diff --git a/ChangeLog.asciidoc b/ChangeLog.asciidoc index b6183690a..511853dd8 100644 --- a/ChangeLog.asciidoc +++ b/ChangeLog.asciidoc @@ -17,6 +17,7 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes] === New features +* irc: add support of "ecdsa-nist256p-challenge" SASL mechanism (closes #251) * core: add priority in plugins to initialize them in order * doc: add Russian man page diff --git a/doc/de/autogen/user/irc_options.asciidoc b/doc/de/autogen/user/irc_options.asciidoc index 6ebc0ddb8..cab1d0a18 100644 --- a/doc/de/autogen/user/irc_options.asciidoc +++ b/doc/de/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** Typ: integer ** Werte: continue, reconnect, disconnect (Standardwert: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** Beschreibung: `file with ECC private key for mechanism "ecdsa-nist256p-challenge" ("%h" will be replaced by WeeChat home, "~/.weechat" by default)` +** Typ: Zeichenkette +** Werte: beliebige Zeichenkette (Standardwert: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** Beschreibung: `Verfahren welches bei einer SASL Authentifizierung angewandt werden soll: "plain" Passwort wird im Klartext gesendet, "dh-blowfish" Passwort wird mittels blowfish verschlüsselt, "dh-aes" Passwort wird mittels AES verschlüsselt, "external" SSL Zertifikat welches auf Client Seite vorliegt, wird verwendet` +** Beschreibung: `mechanism for SASL authentication: "plain" for plain text password, "ecdsa-nist256p-challenge" for key-based challenge authentication, "external" for authentication using client side SSL cert, "dh-blowfish" for blowfish crypted password (insecure, not recommended), "dh-aes" for AES crypted password (insecure, not recommended)` ** Typ: integer -** Werte: plain, dh-blowfish, dh-aes, external (Standardwert: `plain`) +** Werte: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (Standardwert: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** Beschreibung: `Passwort für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, siehe /help eval)` +** Beschreibung: `password for SASL authentication; this option is not used for mechanisms "ecdsa-nist256p-challenge" and "external" (note: content is evaluated, see /help eval)` ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette (Standardwert: `""`) @@ -584,7 +589,7 @@ ** Werte: 1 .. 3600 (Standardwert: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** Beschreibung: `Username für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, siehe /help eval)` +** Beschreibung: `username for SASL authentication; this option is not used for mechanism "external" (note: content is evaluated, see /help eval)` ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette (Standardwert: `""`) diff --git a/doc/de/weechat_user.de.asciidoc b/doc/de/weechat_user.de.asciidoc index b2f4cbecd..47b95f667 100644 --- a/doc/de/weechat_user.de.asciidoc +++ b/doc/de/weechat_user.de.asciidoc @@ -102,7 +102,7 @@ welche Pakete optional genutzt werden können. | libcurl4-gnutls-dev | | *ja* | URL Transfer | zlib1g-dev | | *ja* | Kompression für Pakete, die mittels Relay- (WeeChat Protokoll), Script-Erweiterung übertragen werden | libgcrypt20-dev | | *ja* | Geschützte Daten, IRC SASL Authentifikation (DH-BLOWFISH/DH-AES), Skript-Erweiterung -| libgnutls28-dev | ≥ 2.2.0 | | SSL Verbindung zu einem IRC Server, Unterstützung von SSL in der Relay-Erweiterung +| libgnutls28-dev | ≥ 2.2.0 | | SSL Verbindung zu einem IRC Server, Unterstützung von SSL in der Relay-Erweiterung, IRC SASL Authentifikation (ECDSA-NIST256P-CHALLENGE) | gettext | | | Internationalisierung (Übersetzung der Mitteilungen; Hauptsprache ist englisch) | ca-certificates | | | Zertifikate für SSL Verbindungen | libaspell-dev oder libenchant-dev | | | Aspell Erweiterung @@ -2219,9 +2219,11 @@ Für weiterreichende Informationen lesen Sie bitte: http://www.oftc.net/oftc/Nic WeeChat unterstützt eine SASL Authentifikation, mittels verschiedener Mechanismen: * 'plain': Passwort liegt in Klarschrift vor (Standard) +// TRANSLATION MISSING +* 'ecdsa-nist256p-challenge': challenge with public/private key +* 'external': SSL Zertifikat welches auf Client Seite vorliegt * 'dh-blowfish': Passwort wird mittels blowfish verschlüsselt * 'dh-aes': Passwort wird mittels AES verschlüsselt -* 'external': SSL Zertifikat welches auf Client Seite vorliegt [NOTE] Die "gcrypt" Bibliothek wird beim kompilieren von WeeChat benötigt um @@ -2231,8 +2233,12 @@ Optionen für Server sind: * 'sasl_mechanism': Mechanismus welcher genutzt werden soll (siehe oben) * 'sasl_timeout': Zeitüberschreitung für Authentifizierung (in Sekunden) +// TRANSLATION MISSING +* 'sasl_fail': action to perform if authentication fails * 'sasl_username': Username (Nickname) * 'sasl_password': Passwort +// TRANSLATION MISSING +* 'sasl_key': path to private key (for mechanism 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== Verbindung zu Freenode mittels TOR/SASL herstellen diff --git a/doc/en/autogen/user/irc_options.asciidoc b/doc/en/autogen/user/irc_options.asciidoc index c8389533a..f0b434630 100644 --- a/doc/en/autogen/user/irc_options.asciidoc +++ b/doc/en/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** type: integer ** values: continue, reconnect, disconnect (default value: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** description: `file with ECC private key for mechanism "ecdsa-nist256p-challenge" ("%h" will be replaced by WeeChat home, "~/.weechat" by default)` +** type: string +** values: any string (default value: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** description: `mechanism for SASL authentication: "plain" for plain text password, "dh-blowfish" for blowfish crypted password, "dh-aes" for AES crypted password, "external" for authentication using client side SSL cert` +** description: `mechanism for SASL authentication: "plain" for plain text password, "ecdsa-nist256p-challenge" for key-based challenge authentication, "external" for authentication using client side SSL cert, "dh-blowfish" for blowfish crypted password (insecure, not recommended), "dh-aes" for AES crypted password (insecure, not recommended)` ** type: integer -** values: plain, dh-blowfish, dh-aes, external (default value: `plain`) +** values: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (default value: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** description: `password for SASL authentication (note: content is evaluated, see /help eval)` +** description: `password for SASL authentication; this option is not used for mechanisms "ecdsa-nist256p-challenge" and "external" (note: content is evaluated, see /help eval)` ** type: string ** values: any string (default value: `""`) @@ -584,7 +589,7 @@ ** values: 1 .. 3600 (default value: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** description: `username for SASL authentication (note: content is evaluated, see /help eval)` +** description: `username for SASL authentication; this option is not used for mechanism "external" (note: content is evaluated, see /help eval)` ** type: string ** values: any string (default value: `""`) diff --git a/doc/en/weechat_user.en.asciidoc b/doc/en/weechat_user.en.asciidoc index 75144d968..e66a0ae89 100644 --- a/doc/en/weechat_user.en.asciidoc +++ b/doc/en/weechat_user.en.asciidoc @@ -95,7 +95,7 @@ compile WeeChat. | libcurl4-gnutls-dev | | *yes* | URL transfer | zlib1g-dev | | *yes* | Compression of packets in relay plugin (weechat protocol), script plugin | libgcrypt20-dev | | *yes* | Secured data, IRC SASL authentication (DH-BLOWFISH/DH-AES), script plugin -| libgnutls28-dev | ≥ 2.2.0 | | SSL connection to IRC server, support of SSL in relay plugin +| libgnutls28-dev | ≥ 2.2.0 | | SSL connection to IRC server, support of SSL in relay plugin, IRC SASL authentication (ECDSA-NIST256P-CHALLENGE) | gettext | | | Internationalization (translation of messages; base language is English) | ca-certificates | | | Certificates for SSL connections | libaspell-dev or libenchant-dev | | | Aspell plugin @@ -2168,9 +2168,10 @@ For more information, look at http://www.oftc.net/oftc/NickServ/CertFP WeeChat supports SASL authentication, using different mechanisms: * 'plain': plain text password (default) +* 'ecdsa-nist256p-challenge': challenge with public/private key +* 'external': client side SSL cert * 'dh-blowfish': blowfish encrypted password * 'dh-aes': AES encrypted password -* 'external': client side SSL cert [NOTE] The "gcrypt" library is required when compiling WeeChat in order to use @@ -2180,8 +2181,10 @@ Options in servers are: * 'sasl_mechanism': mechanism to use (see above) * 'sasl_timeout': timeout (in seconds) for authentication +* 'sasl_fail': action to perform if authentication fails * 'sasl_username': username (nick) * 'sasl_password': password +* 'sasl_key': path to private key (for mechanism 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== Connect to Freenode with TOR/SASL diff --git a/doc/fr/autogen/user/irc_options.asciidoc b/doc/fr/autogen/user/irc_options.asciidoc index 62f2e408a..3dca8d85e 100644 --- a/doc/fr/autogen/user/irc_options.asciidoc +++ b/doc/fr/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** type: entier ** valeurs: continue, reconnect, disconnect (valeur par défaut: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** description: `fichier avec la clé privée ECC pour le mécanisme "ecdsa-nist256p-challenge" ("%h" sera remplacé par le répertoire de base WeeChat, par défaut : "~/.weechat")` +** type: chaîne +** valeurs: toute chaîne (valeur par défaut: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** description: `mécanisme pour l'authentification SASL : "plain" pour un mot de passe en clair, "dh-blowfish" pour un mot de passe chiffré avec blowfish, "dh-aes" pour un mot de passe chiffré avec AES, "external" pour une authentification en utilisant un certificat SSL côté client` +** description: `mécanisme pour l'authentification SASL : "plain" pour un mot de passe en clair, "ecdsa-nist256p-challenge" pour une authentification par challenge avec clé, "external" pour une authentification en utilisant un certificat SSL côté client, "dh-blowfish" pour un mot de passe chiffré avec blowfish (non sûr, non recommandé), "dh-aes" pour un mot de passe chiffré avec AES (non sûr, non recommandé)` ** type: entier -** valeurs: plain, dh-blowfish, dh-aes, external (valeur par défaut: `plain`) +** valeurs: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (valeur par défaut: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** description: `mot de passe pour l'authentification SASL (note : le contenu est évalué, voir /help eval)` +** description: `mot de passe pour l'authentification SASL ; cette option n'est pas utilisée pour les mécanismes "ecdsa-nist256p-challenge" et "external" (note : le contenu est évalué, voir /help eval)` ** type: chaîne ** valeurs: toute chaîne (valeur par défaut: `""`) @@ -584,7 +589,7 @@ ** valeurs: 1 .. 