI features requires a + trust path to be created by having all X.509 certificates signed by a single + authority. + . + If you do not accept this option, only the RSA private key will be created, + along with a certificate request which you will need to have signed by a + certificate authority. + +Template: strongswan/x509_country_code +Type: string +Default: AT +_Description: Country code for the X.509 certificate request: + Please enter the two-letter ISO3166 country code that should be + used in the certificate request. + . + This field is mandatory; otherwise a certificate cannot be generated. + +Template: strongswan/x509_state_name +Type: string +Default: +_Description: State or province name for the X.509 certificate request: + Please enter the full name of the state or province to include in + the certificate request. + +Template: strongswan/x509_locality_name +Type: string +Default: +_Description: Locality name for the X.509 certificate request: + Please enter the locality name (often a city) + that should be used in the certificate request. + +Template: strongswan/x509_organization_name +Type: string +Default: +_Description: Organization name for the X.509 certificate request: + Please enter the organization name (often a company) + that should be used in the certificate request. + +Template: strongswan/x509_organizational_unit +Type: string +Default: +_Description: Organizational unit for the X.509 certificate request: + Please enter the organizational unit name (often a department) + that should be used in the certificate request. + +Template: strongswan/x509_common_name +Type: string +Default: +_Description: Common name for the X.509 certificate request: + Please enter the common name (such as the host name of this machine) + that should be used in the certificate request. + +Template: strongswan/x509_email_address +Type: string +Default: +_Description: Email address for the X.509 certificate request: + Please enter the email address (for the individual or organization responsible) + that should be used in the certificate request. + +Template: strongswan/enable-oe +Type: boolean +Default: false +_Description: Enable opportunistic encryption? + This version of strongSwan supports opportunistic encryption (OE), which stores + IPSec authentication information in + DNS records. Until this is widely deployed, activating it will + cause a significant delay for every new outgoing connection. + . + You should only enable opportunistic encryption if you are sure you want it. + It may break the Internet connection (default route) as the pluto daemon + starts. --- strongswan-4.3.2.orig/debian/po/POTFILES.in +++ strongswan-4.3.2/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] strongswan-starter.templates --- strongswan-4.3.2.orig/debian/po/templates.pot +++ strongswan-4.3.2/debian/po/templates.pot @@ -0,0 +1,362 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" --- strongswan-4.3.2.orig/debian/po/pt_BR.po +++ strongswan-4.3.2/debian/po/pt_BR.po @@ -0,0 +1,749 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: openswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2005-01-24 21:53-0200\n" +"Last-Translator: Andr Lus Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +#, fuzzy +msgid "When to start strongSwan:" +msgstr "Voc deseja reiniciar o Openswan ?" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "Restart strongSwan now?" +msgstr "Voc deseja reiniciar o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Reiniciar o Openswan uma boa idia, uma vez que caso exista um correo " +"para uma falha de segurana, o mesmo no ser corrigido at que o daemon " +"seja reiniciado. A maioria das pessoas esperam que o daemon seja reiniciado, " +"portanto essa geralmente uma boa idia. Porm, reiniciar o Openswan pode " +"derrubar conexes existentes, mas posteriormente traz-las de volta." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Voc deseja criar um par de chaves RSA pblica/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Voc deseja criar um par de chaves RSA pblica/privada para este host ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Voc possui um arquivo de certificado X509 existente que voc gostaria de " +"usar com o Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Este instalador pode extrair automaticamente a informao necessria de um " +"certificado X509 existente com uma chave RSA privada adequada. Ambas as " +"partes podem estar em um arquivo, caso estejam no formato PEM. Voc possui " +"um certificado existente e um arquivo de chave e quer us-los para " +"autenticar conexes IPSec ?" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "File name of your X.509 certificate in PEM format:" +msgstr "" +"Por favor, informe a localizao de seu certificado X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor, informe a localizao do arquivo contendo seu certificado X509 no " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "" +"Por favor, informe a localizao de sua chave privada X509 no formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Por favor, informe a localizao do arquivo contendo a chave privada RSA que " +"casa com seu certificado X509 no formato PEM. Este pode ser o mesmo arquivo " +"que contm o certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +msgid "Create a self-signed X.509 certificate?" +msgstr "Deseja criar um certificado X509 auto-assinado ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Caso voc no queira criar um certificado auto-assinado, este instalador ir " +"somente criar a chave privada RSA e a requisio de certificado e voc ter " +"ento que assinar a requisio de certificado junto a sua autoridade " +"certificadora." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +msgid "Country code for the X.509 certificate request:" +msgstr "" +"Por favor, informe o cdigo de pas para a requisio de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Por favor, informe o cdifo de pas de duas letras para seu pas. Esse " +"cdigo ser inserido na requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +msgid "State or province name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o estado ou nome de provncia para a requisio de " +"certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Por favor, informe o nome complete do estado ou provncia em que voc mora. " +"Esse nome ser inserido na requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +msgid "Locality name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da localidade para a requisio de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Por favor, informe a localidade (ou seja, cidade) onde voc mora. Esse nome " +"ser inserido na requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +msgid "Organization name for the X.509 certificate request:" +msgstr "" +"Por favor, informe o nome da organizao para a requisio de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Por favor, informe a unidade organizacional (ou seja, seo ou departamento) " +"para a qual este certificado dever ser criado. Esse nome ser inserido na " +"requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +msgid "Organizational unit for the X.509 certificate request:" +msgstr "" +"Por favor, informe a unidade organizacional para a requisio de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Por favor, informe a unidade organizacional (ou seja, seo ou departamento) " +"para a qual este certificado dever ser criado. Esse nome ser inserido na " +"requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +msgid "Common name for the X.509 certificate request:" +msgstr "Por favor, informe o nome comum para a requisio de certificado X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Por favor, informe o nome comum (ou seja, o nome do host dessa mquina) para " +"o qual o certificado X509 dever ser criado. Esse nome ser inserido na " +"requisio de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +msgid "Email address for the X.509 certificate request:" +msgstr "" +"Por favor, informe o endereo de e-mail para a requisio de certificado " +"X509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Por favor, informe o endereo de e-mail da pessoa ou organizao responsvel " +"pelo certificado X509. Esse endereo ser inserido na requisio de " +"certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +msgid "Enable opportunistic encryption?" +msgstr "Voc deseja habilitar a encriptao oportunstica no Openswan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "o quando antes, \"depois do NFS\", \"depois do PCMCIA\"" + +#, fuzzy +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Com os nveis de inicializao atuais do Debian (quase todos os servios " +#~ "iniciando no nvel 20) impossvel para o Openswan sempre iniciar no " +#~ "momento correto. Existem trs possibilidades para quando iniciar o " +#~ "Openswan : antes ou depois dos servios NFS e depois dos servios PCMCIA. " +#~ "A resposta correta depende se sua configurao especfica." + +#, fuzzy +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Caso voc no possua sua rvore /usr montada via NFS (voc somente monta " +#~ "outras rvores no vitais via NFS ou no usa rvores montadas via NFS) e " +#~ "no use um carto de rede PCMCIA, a melhor opo iniciar o Openswan o " +#~ "quando antes, permitindo dessa forma que os pontos de montagem NFS " +#~ "estejam protegidos por IPSec. Nesse caso (ou caso voc no compreenda ou " +#~ "no se importe com esse problema), responda \"o quando antes\" para esta " +#~ "pergunta (o que o padro)." + +#, fuzzy +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Caso voc possua sua rvore /usr montada via NFS e no use um carto de " +#~ "rede PCMCIA, voc precisar iniciar o Openswan depois do NFS de modo que " +#~ "todos os arquivos necessrios estejam disponveis. Nesse caso, responda " +#~ "\"depois do NFS\" para esta pergunta. Por favor, note que a montagem NFS " +#~ "de /usr no poder ser protegida pelo IPSec nesse caso." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Caso voc use um carto de rede PCMCIA para suas conexes IPSec voc " +#~ "precisar somente optar por iniciar o Opensan depois dos servios PCMCIA. " +#~ "Responda \"depois do PCMCIA\" nesse caso. Esta tambm a maneira correta " +#~ "de obter chaves de um servidor DNS sendo executado localmente e com " +#~ "suporte a DNSSec." + +#, fuzzy +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Voc deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Voc deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Voc deseja reiniciar o Openswan ?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Este instalador pode automaticamente criar um par de chaves RSA pblica/" +#~ "privada para este host. Esse par de chaves pode ser usado para autenticar " +#~ "conexes IPSec com outros hosts e a maneira preferida de construir " +#~ "conexes IPSec seguras. A outra possibilidade seria usar segredos " +#~ "compartilhados (senhas que so iguais em ambos os lados do tnel) para " +#~ "autenticar uma conexo, mas para um grande nmero de conexes RSA a " +#~ "autenticao mais fcil de administrar e mais segura." + +#, fuzzy +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Qual deve ser o tamanho da chave RSA criada ?" + +#, fuzzy +#~| msgid "" +#~| "Please enter the length of the created RSA key. it should not be less " +#~| "than 1024 bits because this should be considered unsecure and you will " +#~| "probably not need anything more than 2048 bits because it only slows the " +#~| "authentication process down and is not needed at the moment." +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Por favor, informe o tamanho da chave RSA a ser criada. A mesma no deve " +#~ "ser menor que 1024 bits devido a uma chave de tamanho menor que esse ser " +#~ "considerada insegura. Voc tambm no precisar de nada maior que 2048 " +#~ "porque isso somente deixaria o processo de autenticao mais lento e no " +#~ "seria necessrio no momento." + +#, fuzzy +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Este instalador pode criar automaticamente somente certificados X509 auto-" +#~ "assinados, devido a uma autoridade certificadora ser necessria para " +#~ "assinar a requisio de certificado. Caso voc queira criar um " +#~ "certificado auto-assinado, voc poder us-lo imediatamente para conexo " +#~ "com outros hosts IPSec que suportem certificados X509 para autenticao " +#~ "de conexes IPSec. Porm, caso voc queira usar os novos recursos PKI do " +#~ "Openswan verso 1.91 ou superior, voc precisar possuir todos seus " +#~ "certificados X509 assinados por uma nica autoridade certificadora para " +#~ "criar um caminho de confiana." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Voc realmente precisa informar um cdigo de pas vlido aqui devido ao " +#~ "openssl se recusar a gerar certificados sem um cdigo de pas vlido. Um " +#~ "campo em branco permitido para qualquer outro campo do certificado " +#~ "X.509, mas no para esse campo." + +#~ msgid "Example: AT" +#~ msgstr "Exemplo: BR" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Exemplo : Sao Paulo" + +#~ msgid "Example: Vienna" +#~ msgstr "Exemplo : Sao Paulo" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Por favor, informe a organizao (ou seja, a empresa) para a qual este " +#~ "certificado X509 dever ser criado. Esse nome ser inserido na requisio " +#~ "de certificado." + +#~ msgid "Example: Debian" +#~ msgstr "Exemplo : Debian" + +#~ msgid "Example: security group" +#~ msgstr "Exemplo : Grupo de Segurana" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Exemplo : gateway.debian.org" + +#, fuzzy +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "O Openswan suporta encriptao oportunstica (OE), a qual armazena " +#~ "informaes de autenticao IPSec (por exemplo, chaves pblicas RSA) em " +#~ "registros DNS (preferivelmente seguros). At que esse suporte esteja " +#~ "largamento sendo utilizado, ativ-lo ir causar uma signficante lentido " +#~ "para cada nova conexo de sada. Iniciando a partir da verso 2.0, o " +#~ "Openswan, da forma como distribudo pelos desenvolvedores oficiais, " +#~ "fornecido com o suporte a OE habilitado por padro e, portanto, " +#~ "provavelmente ir quebrar suas conexes existentes com a Internet (por " +#~ "exemplo, sua rota padro) to logo o pluto (o daemon de troca de chaves " +#~ "do Openswan) seja iniciado." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Por favor, informe se voc deseja habilitar o suporte a OE. Em caso de " +#~ "dvidas, no habilite esse suporte." + +#~ msgid "x509, plain" +#~ msgstr "x509, pura" + +#, fuzzy +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Qual tipo de par de chaves RSA voc deseja criar ?" + +#, fuzzy +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ " possvel criar um par de chaves RSA pblica/privada pura (plain) para " +#~ "uso com o Openswan ou para criar um arquivo de certificado X509 que ir " +#~ "conter a chave RSA pblica e adicionalmente armazenar a chave privada " +#~ "correspondente." + +#, fuzzy +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Caso voc queira somente construir conexes IPsec para hosts e tambm " +#~ "executar o Openswan, pode ser um pouco mais fcil usar pares de chaves " +#~ "RSA puros (plain). Mas caso voc queira se conectar a outras " +#~ "implementaes IPSec, voc precisar de um certificado X509. tambm " +#~ "possvel criar um certificado X509 aqui e extrair a chave pblica em " +#~ "formato puro (plain) caso o outro lado execute o Openswan sem suporte a " +#~ "certificados X509." + +#, fuzzy +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Um certificado X509 recomendado, uma vez que o mesmo mais flexvel e " +#~ "este instalador capaz de simplificar a complexa criao do certificado " +#~ "X509 e seu uso com o Openswan." + +#, fuzzy +#~ msgid "Please choose the when to start strongSwan:" +#~ msgstr "Voc deseja reiniciar o Openswan ?" + +#, fuzzy +#~ msgid "At which level do you wish to start strongSwan ?" +#~ msgstr "Em que nvel voc deseja iniciar o Openswan ?" + +#~ msgid "2048" +#~ msgstr "2048" --- strongswan-4.3.2.orig/debian/po/nl.po +++ strongswan-4.3.2/debian/po/nl.po @@ -0,0 +1,754 @@ +# translation of strongswan_2.7.3+dfsg-1_nl.po to Dutch +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Luk Claes , 2005 +# Kurt De Bree , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan_2.7.3+dfsg-1_nl\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2006-09-28 19:50+0200\n" +"Last-Translator: Kurt De Bree \n" +"Language-Team: Dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "Wanneer moet strongSwan herstarten:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"strongSwan herstarten is een goed idee omdat als er een " +"veiligheidsherstelling is, het pas echt hersteld zal zijn vanaf dat de " +"achtergronddienst is herstart. De meeste mensen verwachten dat de " +"achtergronddienst herstart, dus dit is meestal een goed idee. Hoewel, dit " +"kan bestaande verbindingen verbreken en ze dan opnieuw herstellen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "Wilt u een publiek/privaat RSA-sleutelpaar aanmaken voor deze host?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Indien u geen nieuw publiek/privaat sleutelpaar wenst aan te maken, kunt u " +"een bestaand sleutelpaar kiezen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Hebt u een bestaand X509-certificaatbestand dat u voor strongSwan wilt " +"gebruiken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Deze installatie kan de benodigde informatie automatisch extraheren van een " +"bestaand X509-certificaat met een bijhorende private RSA-sleutel. Beide " +"delen kunnen in één bestand zijn, als het in PEM-formaat is. Hebt u zo'n " +"bestaand certificaat en een sleutelbestand; en wilt u het voor de " +"authenticatie van IPSec-verbindingen gebruiken, antwoord dan met 'ja'" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Bestandsnaam van uw X509-certificaat in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Geef de volledige locatie van het bestand dat uw X509-certificaat in PEM-" +"formaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Bestandsnaam van uw private X509-sleutel in PEM-formaat:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Geef de volledige locatie van het bestand dat uw private RSA-sleutel bevat " +"die behoort bij uw X509-certificaat in PEM-formaat. Dit kan hetzelfde " +"bestand zijn als dat wat uw X509-certificaat bevat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Wilt u een door uzelf getekend X509-certificaat aanmaken?