Skip to content

work on ssl #790

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jan 12, 2024
Merged

work on ssl #790

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5c12cec
work on ssl
timmy0123 Jan 5, 2024
e6d47db
add more translate lines
timmy0123 Jan 9, 2024
2daa6cb
fix rst errot
timmy0123 Jan 9, 2024
8c5b091
fix rst errot
timmy0123 Jan 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 48 additions & 3 deletions library/ssl.po
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ msgstr ""
"Project-Id-Version: Python 3.12\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-12-21 18:18+0000\n"
"PO-Revision-Date: 2024-01-04 14:19+0800\n"
"PO-Revision-Date: 2024-01-09 10:47+0800\n"
"Last-Translator: Adrian Liaw <[email protected]>\n"
"Language-Team: Chinese - TAIWAN (https://github.com/python/python-docs-zh-"
"tw)\n"
Expand Down Expand Up @@ -581,6 +581,8 @@ msgid ""
"one of ``CA``, ``ROOT`` or ``MY``. Windows may provide additional cert "
"stores, too."
msgstr ""
"從 Windows 的系統憑證儲存庫中搜尋憑證。*store_name* 可以是 ``CA``、``ROOT`` "
"或 ``MY`` 的其中一個。Windows 也可能會提供額外的憑證儲存庫。"

#: ../../library/ssl.rst:419
msgid ""
Expand All @@ -590,6 +592,10 @@ msgid ""
"data. Trust specifies the purpose of the certificate as a set of OIDS or "
"exactly ``True`` if the certificate is trustworthy for all purposes."
msgstr ""
"此函式會回傳一個元組 (cert_bytes, encoding_type, trust) 串列。encoding_type "
"指定了 cert_bytes 的編碼格式。它可以是用來表示 X.509 ASN.1 資料的 :const:"
"`x509_asn` 或是用來表示 PKCS#7 ASN.1 資料的 :const:`pkcs_7_asn`。Trust 通過一"
"組 OIDS 來指定憑證的用途,或是如果憑證對所有用途都可以使用則回傳 ``True``。"

#: ../../library/ssl.rst:426 ../../library/ssl.rst:1542
#: ../../library/ssl.rst:1837
Expand All @@ -605,13 +611,18 @@ msgid ""
"Retrieve CRLs from Windows' system cert store. *store_name* may be one of "
"``CA``, ``ROOT`` or ``MY``. Windows may provide additional cert stores, too."
msgstr ""
"從 Windows 的系統憑證儲存庫中搜尋 CRLs。*store_name* 可以是 ``CA``、``ROOT`` "
"或 ``MY`` 的其中一個。Windows 也可能會提供額外的憑證儲存庫。"

#: ../../library/ssl.rst:442
msgid ""
"The function returns a list of (cert_bytes, encoding_type, trust) tuples. "
"The encoding_type specifies the encoding of cert_bytes. It is either :const:"
"`x509_asn` for X.509 ASN.1 data or :const:`pkcs_7_asn` for PKCS#7 ASN.1 data."
msgstr ""
"此函式會回傳一個元組 (cert_bytes, encoding_type, trust) 串列。encoding_type "
"指定了 cert_bytes 的編碼格式。它可以是用來表示 X.509 ASN.1 資料的 :const:"
"`x509_asn` 或是用來表示 PKCS#7 ASN.1 資料的 :const:`pkcs_7_asn`。"

#: ../../library/ssl.rst:453
msgid "Constants"
Expand All @@ -622,6 +633,7 @@ msgid ""
"All constants are now :class:`enum.IntEnum` or :class:`enum.IntFlag` "
"collections."
msgstr ""
"所有的常數現在都是 :class:`enum.IntEnum` 或 :class:`enum.IntFlag` 的集合。"

#: ../../library/ssl.rst:461
msgid ""
Expand All @@ -630,12 +642,17 @@ msgid ""
"just about any cert is accepted. Validation errors, such as untrusted or "
"expired cert, are ignored and do not abort the TLS/SSL handshake."
msgstr ""
":attr:`SSLContext.verify_mode` 可能的值。除了 :attr:`SSLContext.verify_mode` "
"外,這是預設的模式。對於客戶端的 sockets,幾乎任何憑證都能被允許。驗證錯誤,"
"像是不被信任或是過期的憑證,會被忽略並不會中止 TLS/SSL 握手。"

#: ../../library/ssl.rst:467
msgid ""
"In server mode, no certificate is requested from the client, so the client "
"does not send any for client cert authentication."
msgstr ""
"在伺服器模式下,不會從客戶端請求任何憑證,所以客戶端不用發送任何用於客戶端憑"
"證身分驗證的憑證。"

#: ../../library/ssl.rst:470 ../../library/ssl.rst:2245
msgid "See the discussion of :ref:`ssl-security` below."
Expand All @@ -647,6 +664,9 @@ msgid ""
"`CERT_OPTIONAL` has the same meaning as :const:`CERT_REQUIRED`. It is "
"recommended to use :const:`CERT_REQUIRED` for client-side sockets instead."
msgstr ""
":attr:`SSLContext.verify_mode` 可能的值。在客戶端模式下,:const:"
"`CERT_OPTIONAL` 具有與 :const:`CERT_REQUIRED` 相同的含意。對於客戶端 sockets "
"推薦改用 :const:`CERT_REQUIRED`。"