3600 (valeur par défaut: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** description: `nom d'utilisateur pour l'authentification SASL (note : le contenu est évalué, voir /help eval)` +** description: `nom d'utilisateur pour l'authentification SASL ; cette option n'est pas utilisée pour le mécanisme "external" (note : le contenu est évalué, voir /help eval)` ** type: chaîne ** valeurs: toute chaîne (valeur par défaut: `""`) diff --git a/doc/fr/weechat_user.fr.asciidoc b/doc/fr/weechat_user.fr.asciidoc index 2b132978c..de8579b0c 100644 --- a/doc/fr/weechat_user.fr.asciidoc +++ b/doc/fr/weechat_user.fr.asciidoc @@ -97,7 +97,7 @@ compiler WeeChat. | libcurl4-gnutls-dev | | *oui* | Transfert d'URL | zlib1g-dev | | *oui* | Compression des paquets dans l'extension relay (protocole weechat), extension script | libgcrypt20-dev | | *oui* | Données sécurisées, authentification IRC SASL (DH-BLOWFISH/DH-AES), extension script -| libgnutls28-dev | ≥ 2.2.0 | | Connexion SSL au serveur IRC, support SSL dans l'extension relay +| libgnutls28-dev | ≥ 2.2.0 | | Connexion SSL au serveur IRC, support SSL dans l'extension relay, authentification IRC SASL (ECDSA-NIST256P-CHALLENGE) | gettext | | | Internationalisation (traduction des messages; la langue de base est l'anglais) | ca-certificates | | | Certificats pour les connexions SSL | libaspell-dev ou libenchant-dev | | | Extension aspell @@ -2242,9 +2242,11 @@ WeeChat supporte l'authentification avec SASL, en utilisant différents mécanismes : * 'plain' : mot de passe en clair (par défaut) +// TRANSLATION MISSING +* 'ecdsa-nist256p-challenge' : challenge avec clé publique/privée +* 'external' : certificat SSL côté client * 'dh-blowfish' : mot de passe chiffré avec blowfish * 'dh-aes' : mot de passe chiffré avec AES -* 'external' : certificat SSL côté client [NOTE] La librairie "gcrypt" est requise lors de la compilation de WeeChat pour @@ -2254,8 +2256,11 @@ Les options dans le serveur sont : * 'sasl_mechanism' : mécanisme à utiliser (voir ci-dessus) * 'sasl_timeout' : délai d'attente maximum (en secondes) pour l'authentification +* 'sasl_fail' : action à effectuer si l'authentification échoue * 'sasl_username' : nom d'utilisateur (pseudo) * 'sasl_password' : mot de passe +* 'sasl_key' : chemin vers la clé privée (pour le mécanisme + 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== Connexion à Freenode avec TOR/SASL diff --git a/doc/it/autogen/user/irc_options.asciidoc b/doc/it/autogen/user/irc_options.asciidoc index 9f425da24..451a769d4 100644 --- a/doc/it/autogen/user/irc_options.asciidoc +++ b/doc/it/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** tipo: intero ** valori: continue, reconnect, disconnect (valore predefinito: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** descrizione: `file with ECC private key for mechanism "ecdsa-nist256p-challenge" ("%h" will be replaced by WeeChat home, "~/.weechat" by default)` +** tipo: stringa +** valori: qualsiasi stringa (valore predefinito: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** descrizione: `meccanismo per l'autenticazione SASL: "plain" per le password in chiaro, "dh-blowfish" per le password cifrate in blowfish, "dh-aes" per le password cifrate in AES "external" per l'autenticazione con certificati SSL lato client` +** descrizione: `mechanism for SASL authentication: "plain" for plain text password, "ecdsa-nist256p-challenge" for key-based challenge authentication, "external" for authentication using client side SSL cert, "dh-blowfish" for blowfish crypted password (insecure, not recommended), "dh-aes" for AES crypted password (insecure, not recommended)` ** tipo: intero -** valori: plain, dh-blowfish, dh-aes, external (valore predefinito: `plain`) +** valori: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (valore predefinito: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** descrizione: `password per l'autenticazione SASL (nota: il contenuto viene valutato, consultare /help eval)` +** descrizione: `password for SASL authentication; this option is not used for mechanisms "ecdsa-nist256p-challenge" and "external" (note: content is evaluated, see /help eval)` ** tipo: stringa ** valori: qualsiasi stringa (valore predefinito: `""`) @@ -584,7 +589,7 @@ ** valori: 1 .. 3600 (valore predefinito: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** descrizione: `nome utente per l'autenticazione SASL (nota: il contenuto viene valutato, consultare /help eval)` +** descrizione: `username for SASL authentication; this option is not used for mechanism "external" (note: content is evaluated, see /help eval)` ** tipo: stringa ** valori: qualsiasi stringa (valore predefinito: `""`) diff --git a/doc/it/weechat_user.it.asciidoc b/doc/it/weechat_user.it.asciidoc index b2af96bd3..575cb4193 100644 --- a/doc/it/weechat_user.it.asciidoc +++ b/doc/it/weechat_user.it.asciidoc @@ -112,7 +112,7 @@ compilare WeeChat. // TRANSLATION MISSING | libgcrypt20-dev | | *sì* | Secured data, IRC SASL authentication (DH-BLOWFISH/DH-AES), script plugin // TRANSLATION MISSING -| libgnutls28-dev | ≥ 2.2.0 | | Connessione SSL al server IRC, support of SSL in relay plugin +| libgnutls28-dev | ≥ 2.2.0 | | Connessione SSL al server IRC, support of SSL in relay plugin, IRC SASL authentication (ECDSA-NIST256P-CHALLENGE) | gettext | | | Internazionalizzazione (traduzione dei messaggi; la lingua base è l'inglese) | ca-certificates | | | Certificati per le connessioni SSL | libaspell-dev o libenchant-dev | | | Plugin aspell @@ -2278,10 +2278,12 @@ WeeChat supports SASL authentication, using different mechanisms: // TRANSLATION MISSING * 'plain': password in chiaro (default) // TRANSLATION MISSING +* 'ecdsa-nist256p-challenge': challenge with public/private key +* 'external': certificato SSL da lato client +// TRANSLATION MISSING * 'dh-blowfish': blowfish encrypted password // TRANSLATION MISSING * 'dh-aes': AES encrypted password -* 'external': certificato SSL da lato client [NOTE] La libreria "gcrypt" è richiesta per compilare WeeChat al fine di usare il @@ -2292,8 +2294,12 @@ Le opzioni nel server sono: // TRANSLATION MISSING * 'sasl_mechanism': meccanismo da usare (see above) * 'sasl_timeout': timeout (in secondi) per l'autenticazione +// TRANSLATION MISSING +* 'sasl_fail': action to perform if authentication fails * 'sasl_username': nome utente (nick) * 'sasl_password': password +// TRANSLATION MISSING +* 'sasl_key': path to private key (for mechanism 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== Connessione a Freenode con TOR/SASL diff --git a/doc/ja/autogen/user/irc_options.asciidoc b/doc/ja/autogen/user/irc_options.asciidoc index c8a6f6799..b0160aefb 100644 --- a/doc/ja/autogen/user/irc_options.asciidoc +++ b/doc/ja/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** タイプ: 整数 ** 値: continue, reconnect, disconnect (デフォルト値: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** 説明: `file with ECC private key for mechanism "ecdsa-nist256p-challenge" ("%h" will be replaced by WeeChat home, "~/.weechat" by default)` +** タイプ: 文字列 +** 値: 未制約文字列 (デフォルト値: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** 説明: `SASL 認証メカニズム: "plain" は平文パスワード、"dh-blowfish" は blowfish 暗号化パスワード、"dh-aes" は AES 暗号化パスワード、"external" はクライアント側の SSL 証明書を利用した認証` +** 説明: `mechanism for SASL authentication: "plain" for plain text password, "ecdsa-nist256p-challenge" for key-based challenge authentication, "external" for authentication using client side SSL cert, "dh-blowfish" for blowfish crypted password (insecure, not recommended), "dh-aes" for AES crypted password (insecure, not recommended)` ** タイプ: 整数 -** 値: plain, dh-blowfish, dh-aes, external (デフォルト値: `plain`) +** 値: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (デフォルト値: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** 説明: `SASL 認証のパスワード (注意: 値は評価されます、/help eval を参照してください)` +** 説明: `password for SASL authentication; this option is not used for mechanisms "ecdsa-nist256p-challenge" and "external" (note: content is evaluated, see /help eval)` ** タイプ: 文字列 ** 値: 未制約文字列 (デフォルト値: `""`) @@ -584,7 +589,7 @@ ** 値: 1 .. 