working on ssl (#770)

timmy0123 · mattwang44 · web-flow · commit 6657eb7db5fc · 2023-12-26T07:50:55.000Z
Co-authored-by: Wei-Hsiang (Matt) Wang &lt;mattwang44@gmail.com&gt;
diff --git a/library/ssl.po b/library/ssl.po
@@ -143,23 +143,32 @@ msgid ""
 "returns a new context with secure default settings."
 msgstr ""
 ":class:`SSLSocket` 實例必須使用 :meth:`SSLContext.wrap_socket` 方法來建立。輔"
-"助函式 :func:`create_default_context` 會回傳有安全預設設定的新內容。"
+"助函式 :func:`create_default_context` 會回傳有安全預設設定的新語境 (context)。"
 
 #: ../../library/ssl.rst:82
 msgid "Client socket example with default context and IPv4/IPv6 dual stack::"
 msgstr ""
+"使用預設語境及 IPv4/IPv6 雙協定堆疊的客戶端 socket 範例：\n"
+"\n"
+"::"
 
 #: ../../library/ssl.rst:95
 msgid "Client socket example with custom context and IPv4::"
 msgstr ""
+"使用自訂語境及 IPv4 的客戶端 socket範例：\n"
+"\n"
+"::"
 
 #: ../../library/ssl.rst:107
 msgid "Server socket example listening on localhost IPv4::"
 msgstr ""
+"在本地 IPv4 上監聽伺服器 socket 的範例：\n"
+"\n"
+"::"
 
 #: ../../library/ssl.rst:121
 msgid "Context creation"
-msgstr ""
+msgstr "語境建立"
 
 #: ../../library/ssl.rst:123
 msgid ""
@@ -174,6 +183,8 @@ msgid ""
 "represent a higher security level than when calling the :class:`SSLContext` "
 "constructor directly."
 msgstr ""
+"回傳一個新的 :class:`SSLContext` 物件，使用給定 *purpose* 的預設值。這些設定"
+"是由 :mod:`ssl` 選擇，通常比直接使用 :class:`SSLContext` 有更高的安全性。"
 
 #: ../../library/ssl.rst:133
 msgid ""
@@ -182,6 +193,9 @@ msgid ""
 "If all three are :const:`None`, this function can choose to trust the "
 "system's default CA certificates instead."
 msgstr ""
+"*cafile*, *capath*, *cadata* 是用來選擇用於憑證認證的 CA 憑證，就像 :meth:"
+"`SSLContext.load_verify_locations` 一樣。如果三個值都是 :const:`None`，此函式"
+"會自動選擇系統預設的 CA 憑證。"
 
 #: ../../library/ssl.rst:139
 msgid ""
@@ -194,26 +208,39 @@ msgid ""
 "or uses :meth:`SSLContext.load_default_certs` to load default CA "
 "certificates."
 msgstr ""
+"這些設定包含：:data:`PROTOCOL_TLS_CLIENT` 或 :data:`PROTOCOL_TLS_SERVER`、:"
+"data:`OP_NO_SSLv2`、以及 :data:`OP_NO_SSLv3`，使用高加密密碼套件但不包含 "
+"RC4 和未經身份驗證的密碼套件。如果將 *purpose* 設定為 :const:`~Purpose."
+"SERVER_AUTH`，則會把 :data:`~SSLContext.verify_mode` 設為 :data:"
+"`CERT_REQUIRED` 並使用設定的 CA 憑證(當 *cafile*、*capath* 或 *cadata* 其中"
+"一個值有被設定時) 或使用預設的 CA 憑證  :meth:`SSLContext."
+"load_default_certs` 。"
 
 #: ../../library/ssl.rst:148
 msgid ""
 "When :attr:`~SSLContext.keylog_filename` is supported and the environment "
 "variable :envvar:`SSLKEYLOGFILE` is set, :func:`create_default_context` "
 "enables key logging."
 msgstr ""
+"當系統有支援 :attr:`~SSLContext.keylog_filename` 並且有設定環境變數 :envvar:"
+"`SSLKEYLOGFILE` 時 :func:`create_default_context` 會啟用密鑰日誌記錄 (logging)。"
 
 #: ../../library/ssl.rst:153
 msgid ""
 "The protocol, options, cipher and other settings may change to more "
 "restrictive values anytime without prior deprecation.  The values represent "
 "a fair balance between compatibility and security."
 msgstr ""
+"協定、選項、密碼和其它設定可以在不捨棄舊值的情況下直接更改成新的值，這些值代"
+"表了在相容性和安全性之間取得的合理平衡。"
 
 #: ../../library/ssl.rst:157
 msgid ""
 "If your application needs specific settings, you should create a :class:"
 "`SSLContext` and apply the settings yourself."
 msgstr ""
+"如果你的應用程式需要特殊的設定，你應該要自行建立一個 :class:`SSLContext` 並自"
+"行調整設定。"
 
 #: ../../library/ssl.rst:161
 msgid ""
@@ -225,28 +252,37 @@ msgid ""
 "org/wiki/POODLE>`_. If you still wish to continue to use this function but "
 "still allow SSL 3.0 connections you can re-enable them using::"
 msgstr ""
+"如果您發現某些舊的客戶端或伺服器常適用此函式建立的 :class:`SSLContext` 連線"
+"時，收到 \"Protocol or cipher suite mismatch\" 錯誤，這可能是因為他們的系統僅"
+"支援 SSL3.0，然而 SSL3.0 已被此函式用 :data:`OP_NO_SSLv3` 排除。目前廣泛認為 "
+"SSL3.0 已經\\ `被完全破解 <https://en.wikipedia.org/wiki/POODLE>`_。如果您仍"
+"然希望在允許 SSL3.0 連線的情況下使用此函式，可以使用下面的方法：\n"
+"\n"
+"::"
 
 #: ../../library/ssl.rst:177
 msgid "RC4 was dropped from the default cipher string."
-msgstr ""
+msgstr "把 RC4 從預設密碼中捨棄。"
 
 #: ../../library/ssl.rst:181
 msgid "ChaCha20/Poly1305 was added to the default cipher string."
-msgstr ""
+msgstr "把 ChaCha20/Poly1305 加入預設密碼。"
 
 #: ../../library/ssl.rst:183
 msgid "3DES was dropped from the default cipher string."
-msgstr ""
+msgstr "把 3DES 從預設密碼中捨棄。"
 
 #: ../../library/ssl.rst:187
 msgid "Support for key logging to :envvar:`SSLKEYLOGFILE` was added."
-msgstr ""
+msgstr "增加了 :envvar:`SSLKEYLOGFILE` 對密鑰記錄 (logging)的支持。"
 
 #: ../../library/ssl.rst:191
 msgid ""
 "The context now uses :data:`PROTOCOL_TLS_CLIENT` or :data:"
 "`PROTOCOL_TLS_SERVER` protocol instead of generic :data:`PROTOCOL_TLS`."
 msgstr ""
+"當前語境使用 :data:`PROTOCOL_TLS_CLIENT` 協定或 :data:`PROTOCOL_TLS_SERVER` "
+"協定而非通用的 :data:`PROTOCOL_TLS`。"
 
 #: ../../library/ssl.rst:197
 msgid "Exceptions"
