blackbeard420/weechat
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

irc: evaluate content of server option "ssl_fingerprint" (closes #858)

Browse Source
This commit is contained in:
Sébastien Helleu 2016-12-03 09:44:18 +01:00
parent a864da7b3b
commit 28fde407f4
22 changed files with 189 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog.adoc
View File

@ -32,6 +32,7 @@ Improvements::
* core: add a slash before commands completed in arguments of /command, /debug time, /key bind, /key bindctxt, /mute, /repeat, /wait
* core: add a warning in header of configuration files to not edit by hand (issue #851)
* alias: add a slash before commands completed in arguments of /alias
* irc: evaluate content of server option "ssl_fingerprint" (issue #858)
* irc: change default value of option irc.network.lag_reconnect to 300 (issue #818)
* trigger: do not hide email in command "/msg nickserv register password email" (issue #849)

2
doc/de/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** Werte: 0 .. 2147483647 (Standardwert: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** Beschreibung: pass:none[Fingerprint des Zertifikates welches als vertrauenswürdig eingestuft und für diesen Server akzeptiert wird; es sind nur hexadezimale Zeichen erlaubt (0-9, a-f): bei SHA-512 ist das Zertifikat 64 Zeichen lang, bei SHA-256 sind es 32 Zeichen, bei SHA-1 sind es 20 Zeichen (nicht empfohlen, da unsicher); verschiedene Fingerprints können durch Kommata voneinander getrennt werden; wird diese Option genutzt, findet KEINE weitere Überprüfung der Zertifikate statt (Option "ssl_verify")]
** Beschreibung: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify") (note: content is evaluated, see /help eval)]
** Typ: Zeichenkette
** Werte: beliebige Zeichenkette (Standardwert: `+""+`)

2
doc/en/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** values: 0 .. 2147483647 (default value: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** description: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify")]
** description: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify") (note: content is evaluated, see /help eval)]
** type: string
** values: any string (default value: `+""+`)

2
doc/fr/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** valeurs: 0 .. 2147483647 (valeur par défaut: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** description: pass:none[empreinte du certificat qui est de confiance et accepté pour le serveur ; seuls les chiffres hexadécimaux sont autorisés (0-9, a-f) : 64 caractères pour SHA-512, 32 caractères pour SHA-256, 20 caractères pour SHA-1 (non sûr, non recommandé) ; plusieurs empreintes peuvent être séparées par des virgules ; si cette option est définie, les autres vérifications sur les certificats ne sont PAS effectuées (option "ssl_verify")]
** description: pass:none[empreinte du certificat qui est de confiance et accepté pour le serveur ; seuls les chiffres hexadécimaux sont autorisés (0-9, a-f) : 64 caractères pour SHA-512, 32 caractères pour SHA-256, 20 caractères pour SHA-1 (non sûr, non recommandé) ; plusieurs empreintes peuvent être séparées par des virgules ; si cette option est définie, les autres vérifications sur les certificats ne sont PAS effectuées (option "ssl_verify") (note : le contenu est évalué, voir /help eval)]
** type: chaîne
** valeurs: toute chaîne (valeur par défaut: `+""+`)

2
doc/it/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** valori: 0 .. 2147483647 (valore predefinito: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** descrizione: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify")]
** descrizione: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify") (note: content is evaluated, see /help eval)]
** tipo: stringa
** valori: qualsiasi stringa (valore predefinito: `+""+`)

2
doc/ja/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** 値: 0 .. 2147483647 (デフォルト値: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** 説明: pass:none[信頼でき、通信を認めるサーバ証明書の指紋; 16 進数で使える文字 (0-9, a-f) 以外は指定できません: SHA-512 の場合 64 文字、SHA-256 の場合 32 文字、SHA-1 の場合 20 文字 (危険、非推奨) です。複数の指紋を設定する場合はコンマで区切ってください; このオプションを設定した場合、証明書に対する他の妥当性確認は行われません (オプション "ssl_verify")]
** 説明: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify") (note: content is evaluated, see /help eval)]
** タイプ: 文字列
** 値: 未制約文字列 (デフォルト値: `+""+`)