3600 (デフォルト値: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** 説明: `SASL 認証のユーザ名 (注意: 値は評価されます、/help eval を参照してください)` +** 説明: `username for SASL authentication; this option is not used for mechanism "external" (note: content is evaluated, see /help eval)` ** タイプ: 文字列 ** 値: 未制約文字列 (デフォルト値: `""`) diff --git a/doc/ja/weechat_user.ja.asciidoc b/doc/ja/weechat_user.ja.asciidoc index 5506b1800..c9045018d 100644 --- a/doc/ja/weechat_user.ja.asciidoc +++ b/doc/ja/weechat_user.ja.asciidoc @@ -100,7 +100,8 @@ OS X では、http://brew.sh/[Homebrew] を使ってください: | libcurl4-gnutls-dev | | *必須* | URL 転送 | zlib1g-dev | | *必須* | relay プラグインでパケットを圧縮 (weechat プロトコル)、スクリプトプラグイン | libgcrypt20-dev | | *必須* | 保護データ、IRC SASL 認証 (DH-BLOWFISH/DH-AES)、スクリプトプラグイン -| libgnutls28-dev | ≥ 2.2.0 | | IRC サーバへの SSL 接続 +// TRANSLATION MISSING +| libgnutls28-dev | ≥ 2.2.0 | | IRC サーバへの SSL 接続, IRC SASL authentication (ECDSA-NIST256P-CHALLENGE) | gettext | | | 国際化 (メッセージの翻訳; ベース言語は英語です) | ca-certificates | | | SSL 接続に必要な証明書、relay プラグインで SSL サポート | libaspell-dev または libenchant-dev | | | aspell プラグイン @@ -2172,9 +2173,11 @@ $ openssl req -nodes -newkey rsa:2048 -keyout nick.pem -x509 -days 365 -out nick WeeChat は SASL 認証をサポートします、以下の認証メカニズムを利用できます: * 'plain': 平文パスワード (デフォルト) +// TRANSLATION MISSING +* 'ecdsa-nist256p-challenge': challenge with public/private key +* 'external': クライアント側 SSL 証明書 * 'dh-blowfish': blowfish 暗号パスワード * 'dh-aes': AES 暗号パスワード -* 'external': クライアント側 SSL 証明書 [NOTE] "dh-blowfish" メカニズムを利用する場合、"gcrypt" ライブラリが @@ -2184,8 +2187,12 @@ WeeChat のコンパイル時に必要です (<>を * 'sasl_mechanism': 利用する認証メカニズム (上記参照) * 'sasl_timeout': 認証時のタイムアウト (秒単位) +// TRANSLATION MISSING +* 'sasl_fail': action to perform if authentication fails * 'sasl_username': ユーザ名 (ニックネーム) * 'sasl_password': パスワード +// TRANSLATION MISSING +* 'sasl_key': path to private key (for mechanism 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== TOR/SASL を使って Freenode に接続する場合 diff --git a/doc/pl/autogen/user/irc_options.asciidoc b/doc/pl/autogen/user/irc_options.asciidoc index 76cdb0f19..a0f128a32 100644 --- a/doc/pl/autogen/user/irc_options.asciidoc +++ b/doc/pl/autogen/user/irc_options.asciidoc @@ -568,13 +568,18 @@ ** typ: liczba ** wartości: continue, reconnect, disconnect (domyślna wartość: `continue`) +* [[option_irc.server_default.sasl_key]] *irc.server_default.sasl_key* +** opis: `file with ECC private key for mechanism "ecdsa-nist256p-challenge" ("%h" will be replaced by WeeChat home, "~/.weechat" by default)` +** typ: ciąg +** wartości: dowolny ciąg (domyślna wartość: `""`) + * [[option_irc.server_default.sasl_mechanism]] *irc.server_default.sasl_mechanism* -** opis: `mechanizm autentykacji SASL: "plain" dla hasła w czystym tekście, "dh-blowfish" dla hasła szyfrowanego za pomocą blowfish, "dh-aes" dla hasła szyfrowanego za pomocą AES, "external" dla uwierzytelnienia za pomocą certyfikatu SSL po stronie klienta` +** opis: `mechanism for SASL authentication: "plain" for plain text password, "ecdsa-nist256p-challenge" for key-based challenge authentication, "external" for authentication using client side SSL cert, "dh-blowfish" for blowfish crypted password (insecure, not recommended), "dh-aes" for AES crypted password (insecure, not recommended)` ** typ: liczba -** wartości: plain, dh-blowfish, dh-aes, external (domyślna wartość: `plain`) +** wartości: plain, ecdsa-nist256p-challenge, external, dh-blowfish, dh-aes (domyślna wartość: `plain`) * [[option_irc.server_default.sasl_password]] *irc.server_default.sasl_password* -** opis: `hasło dla uwierzytelniania SASL (uwaga: zawartość jest przetwarzana, zobacz /help eval)` +** opis: `password for SASL authentication; this option is not used for mechanisms "ecdsa-nist256p-challenge" and "external" (note: content is evaluated, see /help eval)` ** typ: ciąg ** wartości: dowolny ciąg (domyślna wartość: `""`) @@ -584,7 +589,7 @@ ** wartości: 1 .. 3600 (domyślna wartość: `15`) * [[option_irc.server_default.sasl_username]] *irc.server_default.sasl_username* -** opis: `nazwa użytkownika dla uwierzytelniania SASL (uwaga: zawartość jest przetwarzana, zobacz /help eval)` +** opis: `username for SASL authentication; this option is not used for mechanism "external" (note: content is evaluated, see /help eval)` ** typ: ciąg ** wartości: dowolny ciąg (domyślna wartość: `""`) diff --git a/doc/pl/weechat_user.pl.asciidoc b/doc/pl/weechat_user.pl.asciidoc index d9251a3d1..297c93aef 100644 --- a/doc/pl/weechat_user.pl.asciidoc +++ b/doc/pl/weechat_user.pl.asciidoc @@ -101,7 +101,7 @@ WeeChat. | libcurl4-gnutls-dev | | *tak* | Transfer URL | zlib1g-dev | | *tak* | Kompresja pakietów we wtyczce relay (protokół weechat), wtyczka script | libgcrypt20-dev | | *tak* | Zabezpieczone dane, uwierzytelnianie IRC SASL (DH-BLOWFISH/DH-AES), wtyczka script -| libgnutls28-dev | ≥ 2.2.0 | | Połączenia SSL z serwerami IRC, wsparcie dla SSL we wtyczce relay +| libgnutls28-dev | ≥ 2.2.0 | | Połączenia SSL z serwerami IRC, wsparcie dla SSL we wtyczce relay, uwierzytelnianie IRC SASL (ECDSA-NIST256P-CHALLENGE) | gettext | | | Internacjonalizacja (tłumaczenie wiadomości; język bazowy to Angielski) | ca-certificates | | | Certyfikaty dla połączeń SSL | libaspell-dev or libenchant-dev | | | Wtyczka aspell @@ -2189,9 +2189,11 @@ Więcej informacji można znaleźć pod adresem: http://www.oftc.net/oftc/NickSe WeeChat wspiera uwierzytelnianie SASL, używając różnych mechanizmów: * 'plain': hasło w czystym tekście (domyślne) +// TRANSLATION MISSING +* 'ecdsa-nist256p-challenge': challenge with public/private key +* 'external': certyfikat SSL po stronie klienta * 'dh-blowfish': hasło zaszyfrowane algorytmem blowfish * 'dh-aes': hasło zaszyfrowane algorytmem AES -* 'external': certyfikat SSL po stronie klienta [NOTE] Biblioteka "gcrypt" jest wymagana podczas kompilacji WeeChat w celu dodania @@ -2201,8 +2203,12 @@ Opcje dla serwerów to: * 'sasl_mechanism': mechanizm do użycia (zobacz wyżej) * 'sasl_timeout': limit czasu (w sekundach) na uwierzytelnienie +// TRANSLATION MISSING +* 'sasl_fail': action to perform if authentication fails * 'sasl_username': nazwa użytkownika (nick) * 'sasl_password': hasło +// TRANSLATION MISSING +* 'sasl_key': path to private key (for mechanism 'ecdsa-nist256p-challenge') [[irc_tor_freenode]] ==== Połączenie z siecią Freenode za pomocą TOR/SASL diff --git a/po/cs.po b/po/cs.po index c6530eece..cae867b48 100644 --- a/po/cs.po +++ b/po/cs.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Jiri Golembiovsky \n" "Language-Team: weechat-dev \n" @@ -6692,18 +6692,37 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" +"heslo vyžadované klienty pro přístup k tomuto přesměrováni (prázdná hodnota " +"značí, že heslo není vyžadováno)" +#, fuzzy msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" +"heslo vyžadované klienty pro přístup k tomuto přesměrováni (prázdná hodnota " +"značí, že heslo není vyžadováno)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"cesta pro hledání pluginů (\"%h\" bude nahrazeno domácím adresářem WeeChat, " +"\"~/.weechat\" je výchozí)" msgid "timeout (in seconds) before giving up SASL authentication" msgstr "časový limit (v sekundách) před vzdaním SASL autentizace" @@ -7976,6 +7995,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: server \"%s\" pro přesměrování nenalezen" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: nemůžu číst soubor \"%s\"" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: nevalidní certifikát \"%s\", chyba: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: nemohu vytvořit rouru" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: nemohu vytvořit rouru" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: chyba při alokování nového serveru" @@ -8830,6 +8869,14 @@ msgstr "" msgid "tree of windows" msgstr "seznam oken" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sChyba: nemohu inicializovat plugin \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sChyba: nemůžu načist plugin \"%s\": %s" @@ -8869,10 +8916,6 @@ msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" "%sChyba: funkce \"%s\" nebyla v pluginu \"%s\" nalezena, načtení selhalo" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sChyba: nemohu inicializovat plugin \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%sChyba: nemohu načíst plugin \"%s\" (nedostatek paměti)" diff --git a/po/de.po b/po/de.po index e2caee5f6..67bd7da76 100644 --- a/po/de.po +++ b/po/de.po @@ -23,7 +23,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-12-28 13:06+0100\n" "Last-Translator: Nils Görs \n" "Language-Team: German <>\n" @@ -7628,10 +7628,13 @@ msgstr "" "multi-prefix, server-time, userhost-in-name (Beispiel: \"away-notify,multi-" "prefix\")" +#, fuzzy msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "Verfahren welches bei einer SASL Authentifizierung angewandt werden soll: " "\"plain\" Passwort wird im Klartext gesendet, \"dh-blowfish\" Passwort wird " @@ -7639,18 +7642,31 @@ msgstr "" "verschlüsselt, \"external\" SSL Zertifikat welches auf Client Seite " "vorliegt, wird verwendet" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" -msgstr "" -"Username für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, siehe /" -"help eval)" - -msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" "Passwort für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, siehe /" "help eval)" +#, fuzzy +msgid "" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" +"Passwort für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, siehe /" +"help eval)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"Suchpfad für Erweiterungen (\"%h\"' wird durch das WeeChat-Basisverzeichnis " +"ersetzt, voreingestellt ist \"~/.weechat\")" + msgid "timeout (in seconds) before giving up SASL authentication" msgstr "" "Zeitüberschreitung bis zum Abbruch der SASL Authentifizierung (in Sekunden)" @@ -9106,6 +9122,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: Server \"%s\" für eine Weiterleitung wurde