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to sign the certificate request with your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Als u geen door uzelf getekend certificaat wilt aanmaken, dan zal deze " +"installatie enkel de private RSA-sleutel en de certificaataanvraag aanmaken " +"en u zult de certificaataanvraag moeten laten tekenen door uw " +"certificaatautoriteit." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Landcode van de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Geef de 2-letterige landcode voor uw land. Deze code zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Staat of provincie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Geef de volledige naam van de staat of provincie waarin u woont. Deze naam " +"zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "Plaatsnaam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Geef de plaatsnaam (v.b. stad) waar u woont. Deze naam zal in de " +"certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Naam van de organisatie voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +"wordt aangemaakt. Deze naam zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisatie-eenheid voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Geef de organisatie-eenheid (v.b. dienst) waarvoor het X509-certificaat " +"wordt aangemaakt. Deze naam zal in de certificaataanvraag worden geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Naam voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Geef de naam (v.b. computernaam van deze machine) waarvoor het X509-" +"certificaat wordt aangemaakt. Deze naam zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-mailadres voor de X509-certificaataanvraag:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Geef het e-mailadres van de persoon of organisatie die verantwoordelijk is " +"voor het X509-certificaat. Dit adres zal in de certificaataanvraag worden " +"geplaatst." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "Wilt u opportunistische encryptie aanschakelen in strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"zo vroeg mogelijk\", \"na NFS\", \"na PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Er zijn drie mogelijkheden wanneer stronSwan kan starten: vóór of na de " +#~ "NFS-diensten en na de PCMCIA-diensten. Het juiste antwoord is afhankelijk " +#~ "van uw specifieke installatie." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Als u uw /usr-boom niet via NFS heeft aangekoppeld (u koppelt enkel " +#~ "andere, minder vitale bomen via NFS of u gebruikt NFS helemaal niet om " +#~ "bomen aan te koppelen) en u gebruikt geen PCMCIA-netwerkkaart, dan is het " +#~ "best om strongSwan zo vroeg mogelijk te starten, dus toe te staan van de " +#~ "NFS-aankoppelingen te beveiligen door IPSec. In dit geval (of als u deze " +#~ "zaak niet verstaat of het u niet uitmaakt), antwoord dan \"zo vroeg " +#~ "mogelijk\" op deze vraag (de standaard)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Als u uw /usr-boom via NFS heeft aangekoppeld en u gebruikt geen PCMCIA-" +#~ "netwerkkaart, dan zult u strongSwan moeten starten na NFS zodat alle " +#~ "nodige bestanden aanwezig zijn. In dit geval, antwoord \"na NFS\" op deze " +#~ "vraag. Merk op dat in dit geval de NFS-aankoppeling van /usr niet kan " +#~ "worden beveiligd door IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Als u een PCMCIA-netwerkkaart gebruikt voor uw IPSec-verbindingen, dan " +#~ "hebt u enkel de keuze om te starten na de PCMCIA-diensten. Antwoord in " +#~ "dit geval \"na PCMCIA\". Dit is ook het correcte antwoord als u sleutels " +#~ "wilt afhalen van een lokaal draaiende DNS-server met DNSSec-ondersteuning." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Wilt u strongSwan herstarten?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Deze installatie kan automatisch een publiek/privaat RSA-sleutelpaar " +#~ "aanmaken voor deze host. Dit sleutelpaar kan worden gebruikt om IPSec-" +#~ "verbinden naar andere hosts te authenticeren en is de aanbevolen manier " +#~ "om veilige IPSec-verbindingen op te zetten. De andere mogelijkheid zou " +#~ "zijn om gedeelde geheimen (wachtwoorden die aan beide kanten van de " +#~ "tunnel hetzelfde zijn) te gebruiken voor het authenticeren van een " +#~ "verbinding, maar voor een groter aantal verbindingen is RSA-authenticatie " +#~ "makkelijker te beheren en veiliger." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Lengte van de aangemaakte RSA-sleutel (in bits):" + +#, fuzzy +#~| msgid "" +#~| "Please enter the length of the created RSA key. it should not be less " +#~| "than 1024 bits because this should be considered unsecure and you will " +#~| "probably not need anything more than 2048 bits because it only slows the " +#~| "authentication process down and is not needed at the moment." +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Geef de lengte van de aangemaakte RSA-sleutel. Het mag niet minder dan " +#~ "1024 bits zijn omdat dit als onveilig wordt beschouwd en u zult " +#~ "waarschijnlijk niet meer dan 2048 bits nodig hebben omdat het enkel het " +#~ "authenticatieproces vertraagt en op dit moment niet nodig is." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Deze installatie kan enkel een door uzelf getekend X509-certificaat " +#~ "automatischaanmaken omdat anders een certificaatautoriteit nodig is om de " +#~ "certificaataanvraag te tekenen. Als u een door uzelf getekend certificaat " +#~ "wilt aanmaken, dan kunt u het onmiddellijk gebruiken om een verbinding te " +#~ "leggen met andere IPSec-hosts die X509-certificaten ondersteunen voor " +#~ "IPSec-verbindingen. Hoewel, als u de nieuwe PKI-mogelijkheden wilt " +#~ "gebruiken van strongSwan >= 1.91, dan zult u alle X509-certificaten " +#~ "moeten laten tekenen door één enkele certificaatautoriteit om een " +#~ "vertrouwenspad aan te maken." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "U moet hier wel een geldige landcode opgeven omdat openssl anders zal " +#~ "weigeren om een certificaat aan te maken. Er is voor elke veld van het " +#~ "X509-certificaat een leeg veld toegestaan, maar niet voor dit veld." + +#~ msgid "Example: AT" +#~ msgstr "Voorbeeld: BE" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Voorbeeld: Limburg" + +#~ msgid "Example: Vienna" +#~ msgstr "Voorbeeld: Genk" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Geef de organisatie (v.b. bedrijf) waarvoor het X509-certificaat wordt " +#~ "aangemaakt. Deze naam zal in de certicicaataanvraag worden geplaatst." + +#~ msgid "Example: Debian" +#~ msgstr "Voorbeeld: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Voorbeeld: dienst veiligheid" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Voorbeeld: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan heeft ondersteuning voor opportunistische encryptie (OE) die " +#~ "IPSec-authenticatie-informatie (v.b. publieke RSA-sleutels) bewaart in " +#~ "(liefst veilige) DNS-records. Totdat dit veelvuldig wordt toegepast zal " +#~ "dit activeren een significante vertraging veroorzaken voor elke nieuwe " +#~ "uitgaande verbinding. Omdat versie 2.0 van strongSwan standaard OE heeft " +#~ "aangeschakeld, wordt dus waarschijnlijk uw bestaande verbinding met het " +#~ "Internet (v.b. uw standaard route) verbroken vanaf dat pluto (de " +#~ "strongSwan-sleutelringachtergronddienst) wordt gestart." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Kiest of u OE-ondersteuning wilt aanschakelen. Indien onzeker, schakel " +#~ "het dan niet aan." + +#~ msgid "x509, plain" +#~ msgstr "x509, gewoon" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Aan te maken type RSA-sleutelpaar:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Het is mogelijk om een gewoon publiek/privaat RSA-sleutelpaar aan te " +#~ "maken om te gebruiken met strongSwan of om een X509-certificaatbestand " +#~ "aan te maken die de publieke RSA-sleutel bevat en de corresponderende " +#~ "private sleutel te bewaren." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Als u enkel IPSec-verbindingen wilt opzetten naar hosts die ook " +#~ "strongSwan draaien, dan is het misschien een beetje gemakkelijker om " +#~ "gewone RSA-sleutelparen te gebruiken. Maar als u verbindingen wilt leggen " +#~ "met andere IPSec-implementaties, dan zult u een X509-certificaat nodig " +#~ "hebben. Het is ook mogelijk om hier een X509-certificaat aan te maken en " +#~ "de publieke RSA-sleutel te extraheren in een gewoon formaat als de andere " +#~ "kant strongSwan draait zonder X509-certificaatondersteuning." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daarom wordt een X509-certificaat aanbevolen omdat het flexibeler is en " +#~ "deze installatie moet de complexe creatie van een X509-certificaat kunnen " +#~ "verbergen en het toch in strongSwan kunnen gebruiken." --- strongswan-4.3.2.orig/debian/po/cs.po +++ strongswan-4.3.2/debian/po/cs.po @@ -0,0 +1,685 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:47+0100\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "co nejdříve" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "po NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "po PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Kdy spustit strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"strongSwan se spouští při zavádění systému, takže může chránit automaticky " +"připojované souborové systémy." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * co nejdříve: pokud není /usr připojeno přes NFS a nepoužíváte\n" +" síťovou kartu PCMCIA, je lepší spustit strongSwan co nejdříve,\n" +" aby bylo NFS chráněno pomocí IPSec;\n" +" * po NFS: doporučeno, pokud je /usr připojeno přes NFS a pokud\n" +" nepoužíváte síťovou kartu PCMCIA;\n" +" * po PCMCIA: doporučeno pokud IPSec spojení používá síťovou kartu\n" +" PCMCIA, nebo pokud vyžaduje stažení klíčů z lokálně běžícího DNS\n" +" serveru s podporou DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Restartovat nyní strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Restartování strongSwan je dobrý nápad, protože v případě, že aktualizace " +"obsahuje bezpečnostní záplatu, nebude tato funkční, dokud se démon " +"nerestartuje. Nicméně je možné, že existující spojení budou ukončena a poté " +"znovu nahozena." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Pokud nerestartujete strongSwan nyní, měli byste to provést při nejbližší " +"příležitosti." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Spustit strongSwan daemon IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 1. verze protokolu Internet Key Exchange musí běžet daemon pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Spustit strongSwan daemon IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pro podporu 2. verze protokolu Internet Key Exchange musí běžet daemon " +"charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Vytvořit veřejný/soukromý pár RSA klíčů pro tento počítač?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"strongSwan může pro autentizaci IPSec spojení s jinými počítači používat " +"předsdílený klíč (PSK), nebo veřejný/soukromý pár RSA klíčů. RSA autentizace " +"se považuje za bezpečnější a jednodušší na správu. Autentizace PSK a RSA " +"můžete používat současně." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Jestliže si nepřejete vytvořit nový pár klíčů pro tento počítač, můžete si v " +"příštím kroku zvolit existující klíče." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Použít pro strongSwan existující certifikát X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Potřebné informace lze získat automaticky z existujícího certifikátu X.509 s " +"odpovídajícím soukromým RSA klíčem. Jedná-li se o formát PEM, mohou být obě " +"části v jednom souboru. Vlastníte-li takový certifikát a soubor s klíčem a " +"chcete-li je použít pro autentizaci IPSec spojení, odpovězte kladně." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Jméno souboru s certifikátem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Zadejte celou cestu k souboru obsahujícímu váš certifikát X.509 ve formátu " +"PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Jméno souboru se soukromým klíčem X.509 ve formátu PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Zadejte prosím absolutní cestu k souboru obsahujícímu soukromý RSA klíč ve " +"formátu PEM odpovídající vašemu certifikátu X.509. Může to být stejný soubor " +"jako ten, ve kterém se nachází certifikát X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Délka RSA klíče:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Zadejte prosím délku vytvářeného RSA klíče. Z důvodu bezpečnosti by neměla " +"být menší než 1024 bitů. Hodnota větší než 2048 bitů může ovlivnit výkon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Vytvořit certifikát X.509 podepsaný sám sebou?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Automaticky lze vytvořit pouze certifikát podepsaný sám sebou, protože jinak " +"je zapotřebí certifikační autorita, která by podepsala požadavek na " +"certifikát." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Odpovíte-li kladně, můžete nový certifikát ihned použít k připojení na další " +"počítače s IPSec, které podporují autentizaci pomocí certifikátu X.509. " +"Nicméně pro využití PKI možností ve strongSwanu je nutné, aby byly všechny " +"certifikáty v cestě důvěry podepsány stejnou autoritou." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Jestliže nechcete vytvořit certifikát podepsaný sebou samým, vytvoří se " +"pouze soukromý RSA klíč a požadavek na certifikát. Vy potom musíte podepsat " +"požadavek svou certifikační autoritou." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Kód země pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Zadejte dvoumístný ISO3166 kód své země. Tento kód bude umístěn do požadavku " +"na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Toto pole je povinné, bez něj není možné certifikát vytvořit." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Jméno státu nebo oblasti pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Zadejte celé jméno státu nebo oblasti, které se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Jméno lokality pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Zadejte jméno lokality (např. města), které se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Název organizace pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Zadejte název organizace (firmy), který se má použít v požadavku na " +"certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Název organizační jednotky pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Zadejte název organizační jednotky (např. oddělení), který se má použít v " +"požadavku na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Obvyklé jméno pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Zadejte běžné jméno (např. jméno počítače), které se má použít v požadavku " +"na certifikát." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Emailová adresa pro požadavek na certifikát X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Zadejte emailovou adresu osoby nebo organizace, která se má použít v " +"požadavku na certifikát." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Povolit oportunistické šifrování?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Tato verze strongSwan podporuje oportunistické šifrování (OE), které " +"uchovává autentizační informace IPSecu (např. veřejné RSA klíče) v DNS " +"záznamech. Dokud nebude tato schopnost více rozšířena, způsobí její aktivace " +"výrazné zpomalení každého nového odchozího spojení." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Oportunistické šifrování byste měli povolit pouze v případě, že ho opravdu " +"chcete. Při startu daemona pluto je možné, že se vaše probíhající spojení do " +"Internetu přeruší (přesněji přestane fungovat výchozí cesta)." + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "\"co nejdříve\", \"po NFS\", \"po PCMCIA\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Existují tři možnosti, kdy se dá strongSwan spouštět: před NFS službami, " +#~ "po NFS službách nebo po PCMCIA službách. Správná odpověď závisí na vašem " +#~ "konkrétním nastavení." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Jestliže nemáte svůj strom /usr připojen skrz NFS (buď přes NFS " +#~ "připojujete jiné, ne tak důležité stromy, nebo NFS vůbec nepoužíváte) a " +#~ "nepoužíváte síťovou kartu PCMCIA, je nejlepší spouštět strongSwan co " +#~ "nejdříve, čímž umožníte aby byly NFS svazky chráněny pomocí IPSec. V " +#~ "takovém případě (nebo pokud si nejste jisti, nebo pokud vám na tom " +#~ "nezáleží) na otázku odpovězte „co nejdříve“ (výchozí)." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Jestliže máte strom /usr připojen skrz NFS a nepoužíváte síťovou kartu " +#~ "PCMCIA, musíte spustit strongSwan po NFS, aby byly všechny potřebné " +#~ "soubory dostupné. V tomto případě na otázku odpovězte „po NFS“. Uvědomte " +#~ "si prosím, že v tomto případě nemůže být NFS svazek /usr chráněn pomocí " +#~ "IPSec." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Jestliže používáte PCMCIA síťovou kartu pro vaše IPSec připojení, pak je " +#~ "jedinou možností jej spustit po PCMCIA službách. V tom případě odpovězte " +#~ "„po PCMCIA“. Toto je také správná odpověď, pokud chcete získat klíče z " +#~ "lokálního DNS serveru s podporou DNSSec." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Přejete si restartovat strongSwan?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Přejete si podporu IKEv1?