2
doc/pl/autogen/user/irc_options.adoc
View File

@ -603,7 +603,7 @@
** wartości: 0 .. 2147483647 (domyślna wartość: `+2048+`)
* [[option_irc.server_default.ssl_fingerprint]] *irc.server_default.ssl_fingerprint*
** opis: pass:none[skrót certyfikatu, który jest zaufany i akceptowany dla serwera; tylko cyfry heksadecymalne są dozwolone (0-9, a-f): 64 znaki dla SHA-512, 32 znaki dla SHA-256, 20 znaków dla SHA-1 (mało bezpieczne, nie zalecane); wiele skrótów można oddzielić przecinkami; jeśli ta opcja jest ustawiona, certyfikat NIE jest dalej sprawdzany (opcja "ssl_verify")]
** opis: pass:none[fingerprint of certificate which is trusted and accepted for the server; only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many fingerprints can be separated by commas; if this option is set, the other checks on certificates are NOT performed (option "ssl_verify") (note: content is evaluated, see /help eval)]
** typ: ciąg
** wartości: dowolny ciąg (domyślna wartość: `+""+`)

9
po/cs.po
View File

@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:23+0200\n"
"Last-Translator: Ondřej Súkup <mimi.vx@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -6910,6 +6910,10 @@ msgid ""
msgstr ""
"%s%s: nevalidní řetězec priorit, chyba je na této pozici v řetězci: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: nemohu získat aktuální status interpretru"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7002,7 +7006,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
#, fuzzy

10
po/de.po
View File

@ -19,7 +19,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-11-22 21:27+0100\n"
"Last-Translator: Nils Görs <weechatter@arcor.de>\n"
"Language-Team: German <kde-i18n-de@kde.org>\n"
@ -7976,6 +7976,10 @@ msgstr ""
"%s%s: ungültige Zeichenkette für Prioritäten. Fehler befindet sich an "
"folgender Position der Zeichenkette: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: ein deaktivierter Trigger kann nicht neu gestartet werden"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -8075,12 +8079,14 @@ msgstr ""
"Größe des Schlüssels der während des Diffie-Hellman-Schlüsselaustausches "
"genutzt wurde"
#, fuzzy
msgid ""
"fingerprint of certificate which is trusted and accepted for the server; "
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
"Fingerprint des Zertifikates welches als vertrauenswürdig eingestuft und für "
"diesen Server akzeptiert wird; es sind nur hexadezimale Zeichen erlaubt "

9
po/es.po
View File

@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:23+0200\n"
"Last-Translator: Elián Hanisch <lambdae2@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -7153,6 +7153,10 @@ msgstr ""
"%s%s: cadena de prioridades inválida, error a esta posición de la cadena: "
"\"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: no es posible obtener el estado del interprete actual"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7242,7 +7246,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

14
po/fr.po
View File

@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"PO-Revision-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-12-03 09:39+0100\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: fr\n"
@ -7827,6 +7827,10 @@ msgstr ""
"%s%s : chaîne de priorités invalide, erreur à cette position dans la "
"chaîne : \"%s\""
#, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s : l'empreinte évaluée ne doit pas être vide"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7926,14 +7930,16 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
"empreinte du certificat qui est de confiance et accepté pour le serveur ; "
"seuls les chiffres hexadécimaux sont autorisés (0-9, a-f) : 64 caractères "
"pour SHA-512, 32 caractères pour SHA-256, 20 caractères pour SHA-1 (non sûr, "
"non recommandé) ; plusieurs empreintes peuvent être séparées par des "
"virgules ; si cette option est définie, les autres vérifications sur les "
"certificats ne sont PAS effectuées (option \"ssl_verify\")"
"certificats ne sont PAS effectuées (option \"ssl_verify\") (note : le "
"contenu est évalué, voir /help eval)"
msgid "check that the SSL connection is fully trusted"
msgstr "vérifier que la connexion SSL est entièrement de confiance"

9
po/hu.po
View File

@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:23+0200\n"
"Last-Translator: Andras Voroskoi <voroskoi@frugalware.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -6379,6 +6379,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr ""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s nem sikerült a szervert létrehozni\n"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -6456,7 +6460,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

9
po/it.po
View File

@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:24+0200\n"
"Last-Translator: Esteban I. Ruiz Moreno <exio4.com@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -7299,6 +7299,10 @@ msgid ""
msgstr ""
"%s%s: stringa delle proprietà non valida, errore in questa posizione: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: impossibile ricevere lo stato attuale dell'interprete"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7394,7 +7398,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