nicht gefunden" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: Datei \"%s\" kann nicht gelesen werden" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: ungültiges Zertifikat \"%s\". Fehler: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: Pipe kann nicht erstellt werden: Fehler %d %s" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: Adresse kann nicht ausgewertet werden: Fehler %d %s" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: Neuer Server konnte nicht alloziert werden" @@ -9945,6 +9981,14 @@ msgstr "Scroll-Info in Fenstern" msgid "tree of windows" msgstr "Baumstruktur der Fenster" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sFehler: Erweiterung \"%s\" kann nicht initialisiert werden" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sFehler: kann Erweiterung \"%s\" nicht installieren: %s" @@ -9991,10 +10035,6 @@ msgstr "" "%sFehler: Funktion \"%s\" nicht in Erweiterung \"%s\" gefunden. Installation " "fehlgeschlagen" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sFehler: Erweiterung \"%s\" kann nicht initialisiert werden" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" @@ -12324,3 +12364,10 @@ msgstr "%s%s: Zeitüberschreitung für \"%s\" mit %s" msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "" "%s%s: Verbindung konnte nicht hergestellt werden: unerwarteter Fehler (%d)" + +#~ msgid "" +#~ "username for SASL authentication (note: content is evaluated, see /help " +#~ "eval)" +#~ msgstr "" +#~ "Username für SASL Authentifikation (Hinweis: Inhalt wird evaluiert, " +#~ "siehe /help eval)" diff --git a/po/es.po b/po/es.po index d90534c90..0536f1886 100644 --- a/po/es.po +++ b/po/es.po @@ -22,7 +22,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Elián Hanisch \n" "Language-Team: weechat-dev \n" @@ -6937,21 +6937,40 @@ msgstr "" #, fuzzy msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "mecanismo de autenticación SASL: \"plain\" para contraseñas en texto plano, " "\"dh-blowfish\" para contraseña encriptada, \"external\" para autentificar " "utilizando un certificado SSL del cliente" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" +"los clientes requieren una clave para acceder este repetidor (sin valor " +"significa que no se requiere clave)" +#, fuzzy msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" +"los clientes requieren una clave para acceder este repetidor (sin valor " +"significa que no se requiere clave)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"ruta para encontrar plugins (\"%h\" será reemplazado por el directorio raíz " +"de WeeChat, \"~/.weechat\" por defecto)" msgid "timeout (in seconds) before giving up SASL authentication" msgstr "" @@ -8266,6 +8285,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: servidor \"%s\" no encontrado para la redirección" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: no es posible leer el archivo \"%s\"" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: certificado \"%s\" inválido, error: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: no es posible crear la tubería" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: no es posible crear la tubería" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: no hay suficiente memoria para crear el nuevo servidor" @@ -9114,6 +9153,14 @@ msgstr "información de desplazamiento en ventada" msgid "tree of windows" msgstr "árbol de ventanas" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sError: no ha sido posible inicializar el plugin \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sError: no ha sido posible cargar el plugin \"%s\": %s" @@ -9155,10 +9202,6 @@ msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" "%sError: función \"%s\" no encontrada en el plugin \"%s\", no se puede cargar" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sError: no ha sido posible inicializar el plugin \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" diff --git a/po/fr.po b/po/fr.po index 09e3bb71f..50c014afe 100644 --- a/po/fr.po +++ b/po/fr.po @@ -21,8 +21,8 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" -"PO-Revision-Date: 2014-12-28 10:53+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" +"PO-Revision-Date: 2015-01-19 23:46+0100\n" "Last-Translator: Sébastien Helleu \n" "Language-Team: weechat-dev \n" "Language: fr\n" @@ -7465,26 +7465,43 @@ msgstr "" "server-time, userhost-in-names (exemple : \"away-notify,multi-prefix\")" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "mécanisme pour l'authentification SASL : \"plain\" pour un mot de passe en " -"clair, \"dh-blowfish\" pour un mot de passe chiffré avec blowfish, \"dh-aes" -"\" pour un mot de passe chiffré avec AES, \"external\" pour une " -"authentification en utilisant un certificat SSL côté client" +"clair, \"ecdsa-nist256p-challenge\" pour une authentification par challenge " +"avec clé, \"external\" pour une authentification en utilisant un certificat " +"SSL côté client, \"dh-blowfish\" pour un mot de passe chiffré avec blowfish " +"(non sûr, non recommandé), \"dh-aes\" pour un mot de passe chiffré avec AES " +"(non sûr, non recommandé)" msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" -"nom d'utilisateur pour l'authentification SASL (note : le contenu est " -"évalué, voir /help eval)" +"nom d'utilisateur pour l'authentification SASL ; cette option n'est pas " +"utilisée pour le mécanisme \"external\" (note : le contenu est évalué, voir /" +"help eval)" msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" -"mot de passe pour l'authentification SASL (note : le contenu est évalué, " -"voir /help eval)" +"mot de passe pour l'authentification SASL ; cette option n'est pas utilisée " +"pour les mécanismes \"ecdsa-nist256p-challenge\" et \"external\" (note : le " +"contenu est évalué, voir /help eval)" + +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"fichier avec la clé privée ECC pour le mécanisme \"ecdsa-nist256p-challenge" +"\" (\"%h\" sera remplacé par le répertoire de base WeeChat, par défaut : " +"\"~/.weechat\")" msgid "timeout (in seconds) before giving up SASL authentication" msgstr "" @@ -8872,6 +8889,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s : serveur \"%s\" non trouvé pour la redirection" +#, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s : impossible de lire la clé privée dans le fichier \"%s\"" + +#, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls : fichier de clé privée invalide : erreur %d %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "%s%s : signature du challenge avec la clé publique ECC : %s" + +#, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%sgnutls : impossible d'importer la clé privée : erreur %d %s" + +#, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%sgnutls : impossible de signer les données hachées : erreur %d %s" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s : impossible d'allouer un nouveau serveur" @@ -9698,6 +9735,14 @@ msgstr "info de défilement dans la fenêtre" msgid "tree of windows" msgstr "arbre des fenêtres" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sErreur : impossible d'initialiser l'extension \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sErreur : impossible de charger l'extension \"%s\" : %s" @@ -9743,10 +9788,6 @@ msgstr "" "%sErreur : la fonction \"%s\" n'existe pas dans l'extension \"%s\", échec de " "chargement" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sErreur : impossible d'initialiser l'extension \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" @@ -12060,3 +12101,10 @@ msgstr "%s%s : délai d'attente dépassé pour \"%s\" avec %s" #, c-format msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s : impossible de se connecter : erreur inattendue (%d)" + +#~ msgid "" +#~ "username for SASL authentication (note: content is evaluated, see /help " +#~ "eval)" +#~ msgstr "" +#~ "nom d'utilisateur pour l'authentification SASL (note : le contenu est " +#~ "évalué, voir /help eval)" diff --git a/po/hu.po b/po/hu.po index 07664c7ff..24710cc72 100644 --- a/po/hu.po +++ b/po/hu.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Andras Voroskoi \n" "Language-Team: weechat-dev \n" @@ -6184,19 +6184,32 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"modulok elérési útvonala ('%h' helyére automatikusan a WeeChat saját " +"könyvtára, alapértelmezésben ~/.weechat, kerül)" + #, fuzzy msgid "timeout (in seconds) before giving up SASL authentication" msgstr "SSL használata a a kapcsolathoz" @@ -7411,6 +7424,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s a \"%s\" szerver nem található\n" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s DCC: nem sikerült a csövet létrehozni\n" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s DCC: nem sikerült a csövet létrehozni\n" + #, fuzzy, c-format msgid "%s%s: error when allocating new server" msgstr "%s az új szerver lefoglalása sikertelen\n" @@ -8215,6 +8248,14 @@ msgstr "" msgid "tree of windows" msgstr "Mellőzések listája:\n" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, fuzzy, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%s nem sikerült a modult betölteni \"%s\"\n" + #, fuzzy, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%s nem sikerült a modult betölteni \"%s\": %s\n" @@ -8254,10 +8295,6 @@ msgstr "" "%s a \"weechat_plugin_init\" függvény nem található a \"%s\" modulban, " "betöltés sikertelen\n" -#, fuzzy, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%s nem sikerült a modult betölteni \"%s\"\n" - #, fuzzy, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%s nem sikerült a modult betölteni \"%s\" (nincs elég memória)\n" diff --git a/po/it.po b/po/it.po index aba735dc4..d2fe0c37e 100644 --- a/po/it.po +++ b/po/it.