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). Přejete si při startu strongSwanu spustit daemona „pluto“ " +#~ "podporujícího IKEv1?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Přejete si podporu IKEv2?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan podporuje protokol Internet Key Exchange ve verzích 1 a 2 " +#~ "(IKEv1, IKEv2). Přejete si při startu strongSwanu spustit daemona " +#~ "„charon“ podporujícího IKEv2?" + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Tento instalátor může automaticky vytvořit veřejný/soukromý pár RSA klíčů " +#~ "pro tento počítač. Pár klíčů může být využit k autentizaci IPSec spojení " +#~ "na další počítače a je upřednostňovanou cestou pro sestavování bezpečných " +#~ "IPSec spojení. Další možností autentizace je využití sdílených tajemství " +#~ "(hesel, která jsou stejná na obou stranách tunelu), ale pro větší počet " +#~ "spojení je RSA autentizace snazší pro správu a mnohem bezpečnější." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Délka vytvořeného RSA klíče (v bitech):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Zadejte prosím délku vytvářeného RSA klíče. Kvůli bezpečnosti by neměla " +#~ "být menší než 1024 bitů a pravděpodobně nepotřebujete víc než 2048 bitů, " +#~ "protože to již zpomaluje proces autentizace." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Tento instalátor může automaticky vytvořit pouze certifikát X509 " +#~ "podepsaný sám sebou, jelikož v opačném případě je k podpisu certifikátu " +#~ "potřeba certifikační autorita. Tento certifikát můžete ihned použít k " +#~ "připojení na další počítače s IPSec, které podporují autentizaci pomocí " +#~ "certifikátu X509. Nicméně chcete-li využít nových PKI možností " +#~ "strongSwanu >= 1.91, budete k vytvoření důvěryhodných cest potřebovat " +#~ "všechny certifikáty X509 podepsané jedinou certifikační autoritou." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Je opravdu nutné, abyste vložili správný kód země, protože openssl jinak " +#~ "odmítne vygenerování certifikátu. Prázdné pole je dovoleno ve všech " +#~ "ostatních polích certifikátu X509 kromě tohoto." + +#~ msgid "Example: AT" +#~ msgstr "Příklad: CZ" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Příklad: Morava" + +#~ msgid "Example: Vienna" +#~ msgstr "Příklad: Olomouc" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Zadejte prosím organizaci pro kterou je certifikát vytvářen. Toto jméno " +#~ "bude umístěno do požadavku na certifikát." + +#~ msgid "Example: Debian" +#~ msgstr "Příklad: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Příklad: bezpečnostní oddělení" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Příklad: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan přichází s podporou pro oportunistické šifrování (OE), které " +#~ "uchovává autentizační informace IPSecu (např. veřejné RSA klíče) v " +#~ "(nejlépe zabezpečených) DNS záznamech. Dokud nebude tato schopnost více " +#~ "rozšířena, způsobí její aktivace výrazné zpomalení každého nového " +#~ "odchozího spojení. Od verze 2.0 přichází strongSwan s implicitně zapnutou " +#~ "podporou OE čímž pravděpodobně zruší vaše probíhající spojení do " +#~ "Internetu (tj. vaši výchozí cestu - default route) v okamžiku, kdy " +#~ "spustíte pluto (strongSwan keying démon)." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Prosím vyberte si zda chcete povolit podporu pro OE. Nejste-li si jisti, " +#~ "podporu nepovolujte." + +#~ msgid "x509, plain" +#~ msgstr "x509, prostý" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Typ páru RSA klíčů, který se vytvoří:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Je možné vytvořit prostý pár RSA klíčů pro použití se strongSwanem, nebo " +#~ "vytvořit soubor s certifikátem X509, který obsahuje veřejný RSA klíč a " +#~ "dodatečně uchovává odpovídající soukromý klíč." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Pokud chcete vytvořit IPSec spojení jen k počítačům, na kterých taktéž " +#~ "běží strongSwan, může být mnohem jednodušší použít pár prostých RSA " +#~ "klíčů. Pokud se ale chcete připojit k jiným implementacím IPSec, budete " +#~ "potřebovat certifikát X509. Také je možné zde vytvořit certifikát X509 a " +#~ "později, pokud druhá strana používá strongSwan bez podpory certifikátů " +#~ "X509, z něj získat veřejný RSA klíč v prostém formátu." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Certifikát X509 je proto doporučován zejména díky své flexibilitě. Tento " +#~ "instalátor by v měl být schopen skrýt komplexnost vytváření a používání " +#~ "certifikátu ve strongSwanu." --- strongswan-4.3.2.orig/debian/po/pt.po +++ strongswan-4.3.2/debian/po/pt.po @@ -0,0 +1,435 @@ +# translation of strongswan debconf to Portuguese +# Copyright (C) 2007 the strongswan's copyright holder +# This file is distributed under the same license as the strongswan package. +# +# Luísa Lourenço , 2007. +# Américo Monteiro , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-2\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:59+0100\n" +"Last-Translator: Américo Monteiro \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "mais cedo" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "após NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "após PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Quando se deve iniciar o strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"O strongSwan arranca durante o arranque do sistema para que possa proteger " +"os sistemas de ficheiros que são montados automaticamente." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * mais cedo: se o /usr não for montado através de NFS e você não usa uma\n" +" placa de rede PCMCIA, é melhor arrancar o strongSwan o mais cedo " +"possível,\n" +" para que as montagens NFS sejam seguras por IPSec;\n" +" * após NFS: recomendado quando o /usr é montado através de NFS e nenhuma\n" +" placa de rede PCMCIA é usada;\n" +" * após PCMCIA: recomendado se a ligação IPSec usa uma placa de rede PCMCIA\n" +" ou se necessita que sejam obtidas chaves a partir dum servidor DNS que\n" +" corre localmente com suporte a DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Reiniciar agora o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"É recomendado reiniciar o strongSwan, porque se existir uma correcção de " +"segurança, esta não será aplicada até que o daemon seja reiniciado. No " +"entanto isto poderá fechar ligações existentes e depois ligá-las de novo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Se você não reiniciar o strongSwan agora, deve fazê-lo manualmente na " +"primeira oportunidade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Iniciar o daemon IKEv1 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto precisa de estar a funcionar para suportar a versão 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Iniciar o daemon IKEv2 do strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon precisa de estar a funcionar para suportar a versão 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Criar um par de chaves pública/privada RSA para esta máquina?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"O strongSwan pode usar uma chave Pré-Partilhada (PSK) ou um par de chaves " +"RSA para autenticar ligações IPSec a outras máquinas. A autenticação RSA é " +"geralmente considerada mais segura e mais fácil de administrar. Você pode " +"usar autenticação PSK e RSA em simultâneo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Se não quiser criar um novo par de chaves pública/privada, pode escolher " +"usar um já existente no próximo passo." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Usar um certificado X.509 existente para o strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"A informação necessária pode ser extraída automaticamente de um certificado " +"X.509 existente com uma chave RSA privada coincidente. Ambas as partes podem " +"estar num ficheiro, se estiver no formato PEM. iDeve escolher esta opção se " +"tiver tal ficheiro de certificado e chave existente e quiser usá-lo para " +"autenticar ligações IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Nome de ficheiro do seu certificado X.509 em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém o seu " +"certificado X.509 em formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Nome do ficheiro da sua chave privada X.509 existente em formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Por favor insira a localização completa do ficheiro que contém a chave " +"privada RSA que coincide com o seu certificado X.509 em formato PEM. Este " +"pode ser o mesmo ficheiro do certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Comprimento da chave RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Por favor indique o comprimento da chave RSA que deseja gerar. Um valor " +"menor que 1024 bits não é considerado seguro. Um valor maior que 2048 bits " +"irá provavelmente afectar as performance." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Criar um certificado X.509 auto-assinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Apenas certificados X.509 auto-assinados podem ser gerados automaticamente, " +"porque de outro modo é necessário uma autoridade de certificados para " +"assinar o pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Se aceitar esta opção, o certificado criado pode ser usado imediatamente " +"para ligar a outros máquinas IPSec que suportam autenticação através de um " +"certificado X.509. No entanto, usar as funcionalidades PKI do strongSwan " +"necessita que um caminho de confiança seja criado ao ter todos os " +"certificados X.509 assinados por uma única autoridade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Se não aceitar esta opção, apenas será criada a chave RSA privada, " +"juntamente com um pedido de certificado o qual precisa de estar assinado por " +"uma autoridade de certificados." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Por favor insira o código de país ISO3166 de 2 letras que será usado no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Este campo é obrigatório: de outro modo não se pode gerar um certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Estado ou nome da província para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Por favor insira o nome completo do estado ou província a incluir no pedido " +"de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome da localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Por favor insira a localidade (geralmente uma cidade) que deverá ser usada " +"no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organização para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Por favor insira o nome da organização (geralmente uma companhia) que deverá " +"ser usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizativa para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Por favor insira o nome da unidade organizativa (geralmente um departamento) " +"que deverá ser usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nome comum para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Por favor insira o nome comum (tal como o nome desta máquina) que deverá ser " +"usado no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Endereço de email para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Por favor insira o endereço de email (da pessoa ou organização responsável) " +"que deverá ser usado no pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Activar encriptação oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versão do strongSwan suporta encriptação oportunista (OE), a qual " +"guarda informação de autenticação IPSec em registos DNS. Até que isto esteja " +"amplamente instalado, a sua activação irá causar um atraso significante em " +"cada nova ligação de saída." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Você deverá apenas activar a encriptação oportunista se tiver a certeza que " +"a quer. Pode quebrar a ligação à Internet (rota predefinida) assim que o " +"daemon pluto arrancar." --- strongswan-4.3.2.orig/debian/po/fi.po +++ strongswan-4.3.2/debian/po/fi.po @@ -0,0 +1,427 @@ +# Copyright (C) 2009 +# This file is distributed under the same license as the strongswan package. +# +# Esko Arajärvi , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:49+0100\n" +"Last-Translator: Esko Arajärvi \n" +"Language-Team: Finnish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "mahdollisimman aikaisin" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "NFS:n jälkeen" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "PCMCIA:n jälkeen" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Koska strongSwan käynnistetään:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan käynnistetään järjestelmän käynnistyessä, jotta se voi suojella " +"automaattisesti liitettäviä levyjärjestelmiä." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +"* mahdollisimman aikaisin: Jos hakemistoa /usr ei liitetä NFS:n avulla,\n" +" eikä käytössä ole PCMCIA-verkkokortteja, strongSwan kannattaa\n" +" käynnistää mahdollisimman aikaisin, jotta liitettävät NFS-järjestelmät\n" +" voidaan suojata IPSecillä.\n" +"* NFS:n jälkeen: suositeltava, kun käytössä ei ole PCMCIA-verkkokortteja\n" +" ja /usr liitetään NFS:n avulla.\n" +"* PCMCIA:n jälkeen: suositeltava, jos IPSec-yhteys käyttää\n" +" PCMCIA-verkkokorttia tai hakee avaimia paikalliselta DNS-palvelimelta\n" +" DNSSec-tuen avulla." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Käynnistetäänkö strongSwan uudelleen nyt?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"On suositeltavaa käynnistää strongSwan-taustaohjelma uudelleen, koska " +"mahdolliset tietoturvapäivitykset eivät tule käyttöön ennen tätä. Tämä " +"saattaa kuitenkin katkaista olemassa olevat yhteydet ja avata ne sitten " +"uudelleen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Jos et käynnistä strongSwania nyt uudelleen, tee se käsin mahdollisimman " +"pian." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv1-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 1 tuki vaatii, että pluto-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Käynnistetäänkö strongSwanin IKEv2-taustaohjelma?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Internet Key Exchange -protokollan version 2 tuki vaatii, että charon-" +"taustaohjelma on käynnissä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Luodaanko tälle koneelle julkisesta ja salaisesta avaimesta koostuva RSA-" +"avainpari?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan voi käyttää ennalta vaihdettua avainta (Pre-Shared Key, PSK) tai " +"RSA-avainparia varmentaessaan IPSec-yhteyksiä toisiin koneisiin. RSA-" +"varmennusta pidetään yleisesti turvallisempana ja helpommin ylläpidettävänä. " +"PSK- ja RSA-varmennuksia voidaan käyttää yhtä aikaa." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Jos et halua luoda uutta avainparia, voi valita olemassa olevan parin " +"seuraavassa vaiheessa." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Tulisiko strongSwanin käyttää olemassa olevaa X.509-varmennetiedostoa?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Vaadittavat tiedot voidaan automaattisesti erottaa olemassa olevasta X.509-" +"varmennetiedostosta täsmäävällä salaisella RSA-avaimella. Avaimen molemmat " +"osat voivat olla samassa tiedostossa, jos se on PEM-muodossa. Valitse tämä " +"vaihtoehto, jos tällaiset varmenne- ja avaintiedostot ovat olemassa ja " +"haluat käyttää niitä IPSec-yhteyksien varmentamiseen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "PEM-muodossa olevan X.509-varmennetiedoston nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Anna PEM-muodossa olevan, X.509-varmenteen sisältävän tiedoston täydellinen " +"polku." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "PEM-muotoisen, olemassa olevan, salaisen X.509-avaimen tiedostonimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Anna PEM-muodossa olevaan X.509-varmenteeseen täsmäävän salaisen RSA-avaimen " +"täydellinen polku. Tämä voi olla sama tiedosto kuin X.509-varmenteen " +"sisältävä." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA-avaimen pituus:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Anna luotavan RSA-avaimen pituus. 1024 bittiä lyhyempiä avaimia ei pidetä " +"turvallisina. 2048 bittiä pidemmät avaimet luultavasti heikentävät " +"suorituskykyä." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Luodaanko itseallekirjoitettu X.509-varmenne?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Vain itseallekirjoitettu X.509-varmenne voidaan luoda automaattisesti, koska " +"muussa tapauksessa tarvitaan ulkoinen varmentaja allekirjoittamaan " +"varmennepyyntö." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Jos valitset tämän vaihtoehdon, luotua varmennetta voidaan heti käyttää " +"yhteyksien ottamiseen toisiin IPSEc-koneisiin, jotka tukevat varmentamista " +"X.509-varmenteilla. StrongSwanin PKI-ominaisuuksien käyttö kuitenkin vaatii " +"varmennuspolun, jossa sama varmentaja on allekirjoittanut kaikki X.509-" +"varmenteet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Jos et valitse tätä vaihtoehtoa, luodaan vain salainen RSA-avain ja " +"varmennepyyntö, joka pitää lähettää ulkoisen varmentajan " +"allekirjoitettavaksi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön maakoodi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "Anna varmennepyynnössä käytettävä kaksikirjaiminen ISO-3166-maakoodi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Tämä kenttä on pakollinen. Ilman sitä varmennetta ei voida luoda." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön osavaltio, lääni tai maakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Anna varmennepyyntöön sisällytettävä osavaltion, läänin tai maakunnan koko " +"nimi." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön paikkakunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "Anna varmennepyynnössä käytettävä paikkakunnan nimi (usein kaupunki)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "Anna varmennepyynnössä käytettävä järjestön nimi (usein yritys)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön järjestön yksikkö:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "Valitse varmennepyynnössä käytettävä järjestön yksikkö (usein osasto)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön yleinen nimi:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Anna varmennepyynnössä käytettävä yleinen nimi (kuten tämän koneen " +"verkkonimi)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509-varmennepyynnön sähköpostiosoite:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Anna varmennepyynnössä käytettävä sähköpostiosoite (yksityinen ja järjestön)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Käytetäänkö opportunistista salausta?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwanin tämä versio tukee opportunistista salausta (opportunistic " +"encryption, OE), joka tallentaa IPSec-varmennustietoja DNS-tietueisiin. " +"Ennen kuin tämä käytäntö yleistyy laajalti, sen käyttö aiheuttaa merkittävän " +"viiveen jokaiseen uuteen ulospäin otettavaan yhteyteen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Valitse opportunistinen salaus vain, jos olet varma, että haluat sen " +"käyttöön. Se saattaa rikkoa Internet-yhteyden (oletusreitityksen), kun pluto-" +"taustaohjelma käynnistyy." --- strongswan-4.3.2.orig/debian/po/gl.po +++ strongswan-4.3.2/debian/po/gl.po @@ -0,0 +1,431 @@ +# Copyright (C) 2009 THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the strongswan package. +# +# marce villarino , 2009. +msgid "" +msgstr "" +"Project-Id-Version: templates_[kI6655]\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:50+0100\n" +"Last-Translator: marce villarino \n" +"Language-Team: Galician \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.2\n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "o primeiro" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "despois do NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "despois do PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Cando iniciar strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan iniciase durante o arrinque do sistema de maneira que poda " +"protexer sistemas de ficheiros que se monten automaticamente." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * o primeiro: se /usr non se monta mediante NFS e non se emprega unha\n" +" tarxeta PCMCIA, é mellor iniciar strongSwan tan axiña como se poda,\n" +" para que as montaxes NFS podan asegurarse mediante IPSec,\n" +" * despois do NFS: recoméndase cando /usr se monte mediante NFS e non\n" +" se empregue ningunha tarxeta PCMCIA,\n" +" * despois do PCMCIA: recoméndase se a conexión IPSec emprega unha tarxeta\n" +" de rede PCMCIA ou se fose preciso que as chaves se obteñan desde un\n" +" servidor DNS a executarse localmente con soporte para DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Desexa reiniciar strongSwan agora?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Recoméndase reiniciar strongSwan porque se houbese algunha actualización de " +"seguridade non se aplicará até que se reinicie o daemon. Porén, pode pechar " +"as conexións existentes e logo volver a recuperalas." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Se non reinicia agora strongSwan debería facelo manualmente en canto poda." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Desexa iniciar o daemon IKEv1 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon pluto debe estar en execución para soportar a versión 1 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Desexa iniciar o IKEv2 de strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"O daemon charon debe estar en execución para soportar a versión 2 do " +"protocolo Internet Key Exchange." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Desexa crear un par de chaves pública/privada RSA para este servidor?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan pode empregar unha chave precompartida (PSK) ou un par de chaves " +"RSA para autenticar as conexións IPSec con outros servidores. A " +"autenticación RSA xeralmente considérase máis segura e é máis fácil de " +"administrar. Pode empregar as autenticacións PSK e RSA á vez." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Se son quer crear un novo par de chaves pública/privada, no seguinte paso " +"pode escoller empregar unha xa existente." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Desexa empregar un certificado X.509 xa existente para strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"A información requirida pode extraerse automaticamente a partir dun " +"certificado X.509 xa existente coa chave privada RSA que corresponda. Ambas " +"as partes poden estar nun ficheiro se este está no formato PEM. Debe " +"escoller esta opción se ten tal certificado e chave e quere empregalo para " +"autenticar conexións IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Nome do ficheiro do certificado X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Indique a rota completa ao ficheiro que contén o certificado X.509 en " +"formato PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Nome do ficheiro coa chave privada X.509 en formato PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Indique a rota completa ao ficheiro que contén a chave privada RSA que se " +"corresponde do certificado X.509 en formato PEM. Este pode ser o mesmo " +"ficheiro que o do certificado X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Lonxitude da chave RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Indique a lonxitude da chave RSA que desexe xerar. Os valores menores de " +"1024 bits non se consideran seguros, mentres que os maiores de 2048 bits " +"posibelmente afecten ao rendemento." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Desexa crear un certificado X.509 autoasinado?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Só se poden crear automaticamente certificados X.509 autoasinados, porque " +"noutro caso é precisa unha autoridade de certificación para asinar o pedido " +"de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Se acepta esta opción o certificado que se cree pode empregarse " +"inmediatamente para conectarse con outros servidores IPSec que soporten a " +"autenticación mediante un certificado X.509. Porén, par empregar as " +"funcionalidades PKI de strongSwan requírese que se cree unha rota de " +"confianza asinando todos os certificados X.509 por unha única autoridade." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Se non acepta esta opción só se creará a chave privada RSA, xunto cun pedido " +"de certificado que precisará que lle asine unha autoridade de certificación." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Código de país para o pedido do certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Indique o código de país ISO3166 de dúas letras que se debe empregar no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Este campo é obrigatorio, caso contrario non se poderá xerar un certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Nome do estado ou provincia para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Indique o nome completo do estado ou provincia a incluír no pedido de " +"certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Nome de localidade para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Indique o nome da localidade (xeralmente unha cidade) que se debe empregar " +"no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Nome da organización para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Indique o nome da organización (xeralmente unha empresa) que se debe " +"empregar no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unidade organizacional para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Indique o nome da unidade organizacional (xeralmente un departamento) que " +"debe empregarse no pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nome común para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Indique o nome común (como o nome desta máquina) que se debe empregar no " +"pedido de certificado." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Enderezo de correo electrónico para o pedido de certificado X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Indique o enderezo de correo electrónico (do individuo ou do responsábel da " +"organización) que se debe empregar no pedido de certificado." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Desexa activar a cifraxe oportunista?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Esta versión de strongSwan soporta a cifraxe oportunista (OE) que garda a " +"información de autenticación de IPSec en rexistros de DNS. Até que estea " +"amplamente utilizado activalo provocará un retardo significativo en cada " +"nova conexión saínte." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Só debería activar a cifraxe oportunista se está certo de que a desexa. Pode " +"estragar a conexión a Internet (a rota por omisión) segundo se inicie o " +"daemon pluto." --- strongswan-4.3.2.orig/debian/po/de.po +++ strongswan-4.3.2/debian/po/de.po @@ -0,0 +1,759 @@ +# German translation of strongswan templates +# Helge Kreutzmann , 2007. +# This file is distributed under the same license as the strongswan package. +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.1.4-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2007-07-08 12:01+0200\n" +"Last-Translator: Helge Kreutzmann \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Wann soll strongSwan gestartet werden:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "Wann soll strongSwan gestartet werden:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Es ist eine gute Idee, strongSwan neuzustarten, da eine Sicherheitskorrektur " +"erst nach dem Neustart des Daemons greift. Die meisten Leute erwarten, dass " +"der Daemon neu startet, daher ist diese Wahl eine gute Idee. Er kann " +"allerdings existierende Verbindungen beenden und erneut aufbauen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "" +"Mchten Sie ein ffentlich/privates RSA-Schlsselpaar fr diesen Rechner " +"erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a new public/private keypair, you can choose " +#| "to use an existing one." +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Falls Sie kein neues ffentliches/privates Schlsselpaar erstellen wollen, " +"knnen Sie ein existierendes auswhlen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Verfgen Sie ber ein existierendes X509-Zertifikat fr strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X509 certificate with a matching RSA private key. Both parts can " +#| "be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Dieses Installationsprogramm kann automatisch die bentigten Informationen " +"aus einem existierenden X509-Zertifikat mit passendem privatem RSA-Schlssel " +"extrahieren. Beide Teile knnen in einer Datei sein, falls sie im PEM-Format " +"vorliegt. Falls Sie ber solch ein existierendes Zertifikat und eine solche " +"Schlsseldatei verfgen, und diese fr die Authentifizierung von IPSec-" +"Verbindungen verwenden mchten, stimmen Sie bitte zu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "File name of your X509 certificate in PEM format:" +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Dateiname Ihres X509-Zertifikates im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing your X509 " +#| "certificate in PEM format." +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die Ihr X509-Zertifikat im " +"PEM-Format enthlt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Dateiname Ihres privaten X509-Schlssels im PEM-Format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X509 certificate in PEM format. This can be the same file " +#| "that contains the X509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Bitte geben Sie den kompletten Ort der Datei an, die den privaten RSA-" +"Schlssel enthlt, der zu Ihrem X509-Zertifikat im PEM-Format passt. Dies " +"kann die gleiche Datei sein, die auch das X509-Zertifikat enthlt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "Mchten Sie ein selbst-signiertes X509-Zertifikat erstellen?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to get the certificate request signed by your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Falls Sie kein selbst-signiertes Zertifikat erstellen mchten, wird dieses " +"Installationsprogramm nur einen privaten RSA-Schlssel und die " +"Zertifikatsanfrage erstellen und Sie mssen die Zertifikatsanfrage von Ihrer " +"Zertifizierungsstelle signiert bekommen." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Country code for the X509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "Lndercode fr die X509-Zertifizierungsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Bitte geben Sie den zweibuchstabigen Lndercode fr Ihr Land ein. Dieser " +"Code wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "State or province name for the X509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "Name des Landes oder der Provinz fr diese X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Bitte geben Sie den kompletten Namen des Landes oder der Provinz ein, in der " +"Sie leben. Dieser Name wird in der Zertifikatsanfrage verwendet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Locality name for the X509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "rtlichkeitsangabe fr die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Bitte geben Sie die rtlichkeit (z.B. Stadt) ein, in der Sie leben. Dieser " +"Name wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organization name for the X509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsname fr die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Bitte geben Sie die Organisationseinheit (z.B. Bereich) ein, fr die das " +"X509-Zertifikat erstellt werden soll. Dieser Name wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "Organizational unit for the X509 certificate request:" +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationseinheit fr die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Bitte geben Sie die Organisationseinheit (z.B. Bereich) ein, fr die das " +"X509-Zertifikat erstellt werden soll. Dieser Name wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "Common name for the X509 certificate request:" +msgid "Common name for the X.509 certificate request:" +msgstr "Allgemeiner Name fr die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Bitte geben Sie den allgemeinen Namen (z.B. den Rechnernamen dieser " +"Maschine) ein, fr den das X509-Zertifikat erstellt werden soll. Dieser Name " +"wird in der Zertifikatsanfrage verwandt." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "Email address for the X509 certificate request:" +msgid "Email address for the X.509 certificate request:" +msgstr "E-Mail-Adresse fr die X509-Zertifikatsanfrage:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X509 certificate, This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Bitte geben Sie die E-Mail-Adresse der Person oder Organisation ein, die fr " +"das X509-Zertifikat verantwortlich ist. Diese Adresse wird in der " +"Zertifikatsanfrage verwandt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "Mchten Sie opportunistische Verschlsselung in strongSwan aktivieren?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "frhestmglich, nach NFS, nach PCMCIA" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "Es gibt drei Mglichkeiten, wann strongSwan starten kann: vor oder nach " +#~ "den NFS-Diensten und nach den PCMCIA-Diensten. Die richtige Antwort hngt " +#~ "von Ihrer spezifischen Einrichtung ab." + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum nicht ber NFS eingehngt haben (entweder weil " +#~ "Sie nur andere, weniger lebenswichtige Bume ber NFS einhngen, oder " +#~ "falls Sie NFS berhaupt nicht verwenden) und keine PCMCIA-Netzwerkkarte " +#~ "benutzen, ist es am besten, strongSwan so frh wie mglich zu starten und " +#~ "damit durch IPSec gesicherte NFS-Einhngungen zu erlauben. In diesem Fall " +#~ "(oder falls Sie dieses Problem nicht verstehen oder es Ihnen egal ist), " +#~ "antworten Sie frhestmglich (Standardwert) auf diese Frage." + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "Falls Sie Ihren /usr-Baum ber NFS eingehngt haben und keine PCMCIA-" +#~ "Netzwerkkarte benutzen, mssen Sie strongSwan nach NFS starten, so dass " +#~ "alle bentigten Dateien verfgbar sind. In diesem Fall antworten Sie " +#~ "nach NFS auf diese Frage. Bitte beachten Sie, dass NFS-Einhngungen von /" +#~ "usr in diesem Fall nicht ber IPSec gesichert werden knnen." + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "Falls Sie eine PCMCIA-Netzwerkkarte fr Ihre IPSec-Verbindungen benutzen, " +#~ "dann mssen Sie nur auswhlen, dass er nach den PCMCIA-Diensten startet. " +#~ "Antworten Sie in diesem Fall nach PCMCIA. Dies ist auch die richtige " +#~ "Antwort, falls Sie Schlssel von einem lokal laufenden DNS-Server mit " +#~ "DNSSec-Untersttzung abholen wollen." + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "Mchten Sie strongSwan neustarten?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "Mchten Sie IKEv1 untersttzen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan untersttzt beide Versionen des Internet Key Exchange-" +#~ "Protokolls (Schlsselaustausch ber Internet), IKEv1 und IKEv2. Mchten " +#~ "Sie den pluto-Daemon fr IKEv1-Untersttzung starten, wenn strongSwan " +#~ "gestartet wird." + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "Mchten Sie IKEv2 untersttzen?