10
po/ja.po
View File

@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-11-23 09:00+0900\n"
"Last-Translator: AYANOKOUZI, Ryuunosuke <i38w7i3@yahoo.co.jp>\n"
"Language-Team: Japanese <https://github.com/l/weechat/tree/master/"
@ -7504,6 +7504,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr "%s%s: 不正なプロパティ文字列、文字列のエラーの位置: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: 無効化されたトリガを再開できません"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7594,12 +7598,14 @@ msgstr ""
msgid "size of the key used during the Diffie-Hellman Key Exchange"
msgstr "Diffie-Hellman 鍵交換で使われる鍵長"
#, fuzzy
msgid ""
"fingerprint of certificate which is trusted and accepted for the server; "
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
"信頼でき、通信を認めるサーバ証明書の指紋; 16 進数で使える文字 (0-9, a-f) 以外"
"は指定できません: SHA-512 の場合 64 文字、SHA-256 の場合 32 文字、SHA-1 の場"

10
po/pl.po
View File

@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:24+0200\n"
"Last-Translator: Krzysztof Korościk <soltys1@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -7659,6 +7659,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr "%s%s: nieprawidłowy ciąg priorytetów, błąd na pozycji: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: wyłączony trigger nie może być zrestartowany"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7751,12 +7755,14 @@ msgid "size of the key used during the Diffie-Hellman Key Exchange"
msgstr ""
"rozmiar klucza używanego podczas połączenia Wymiany Kluczy Diffie-Hellmana"
#, fuzzy
msgid ""
"fingerprint of certificate which is trusted and accepted for the server; "
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
"skrót certyfikatu, który jest zaufany i akceptowany dla serwera; tylko cyfry "
"heksadecymalne są dozwolone (0-9, a-f): 64 znaki dla SHA-512, 32 znaki dla "

10
po/pt.po
View File

@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-27 12:29+0000\n"
"Last-Translator: Vasco Almeida <vascomalmeida@sapo.pt>\n"
"Language-Team: Portuguese <>\n"
@ -7659,6 +7659,10 @@ msgid ""
msgstr ""
"%s%s: cadeia de prioridades inválida, erro nesta posição na cadeia: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: não é possível reiniciar um acionador desativado"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -7752,12 +7756,14 @@ msgstr ""
msgid "size of the key used during the Diffie-Hellman Key Exchange"
msgstr "tamanho da chave usada durante a troca de chaves de Diffie-Hellman"
#, fuzzy
msgid ""
"fingerprint of certificate which is trusted and accepted for the server; "
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
"impressão digital do certificado considerado fidedigno e aceite do servidor; "
"só são permitidos dígitos hexadecimais (0-9, a-f): 64 carateres para "

9
po/pt_BR.po
View File

@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:24+0200\n"
"Last-Translator: Eduardo Elias <camponez@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -6766,6 +6766,10 @@ msgid ""
msgstr ""
"%s%s: string de prioridades inválida, erro nesta posição da string: \"%s\""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s%s: não foi possível obter estado do interpretador atual"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -6858,7 +6862,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
#, fuzzy

9
po/ru.po
View File

@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-09-03 08:24+0200\n"
"Last-Translator: Aleksey V Zapparov AKA ixti <ixti@member.fsf.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -6409,6 +6409,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr ""
#, fuzzy, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr "%s не могу создать сервер\n"
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -6486,7 +6490,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

9
po/tr.po
View File

@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2016-05-18 07:43+0200\n"
"Last-Translator: Hasan Kiran <sunder67@hotmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -5737,6 +5737,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr ""
#, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr ""
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -5810,7 +5814,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