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Esteban I. Ruiz Moreno \n" "Language-Team: weechat-dev \n" @@ -7077,28 +7077,44 @@ msgid "" "multi-prefix\")" msgstr "" +#, fuzzy msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "meccanismo per l'autenticazione SASL: \"plain\" per le password in chiaro, " "\"dh-blowfish\" per le password cifrate in blowfish, \"dh-aes\" per le " "password cifrate in AES \"external\" per l'autenticazione con certificati " "SSL lato client" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" -msgstr "" -"nome utente per l'autenticazione SASL (nota: il contenuto viene valutato, " -"consultare /help eval)" - -msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" "password per l'autenticazione SASL (nota: il contenuto viene valutato, " "consultare /help eval)" +#, fuzzy +msgid "" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" +"password per l'autenticazione SASL (nota: il contenuto viene valutato, " +"consultare /help eval)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"path per la ricerca dei plugin (\"%h\" sarà sostituito dalla home di " +"WeeChat, \"~/.weechat come predefinita)" + msgid "timeout (in seconds) before giving up SASL authentication" msgstr "timeout (in secondi) prima di annullare l'autenticazione SASL" @@ -8423,6 +8439,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: server \"%s\" non trovato per la redirezione" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: impossibile leggere il file \"%s\"" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: certificato \"%s\" non valido, errore: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: impossibile creare la pipe: errore %d %s" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: impossibile creare la pipe: errore %d %s" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: errore durante l'allocazione del nuovo server" @@ -9262,6 +9298,14 @@ msgstr "scorrimento delle info nella finestra" msgid "tree of windows" msgstr "albero delle finestre" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sErrore: impossibile inizializzare il plugin \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sErrore: impossibile caricare il plugin \"%s\": %s" @@ -9305,10 +9349,6 @@ msgstr "" "%sErrore: funzione \"%s\" non trovata nel plugin \"%s\", impossibile " "caricarlo" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sErrore: impossibile inizializzare il plugin \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" @@ -11356,3 +11396,10 @@ msgstr "%s%s: timeout per \"%s\" con %s" #, fuzzy, c-format msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: impossibile connettersi al mittente" + +#~ msgid "" +#~ "username for SASL authentication (note: content is evaluated, see /help " +#~ "eval)" +#~ msgstr "" +#~ "nome utente per l'autenticazione SASL (nota: il contenuto viene valutato, " +#~ "consultare /help eval)" diff --git a/po/ja.po b/po/ja.po index ff3aa7ae2..914dc408d 100644 --- a/po/ja.po +++ b/po/ja.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2015-01-02 09:23+0900\n" "Last-Translator: AYANOKOUZI, Ryuunosuke \n" "Language-Team: Japanese \n" @@ -40,11 +40,11 @@ msgid "max chars" msgstr "最大文字数" msgid "" -"a WeeChat color name (default, black, (dark)gray, white, (light)red, (light)" -"green, brown, yellow, (light)blue, (light)magenta, (light)cyan), a terminal " -"color number or an alias; attributes are allowed before color (for text " -"color only, not background): \"*\" for bold, \"!\" for reverse, \"/\" for " -"italic, \"_\" for underline" +"a WeeChat color name (default, black, (dark)gray, white, (light)red, " +"(light)green, brown, yellow, (light)blue, (light)magenta, (light)cyan), a " +"terminal color number or an alias; attributes are allowed before color (for " +"text color only, not background): \"*\" for bold, \"!\" for reverse, \"/\" " +"for italic, \"_\" for underline" msgstr "" "WeeChat の色名 (default、black、(dark)gray、white、(light)red、(light)green、" "brown、yellow、(light)blue、(light)magenta、(light)cyan) 、ターミナル色番号ま" @@ -5963,8 +5963,8 @@ msgstr "" " - 内部サーバ名 (/server add で作成されたもの、利用推奨)\n" " - ホスト名/ポート番号又は IP アドレス/ポート番号、デフォルトの" "ポート番号は 6667\n" -" - 次のフォーマットに従う URL: irc[6][s]://[nickname[:password]@]" -"irc.example.org[:port][/#channel1][,#channel2[...]]\n" +" - 次のフォーマットに従う URL: irc[6][s]://[nickname[:" +"password]@]irc.example.org[:port][/#channel1][,#channel2[...]]\n" " 注意: アドレス/IP/URL を指定した場合、サーバを一時的に作ります " "(保存しません)、/help irc.look.temporary_servers を参照してください。\n" " option: サーバに関するオプション (ブール型オプションでは、value は無視さ" @@ -7172,25 +7172,41 @@ msgstr "" "ト; WeeChat で利用できる機能: away-notify、extended-join、multi-prefix、" "server-time、userhost-in-names (例: \"away-notify,multi-prefix\")" +#, fuzzy msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "SASL 認証メカニズム: \"plain\" は平文パスワード、\"dh-blowfish\" は blowfish " "暗号化パスワード、\"dh-aes\" は AES 暗号化パスワード、\"external\" はクライア" "ント側の SSL 証明書を利用した認証" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" -msgstr "" -"SASL 認証のユーザ名 (注意: 値は評価されます、/help eval を参照してください)" - -msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" "SASL 認証のパスワード (注意: 値は評価されます、/help eval を参照してください)" +#, fuzzy +msgid "" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" +"SASL 認証のパスワード (注意: 値は評価されます、/help eval を参照してください)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"プラグイン検索パス (\"%h\" は WeeChat ホームに置換される、デフォルトでは " +"\"~/.weechat\")" + msgid "timeout (in seconds) before giving up SASL authentication" msgstr "SASL 認証を諦める前のタイムアウト (秒単位)" @@ -8530,6 +8546,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: リダイレクトサーバ \"%s\" が見つかりません" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: ファイル \"%s\" を読み込めません" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: 無効な証明書 \"%s\"、エラー: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: パイプを作成できません: エラー %d %s" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: アドレスを解決できません: エラー %d %s" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: 新しいサーバの割り当て中にエラー" @@ -9332,6 +9368,14 @@ msgstr "ウィンドウ内のスクロール情報" msgid "tree of windows" msgstr "ウィンドウツリー" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sエラー: プラグイン \"%s\" の初期化に失敗" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sエラー: プラグイン \"%s\" のロードに失敗: %s" @@ -9373,10 +9417,6 @@ msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" "%sエラー: 関数 \"%s\" がプラグイン \"%s\" の中に見つかりません、ロード失敗" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sエラー: プラグイン \"%s\" の初期化に失敗" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%sエラー: プラグイン \"%s\" のロードに失敗 (メモリ不足)" @@ -10950,8 +10990,8 @@ msgid "" "Examples (you can also look at default triggers with /trigger listdefault):\n" " add text attributes *bold*, _underline_ and /italic/ (only in user " "messages):\n" -" /trigger add effects modifier weechat_print \"${tg_tag_nick}\" \"==\\*" -"(\\S+)\\*==*${color:bold}${re:1}${color:-bold}*== ==_(\\S+)_==_${color:" +" /trigger add effects modifier weechat_print \"${tg_tag_nick}\" \"==" +"\\*(\\S+)\\*==*${color:bold}${re:1}${color:-bold}*== ==_(\\S+)_==_${color:" "underline}${re:1}${color:-underline}_== ==/(\\S+)/==/${color:" "italic}${re:1}${color:-italic}/\"\n" " hide nicklist bar on small terminals:\n" @@ -11027,8 +11067,8 @@ msgstr "" "\n" "例 (/trigger listdefault でデフォルトトリガを見ることができます):\n" " テキスト属性 *太字*、_下線_、/イタリック/ を追加 (ユーザメッセージのみ):\n" -" /trigger add effects modifier weechat_print \"${tg_tag_nick}\" \"==\\*" -"(\\S+)\\*==*${color:bold}${re:1}${color:-bold}*== ==_(\\S+)_==_${color:" +" /trigger add effects modifier weechat_print \"${tg_tag_nick}\" \"==" +"\\*(\\S+)\\*==*${color:bold}${re:1}${color:-bold}*== ==_(\\S+)_==_${color:" "underline}${re:1}${color:-underline}_== ==/(\\S+)/==/${color:" "italic}${re:1}${color:-italic}/\"\n" " 狭い端末ではニックネームリストバーを隠す:\n" @@ -11598,3 +11638,10 @@ msgstr "%s%s: \"%s\" のタイムアウト %s" #, c-format msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: 接続できません: 未定義のエラー (%d)" + +#~ msgid "" +#~ "username for SASL authentication (note: content is evaluated, see /help " +#~ "eval)" +#~ msgstr "" +#~ "SASL 認証のユーザ名 (注意: 値は評価されます、/help eval を参照してくださ" +#~ "い)" diff --git a/po/pl.po b/po/pl.po index 96b5b0ef1..df3e65553 100644 --- a/po/pl.po +++ b/po/pl.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-12-26 19:51+0100\n" "Last-Translator: Krzysztof Korościk \n" "Language-Team: weechat-dev \n" @@ -7323,28 +7323,44 @@ msgstr "" "multi-prefix, server-time, userhost-in-names (przykład: \"away-notify,multi-" "prefix\")" +#, fuzzy msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" "mechanizm autentykacji SASL: \"plain\" dla hasła w czystym tekście, \"dh-" "blowfish\" dla hasła szyfrowanego za pomocą blowfish, \"dh-aes\" dla hasła " "szyfrowanego za pomocą AES, \"external\" dla uwierzytelnienia za pomocą " "certyfikatu SSL po stronie klienta" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" -msgstr "" -"nazwa użytkownika dla uwierzytelniania SASL (uwaga: zawartość jest " -"przetwarzana, zobacz /help eval)" - -msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" "hasło dla uwierzytelniania SASL (uwaga: zawartość jest przetwarzana, zobacz /" "help eval)" +#, fuzzy +msgid "" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" +"hasło dla uwierzytelniania SASL (uwaga: zawartość jest przetwarzana, zobacz /" +"help eval)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"ścieżka wyszukiwania wtyczek (\"%h\" zostanie zastąpione katalogiem domowym " +"WeeChat - domyślnie \"~/.weechat\")" + msgid "timeout (in seconds) before giving up SASL authentication" msgstr "" "czas oczekiwania (w sekundach) przed zaprzestaniem uwierzytelniania SASL" @@ -8712,6 +8728,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: serwer \"%s\" nie został znaleziony dla przekierowania" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: nie można odczytać pliku \"%s\"" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: błędny certyfikat \"%s\", błąd: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: nie można utworzyć strumienia: błąd %d %s" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: nie można zinterpretować adresu: błąd %d %s" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: błąd podczas przydzielania nowego serwera" @@ -9519,6 +9555,14 @@ msgstr "informacje o przewijaniu w oknie" msgid "tree of windows" msgstr "drzewo okien" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sBłąd: nie można zainicjować wtyczki \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sBłąd: nie można załadować wtyczki \"%s\": %s" @@ -9563,10 +9607,6 @@ msgstr "" "%sBłąd: funkcja \"%s\" nie znaleziona we wtyczce \"%s\", nie udało się " "załadować" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sBłąd: nie można zainicjować wtyczki \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%sBłąd: nie można załadować wtyczki \"%s\" (za mało pamięci)" @@ -11819,3 +11859,10 @@ msgstr "%s%s: przekroczono czas na \"%s\" z %s" #, c-format msgid "%s%s: unable to connect: unexpected error (%d)" msgstr "%s%s: nie można połączyć: niespodziewany błąd (%d)" + +#~ msgid "" +#~ "username for SASL authentication (note: content is evaluated, see /help " +#~ "eval)" +#~ msgstr "" +#~ "nazwa użytkownika dla uwierzytelniania SASL (uwaga: zawartość jest " +#~ "przetwarzana, zobacz /help eval)" diff --git a/po/pt_BR.po b/po/pt_BR.po index 7ad6a373a..2c557f5ec 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Sergio Durigan Junior \n" "Language-Team: weechat-dev \n" @@ -6433,18 +6433,37 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" +#, fuzzy msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" +"senha necessária para clientes acessarem este relay (vazio significa que " +"nenhuma senha é necessária)" +#, fuzzy msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" +"senha necessária para clientes acessarem este relay (vazio significa que " +"nenhuma senha é necessária)" + +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"caminho para a busca por plugins (\"%h\" será substituído pelo diretório do " +"WeeChat, \"~/.weechat/\" por padrão)" msgid "timeout (in seconds) before giving up SASL authentication" msgstr "limite de tempo (sem segundos) antes de desistir da autenticação SASL" @@ -7674,6 +7693,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s%s: servidor \"%s\" não encontrado para redirecionamento" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%s%s: não foi possível ler arquivo \"%s\"" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%sgnutls: certificado \"%s\" inválido, erro: %s" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s%s: não foi possível criar pipe" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s%s: não foi possível criar pipe" + #, c-format msgid "%s%s: error when allocating new server" msgstr "%s%s: erro ao alocar novo servidor" @@ -8490,6 +8529,14 @@ msgstr "rolar informação na janela" msgid "tree of windows" msgstr "árvore de janelas" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%sErro: não foi possível inicializar plugin \"%s\"" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%sErro: não foi possível carregar plugin \"%s\": %s" @@ -8531,10 +8578,6 @@ msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" "%sErro: função \"%s\" não encontrada no plugin \"%s\", falhou ao carregar" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%sErro: não foi possível inicializar plugin \"%s\"" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%sErro: não foi possível carregar plugin \"%s\" (memória insuficiente)" diff --git a/po/ru.po b/po/ru.po index 4a181d174..b713db6b1 100644 --- a/po/ru.po +++ b/po/ru.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-11-09 16:23+0100\n" "Last-Translator: Aleksey V Zapparov AKA ixti \n" "Language-Team: weechat-dev \n" @@ -6210,19 +6210,32 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" msgstr "" +#, fuzzy +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" +msgstr "" +"путь поиска pluginов ('%h' заменяется на домашний каталог WeeChat, по " +"умолчанию - ~/.weechat)" + #, fuzzy msgid "timeout (in seconds) before giving up SASL authentication" msgstr "использовать SSL при связи с сервером" @@ -7444,6 +7457,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "%s сервер \"%s\" не найден\n" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "Не могу записать лог-файл \"%s\"\n" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "Не могу записать лог-файл \"%s\"\n" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, fuzzy, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "%s DCC: не могу создать pipe\n" + +#, fuzzy, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "%s DCC: не могу создать pipe\n" + #, fuzzy, c-format msgid "%s%s: error when allocating new server" msgstr "%s не могу расположить новый сервер\n" @@ -8244,6 +8277,14 @@ msgstr "" msgid "tree of windows" msgstr "Список игнорирования:\n" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, fuzzy, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "%s не могу инициализировать plugin \"%s\"\n" + #, fuzzy, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "%s не могу загрузить plugin \"%s\": %s\n" @@ -8282,10 +8323,6 @@ msgstr "" "%s функция \"weechat_plugin_init\" не найдена в plugin'е \"%s\", загрузка не " "удалась\n" -#, fuzzy, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "%s не могу инициализировать plugin \"%s\"\n" - #, fuzzy, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "%s не могу загрузить plugin \"%s\" (недостаточно памяти)\n" diff --git a/po/tr.po b/po/tr.po index d9ea1c3a1..5524bc955 100644 --- a/po/tr.po +++ b/po/tr.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-07-25 07:50+0200\n" "Last-Translator: Hasan Kiran \n" "Language-Team: weechat-dev \n" @@ -5533,17 +5533,27 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" + +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" msgstr "" msgid "timeout (in seconds) before giving up SASL authentication" @@ -6668,6 +6678,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "" +#, fuzzy, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "%sHata: dosya \"%s\" oluşturulamaz" + +#, fuzzy, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "%s%s: \"%s\" adresi bulunamadı" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "" + +#, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "" + #, c-format msgid "%s%s: error when allocating new server" msgstr "" @@ -7401,6 +7431,14 @@ msgstr "" msgid "tree of windows" msgstr "" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "" @@ -7434,10 +7472,6 @@ msgstr "" msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" diff --git a/po/weechat.pot b/po/weechat.pot index 0e8747f05..f50ef4fcb 100644 --- a/po/weechat.pot +++ b/po/weechat.pot @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: flashcode@flashtux.org\n" -"POT-Creation-Date: 2014-12-28 10:50+0100\n" +"POT-Creation-Date: 2015-01-19 23:45+0100\n" "PO-Revision-Date: 2014-08-16 10:27+0200\n" "Last-Translator: Sébastien Helleu \n" "Language-Team: weechat-dev \n" @@ -5469,17 +5469,27 @@ msgid "" msgstr "" msgid "" -"mechanism for SASL authentication: \"plain\" for plain text password, \"dh-" -"blowfish\" for blowfish crypted password, \"dh-aes\" for AES crypted " -"password, \"external\" for authentication using client side SSL cert" +"mechanism for SASL authentication: \"plain\" for plain text password, " +"\"ecdsa-nist256p-challenge\" for key-based challenge authentication, " +"\"external\" for authentication using client side SSL cert, \"dh-blowfish\" " +"for blowfish crypted password (insecure, not recommended), \"dh-aes\" for " +"AES crypted password (insecure, not recommended)" msgstr "" msgid "" -"username for SASL authentication (note: content is evaluated, see /help eval)" +"username for SASL authentication; this option is not used for mechanism " +"\"external\" (note: content is evaluated, see /help eval)" msgstr "" msgid "" -"password for SASL authentication (note: content is evaluated, see /help eval)" +"password for SASL authentication; this option is not used for mechanisms " +"\"ecdsa-nist256p-challenge\" and \"external\" (note: content is evaluated, " +"see /help eval)" +msgstr "" + +msgid "" +"file with ECC private key for mechanism \"ecdsa-nist256p-challenge\" (\"%h\" " +"will be replaced by WeeChat home, \"~/.weechat\" by default)" msgstr "" msgid "timeout (in seconds) before giving up SASL authentication" @@ -6604,6 +6614,26 @@ msgstr "" msgid "%s%s: server \"%s\" not found for redirect" msgstr "" +#, c-format +msgid "%s%s: unable to read private key in file \"%s\"" +msgstr "" + +#, c-format +msgid "%sgnutls: invalid private key file: error %d %s" +msgstr "" + +#, c-format +msgid "%s%s: signing the challenge with ECC public key: %s" +msgstr "" + +#, c-format +msgid "%sgnutls: unable to import the private key: error %d %s" +msgstr "" + +#, c-format +msgid "%sgnutls: unable to sign the hashed data: error %d %s" +msgstr "" + #, c-format msgid "%s%s: error when allocating new server" msgstr "" @@ -7337,6 +7367,14 @@ msgstr "" msgid "tree of windows" msgstr "" +#, c-format +msgid "Initializing plugin \"%s\" (priority: %d)" +msgstr "" + +#, c-format +msgid "%sError: unable to initialize plugin \"%s\"" +msgstr "" + #, c-format msgid "%sError: unable to load plugin \"%s\": %s" msgstr "" @@ -7370,10 +7408,6 @@ msgstr "" msgid "%sError: function \"%s\" not