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan untersttzt beide Versionen des Internet Key Exchange-" +#~ "Protokolls (Schlsselaustausch ber Internet), IKEv1 und IKEv2. Mchten " +#~ "Sie den charon-Daemon fr IKEv2-Untersttzung starten, wenn strongSwan " +#~ "gestartet wird." + +#, fuzzy +#~| msgid "" +#~| "This installer can automatically create a RSA public/private keypair for " +#~| "this host. This keypair can be used to authenticate IPSec connections to " +#~| "other hosts and is the preferred way for building up secure IPSec " +#~| "connections. The other possibility would be to use shared secrets " +#~| "(passwords that are the same on both sides of the tunnel) for " +#~| "authenticating an connection, but for a larger number of connections RSA " +#~| "authentication is easier to administer and more secure." +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "Das Installationsprogramm kann automatisch ein ffentliches/privates RSA-" +#~ "Schlsselpaar fr diesen Rechner erstellen. Dieses Schlsselpaar kann zur " +#~ "Authentifizierung von IPSec-Verbindungen anderer Rechner verwendet werden " +#~ "und ist die bevorzugte Art, sichere IPSec-Verbindungen aufzubauen. Die " +#~ "andere Mglichkeit besteht darin, vorab-verteilte Geheimnisse " +#~ "(Passwrter, die auf beiden Seiten des Tunnels identisch sind) zur " +#~ "Authentifizierung einer Verbindung zu verwenden, aber fr eine grere " +#~ "Anzahl an Verbindungen ist die RSA-Authentifizierung einfacher zu " +#~ "administrieren und sicherer." + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "Die Lnge des erstellten RSA-Schlssels (in Bits):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "Bitte geben Sie die Lnge des erstellten RSA-Schlssels an. Er sollte " +#~ "nicht krzer als 1024 Bits sein, da dies als unsicher betrachtet werden " +#~ "knnte und Sie bentigen nicht mehr als 2048 Bits, da dies nur den " +#~ "Authentifizierungs-Prozess verlangsamt und derzeit nicht bentigt wird." + +#, fuzzy +#~| msgid "" +#~| "This installer can only create self-signed X509 certificates " +#~| "automatically, because otherwise a certificate authority is needed to " +#~| "sign the certificate request. If you want to create a self-signed " +#~| "certificate, you can use it immediately to connect to other IPSec hosts " +#~| "that support X509 certificate for authentication of IPSec connections. " +#~| "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~| "you will need to have all X509 certificates signed by a single " +#~| "certificate authority to create a trust path." +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "Das Installationsprogramm kann nur selbst-signierte X509-Zertifikate " +#~ "automatisch erstellen, da andernfalls eine Zertifizierungsstelle zur " +#~ "Signatur der Zertifikatsanfrage bentigt wird. Falls Sie ein selbst-" +#~ "signiertes Zertifikat erstellen mchten, knnen Sie es sofort zur " +#~ "Verbindung mit anderen IPSec-Rechnern verwenden, die X509-Zertifikate zur " +#~ "Authentifizierung von IPSec-Verbindungen verwenden. Falls Sie allerdings " +#~ "die neuen PKI-Funktionalitten von strongSwan >= 1.91 verwenden mchten, " +#~ "mssen alle X509-Zertifikate von einer einzigen Zertifizierungsstelle " +#~ "signiert sein, um einen vertrauensvollen Pfad zu etablieren." + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "Sie mssen wirklich einen gltigen Lndercode hier eingeben, da OpenSSL " +#~ "es ablehnen wird, Zertifikate ohne diese zu erstellen. Jedes andere Feld " +#~ "im X509-Zertifikat darf leer bleiben; dieses aber nicht." + +#~ msgid "Example: AT" +#~ msgstr "Beispiel: AT" + +#~ msgid "Example: Upper Austria" +#~ msgstr "Beispiel: Obersterreich" + +#~ msgid "Example: Vienna" +#~ msgstr "Beispiel: Wien" + +#, fuzzy +#~| msgid "" +#~| "Please enter the organization (e.g. company) that the X509 certificate " +#~| "should be created for. This name will be placed in the certificate " +#~| "request." +#~ msgid "" +#~ "Please enter the organization (e.g. company) that the X.509 certificate " +#~ "should be created for. This name will be placed in the certificate " +#~ "request." +#~ msgstr "" +#~ "Bitte geben Sie die Organisation (z.B. Firma) ein, fr die das X509-" +#~ "Zertifikat erstellt werden soll. Dieser Name wird in der " +#~ "Zertifikatsanfrage verwandt." + +#~ msgid "Example: Debian" +#~ msgstr "Beispiel: Debian" + +#~ msgid "Example: security group" +#~ msgstr "Beispiel: Sicherheitsgruppe" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "Beispiel: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan enthlt Untersttzung fr opportunistische Verschlsselung " +#~ "(OV), die Authentifizierungsinformationen von IPSec (z.B. ffentliche RSA-" +#~ "Schlssel) in DNS-Datenstzen speichert. Solange dies nicht weit " +#~ "verbreitet ist, wird jede neue ausgehende Verbindung signifikant " +#~ "verlangsamt, falls diese Option aktiviert ist. Seit Version 2.0 wird " +#~ "strongSwan von den Autoren mit aktiviertem OV ausgeliefert und wird daher " +#~ "wahrscheinlich Ihre existierenden Verbindungen ins Internet (d.h. Ihre " +#~ "Standard-Route) stren, sobald Pluto (der strongSwan Schlssel-Daemon) " +#~ "gestartet wird." + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "Bitte whlen Sie aus, ob Sie OV aktivieren mchten. Falls Sie unsicher " +#~ "sind, aktivieren Sie es nicht." + +#~ msgid "x509, plain" +#~ msgstr "x509, einfach" + +#~ msgid "The type of RSA keypair to create:" +#~ msgstr "Die Art des RSA-Schlsselpaars, das erstellt werden soll:" + +#~ msgid "" +#~ "It is possible to create a plain RSA public/private keypair for use with " +#~ "strongSwan or to create a X509 certificate file which contains the RSA " +#~ "public key and additionally stores the corresponding private key." +#~ msgstr "" +#~ "Es besteht die Mglichkeit, ein einfaches ffentliches/privates " +#~ "Schlsselpaar fr den Einsatz mit strongSwan oder eine X509-" +#~ "Zertifikatsdatei zu erstellen, die den ffentlichen Schlssel und " +#~ "zustzlich den zugehrigen privaten Schlssel enthlt." + +#~ msgid "" +#~ "If you only want to build up IPSec connections to hosts also running " +#~ "strongSwan, it might be a bit easier using plain RSA keypairs. But if you " +#~ "want to connect to other IPSec implementations, you will need a X509 " +#~ "certificate. It is also possible to create a X509 certificate here and " +#~ "extract the RSA public key in plain format if the other side runs " +#~ "strongSwan without X509 certificate support." +#~ msgstr "" +#~ "Falls Sie nur IPSec-Verbindungen zu Rechnern aufbauen wollen, auf denen " +#~ "auch strongSwan luft, knnte es etwas einfacher sein, einfache RSA-" +#~ "Schlsselpaare zu verwenden. Falls Sie aber mit anderen IPSec-" +#~ "Implementierungen Verbindungen aufnehmen wollen, bentigen Sie ein X509-" +#~ "Zertifikat. Es besteht auch die Mglichkeit, hier ein X509-Zertifikat zu " +#~ "erstellen und den ffentlichen RSA-Schlssel im einfachen Format zu " +#~ "extrahieren, falls die andere Seite strongSwan ohne X509-" +#~ "Zertifikatsuntersttzung betreibt." + +#~ msgid "" +#~ "Therefore a X509 certificate is recommended since it is more flexible and " +#~ "this installer should be able to hide the complex creation of the X509 " +#~ "certificate and its use in strongSwan anyway." +#~ msgstr "" +#~ "Daher wird ein X509-Zertifikat empfohlen, da es flexibler ist und dieses " +#~ "Installationsprogramm in der Lage sein sollte, die komplexe Erstellung " +#~ "des X509-Zertifikates und seinen Einsatz in strongSwan zu verstecken." --- strongswan-4.3.2.orig/debian/po/vi.po +++ strongswan-4.3.2/debian/po/vi.po @@ -0,0 +1,430 @@ +# Vietnamese translation for StrongSwan. +# Copyright © 2009 Free Software Foundation, Inc. +# +# Clytie Siddall , 2005-2009, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-20\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 15:01+0100\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: LocFactoryEditor 1.8\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "sớm nhất" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "sau NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "sau PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "StrongSwan nên khởi chạy khi nào :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan khởi chạy trong tiến trình khởi động hệ thống, để bảo vệ những hệ " +"thống tập tin được tự động gắn kết." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" • sớm nhất\tNếu /usr không phải được gắn kết thông qua NFS,\n" +"\t\t\tvà máy này không dùng bo mạch mạng PCMCIA,\n" +"\t\t\tthì strongSwan nên khởi chạy sớm nhất có thể,\n" +"\t\t\tđể IPSec bảo mật những điểm lắp NFS.\n" +" • sau NFS\tNếu /usr có phải được gắn kết thông qua NFS,\n" +"\t\t\tvà máy này không dùng bo mạch mạng PCMCIA.\n" +" • sau PCMCIA\t\tNếu kết nối IPSec dùng bo mạch mạng PCMCIA,\n" +"\t\t\t\thoặc nếu nó cần lấy khoá từ một trình phục vụ DNS\n" +"\t\t\t\tchạy cục bộ có hỗ trợ DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Khởi chạy lại strongSwan ngay bây giờ ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Khuyên khởi chạy lại strongSwan, vì phần mềm giải quyết vấn đề bảo mật (nếu " +"có) chỉ được hiệu lực khi trình nền khởi chạy lại. Ghi chú : hành vi khởi " +"chạy lại cũng có thể đóng và mở lại kết nối đã có." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Không khởi chạy lại strongSwan ngay bây giờ thì quản trị nên tự làm sớm nhất " +"có thể." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Khởi chạy trình nền IKEv1 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Đồng thời cũng cần phải chạy trình nền pluto, để hỗ trợ phiên bản 1 của giao " +"thức Trao Đổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Khởi chạy trình nền IKEv2 của strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Đồng thời cũng cần phải chạy trình nền charon, để hỗ trợ phiên bản 2 của " +"giao thức Trao Đổi Khoá Internet (IKE)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Tạo một cặp khoá công/riêng RSA cho máy này ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan có khả năng sử dụng một khoá chia sẻ sẵn (PSK) hay một cặp khoá " +"RSA, để xác thức kết nối IPSec tới máy khác. Quá trình xác thức RSA thường " +"được xem là bảo mật hơn, cũng dễ hơn quản trị. Có thể dùng đồng thời hai quá " +"trình xác thực PSK và RSA." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Không muốn tạo một cặp khóa công/riêng mới thì bước kế tiếp cho bạn sử dụng " +"một khoá đã có." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Với strongSwan, dùng một chứng nhận X.509 đã có ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Thông tin yêu cầu có thể được tự động trích ra một chứng nhận X.509 đã tồn " +"tại mà có một cặp khoá RSA riêng tương ứng. Cả hai phần có thể nằm trong " +"cùng một tập tin theo định dạng PEM. Nếu bạn có tập tin như vậy chứa chứng " +"nhận và khoá, và muốn dùng nó để xác thực kết nối IPSec, thì có nên bật tuỳ " +"chọn này." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Tên tập tin chứng nhận X.509 có dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Hãy nhập đường dẫn đầy đủ đến tập tin chứa chứng nhận X.509 của bạn, theo " +"định dạng PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Tên tập tin khoá riêng X.509 có dạng PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Hãy nhập đường dẫn đầy đủ đến tập tin chứa khoá RSA riêng tương ứng với " +"chứng nhận X.509 của bạn, theo định dạng PEM. (Đây có thể là cùng một tập " +"tin với nó chứa chứng nhận X.509.)" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Độ dài khoá RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Hãy nhập chiều dài của khoá RSA bạn muốn tạo. Giá trị này nên nằm giữa 1024 " +"và 2048 bit. Giá trị nhỏ hơn 1024 không phải được xem là bảo mật. Giá trị " +"lớn hơn 2048 sẽ rất có thể giảm tốc độ chạy máy tính." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Tạo một chứng nhận X.509 tự ký ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Chỉ chứng nhận X.509 tự ký có thể được tự động tạo, vì chứng nhận loại khác " +"yêu cầu chữ ký của một nhà cầm quyền cấp chứng nhận (CA)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Bật tùy chọn này thì chứng nhận đã tạo có thể được sử dụng ngay lập tức để " +"kết nối tới máy IPSec khác mà hỗ trợ xác thực thông qua một chứng nhận " +"X.509. Tuy nhiên, để sử dụng tính năng PKI của strongSwan cũng cần phải tạo " +"một đường dẫn tin cậy (tất cả các chứng nhận X.509 được ký bởi cùng một nhà " +"cầm quyền)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Không bật tuỳ chọn này thì chỉ khoá riêng RSA sẽ được tạo, cùng với một lời " +"yêu cầu chứng nhận cho bạn xin chữ ký của một nhà cầm quyền cấp chứng nhận " +"(CA)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Mã quốc gia cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Hãy nhập mã quốc gia hai chữ ISO-3166 (v.d. « vn ») của chỗ bạn, cho lời yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Không điền vào trường này thì không thể tạo chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Tên của bảng hay tỉnh cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Hãy nhập tên đầy đủ của bang hay tỉnh nơi bạn ở, để bao gồm trong lời yêu " +"cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Tên vùng cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Hãy nhập tên vùng (v.d. thành phố) nên dùng trong lời yêu cầu chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Tên tổ chức cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Hãy nhập tên tổ chức (v.d. công ty, trường học) nên dùng trong yêu cầu chứng " +"nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Tên đơn vị tổ chức cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Hãy nhập đơn vị tổ chức (v.d. phòng ban, khoa) nên dùng trong yêu cầu chứng " +"nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Tên chung cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Hãy nhập tên chung (v.d. tên máy của máy tính này) nên dùng trong yêu cầu " +"chứng nhận." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Địa chỉ thư cho lời yêu cầu chứng nhận X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Hãy nhập địa chỉ thư điện tử (của người hay tổ chức chịu trách nhiệm về yêu " +"cầu này) nên dùng trong yêu cầu chứng nhận." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Bật mật mã cơ hội chủ nghĩa ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Phiên bản strongSwan này hỗ trợ mật mã cơ hội chủ nghĩa (OE) mà cất giữ " +"thông tin xác thực IPSec trong mục ghi DNS. Chức năng này chưa phổ biến thì " +"vẫn còn làm trễ mỗi kết nối mới gửi đi." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Chưa chắc thì không nên hiệu lực chức năng mật mã cơ hội chủ nghĩa. Nó cũng " +"có thể đóng kết nối Internet (đường dẫn mặc định) do trình nền pluto khởi " +"chạy." --- strongswan-4.3.2.orig/debian/po/ja.po +++ strongswan-4.3.2/debian/po/ja.po @@ -0,0 +1,650 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-1\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-04-23 06:52+0900\n" +"Last-Translator: Hideki Yamane (Debian-JP) \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "strongSwan の起動タイミング:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "When to start strongSwan:" +msgid "Restart strongSwan now?" +msgstr "strongSwan の起動タイミング:" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "Restarting strongSwan is a good idea, since if there is a security fix, " +#| "it will not be fixed until the daemon restarts. Most people expect the " +#| "daemon to restart, so this is generally a good idea. However this might " +#| "take down existing connections and then bring them back up." +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"セキュリティ修正があった場合にはデーモンが再起動されるまで修正が反映されませ" +"ん。ですので、strongSwan を再起動するのは良い考えです。ほとんどの人はデーモン" +"を再起動しようとしますが、これは大抵問題ありません。しかし、この作業で現在の" +"接続は切断され、再度繋ぎなおすことになります。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +#, fuzzy +#| msgid "Do you want to create a RSA public/private keypair for this host?" +msgid "Create an RSA public/private keypair for this host?" +msgstr "このホストの RSA 公開鍵・秘密鍵のキーペアを生成しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"新たな公開鍵・秘密鍵のキーペアを生成したくない場合は、次の段階で既存のキーペ" +"アの利用を選択することも可能です。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "Do you have an existing X.509 certificate file for strongSwan?" +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "既に存在している X.509 証明書ファイルを strongSwan で利用しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +#, fuzzy +#| msgid "" +#| "This installer can automatically extract the needed information from an " +#| "existing X.509 certificate with a matching RSA private key. Both parts " +#| "can be in one file, if it is in PEM format. If you have such an existing " +#| "certificate and key file and want to use it for authenticating IPSec " +#| "connections, then please answer yes." +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"このインストーラは既に存在している X.509 証明書から RSA 秘密鍵と照らし合わせ" +"て必要な情報を自動的に展開する事が可能です。 PEM 形式の場合、双方を一つのファ" +"イルにまとめることも可能です。そのような証明書と鍵のファイルがあり、これらを " +"IPSec 通信での認証に使用したい場合は「はい」と答えてください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "PEM 形式の X.509 証明書のファイル名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"PEM 形式の X.509 証明書を含むファイルの場所を絶対パスで入力してください。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "File name of your X.509 private key in PEM format:" +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "PEM 形式の X.509 秘密鍵のファイル名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +#, fuzzy +#| msgid "" +#| "Please enter the full location of the file containing the private RSA key " +#| "matching your X.509 certificate in PEM format. This can be the same file " +#| "that contains the X.509 certificate." +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"PEM 形式の X.509 証明書に対応する RSA 秘密鍵を含んでいるファイルの場所を絶対" +"パスで入力してください。これは X.509 証明書を含んでいるファイルと同じで構いま" +"せん。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "Do you want to create a self-signed X.509 certificate?" +msgid "Create a self-signed X.509 certificate?" +msgstr "自己署名 X.509 証明書を生成しますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +#, fuzzy +#| msgid "" +#| "If you do not want to create a self-signed certificate, then this " +#| "installer will only create the RSA private key and the certificate " +#| "request and you will have to get the certificate request signed by your " +#| "certificate authority." +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"自己署名証明書を生成したくないという場合は、このインストーラでは RSA 秘密鍵と" +"証明書要求のみを生成します。そのため、認証局に証明書要求へ署名をしてもらう必" +"要があります。