9
po/weechat.pot
View File

@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
"POT-Creation-Date: 2016-11-29 23:33+0100\n"
"POT-Creation-Date: 2016-12-03 09:38+0100\n"
"PO-Revision-Date: 2014-08-16 10:27+0200\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@ -5661,6 +5661,10 @@ msgid ""
"%s%s: invalid priorities string, error at this position in string: \"%s\""
msgstr ""
#, c-format
msgid "%s%s: the evaluated fingerprint must not be empty"
msgstr ""
#, c-format
msgid ""
"%s%s: invalid fingerprint size, the number of hexadecimal digits must be one "
@ -5734,7 +5738,8 @@ msgid ""
"only hexadecimal digits are allowed (0-9, a-f): 64 chars for SHA-512, 32 "
"chars for SHA-256, 20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option is set, the other "
"checks on certificates are NOT performed (option \"ssl_verify\")"
"checks on certificates are NOT performed (option \"ssl_verify\") (note: "
"content is evaluated, see /help eval)"
msgstr ""
msgid "check that the SSL connection is fully trusted"

120
src/plugins/irc/irc-config.c
View File

@ -997,7 +997,7 @@ irc_config_server_check_value_cb (const void *pointer, void *data,
const char *pos_error, *proxy_name;
struct t_infolist *infolist;
#ifdef HAVE_GNUTLS
char **fingerprints, *str_sizes;
char *fingerprint_eval, **fingerprints, *str_sizes;
int i, j, rc, algo, length;
#endif /* HAVE_GNUTLS */
@ -1053,60 +1053,77 @@ irc_config_server_check_value_cb (const void *pointer, void *data,
break;
case IRC_SERVER_OPTION_SSL_FINGERPRINT:
#ifdef HAVE_GNUTLS
if (value && value[0])
if (!value || !value[0])
break;
fingerprint_eval = weechat_string_eval_expression (
value, NULL, NULL, NULL);
if (!fingerprint_eval || !fingerprint_eval[0])
{
fingerprints = weechat_string_split (value, ",", 0, 0,
NULL);
if (fingerprints)
weechat_printf (
NULL,
_("%s%s: the evaluated fingerprint must not be "
"empty"),
weechat_prefix ("error"),
IRC_PLUGIN_NAME);
if (fingerprint_eval)
free (fingerprint_eval);
return 0;
}
fingerprints = weechat_string_split (
(fingerprint_eval) ? fingerprint_eval : value,
",", 0, 0, NULL);
if (!fingerprints)
{
free (fingerprint_eval);
return 1;
}
rc = 0;
for (i = 0; fingerprints[i]; i++)
{
length = strlen (fingerprints[i]);
algo = irc_server_fingerprint_search_algo_with_size (
length * 4);
if (algo < 0)
{
rc = 0;
for (i = 0; fingerprints[i]; i++)
rc = -1;
break;
}
for (j = 0; j < length; j++)
{
if (!isxdigit ((unsigned char)fingerprints[i][j]))
{
length = strlen (fingerprints[i]);
algo = irc_server_fingerprint_search_algo_with_size (
length * 4);
if (algo < 0)
{
rc = -1;
break;
}
for (j = 0; j < length; j++)
{
if (!isxdigit ((unsigned char)fingerprints[i][j]))
{
rc = -2;
break;
}
}
if (rc < 0)
break;
}
weechat_string_free_split (fingerprints);
switch (rc)
{
case -1: /* invalid size */
str_sizes = irc_server_fingerprint_str_sizes ();
weechat_printf (
NULL,
_("%s%s: invalid fingerprint size, the "
"number of hexadecimal digits must be "
"one of: %s"),
weechat_prefix ("error"),
IRC_PLUGIN_NAME,
(str_sizes) ? str_sizes : "?");
if (str_sizes)
free (str_sizes);
return 0;
case -2: /* invalid content */
weechat_printf (
NULL,
_("%s%s: invalid fingerprint, it must "
"contain only hexadecimal digits (0-9, "
"a-f)"),
weechat_prefix ("error"), IRC_PLUGIN_NAME);
return 0;
rc = -2;
break;
}
}
if (rc < 0)
break;
}
weechat_string_free_split (fingerprints);
free (fingerprint_eval);
switch (rc)
{
case -1: /* invalid size */
str_sizes = irc_server_fingerprint_str_sizes ();
weechat_printf (
NULL,
_("%s%s: invalid fingerprint size, the "
"number of hexadecimal digits must be "
"one of: %s"),
weechat_prefix ("error"),
IRC_PLUGIN_NAME,
(str_sizes) ? str_sizes : "?");
if (str_sizes)
free (str_sizes);
return 0;
case -2: /* invalid content */
weechat_printf (
NULL,
_("%s%s: invalid fingerprint, it must "
"contain only hexadecimal digits (0-9, "
"a-f)"),
weechat_prefix ("error"), IRC_PLUGIN_NAME);
return 0;
}
#endif /* HAVE_GNUTLS */
break;
@ -1642,7 +1659,8 @@ irc_config_server_new_option (struct t_config_file *config_file,
"20 chars for SHA-1 (insecure, not recommended); many "
"fingerprints can be separated by commas; if this option "
"is set, the other checks on certificates are NOT "
"performed (option \"ssl_verify\")"),
"performed (option \"ssl_verify\") "
"(note: content is evaluated, see /help eval)"),
NULL, 0, 0,
default_value, value,
null_value_allowed,