found in plugin \"%s\", failed to load" msgstr "" -#, c-format -msgid "%sError: unable to initialize plugin \"%s\"" -msgstr "" - #, c-format msgid "%sError: unable to load plugin \"%s\" (not enough memory)" msgstr "" diff --git a/src/plugins/irc/irc-command.c b/src/plugins/irc/irc-command.c index 42c49a018..cabe44bbb 100644 --- a/src/plugins/irc/irc-command.c +++ b/src/plugins/irc/irc-command.c @@ -4477,6 +4477,14 @@ irc_command_display_server (struct t_irc_server *server, int with_detail) weechat_printf (NULL, " sasl_password. . . . : %s%s", IRC_COLOR_CHAT_VALUE, _("(hidden)")); + /* sasl_key */ + if (weechat_config_option_is_null (server->options[IRC_SERVER_OPTION_SASL_KEY])) + weechat_printf (NULL, " sasl_key. . . . . . : ('%s')", + IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_KEY)); + else + weechat_printf (NULL, " sasl_key. . . . . . : %s'%s'", + IRC_COLOR_CHAT_VALUE, + weechat_config_string (server->options[IRC_SERVER_OPTION_SASL_KEY])); /* sasl_timeout */ if (weechat_config_option_is_null (server->options[IRC_SERVER_OPTION_SASL_TIMEOUT])) weechat_printf (NULL, " sasl_timeout . . . . : (%d %s)", diff --git a/src/plugins/irc/irc-config.c b/src/plugins/irc/irc-config.c index f3e12056e..4d1154216 100644 --- a/src/plugins/irc/irc-config.c +++ b/src/plugins/irc/irc-config.c @@ -1723,11 +1723,18 @@ irc_config_server_new_option (struct t_config_file *config_file, new_option = weechat_config_new_option ( config_file, section, option_name, "integer", - N_("mechanism for SASL authentication: \"plain\" for plain text " - "password, \"dh-blowfish\" for blowfish crypted password, " - "\"dh-aes\" for AES crypted password, \"external\" " - "for authentication using client side SSL cert"), - "plain|dh-blowfish|dh-aes|external", 0, 0, + N_("mechanism for SASL authentication: " + "\"plain\" for plain text password, " + "\"ecdsa-nist256p-challenge\" for key-based " + "challenge authentication, " + "\"external\" for authentication using client side SSL " + "cert, " + "\"dh-blowfish\" for blowfish crypted password " + "(insecure, not recommended), " + "\"dh-aes\" for AES crypted password " + "(insecure, not recommended)"), + "plain|ecdsa-nist256p-challenge|external|dh-blowfish|dh-aes", + 0, 0, default_value, value, null_value_allowed, callback_check_value, callback_check_value_data, @@ -1738,7 +1745,8 @@ irc_config_server_new_option (struct t_config_file *config_file, new_option = weechat_config_new_option ( config_file, section, option_name, "string", - N_("username for SASL authentication " + N_("username for SASL authentication; this option is not used " + "for mechanism \"external\" " "(note: content is evaluated, see /help eval)"), NULL, 0, 0, default_value, value, @@ -1751,7 +1759,9 @@ irc_config_server_new_option (struct t_config_file *config_file, new_option = weechat_config_new_option ( config_file, section, option_name, "string", - N_("password for SASL authentication " + N_("password for SASL authentication; this option is not used " + "for mechanisms \"ecdsa-nist256p-challenge\" and " + "\"external\" " "(note: content is evaluated, see /help eval)"), NULL, 0, 0, default_value, value, @@ -1760,6 +1770,21 @@ irc_config_server_new_option (struct t_config_file *config_file, callback_change, callback_change_data, NULL, NULL); break; + case IRC_SERVER_OPTION_SASL_KEY: + new_option = weechat_config_new_option ( + config_file, section, + option_name, "string", + N_("file with ECC private key for mechanism " + "\"ecdsa-nist256p-challenge\" " + "(\"%h\" will be replaced by WeeChat home, " + "\"~/.weechat\" by default)"), + NULL, 0, 0, + default_value, value, + null_value_allowed, + callback_check_value, callback_check_value_data, + callback_change, callback_change_data, + NULL, NULL); + break; case IRC_SERVER_OPTION_SASL_TIMEOUT: new_option = weechat_config_new_option ( config_file, section, diff --git a/src/plugins/irc/irc-protocol.c b/src/plugins/irc/irc-protocol.c index 026e20359..246b180e6 100644 --- a/src/plugins/irc/irc-protocol.c +++ b/src/plugins/irc/irc-protocol.c @@ -205,6 +205,7 @@ IRC_PROTOCOL_CALLBACK(authenticate) { int sasl_mechanism; char *sasl_username, *sasl_password, *answer; + const char *sasl_key; IRC_PROTOCOL_MIN_ARGS(2); @@ -218,26 +219,28 @@ IRC_PROTOCOL_CALLBACK(authenticate) sasl_password = weechat_string_eval_expression ( IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_PASSWORD), NULL, NULL, NULL); + sasl_key = IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_KEY); answer = NULL; switch (sasl_mechanism) { - case IRC_SASL_MECHANISM_DH_BLOWFISH: - answer = irc_sasl_mechanism_dh_blowfish (argv_eol[1], - sasl_username, - sasl_password); + case IRC_SASL_MECHANISM_PLAIN: + answer = irc_sasl_mechanism_plain (sasl_username, + sasl_password); break; - case IRC_SASL_MECHANISM_DH_AES: - answer = irc_sasl_mechanism_dh_aes (argv_eol[1], - sasl_username, - sasl_password); + case IRC_SASL_MECHANISM_ECDSA_NIST256P_CHALLENGE: + answer = irc_sasl_mechanism_ecdsa_nist256p_challenge ( + server, argv[1], sasl_username, sasl_key); break; case IRC_SASL_MECHANISM_EXTERNAL: answer = strdup ("+"); break; - case IRC_SASL_MECHANISM_PLAIN: - default: - answer = irc_sasl_mechanism_plain (sasl_username, - sasl_password); + case IRC_SASL_MECHANISM_DH_BLOWFISH: + answer = irc_sasl_mechanism_dh_blowfish ( + argv[1], sasl_username, sasl_password); + break; + case IRC_SASL_MECHANISM_DH_AES: + answer = irc_sasl_mechanism_dh_aes ( + argv[1], sasl_username, sasl_password); break; } if (answer) @@ -303,8 +306,10 @@ IRC_PROTOCOL_CALLBACK(away) IRC_PROTOCOL_CALLBACK(cap) { char *ptr_caps, **caps_supported, **caps_requested, *cap_option, *cap_req; + char str_msg_auth[512]; const char *ptr_cap_option; - int num_caps_supported, num_caps_requested, sasl_requested, sasl_to_do; + int num_caps_supported, num_caps_requested; + int sasl_requested, sasl_to_do, sasl_mechanism; int i, j, timeout, length; IRC_PROTOCOL_MIN_ARGS(4); @@ -437,35 +442,26 @@ IRC_PROTOCOL_CALLBACK(cap) } if (sasl_to_do) { - switch (IRC_SERVER_OPTION_INTEGER(server, - IRC_SERVER_OPTION_SASL_MECHANISM)) + sasl_mechanism = IRC_SERVER_OPTION_INTEGER( + server, IRC_SERVER_OPTION_SASL_MECHANISM); + if ((sasl_mechanism >= 0) + && (sasl_mechanism < IRC_NUM_SASL_MECHANISMS)) { - case IRC_SASL_MECHANISM_DH_BLOWFISH: - irc_server_sendf (server, 0, NULL, - "AUTHENTICATE DH-BLOWFISH"); - break; - case IRC_SASL_MECHANISM_DH_AES: - irc_server_sendf (server, 0, NULL, - "AUTHENTICATE DH-AES"); - break; - case IRC_SASL_MECHANISM_EXTERNAL: - irc_server_sendf (server, 0, NULL, - "AUTHENTICATE EXTERNAL"); - break; - case IRC_SASL_MECHANISM_PLAIN: - default: - irc_server_sendf (server, 0, NULL, - "AUTHENTICATE PLAIN"); - break; + snprintf (str_msg_auth, sizeof (str_msg_auth), + "AUTHENTICATE %s", + irc_sasl_mechanism_string[sasl_mechanism]); + weechat_string_toupper(str_msg_auth); + irc_server_sendf (server, 0, NULL, str_msg_auth); + if (server->hook_timer_sasl) + weechat_unhook (server->hook_timer_sasl); + timeout = IRC_SERVER_OPTION_INTEGER( + server, IRC_SERVER_OPTION_SASL_TIMEOUT); + server->hook_timer_sasl = weechat_hook_timer ( + timeout * 1000, + 0, 1, + &irc_server_timer_sasl_cb, + server); } - if (server->hook_timer_sasl) - weechat_unhook (server->hook_timer_sasl); - timeout = IRC_SERVER_OPTION_INTEGER(server, - IRC_SERVER_OPTION_SASL_TIMEOUT); - server->hook_timer_sasl = weechat_hook_timer (timeout * 1000, - 0, 1, - &irc_server_timer_sasl_cb, - server); } } } diff --git a/src/plugins/irc/irc-sasl.c b/src/plugins/irc/irc-sasl.c index 4205f3a5e..bc31b5b5a 100644 --- a/src/plugins/irc/irc-sasl.c +++ b/src/plugins/irc/irc-sasl.c @@ -25,13 +25,23 @@ #include #include +#ifdef HAVE_GNUTLS +#include +#include +#endif + #include "../weechat-plugin.h" #include "irc.h" #include "irc-sasl.h" +#include "irc-server.h" +/* + * these names are sent to the IRC server (as upper case), so they must be + * valid values for the AUTHENTICATE command (example: "AUTHENTICATE PLAIN") + */ char *irc_sasl_mechanism_string[IRC_NUM_SASL_MECHANISMS] = -{ "plain", "dh-blowfish", "dh-aes", "external" }; +{ "plain", "ecdsa-nist256p-challenge", "external", "dh-blowfish", "dh-aes" }; /* @@ -67,6 +77,216 @@ irc_sasl_mechanism_plain (const char *sasl_username, const char *sasl_password) return answer_base64; } +/* + * Returns the content of file with SASL key. + * + * Note: result must be freed after use. + */ + +char * +irc_sasl_get_key_content (struct t_irc_server *server, const char *sasl_key) +{ + const char *weechat_dir; + char *key_path1, *key_path2, *content; + + if (!sasl_key) + return NULL; + + content = NULL; + + weechat_dir = weechat_info_get ("weechat_dir", ""); + key_path1 = weechat_string_replace (sasl_key, "%h", weechat_dir); + key_path2 = (key_path1) ? + weechat_string_expand_home (key_path1) : NULL; + + if (key_path2) + content = weechat_file_get_content (key_path2); + + if (!content) + { + weechat_printf ( + server->buffer, + _("%s%s: unable to read private key in file \"%s\""), + weechat_prefix ("error"), + IRC_PLUGIN_NAME, + (key_path2) ? key_path2 : ((key_path1) ? key_path1 : sasl_key)); + } + + if (key_path1) + free (key_path1); + if (key_path2) + free (key_path2); + + return content; +} + +/* + * Builds answer for SASL authentication, using mechanism + * "ECDSA-NIST256P-CHALLENGE". + * + * Note: result must be freed after use. + */ + +char * +irc_sasl_mechanism_ecdsa_nist256p_challenge (struct t_irc_server *server, + const char *data_base64, + const char *sasl_username, + const char *sasl_key) +{ + char *data, *string, *answer_base64; + int length_data, length_username, length, ret; + char *str_privkey, *pubkey, *pubkey_base64; + gnutls_x509_privkey_t