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する国コード:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the 2 letter country code for your country. This code will " +#| "be placed in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"あなたの国の国コードを2文字で入力してください。このコードは証明書要求に記載さ" +"れます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する都道府県名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the full name of the state or province you live in. This " +#| "name will be placed in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"あなたが在住している都道府県を入力してください。これは証明書要求に記載されま" +"す。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する地域名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the locality (e.g. city) where you live. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"あなたの在住している地域の名前 (例: 市町村名) を入力してください。これは証明" +"書要求に記載されます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する組織名:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organization (e.g. company) that the X.509 certificate " +#| "should be created for. This name will be placed in the certificate " +#| "request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"X.509 証明書の生成対象となるべき組織 (例: 会社) を入力してください。これは証" +"明書要求に記載されます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載する組織単位:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit (e.g. section) that the X.509 " +#| "certificate should be created for. This name will be placed in the " +#| "certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"X.509 証明書の生成対象となるべき組織単位 (例: 部署名) を入力してください。こ" +"れは証明書要求に記載されます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載するコモンネーム:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +#, fuzzy +#| msgid "" +#| "Please enter the common name (e.g. the host name of this machine) for " +#| "which the X.509 certificate should be created for. This name will be " +#| "placed in the certificate request." +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"X.509 証明書の生成対象となるべきコモンネーム (例: このマシンのホスト名) を入" +"力してください。これは証明書要求に記載されます。" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 証明書要求に記載するメールアドレス:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +#, fuzzy +#| msgid "" +#| "Please enter the email address of the person or organization who is " +#| "responsible for the X.509 certificate. This address will be placed in the " +#| "certificate request." +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"X.509 証明書の責任者となる人物・団体のメールアドレスを入力してください。この" +"アドレスは証明書要求に記載されます。" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +#, fuzzy +#| msgid "Do you wish to enable opportunistic encryption in strongSwan?" +msgid "Enable opportunistic encryption?" +msgstr "strongSwan で opportunistic encryption を有効にしますか?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" + +#~ msgid "earliest, \"after NFS\", \"after PCMCIA\"" +#~ msgstr "可能な限り早く, \"NFS 起動後\", \"PCMCIA 起動後\"" + +#~ msgid "" +#~ "There are three possibilities when strongSwan can start: before or after " +#~ "the NFS services and after the PCMCIA services. The correct answer " +#~ "depends on your specific setup." +#~ msgstr "" +#~ "strongSwan を起動させるタイミングの選択肢としては3つが考えられます: NFS " +#~ "サービスの開始前・開始後・PCMCIA サービスの開始後、です。正解はあなたの設" +#~ "定次第です。" + +#~ msgid "" +#~ "If you do not have your /usr tree mounted via NFS (either you only mount " +#~ "other, less vital trees via NFS or don't use NFS mounted trees at all) " +#~ "and don't use a PCMCIA network card, then it's best to start strongSwan " +#~ "at the earliest possible time, thus allowing the NFS mounts to be secured " +#~ "by IPSec. In this case (or if you don't understand or care about this " +#~ "issue), answer \"earliest\" to this question (the default)." +#~ msgstr "" +#~ "NFS 経由で /usr をマウントせず (他のパーティションやあまり重要ではないパー" +#~ "ティションを NFS 経由でマウントするか、または NFS マウントを全く使わな" +#~ "い)、加えて PCMCIA ネットワークカードを利用していない場合、可能な限り早い" +#~ "タイミングで strongSwan を起動するのがベストです。この設定によって、NFS で" +#~ "のマウントは IPSec で保護されます。この場合 (またはこの問題を理解していな" +#~ "いか特に気にしない場合) 、\"可能な限り早く\"と質問に答えてください (標準設" +#~ "定です) 。" + +#~ msgid "" +#~ "If you have your /usr tree mounted via NFS and don't use a PCMCIA network " +#~ "card, then you will need to start strongSwan after NFS so that all " +#~ "necessary files are available. In this case, answer \"after NFS\" to this " +#~ "question. Please note that the NFS mount of /usr can not be secured by " +#~ "IPSec in this case." +#~ msgstr "" +#~ "NFS 経由で /usr をマウントしていて PCMCIA ネットワークカードを使用していな" +#~ "い場合は、必要なファイルを利用可能にするために strongSwan を NFS の後で起" +#~ "動しなければなりません。この場合、\"NFS 起動後\" と答えてください。この時" +#~ "に NFS 経由でマウントされる /usr は、IPSec によるセキュアな状態にはならな" +#~ "いということに注意してください。" + +#~ msgid "" +#~ "If you use a PCMCIA network card for your IPSec connections, then you " +#~ "only have to choose to start it after the PCMCIA services. Answer \"after " +#~ "PCMCIA\" in this case. This is also the correct answer if you want to " +#~ "fetch keys from a locally running DNS server with DNSSec support." +#~ msgstr "" +#~ "IPSec 接続に PCMCIA ネットワークカードを利用していた場合、PCMCIA サービス" +#~ "の起動後に strongSwan を起動する以外に選択はありません。この場合、" +#~ "\"PCMCIA 起動後\" と答えてください。ローカルで動作している DNSSec 機能を使" +#~ "用している DNS サーバから鍵を取得したい場合でも、この答えをしてください。" + +#~ msgid "Do you wish to restart strongSwan?" +#~ msgstr "strongSwan を再起動しますか?" + +#~ msgid "Do you wish to support IKEv1?" +#~ msgstr "IKEv1 をサポートしますか?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"pluto\" daemon for IKEv1 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan は IKEv1 と IKEv2 の両方のインターネット鍵交換プロトコルをサ" +#~ "ポートしています。strongSwan が起動する際、IKEv1 サポートのため \"pluto\" " +#~ "デーモンを起動しますか?" + +#~ msgid "Do you wish to support IKEv2?" +#~ msgstr "IKEv2 をサポートしますか?" + +#~ msgid "" +#~ "strongSwan supports both versions of the Internet Key Exchange protocol, " +#~ "IKEv1 and IKEv2. Do you want to start the \"charon\" daemon for IKEv2 " +#~ "support when strongSwan is started?" +#~ msgstr "" +#~ "strongSwan は IKEv1 と IKEv2 の両方のインターネット鍵交換プロトコルをサ" +#~ "ポートしています。strongSwan が起動する際、IKEv2 サポートのため \"pluto\" " +#~ "デーモンを起動しますか?" + +#~ msgid "" +#~ "This installer can automatically create a RSA public/private keypair with " +#~ "an X.509 certificate for this host. This can be used to authenticate " +#~ "IPSec connections to other hosts and is the preferred way for building " +#~ "up secure IPSec connections. The other possibility would be to use pre-" +#~ "shared secrets (PSKs, passwords that are the same on both sides of the " +#~ "tunnel) for authenticating an connection, but for a larger number of " +#~ "connections RSA authentication is easier to administer and more secure. " +#~ "Note that having a keypair allows to use both X.509 and PSK " +#~ "authentication for IPsec tunnels." +#~ msgstr "" +#~ "このインストーラはこのホストの X.509 認証用の RSA 公開鍵・秘密鍵のキーペア" +#~ "を自動的に生成できます。このキーペアは他のホストとの IPSec 通信での認証に" +#~ "利用可能で、セキュアな IPSec 通信を確立する方法として好まれています。他に" +#~ "利用可能な方法としては事前に設定してある共通鍵 (PSK、トンネルの双方で同じ" +#~ "パスワードをを利用する) を通信の認証に利用するというのがありますが、多数の" +#~ "接続に対しては、RSA 認証のほうが管理がより簡単でよりセキュアです。キーペア" +#~ "を利用することは、X.509 認証と PSK 認証の双方を IPsec トンネルに許可するこ" +#~ "とに注意してください。" + +#~ msgid "The length of the created RSA key (in bits):" +#~ msgstr "RSA 鍵の鍵長(ビット数):" + +#~ msgid "" +#~ "Please enter the length of the created RSA key. It should not be less " +#~ "than 1024 bits because this should be considered unsecure and you will " +#~ "probably not need anything more than 2048 bits because it only slows the " +#~ "authentication process down and is not needed at the moment." +#~ msgstr "" +#~ "生成する RSA 鍵の長さを入力してください。安全のため、1024 ビット未満にすべ" +#~ "きではありません。2048 ビットより大きなものにする必要もないでしょう。認証" +#~ "プロセスが遅くなりますし、現時点ではおそらく必要ありません。" + +#~ msgid "" +#~ "This installer can only create self-signed X.509 certificates " +#~ "automatically, because otherwise a certificate authority is needed to " +#~ "sign the certificate request. If you want to create a self-signed " +#~ "certificate, you can use it immediately to connect to other IPSec hosts " +#~ "that support X.509 certificate for authentication of IPSec connections. " +#~ "However, if you want to use the new PKI features of strongSwan >= 1.91, " +#~ "you will need to have all X.509 certificates signed by a single " +#~ "certificate authority to create a trust path." +#~ msgstr "" +#~ "証明書要求に署名するためには認証局が必要となるので、このインストーラでは自" +#~ "己署名 X.509 証明書を自動的に生成する事だけが可能です。自己署名証明書を生" +#~ "成したい場合、これを使用してすぐに X.509 証明書をサポートしている他の " +#~ "IPSec ホストに接続可能です。しかし、strongSwan バージョン 1.91 以上での新" +#~ "しい PKI 機能を使いたい場合は、trust path を生成するために単一の認証局に" +#~ "よってすべての X.509 証明書に署名してもらう必要があります。" + +#~ msgid "" +#~ "You really need to enter a valid country code here, because openssl will " +#~ "refuse to generate certificates without one. An empty field is allowed " +#~ "for any other field of the X.509 certificate, but not for this one." +#~ msgstr "" +#~ "openssl が国コードなしでは証明書の生成を拒否するので、正しい国コードをここ" +#~ "で入力する必要があります。X.509 証明書では、他のフィールドについては空でも" +#~ "構いませんが、これについては許可されていません。" + +#~ msgid "Example: AT" +#~ msgstr "例: JP" + +#~ msgid "Example: Upper Austria" +#~ msgstr "例: Tokyo" + +#~ msgid "Example: Vienna" +#~ msgstr "例: Shinjuku-ku" + +#~ msgid "Example: Debian" +#~ msgstr "例: Debian" + +#~ msgid "Example: security group" +#~ msgstr "例: security group" + +#~ msgid "Example: gateway.debian.org" +#~ msgstr "例: gateway.debian.org" + +#~ msgid "" +#~ "strongSwan comes with support for opportunistic encryption (OE), which " +#~ "stores IPSec authentication information (i.e. RSA public keys) in " +#~ "(preferably secure) DNS records. Until this is widely deployed, " +#~ "activating it will cause a significant slow-down for every new, outgoing " +#~ "connection. Since version 2.0, strongSwan upstream comes with OE enabled " +#~ "by default and is thus likely to break your existing connection to the " +#~ "Internet (i.e. your default route) as soon as pluto (the strongSwan " +#~ "keying daemon) is started." +#~ msgstr "" +#~ "strongSwan は、IPSec 認証情報 (例: RSA 公開鍵) を (願わくはセキュアな) " +#~ "DNS レコード内に保存する opportunistic encryption (OE) をサポートしていま" +#~ "す。これは広く利用されるようになるまで、有効にすると外部への新規接続は全て" +#~ "格段に遅くなります。バージョン 2.0 より strongSwan の開発元はデフォルトで " +#~ "OE を有効にしています。そのため pluto (strongSwan 鍵署名デーモン) が開始す" +#~ "るとすぐ、既存のインターネット接続 (つまりデフォルトルート) が中断されるか" +#~ "もしれません。" + +#~ msgid "" +#~ "Please choose whether you want to enable support for OE. If unsure, do " +#~ "not enable it." +#~ msgstr "" +#~ "OE のサポートを有効にするかどうかを選んでください。よくわからない場合は、" +#~ "有効にはしないでください。" --- strongswan-4.3.2.orig/debian/po/nb.po +++ strongswan-4.3.2/debian/po/nb.po @@ -0,0 +1,425 @@ +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Bjørn Steensrud , 2009. +msgid "" +msgstr "" +"Project-Id-Version: nb\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:59+0100\n" +"Last-Translator: Bjørn Steensrud \n" +"Language-Team: Norwegian Bokmål \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "tidligst" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "etter NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "etter PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Når strongSwan skal startes:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan starter under systemoppstart, slik at det kan beskytte " +"filsystemer som monteres automatisk." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * tidligst: hvis /usr ikke monteres via NFS og du ikke bruker et\n" +" PCMCIA nettverkskort, så er det best å starte strongSwan\n" +" snarest mulig, slik at NFS-montering kan sikres med IPSec;\n" +" * etter NFS: anbefales når /usr monteres via NFS og det ikke\n" +" brukes noe PCMCIA nettverkskort.\n" +" * etter PCMCIA: anbefales hvis IPSec-tilkoblingen bruker et PCMCIA\n" +" nettverkskort eller om den trenger å hente nøkler fra en lokal\n" +" DNS-tjener med DNSSec-støtte. " + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Start strongSwan på nytt nå" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Det anbefales å starte strongSwan på nytt nå, for om det var en " +"sikkerhetsrettelse, så får den ikke effekt før daemonen startes på nytt. " +"Imidlertid kan dette lukke eksisterende forbindelser og deretter koble dem " +"opp igjen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Hvis du ikke gjør en omstart på strongSwan nå, så bør du gjøre det manuelt " +"ved første anledning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Skal strongSwans IKEv1-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-daemonen må kjøre for å kunne støtte versjon 1 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Skal strongSwans IKEv2-daemon startes?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-daemonen må kjøre for å kunne støtte versjon 2 av Internet Key " +"Exchange-protokollen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Skal det lages et offentlig/privat RSA-nøkkelpar for denne verten?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan kan bruke en delt nøkkel (PSK) eller et RSA-nøkkelpar for å " +"autentisere IPSec-forbindelser til andre verter. RSA-autentisering betraktes " +"for det meste som sikrere og lettere å administrere. Du kan bruke PSK og RSA-" +"autentisering samtidig." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Hvis du ikke vil lage et nytt offentlig/privat nøkkelpar, så kan du velge å " +"bruke et eksisterende nøkkelpar i neste steg." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Skal et eksisterende X.509-sertifikat brukes for strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Den informasjonen som trengs kan hentes automatisk fra et eksisterende X.509-" +"sertifikat med tilhørende privat RSA-nøkkel. Begge deler kan være i én fil, " +"hvis den er i PEM-format. Du bør velge dette hvis du har et slikt sertifikat " +"og vil bruke det til å autentisere IPSec-forbindelser." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Filnavn for ditt X.509-sertifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Oppgi full sti til fila som inneholder ditt X.509-sertifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Filnavn for din eksisterende private X.509-nøkkel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Oppgi full sti til fila som inneholder den private nøkkelen som tilsvarer " +"ditt X.509-sertifikat i PEM-format. Dette kan være den samme fila som X.509-" +"sertifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA nøkkellengde:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Oppgi lengde for RSA-nøkkelen du vil opprette. Kortere nøkler enn 1024 bit " +"betraktes ikke som sikre. En nøkkellengde på mer enn 2048 bit vil antakelig " +"gå ut over ytelsen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Skal det lages et selvsignert X.509-sertifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Bare selvsignerte X.509-sertifikater kan lages automatisk, for ellers må en " +"sertifikatutsteder signere sertifikatsøknaden." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Hvis du godtar dette, så kan det sertifikatet som lages bli brukt straks til " +"å kople til andre IPSec-verter som støtter autentisering via et X.509-" +"sertifikat. Men om strongSwans PKI-del skal brukes, må det lages en " +"tillitskjede ved at alle X.509-sertifikatene signeres av en enkelt utsteder." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Hvis du ikke godtar dette, så blir bare en privat RSA-nøkkel opprettet, " +"sammen med en sertifikatsøknad som du må få en sertifikatutsteder til å " +"signere." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landskode for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Oppgi tobokstavers ISO3166 landskode som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" +"Dette feltet er obligatorisk, uten det kan det ikke lages et sertifikat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Stat eller provinsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Oppgi fullt navn på stat eller provins som skal tas med i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Stedsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "Oppgi stedsnavn (ofte en by) som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisasjonsnavn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Oppgi organisasjonsnavn (ofte et firma) som skal brukes i sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisasjonsenhet for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Oppgi organisasjonsenhet (ofte en avdeling som skal brukes i " +"sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Vanlig navn for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Oppgi vanlig navn (slik som vertsnavnet på denne maskinen) som skal brukes i " +"sertifikatsøknaden." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadresse for X.509-sertifikatsøknaden:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Oppgi e-postadressen (for ansvarlig person eller organisasjon) som skal " +"brukes i sertifikatsøknaden." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Slå på opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denne versjonen av strongSwan støtter opportunistisk kryptering (OE), som " +"lagrer autentiseringsinformasjon for IPSec i DNS-data. Inntil dette er tatt " +"i vanlig bruk vil det gi en betydelig forsinkelse for hver ny utgående " +"tilkobling hvis dette er aktivert." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du bør bare slå på opportunistisk kryptering hvis du er sikker på at du vil " +"ha det. Det kan koble ut Internett-forbindelsen (standardruten) når pluto." +"nissen starter." --- strongswan-4.3.2.orig/debian/po/sv.po +++ strongswan-4.3.2/debian/po/sv.po @@ -0,0 +1,442 @@ +# translation of strongswan_sv.po to Swedish +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Martin gren , 2008, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan_sv\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-12 08:19+0200\n" +"Last-Translator: Martin gren \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: swe\n" +"X-Poedit-Country: swe\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "tidigt" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "efter NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "efter PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Nr strongSwan ska startas om:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan startar under systemuppstart s att det kan skydda filsystem som " +"monteras automatiskt." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * tidigt: om /usr inte monteras genom NFS och om du inte vill anvnda\n" +" ett PCMCIA-ntverkskort, r det bst att starta strongSwan s snart\n" +" som mjligt, s att NFS-monteringar kan skras med IPSec;\n" +" * efter NFS: rekommenderas nr /usr monteras genom NFS och inget\n" +" PCMCIA-ntvrkskort anvnds;\n" +" * efter PCMCIA: rekommenderas om IPSec-uppkopplingen anvnder ett\n" +" PCMCIA-ntverkskort eller om det behver hmta nycklar frn en\n" +" DNS-server som kr lokalt med DNSSec-std." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Starta om strongSwan nu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Att starta om strongSwan rekommenderas eftersom en eventuell " +"skerhetsrttning inte kommer anvndas frrn demonen startats om. Detta kan " +"dock eventuellt stnga existerande anslutningar och sedan ta upp dem igen." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Om du inte startar om strongSwan nu, ska du gra det manuellt s snart " +"tillflle ges." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Starta strongSwans IKEv1-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto-demonen mste kras fr att stdja version 1 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Starta strongSwans IKEv2-demon?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon-demonen mste kras fr att stdja version 2 av Internet Key Exchange-" +"protokollet." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Vill du skapa ett RSA-nyckelpar fr denna vrdmaskin?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan kan anvnda en frutdelad nyckel (Pre-Shared Key, PSK) eller ett " +"RSA-nyckelpar fr att autentisera IPSec-uppkopplingar till andra " +"vrdmaskiner. RSA-autentisering anses generellt vara mer skert och r " +"enklare att administrera. Du kan anvnda PSK- och RSA-autentisering " +"samtidigt." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Om du inte vill skapa ett nytt nyckelpar kan du vlja att anvnda ett " +"existerande par i nsta steg." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Vill du anvnda ett existerande X.509-certifikat fr strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Den information som behvs kan plockas ut automatiskt frn ett existerande " +"X.509-certifikat med en matchande privat RSA-nyckel. Bda delarna kan vara i " +"en fil om den r i PEM-format. Vlj detta alternativ om du har ett sdant " +"certifikat och nyckelfil och vill anvnda det fr att autentisera IPSec-" +"anslutningar." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Namn p filen med ditt X.509-certifikat i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Ange platsen fr den fil som innehller ditt X.509-certifikat i PEM-format." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Namn p filen med din privata X.509-nyckel i PEM-format:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Ange platsen fr den fil som innehller den privata RSA-nyckel som matchar " +"ditt X.509-certifikat i PEM-format. Detta kan vara samma fil som innehller " +"X.509-certifikatet." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA-nyckellngd:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Ange lngden p nyckeln du vill generera. Ett vrde mindre n 1024 bitar " +"anses inte skert. Ett vrde p mer n 2048 bitar kommer antagligen pverka " +"prestanda." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Vill du skapa ett sjlvsignerat X.509-certifikat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Endast sjlvsignerade X.509-certifikat kan skapas automatiskt, eftersom det " +"annars behvs en certifikatsutstllare som signerar certifikatsfrfrgan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Om du vljer detta alternativ, kan certifikatet omedelbart anvndas fr att " +"ansluta ver IPSec-vrdmaskiner som stdjer autentisering via ett X.509-" +"certifikat. Anvnds strongSwans PKI-funktioner krvs dremot att en " +"tillitsvg (eng. trust path) skapas genom att alla X.509-certifikat signeras " +"av en srskild certifikatsutstllare." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Om du inte vljer detta alternativ, kommer endast den privata RSA-nyckeln " +"skapas tillsammans med den certifikatsfrfrgan som du behver f signerad " +"av din certifikatsutstllare." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Landskod fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Ange den ISO3166-landskod med 2 bokstver som ska anvndas i " +"certifikatsfrfrgan. (Sverige har landskod SE.)" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Detta r flt r obligatoriskt; annars kan inget certifikat skapas." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Region eller ln fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Ange namnet p regionen eller landet som ska anvndas i certifikatsfrfrgan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Lokaliteten fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Ange lokaliteten (ofta en stad) som ska anvndas i certifikatsfrfrgan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisationsnamnet fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Ange organisationsnamnet (ofta ett fretag) som ska anvndas i " +"certifikatsfrfrgan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Organisationsenheten fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Ange organisationsenheten (ofta en avdelning) som ska anvndas i " +"certifikatsfrfrgan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Namnet p X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Ange namnet (exempelvis vrdnamnet fr denna maskin) som ska anvndas i " +"certifikatsfrfrgan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "E-postadressen fr X.509-certifikatsfrfrgan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Ange den e-postadress (till den ansvariga personen eller organisationen) som " +"ska anvndas i certifikatsfrfrgan." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Vill du aktivera opportunistisk kryptering?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Denna version av strongSwan stdjer opportunistisk kryptering (OE), som " +"lagrar IPSec-autentiseringsinformation i DNS-registret. Till dess detta " +"anvnds i stor utstrckning, kommer aktivering av det att orsaka betydande " +"frdrjningar fr varje ny utgende anslutning." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Du ska bara aktivera opportunistisk kryptering om du r sker p att du vill " +"ha det. Det kan bryta internetanslutningen (standardvgen) nr pluto-demonen " +"startas." --- strongswan-4.3.2.orig/debian/po/fr.po +++ strongswan-4.3.2/debian/po/fr.po @@ -0,0 +1,436 @@ +# Translation of strongswan debconf templates to French +# Copyright (C) 2005-2007 Christian Perrier +# This file is distributed under the same license as the strongswan package. +# +# Christian Perrier , 2005-2007, 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 14:50+0100\n" +"Last-Translator: Christian Perrier \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: Plural-Forms: nplurals=2; plural=n>1;\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "Le plus tôt possible" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "Après NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "Après PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Moment de démarrage de strongSwan :" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan est lancé au démarrage du système afin de pouvoir protéger les " +"systèmes de fichiers qui sont montés automatiquement." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" - Le plus tôt possible : conseillé si /usr n'est pas monté par NFS\n" +" et que vous n'utilisez pas de carte réseau PCMCIA ;\n" +" - Après NFS : recommandé si /usr est un montage NFS et qu'aucune\n" +" carte réseau PCMCIA n'est utilisée ;\n" +" - après PCMCIA : recommandé si la connexion IPSec utilise une carte\n" +" réseau PCMCIA ou s'il est nécessaire de récupérer des clés\n" +" depuis un serveur DNS qui gère DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Faut-il redémarrer StrongSwan maintenant ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Redémarrer strongSwan est préférable car un éventuel correctif de sécurité " +"ne prendra effet que si le démon est redémarré. Cependant, cela pourrait " +"interrompre provisoirement des connexions en cours." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Si vous ne redémarrez pas StrongSwan maintenant, il est conseillé de le " +"faire manuellement dès que possible." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Faut-il démarrer le démon IKEv1 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « pluto » doit fonctionner pour que la version 1 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Faut-il démarrer le démon IKEv2 de StrongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Le démon « charon » doit fonctionner pour que la version 2 du protocole IKE " +"(Internet Key Exchange) puisse être gérée." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Faut-il créer une paire de clés RSA publique et privée pour cet hôte ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan peut utiliser une clé secrète partagée (PSK : « Pre-Shared Key ») " +"ou une paire de clés RSA pour gérer l'authentification des connexions IPSec " +"vers d'autres hôtes. L'authentification RSA est en général considérée comme " +"plus sûre et plus simple à administrer. Les deux modes d'authentification " +"peuvent être utilisés en même temps." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Si vous ne souhaitez pas créer une paire de clés publique et privée, vous " +"pouvez choisir d'en utiliser une existante." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "" +"Faut-il utiliser un fichier de certificat X.509 existant avec strongSwan ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"L'information nécessaire peut être récupérée depuis un fichier de certificat " +"X.509 existant, avec la clé privée RSA correspondante. Les deux parties " +"peuvent se trouver dans un seul fichier, s'il est en format PEM. Vous " +"devriez choisir cette option si vous possédez un tel certificat ainsi que la " +"clé privée, et si vous souhaitez vous en servir pour l'authentification des " +"connexions IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Emplacement de votre certificat X.509 au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant votre certificat X.509 " +"au format PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Emplacement de votre clé privée X.509 actuelle au format PEM :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Veuillez indiquer l'emplacement du fichier contenant la clé privée RSA " +"correspondant à votre certificat X.509 au format PEM. Cela peut être le même " +"fichier que le certificat X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Taille de la clé RSA :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Veuillez indiquer la taille de la clé RSA que vous souhaitez créer. Une " +"valeur inférieure à 1024 bits n'est pas considérée comme sûre. Une valeur " +"supérieure à 2048 bits risque d'altérer les performances." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Faut-il créer un certificat X.509 auto-signé ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Seuls les certificats X.509 auto-signés peuvent être créés automatiquement " +"car, pour les autres certificats, une autorité de certification est " +"indispensable." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Si vous choisissez cette option, le certificat qui sera créé pourra être " +"utilisé immédiatement pour la connexion à d'autres hôtes IPSec qui gèrent " +"l'authentification par certificat X.509. Cependant l'utilisation des " +"fonctionnalités PKI (« Public Key Infrastructure » : infrastructure publique " +"de clés) de strongSwan impose la création d'un chemin de confiance avec tous " +"les certificats X.509 signés par la même autorité de certification." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Si vous ne choisissez pas cette option, seules la clé privée RSA et la " +"demande de certificat seront créées. Vous devrez ensuite faire signer cette " +"demande par une autorité de certification." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Code du pays pour le certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Veuillez indiquer le code ISO3166 à deux lettres du pays qui sera utilisé " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Ce champ est obligatoire, sinon le certificat ne pourra pas être créé." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "État ou province pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Veuillez indiquer le nom complet de l'état ou de la province qui sera inclus " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Localité pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Veuillez indiquer la localité (le plus souvent la ville) qui sera utilisée " +"dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Organisme pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Veuillez indiquer le nom de l'organisme (le plus souvent un nom " +"d'entreprise) qui sera utilisé dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Unité d'organisation pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Veuillez indiquer l'unité d'organisation (p. ex. département, division, " +"etc.) qui sera utilisée dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Nom commun pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Veuillez indiquer le nom commun (p. ex. le nom réseau de cette machine) qui " +"sera utilisé dans la demande de certificat." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Adresse électronique pour la demande de certificat X.509 :" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Veuillez indiquer l'adresse électronique (de la personne ou de l'organisme " +"responsable) qui sera utilisée dans la demande de certificat." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Faut-il activer le chiffrement opportuniste ?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Cette version de strongSwan gère le chiffrement opportuniste (OE) qui " +"conserve les informations d'authentification IPSec dans des enregistrements " +"DNS. Tant que cette fonctionnalité n'est pas déployée largement, l'activer " +"augmentera notablement la durée d'établissement des connexions sortantes." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Vous ne devriez l'activer que s'il est indispensable de l'utiliser. Il est " +"possible que cela coupe la connexion Internet (la route par défaut) au " +"moment où le démon « pluto » démarre." --- strongswan-4.3.2.orig/debian/po/ru.po +++ strongswan-4.3.2/debian/po/ru.po @@ -0,0 +1,432 @@ +# translation of ru.po to Russian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Yuri Kozlov , 2009. +msgid "" +msgstr "" +"Project-Id-Version: strongswan 4.2.14-2\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-25 15:00+0100\n" +"Last-Translator: Yuri Kozlov \n" +"Language-Team: Russian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%" +"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "как можно раньше" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "после NFS" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "после PCMCIA" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "Когда запускать strongSwan:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan запускается при загрузке системы для того, чтобы можно было " +"защитить автоматически монтируемые файловые системы." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * как можно раньше: если /usr не монтируется через NFS и не используется\n" +" сетевая карта PCMCIA, то лучше всего запускать strongSwan как можно\n" +" раньше для того, чтобы NFS можно было безопасно монтировать через IPSec;\n" +" * после NFS: рекомендуется, если /usr монтируется через NFS и не\n" +" используется сетевая карта PCMCIA;\n" +" * после PCMCIA: рекомендуется, если для IPSec соединения используется\n" +" сетевая карта PCMCIA, или если для этого нужны ключи, получаемые с " +"локально\n" +" запущенного DNS сервера с поддержкой DNSSec." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "Перезапустить strongSwan прямо сейчас?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"Рекомендуется перезапустить strongSwan так как, если были исправления в " +"безопасности, то они не будут задействованы без перезапуска службы. Однако, " +"это может вызвать переподключение существующих соединений." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Если вы не перезапустите strongSwan сейчас, то сделайте это вручную при " +"первой возможности." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "Запустить службу strongSwan IKEv1?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Для поддержки 1-й версии протокола обмена ключами Интернет должна быть " +"запущена служба pluto." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "Запустить службу strongSwan IKEv2?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Для поддержки 2-й версии протокола обмена ключами Интернет должна быть " +"запущена служба charon." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Создать открытый/закрытый ключи RSA для этой машины?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"Для аутентификации IPSec соединений с другими машинами в strongSwan можно " +"использовать общий ключ (PSK) или пару ключей RSA. Аутентификация RSA " +"считается более безопасной и простой в администрировании. Также вы можете " +"использовать аутентификации PSK и RSA одновременно." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Если вы не хотите создавать новую пару открытых/закрытых ключей, то далее " +"сможете указать использовать имеющиеся." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "Использовать существующий сертификат X.509 для strongSwan?