24
src/plugins/irc/irc-server.c
View File

@ -4056,8 +4056,8 @@ irc_server_gnutls_callback (const void *pointer, void *data,
gnutls_datum_t filedatum;
unsigned int i, cert_list_len, status;
time_t cert_time;
char *cert_path0, *cert_path1, *cert_path2, *cert_str;
const char *weechat_dir, *fingerprint;
char *cert_path0, *cert_path1, *cert_path2, *cert_str, *fingerprint_eval;
const char *weechat_dir, *ptr_fingerprint;
int rc, ret, fingerprint_match, hostname_match, cert_temp_init;
#if LIBGNUTLS_VERSION_NUMBER >= 0x010706 /* 1.7.6 */
gnutls_datum_t cinfo;
@ -4080,6 +4080,7 @@ irc_server_gnutls_callback (const void *pointer, void *data,
cert_temp_init = 0;
cert_list = NULL;
cert_list_len = 0;
fingerprint_eval = NULL;
if (action == WEECHAT_HOOK_CONNECT_GNUTLS_CB_VERIFY_CERT)
{
@ -4106,11 +4107,13 @@ irc_server_gnutls_callback (const void *pointer, void *data,
cert_temp_init = 1;
/* get fingerprint option in server */
fingerprint = IRC_SERVER_OPTION_STRING (server,
IRC_SERVER_OPTION_SSL_FINGERPRINT);
ptr_fingerprint = IRC_SERVER_OPTION_STRING(server,
IRC_SERVER_OPTION_SSL_FINGERPRINT);
fingerprint_eval = weechat_string_eval_expression (ptr_fingerprint,
NULL, NULL, NULL);
/* set match options */
fingerprint_match = (fingerprint && fingerprint[0]) ? 0 : 1;
fingerprint_match = (ptr_fingerprint && ptr_fingerprint[0]) ? 0 : 1;
hostname_match = 0;
/* get the peer's raw certificate (chain) as sent by the peer */
@ -4143,10 +4146,10 @@ irc_server_gnutls_callback (const void *pointer, void *data,
if (i == 0)
{
/* check if fingerprint matches the first certificate */
if (fingerprint && fingerprint[0])
if (fingerprint_eval && fingerprint_eval[0])
{
fingerprint_match = irc_server_check_certificate_fingerprint (
server, cert_temp, fingerprint);
server, cert_temp, fingerprint_eval);
}
/* check if hostname matches in the first certificate */
if (gnutls_x509_crt_check_hostname (cert_temp,
@ -4178,7 +4181,7 @@ irc_server_gnutls_callback (const void *pointer, void *data,
}
#endif /* LIBGNUTLS_VERSION_NUMBER >= 0x010706 */
/* check dates, only if fingerprint is not set */
if (!fingerprint || !fingerprint[0])
if (!ptr_fingerprint || !ptr_fingerprint[0])
{
/* check expiration date */
cert_time = gnutls_x509_crt_get_expiration_time (cert_temp);
@ -4207,7 +4210,7 @@ irc_server_gnutls_callback (const void *pointer, void *data,
* if fingerprint is set, display if matches, and don't check
* anything else
*/
if (fingerprint && fingerprint[0])
if (ptr_fingerprint && ptr_fingerprint[0])
{
if (fingerprint_match)
{
@ -4409,6 +4412,9 @@ end:
if (cert_temp_init)
gnutls_x509_crt_deinit (cert_temp);
if (fingerprint_eval)
free (fingerprint_eval);
return rc;
}
#endif /* HAVE_GNUTLS */