x509_privkey; + gnutls_privkey_t privkey; + gnutls_ecc_curve_t curve; + gnutls_datum_t filedatum, x, y, k, decoded_data, signature; + + answer_base64 = NULL; + string = NULL; + length = 0; + + if (strcmp (data_base64, "+") == 0) + { + /* send "username" + '\0' + "username" */ + answer_base64 = NULL; + length_username = strlen (sasl_username); + length = length_username + 1 + length_username; + string = malloc (length + 1); + if (string) + { + snprintf (string, length + 1, "%s|%s", sasl_username, sasl_username); + string[length_username] = '\0'; + } + } + else + { + /* sign the challenge with the private key and return the result */ + + /* decode the challenge */ + data = malloc (strlen (data_base64) + 1); + if (!data) + return NULL; + length_data = weechat_string_decode_base64 (data_base64, data); + + /* read file with private key */ + str_privkey = irc_sasl_get_key_content (server, sasl_key); + if (!str_privkey) + { + free (data); + return NULL; + } + + /* import key */ + gnutls_x509_privkey_init (&x509_privkey); + gnutls_privkey_init (&privkey); + filedatum.data = (unsigned char *)str_privkey; + filedatum.size = strlen (str_privkey); + ret = gnutls_x509_privkey_import (x509_privkey, &filedatum, + GNUTLS_X509_FMT_PEM); + free (str_privkey); + if (ret != GNUTLS_E_SUCCESS) + { + weechat_printf ( + server->buffer, + _("%sgnutls: invalid private key file: error %d %s"), + weechat_prefix ("error"), + ret, + gnutls_strerror (ret)); + gnutls_x509_privkey_deinit (x509_privkey); + gnutls_privkey_deinit (privkey); + free (data); + return NULL; + } + + /* read raw values in key, to display public key */ + ret = gnutls_x509_privkey_export_ecc_raw (x509_privkey, + &curve, &x, &y, &k); + if (ret == GNUTLS_E_SUCCESS) + { + pubkey = malloc (x.size + 1); + if (pubkey) + { + pubkey[0] = (y.data[y.size - 1] & 1) ? 0x03 : 0x02; + memcpy (pubkey + 1, x.data, x.size); + pubkey_base64 = malloc ((x.size + 1 + 1) * 4); + if (pubkey_base64) + { + weechat_string_encode_base64 (pubkey, x.size + 1, + pubkey_base64); + weechat_printf ( + server->buffer, + _("%s%s: signing the challenge with ECC public key: " + "%s"), + weechat_prefix ("network"), + IRC_PLUGIN_NAME, + pubkey_base64); + free (pubkey_base64); + } + free (pubkey); + } + gnutls_free (x.data); + gnutls_free (y.data); + gnutls_free (k.data); + } + + /* import private key in an abstract key structure */ + ret = gnutls_privkey_import_x509 (privkey, x509_privkey, 0); + if (ret != GNUTLS_E_SUCCESS) + { + weechat_printf ( + server->buffer, + _("%sgnutls: unable to import the private key: error %d %s"), + weechat_prefix ("error"), + ret, + gnutls_strerror (ret)); + gnutls_x509_privkey_deinit (x509_privkey); + gnutls_privkey_deinit (privkey); + free (data); + return NULL; + } + + decoded_data.data = (unsigned char *)data; + decoded_data.size = length_data; + ret = gnutls_privkey_sign_hash (privkey, GNUTLS_DIG_SHA256, 0, + &decoded_data, &signature); + if (ret != GNUTLS_E_SUCCESS) + { + weechat_printf ( + server->buffer, + _("%sgnutls: unable to sign the hashed data: error %d %s"), + weechat_prefix ("error"), + ret, + gnutls_strerror (ret)); + gnutls_x509_privkey_deinit (x509_privkey); + gnutls_privkey_deinit (privkey); + free (data); + return NULL; + } + + gnutls_x509_privkey_deinit (x509_privkey); + gnutls_privkey_deinit (privkey); + + string = malloc (signature.size); + if (string) + memcpy (string, signature.data, signature.size); + length = signature.size; + + gnutls_free (signature.data); + + free (data); + } + + if (string && (length > 0)) + { + answer_base64 = malloc ((length + 1) * 4); + if (answer_base64) + weechat_string_encode_base64 (string, length, answer_base64); + free (string); + } + + return answer_base64; +} + /* * Reads key sent by server (Diffie-Hellman key exchange). * @@ -186,6 +406,7 @@ dhend: * * Note: result must be freed after use. */ + char * irc_sasl_mechanism_dh_blowfish (const char *data_base64, const char *sasl_username, @@ -249,7 +470,7 @@ irc_sasl_mechanism_dh_blowfish (const char *data_base64, memcpy (ptr_answer, password_crypted, length_password); /* encode answer to base64 */ - answer_base64 = malloc (length_answer * 4); + answer_base64 = malloc ((length_answer + 1) * 4); if (answer_base64) weechat_string_encode_base64 (answer, length_answer, answer_base64); @@ -279,6 +500,7 @@ bfend: * * Note: result must be freed after use. */ + char * irc_sasl_mechanism_dh_aes (const char *data_base64, const char *sasl_username, @@ -370,7 +592,7 @@ irc_sasl_mechanism_dh_aes (const char *data_base64, memcpy (ptr_answer, userpass_crypted, length_userpass); /* encode answer to base64 */ - answer_base64 = malloc (length_answer * 4); + answer_base64 = malloc ((length_answer + 1) * 4); if (answer_base64) weechat_string_encode_base64 (answer, length_answer, answer_base64); diff --git a/src/plugins/irc/irc-sasl.h b/src/plugins/irc/irc-sasl.h index c2ed129d7..2677f5247 100644 --- a/src/plugins/irc/irc-sasl.h +++ b/src/plugins/irc/irc-sasl.h @@ -20,14 +20,17 @@ #ifndef WEECHAT_IRC_SASL_H #define WEECHAT_IRC_SASL_H 1 +struct t_irc_server; + /* SASL authentication mechanisms */ enum t_irc_sasl_mechanism { IRC_SASL_MECHANISM_PLAIN = 0, + IRC_SASL_MECHANISM_ECDSA_NIST256P_CHALLENGE, + IRC_SASL_MECHANISM_EXTERNAL, IRC_SASL_MECHANISM_DH_BLOWFISH, IRC_SASL_MECHANISM_DH_AES, - IRC_SASL_MECHANISM_EXTERNAL, /* number of SASL mechanisms */ IRC_NUM_SASL_MECHANISMS, }; @@ -36,6 +39,10 @@ extern char *irc_sasl_mechanism_string[]; extern char *irc_sasl_mechanism_plain (const char *sasl_username, const char *sasl_password); +extern char *irc_sasl_mechanism_ecdsa_nist256p_challenge (struct t_irc_server *server, + const char *data_base64, + const char *sasl_username, + const char *sasl_key); extern char *irc_sasl_mechanism_dh_blowfish (const char *data_base64, const char *sasl_username, const char *sasl_password); diff --git a/src/plugins/irc/irc-server.c b/src/plugins/irc/irc-server.c index e5ec45266..cd576b606 100644 --- a/src/plugins/irc/irc-server.c +++ b/src/plugins/irc/irc-server.c @@ -89,6 +89,7 @@ char *irc_server_options[IRC_SERVER_NUM_OPTIONS][2] = { "sasl_mechanism", "plain" }, { "sasl_username", "" }, { "sasl_password", "" }, + { "sasl_key", "", }, { "sasl_timeout", "15" }, { "sasl_fail", "continue" }, { "autoconnect", "off" }, @@ -335,6 +336,7 @@ irc_server_sasl_enabled (struct t_irc_server *server) { int sasl_mechanism, rc; char *sasl_username, *sasl_password; + const char *sasl_key; sasl_mechanism = IRC_SERVER_OPTION_INTEGER( server, IRC_SERVER_OPTION_SASL_MECHANISM); @@ -344,12 +346,18 @@ irc_server_sasl_enabled (struct t_irc_server *server) sasl_password = weechat_string_eval_expression ( IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_PASSWORD), NULL, NULL, NULL); + sasl_key = IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_KEY); /* - * SASL is enabled if using mechanism "external" - * or if both username AND password are set + * SASL is enabled if one of these conditions is true: + * - mechanism is "external" + * - mechanism is "ecdsa-nist256p-challenge" with username/key set + * - another mechanism with username/password set */ rc = ((sasl_mechanism == IRC_SASL_MECHANISM_EXTERNAL) + || ((sasl_mechanism == IRC_SASL_MECHANISM_ECDSA_NIST256P_CHALLENGE) + && sasl_username && sasl_username[0] + && sasl_key && sasl_key[0]) || (sasl_username && sasl_username[0] && sasl_password && sasl_password[0])) ? 1 : 0; @@ -5220,6 +5228,9 @@ irc_server_add_to_infolist (struct t_infolist *infolist, if (!weechat_infolist_new_var_string (ptr_item, "sasl_password", IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_PASSWORD))) return 0; + if (!weechat_infolist_new_var_string (ptr_item, "sasl_key", + IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_KEY))) + return 0; if (!weechat_infolist_new_var_integer (ptr_item, "sasl_fail", IRC_SERVER_OPTION_INTEGER(server, IRC_SERVER_OPTION_SASL_FAIL))) return 0; @@ -5475,12 +5486,19 @@ irc_server_print_log () IRC_SERVER_OPTION_STRING(ptr_server, IRC_SERVER_OPTION_SASL_USERNAME)); else weechat_log_printf (" sasl_username. . . . : '%s'", - weechat_config_string (ptr_server->options[IRC_SERVER_OPTION_USERNAME])); + weechat_config_string (ptr_server->options[IRC_SERVER_OPTION_SASL_USERNAME])); /* sasl_password */ if (weechat_config_option_is_null (ptr_server->options[IRC_SERVER_OPTION_SASL_PASSWORD])) weechat_log_printf (" sasl_password. . . . : null"); else weechat_log_printf (" sasl_password. . . . : (hidden)"); + /* sasl_key */ + if (weechat_config_option_is_null (ptr_server->options[IRC_SERVER_OPTION_SASL_KEY])) + weechat_log_printf (" sasl_key. . . . . . : null ('%s')", + IRC_SERVER_OPTION_STRING(ptr_server, IRC_SERVER_OPTION_SASL_KEY)); + else + weechat_log_printf (" sasl_key. . . . . . : '%s'", + weechat_config_string (ptr_server->options[IRC_SERVER_OPTION_SASL_KEY])); /* sasl_fail */ if (weechat_config_option_is_null (ptr_server->options[IRC_SERVER_OPTION_SASL_FAIL])) weechat_log_printf (" sasl_fail. . . . . . : null ('%s')", diff --git a/src/plugins/irc/irc-server.h b/src/plugins/irc/irc-server.h index b71a66c32..5455cd034 100644 --- a/src/plugins/irc/irc-server.h +++ b/src/plugins/irc/irc-server.h @@ -57,6 +57,7 @@ enum t_irc_server_option IRC_SERVER_OPTION_SASL_MECHANISM,/* mechanism for SASL authentication */ IRC_SERVER_OPTION_SASL_USERNAME, /* username for SASL authentication */ IRC_SERVER_OPTION_SASL_PASSWORD, /* password for SASL authentication */ + IRC_SERVER_OPTION_SASL_KEY, /* key for ECDSA-NIST256P-CHALLENCE */ IRC_SERVER_OPTION_SASL_TIMEOUT, /* timeout for SASL authentication */ IRC_SERVER_OPTION_SASL_FAIL, /* action on SASL fail */ IRC_SERVER_OPTION_AUTOCONNECT, /* autoconnect to server at startup */