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Требуемая информация может быть автоматически извлечена из существующего " +"сертификата X.509 с помощью подходящего закрытого ключа RSA. Обе части могут " +"быть в одном файле, если он имеет формат PEM. Ответьте утвердительно, если у " +"вас есть такой сертификат и файл с ключом, и вы хотите использовать его для " +"аутентификации соединений IPSec." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "Имя файла сертификата X.509 в формате PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Введите полный путь к файлу, содержащему ваш сертификат X.509 в формате PEM." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "Имя файла существующего закрытого ключа X.509 в формате PEM:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Введите полный путь к файлу, содержащему закрытый ключ RSA для вашего " +"сертификата X.509 в формате PEM. Это может быть тот же файл, что и для " +"сертификата X.509." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "Длина ключа RSA:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Введите длину генерируемого ключа RSA. Значение менее 1024 бит не считается " +"надёжным. Значение более 2048 бит, вероятно, повлияет на производительность." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Создать самоподписанный сертификат X.509?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Автоматически можно создавать только самоподписанные сертификаты X.509, так " +"как в противном случае нужно делать запрос подписи сертификата в центре " +"сертификации." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" +"Если вы ответите утвердительно, то созданный сертификат сразу можно " +"использовать для подключения к другим IPSec машинам, поддерживающим " +"аутентификацию с помощью сертификатов X.509. Однако, для использования PKI " +"возможностей strongSwan требуется создание пути доверия, где все сертификаты " +"X.509 подписаны одним центром." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" +"Если вы ответите отрицательно, то будет создан только закрытый ключ RSA, а " +"также запрос для сертификата, который вам нужно подписать в центре " +"сертификации." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "Country code for the X.509 certificate request:" +msgstr "Код страны для запроса сертификата X.509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Введите двухбуквенный код страны согласно ISO3166, который должен " +"использоваться в запросе сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "Это поле обязательно; иначе сертификат не может быть сгенерирован." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "State or province name for the X.509 certificate request:" +msgstr "Название области или округа для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Введите полное название области или округа для включения в запрос " +"сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "Locality name for the X.509 certificate request:" +msgstr "Название места для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Введите название места (обычно город) для включения в запрос сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "Organization name for the X.509 certificate request:" +msgstr "Название организации для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Введите название организации (обычно, название компании) для включения в " +"запрос сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "Название структурной единицы организации для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Введите название структурной единицы организации (обычно, подразделение) для " +"включения в запрос сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "Общеизвестное название для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Введите общеизвестное название (например, имя данного компьютера) для " +"включения в запрос сертификата." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "Адрес электронной почты для запроса сертификата X509:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Введите адрес электронной почты (человека или организации) для включения в " +"запрос сертификата." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Включить поддержку гибкого шифрования?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"Эта версия strongSwan поддерживает гибкое шифрование (opportunistic " +"encryption, OE), при котором информация об аутентификации IPSec хранится в " +"записях DNS. Пока это широко не станет распространено, данная поддержка " +"приведёт к значительной задержке при каждом новом исходящем соединении." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Включайте гибкое шифрование, если вам это действительно нужно. Это может " +"прервать соединение с интернетом (маршрут по умолчанию) при запуске службы " +"pluto." --- strongswan-4.3.2.orig/debian/po/eu.po +++ strongswan-4.3.2/debian/po/eu.po @@ -0,0 +1,467 @@ +# translation of eu.po to Euskara +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Piarres Beobide , 2009. +msgid "" +msgstr "" +"Project-Id-Version: eu\n" +"Report-Msgid-Bugs-To: strongswan@packages.debian.org\n" +"POT-Creation-Date: 2009-05-25 14:44+0100\n" +"PO-Revision-Date: 2009-05-21 11:16+0200\n" +"Last-Translator: Piarres Beobide \n" +"Language-Team: Euskara \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: eu\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "earliest" +msgstr "abioan" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after NFS" +msgstr "NFS ondoren" + +#. Type: select +#. Choices +#: ../strongswan-starter.templates:2001 +msgid "after PCMCIA" +msgstr "PCMCIA ondoren" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "When to start strongSwan:" +msgstr "StrongSwan abiaraztean:" + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +"StrongSwan starts during system startup so that it can protect filesystems " +"that are automatically mounted." +msgstr "" +"StrongSwan sistema abioan abiarazten da horrela automatikoki muntatzen diren " +"fitxategi-sistemak babesteko." + +#. Type: select +#. Description +#: ../strongswan-starter.templates:2002 +msgid "" +" * earliest: if /usr is not mounted through NFS and you don't use a\n" +" PCMCIA network card, it is best to start strongSwan as soon as\n" +" possible, so that NFS mounts can be secured by IPSec;\n" +" * after NFS: recommended when /usr is mounted through NFS and no\n" +" PCMCIA network card is used;\n" +" * after PCMCIA: recommended if the IPSec connection uses a PCMCIA\n" +" network card or if it needs keys to be fetched from a locally running " +"DNS\n" +" server with DNSSec support." +msgstr "" +" * abioan: /usr ez badago NFS bidez muntaturik eta PCMCIA sare txartelik\n" +" erabiltzen ez baduzu, hobe da strongSwan ahalik eta azkarren\n" +" abiaraztea, horrela NFS muntatzeak IPSec bidez babestu daitezke;\n" +" * NFS ondoren: /usr NFS bidez muntaturik dagoenean eta PCMCIA\n" +" sare txartelik erabiltzen ez bada gomendagarria;\n" +" * PCMCIA ondoren: IPSec konexioak PCMCIA sare txartela bat erabiltzean\n" +" edo gakoak DNSSec onartzen duen DNS zerbitzari lkokaletik eskuratu behar " +"direnean\n" +" gomendagarria." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "Restart strongSwan now?" +msgstr "StrongSwan orain berrabiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +msgid "" +"Restarting strongSwan is recommended, because if there is a security fix, it " +"will not be applied until the daemon restarts. However, this might close " +"existing connections and then bring them back up." +msgstr "" +"StrongSwan berrabiaraztea gomendagarria da segurtasun konpontze bat badago " +"ez bait da ezarriko deabrua berrabiarazi artean. Hala ere, honek martxan " +"dauden konexioak itxi eta gero berriz abiaraziko ditu." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:3001 +#, fuzzy +#| msgid "" +#| "If you don't restart strongSwan now, you should do so manually at the " +#| "first opportunity." +msgid "" +"If you don't restart strongSwan now, you should do so manually at the first " +"opportunity." +msgstr "" +"Ez baduzu strongSwan orain berrabiarazten, eskuz egin beharko zenuke ahal " +"bezain laster." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "Start strongSwan's IKEv1 daemon?" +msgstr "StrongSwan-ren IKEv1 deabrua abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:4001 +msgid "" +"The pluto daemon must be running to support version 1 of the Internet Key " +"Exchange protocol." +msgstr "" +"Pluto deabrua martxan egon behar da Internet gako trukatze (IKE) " +"protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "Start strongSwan's IKEv2 daemon?" +msgstr "StrongSwan-ren IKEv2 deabrua abiarazi?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:5001 +msgid "" +"The charon daemon must be running to support version 2 of the Internet Key " +"Exchange protocol." +msgstr "" +"Charon deabrua martxan egon behar da Internet gako trukatze (IKE) " +"protokoloaren lehen bertsioa onartzeko." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "Create an RSA public/private keypair for this host?" +msgstr "Sortu RSA publiko/pribatu gako pare bat ostalari honentzako?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"StrongSwan can use a Pre-Shared Key (PSK) or an RSA keypair to authenticate " +"IPSec connections to other hosts. RSA authentication is generally considered " +"more secure and is easier to administer. You can use PSK and RSA " +"authentication simultaneously." +msgstr "" +"StrongSwan-ek Pre-Shared Key (PSK) edo RSA gako-parea erabil dezake beste " +"ostalariekiko IPSec konexioak autentifikatzeko. RSA autentifikazioa " +"arruntean seguruago da eta errazago kudeatzen da. PSK eta RSA " +"autentifikazioak batera erabili ditzakezu." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:6001 +msgid "" +"If you do not want to create a new public/private keypair, you can choose to " +"use an existing one in the next step." +msgstr "" +"Ez baduzu gako-pare publiko/pribatu berririk sortu nahi. dagoeneko sorturik " +"dagoen bat hautatu dezakezu hurrengo urratsean." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "Use an existing X.509 certificate for strongSwan?" +msgstr "DAgoen X.509 ziurtagiria erabili strongSwan-rentzat?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:7001 +msgid "" +"The required information can automatically be extracted from an existing " +"X.509 certificate with a matching RSA private key. Both parts can be in one " +"file, if it is in PEM format. You should choose this option if you have such " +"an existing certificate and key file and want to use it for authenticating " +"IPSec connections." +msgstr "" +"Beharrezko informazioa automatikoki dagoen dagokion RSA gako pribatuaz X.509 " +"ziurtagiritik atera daiteke. Bi zatiak fitxategi bakar batean egon daitezke, " +"PEM formatuan badago. Aukera hau hautatu beharko zenuke dagoeneko " +"ziurtagirik eta gako fitxategia badituzu eta IPSec konexioen " +"autentifikaziorako erabili nahi badituzu." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "File name of your X.509 certificate in PEM format:" +msgstr "X.509 ziurtagiriaren fitxategi-izena PEM formatuan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:8001 +msgid "" +"Please enter the full location of the file containing your X.509 certificate " +"in PEM format." +msgstr "" +"Mesedez idatzi zure X.509 ziurtagiria duen fitxategiaren kokapen osoa PEM " +"formatuan." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "File name of your existing X.509 private key in PEM format:" +msgstr "X.509 gako pribatuaren fitxategi-izena PEM formatuan:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:9001 +msgid "" +"Please enter the full location of the file containing the private RSA key " +"matching your X.509 certificate in PEM format. This can be the same file as " +"the X.509 certificate." +msgstr "" +"Mesedez idatzi zure X.509 ziurtagiriaren pareko RSA gako pribatua duen " +"fitxategiaren kokapen osoa PEM formatuan. Hau X.509 ziurtagiriaren berdina " +"izan daiteke." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +msgid "RSA key length:" +msgstr "RSA gako luzapena:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:10001 +#, fuzzy +#| msgid "" +#| "Please enter the length of RSA key you wish to generate. A value of less " +#| "than 1024 bits is not considered secure. A value of more than 2048 bits " +#| "will probably affect performance." +msgid "" +"Please enter the length of RSA key you wish to generate. A value of less " +"than 1024 bits is not considered secure. A value of more than 2048 bits will " +"probably affect performance." +msgstr "" +"Mesedez zehaztu sortu nahi duzun RSA gakoaren luzapena. 1024 bit-etik " +"beherako balioak ez dira segurutzat ematen. 2048 bit-tik gorako balioek " +"ziurrenik performantzian eragingo dute." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "Create a self-signed X.509 certificate?" +msgstr "Sortu auto-sinatutako X.509 ziurtagiria?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"Only self-signed X.509 certificates can be created automatically, because " +"otherwise a certificate authority is needed to sign the certificate request." +msgstr "" +"Auto-sinatutako X.509 ziurtagiriak bakarrik sor daitezke automatikoki, beste " +"modu batetara ziurtagiri autoritate batek ziurtagiri eskaera sinatzea behar " +"da eta." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you accept this option, the certificate created can be used immediately " +"to connect to other IPSec hosts that support authentication via an X.509 " +"certificate. However, using strongSwan's PKI features requires a trust path " +"to be created by having all X.509 certificates signed by a single authority." +msgstr "" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:11001 +msgid "" +"If you do not accept this option, only the RSA private key will be created, " +"along with a certificate request which you will need to have signed by a " +"certificate authority." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Country code for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the two-letter ISO3166 country code that should be used in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:12001 +msgid "This field is mandatory; otherwise a certificate cannot be generated." +msgstr "" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "State or province name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:13001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the full name of the state or province to include in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "Common name for the X.509 certificate request:" +msgid "Locality name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:14001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the locality name (often a city) that should be used in the " +"certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "Organizational unit for the X.509 certificate request:" +msgid "Organization name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako organizazio unitatea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:15001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the organization name (often a company) that should be used in " +"the certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +msgid "Organizational unit for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako organizazio unitatea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:16001 +#, fuzzy +#| msgid "" +#| "Please enter the organizational unit name (often a department) that " +#| "should be used in the certificate request." +msgid "" +"Please enter the organizational unit name (often a department) that should " +"be used in the certificate request." +msgstr "" +"Mesedez idatzi organizazio unitate izena (ziurrenik departamentua) " +"ziurtagiri eskaeran erabili ahal izateko." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "Common name for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako izen arrunta:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:17001 +msgid "" +"Please enter the common name (such as the host name of this machine) that " +"should be used in the certificate request." +msgstr "" +"Mesedez idatzi ziurtagiri eskaeran erabili behar den izen arrunta (makina " +"honen ostalari izena bezalakoa)." + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "Email address for the X.509 certificate request:" +msgstr "X.509 ziurtagiri eskaerarako eposta helbidea:" + +#. Type: string +#. Description +#: ../strongswan-starter.templates:18001 +msgid "" +"Please enter the email address (for the individual or organization " +"responsible) that should be used in the certificate request." +msgstr "" +"Mesedez idatzi ziurtagiri eskaeran erabili behar den eposta helbidea " +"(banakako edo erakunde buruarena)." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "Enable opportunistic encryption?" +msgstr "Aukerako enkriptazioa gaitu?" + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"This version of strongSwan supports opportunistic encryption (OE), which " +"stores IPSec authentication information in DNS records. Until this is widely " +"deployed, activating it will cause a significant delay for every new " +"outgoing connection." +msgstr "" +"StrongSwan bertsio honek aukerako enkriptatze (opportunistic encryption, OE) " +"euskarria du, honek IPSec autentifikazio informazioa DNS erregistroetan " +"gordetzen ditu. Hau guztiz garatua ez dagoenez gaitzeak kanporako konexio " +"berri guztien atzerapen esanguratsu bat eragin dezake." + +#. Type: boolean +#. Description +#: ../strongswan-starter.templates:19001 +msgid "" +"You should only enable opportunistic encryption if you are sure you want it. " +"It may break the Internet connection (default route) as the pluto daemon " +"starts." +msgstr "" +"Aukerako enkriptatzea behar duzula ziur bazaude bakarrik gaitu beharko " +"zenuke. Internet konexioak moztuko dira (lehenetsitako atebidea) pluto " +"deabrua abiaraztean." + +#~ msgid "Please enter the organization name (often a company)" +#~ msgstr "Mesedez idatzi organizazio izena (ziurrenik konpainia)"