#: ../../library/ssl.rst:479
msgid ""
Expand All @@ -656,12 +676,17 @@ msgid ""
"certificate, it is verified. Any verification error immediately aborts the "
"TLS handshake."
msgstr ""
"在伺服器模式下,客戶憑證請求會被發送給客戶端。客戶端可以選擇忽略請求或是選擇"
"發送憑證來執行 TLS 客戶端憑證身分驗證。如果客戶端選擇發送憑證,則會對其進行驗"
"證。任何驗證錯誤都會立刻終止 TLS 握手。"

#: ../../library/ssl.rst:485 ../../library/ssl.rst:504
msgid ""
"Use of this setting requires a valid set of CA certificates to be passed to :"
"meth:`SSLContext.load_verify_locations`."
msgstr ""
"使用此設定需要將一組有效的 CA 憑證傳送給 :meth:`SSLContext."
"load_verify_locations`。"

#: ../../library/ssl.rst:490
msgid ""
Expand All @@ -674,24 +699,34 @@ msgid ""
"cert. :const:`PROTOCOL_TLS_CLIENT` uses :const:`CERT_REQUIRED` and enables :"
"attr:`~SSLContext.check_hostname` by default."
msgstr ""
":attr:`SSLContext.verify_mode` 可能的值。在這個模式下,需要從 socket 連線的另"
"一端獲取憑證;如果未提供憑證或是驗證失敗,則將會導致 :class:`SSLError`。此模"
"式 **不能** 在客戶端模式下對憑證進行驗證,因為它無法去配對主機名稱。:attr:"
"`~SSLContext.check_hostname` 也必須被開起來來驗證憑證的真實性。:const:"
"`PROTOCOL_TLS_CLIENT` 會使用 :const:`CERT_REQUIRED` 並預設開啟 :attr:"
"`~SSLContext.check_hostname`。"

#: ../../library/ssl.rst:500
msgid ""
"With server socket, this mode provides mandatory TLS client cert "
"authentication. A client certificate request is sent to the client and the "
"client must provide a valid and trusted certificate."
msgstr ""
"對於 socket 伺服器,此模式會提供強制的 TLS 客戶端憑證驗證。客戶端憑證請求會被"
"發送給客戶端並且客戶端必須提供有效且被信任的憑證。"

#: ../../library/ssl.rst:509
msgid ":class:`enum.IntEnum` collection of CERT_* constants."
msgstr ""
msgstr ":class:`enum.IntEnum` 為 CERT_* 常數的一個集合。"

#: ../../library/ssl.rst:515
msgid ""
"Possible value for :attr:`SSLContext.verify_flags`. In this mode, "
"certificate revocation lists (CRLs) are not checked. By default OpenSSL does "
"neither require nor verify CRLs."
msgstr ""
":attr:`SSLContext.verify_flags` 可能的值。在此模式下,不會檢查憑證吊銷列表 "
"(CRLs)。預設的 OpenSSL 並不會請求及驗證 CRLs。"

#: ../../library/ssl.rst:523
msgid ""
Expand All @@ -701,31 +736,41 @@ msgid ""
"ancestor CA). If no proper CRL has been loaded with :attr:`SSLContext."
"load_verify_locations`, validation will fail."
msgstr ""
":attr:`SSLContext.verify_flags` 可能的值。在此模式下,只會檢查同等的憑證而不"
"會去檢查中間的 CA 憑證。此模式需要提供由對等憑證發行者 (它的直接上級 CA) 的有"
"效的 CRL 簽名。如果沒有用 :attr:`SSLContext.load_verify_locations` 載入適當"
"的 CRL,則會驗證失敗。"

#: ../../library/ssl.rst:533
msgid ""
"Possible value for :attr:`SSLContext.verify_flags`. In this mode, CRLs of "
"all certificates in the peer cert chain are checked."
msgstr ""
":attr:`SSLContext.verify_flags` 可能的值。在此模式下,會檢查對等憑證鍊中所有"
"憑證的 CRLs。"

#: ../../library/ssl.rst:540
msgid ""
"Possible value for :attr:`SSLContext.verify_flags` to disable workarounds "
"for broken X.509 certificates."
msgstr ""
":attr:`SSLContext.verify_flags` 可能的值,用來禁用已損壞的 X.509 憑證的解決方"
"法。"

#: ../../library/ssl.rst:547
msgid ""
"Possible value for :attr:`SSLContext.verify_flags` to enables proxy "
"certificate verification."
msgstr ""
msgstr ":attr:`SSLContext.verify_flags` 可能的值,用來啟用憑證代理驗證。"

#: ../../library/ssl.rst:554
msgid ""
"Possible value for :attr:`SSLContext.verify_flags`. It instructs OpenSSL to "
"prefer trusted certificates when building the trust chain to validate a "
"certificate. This flag is enabled by default."
msgstr ""
":attr:`SSLContext.verify_flags` 可能的值。它指示 OpenSSL 在構建信任鍊來驗證憑"
"證時會優先使用被信任的憑證。此旗標預設開啟。"

#: ../../library/ssl.rst:562
msgid ""
Expand Down