diff --git a/library/ssl.po b/library/ssl.po index 980feee7f5..8f4688db4a 100644 --- a/library/ssl.po +++ b/library/ssl.po @@ -307,9 +307,9 @@ msgid "" msgstr "" "如果你發現某些舊的客戶端或伺服器常適用此函式建立的 :class:`SSLContext` 連線" "時,收到 \"Protocol or cipher suite mismatch\" 錯誤,這可能是因為他們的系統僅" -"支援 SSL3.0,然而 SSL3.0 已被此函數用 :data:`OP_NO_SSLv3` 排除。目前廣泛認為 " +"支援 SSL3.0,然而 SSL3.0 已被此函式用 :data:`OP_NO_SSLv3` 排除。目前廣泛認為 " "SSL3.0 已經\\ `被完全破解 `_。如果你仍" -"然希望在允許 SSL3.0 連線的情況下使用此函數,可以使用下面的方法: ::" +"然希望在允許 SSL3.0 連線的情況下使用此函式,可以使用下面的方法: ::" #: ../../library/ssl.rst:170 msgid "" @@ -1587,16 +1587,21 @@ msgid "" "active SSL connection, i.e. the handshake was completed and :meth:`SSLSocket." "unwrap` was not called." msgstr "" +":meth:`~SSLSocket.read` 和 :meth:`~SSLSocket.write` 方法為低階層的方法,負責" +"讀取和寫入未加密的應用層資料,並將其加密/解密為加密的寫入層資料。這些方法需要" +"一個已建立的 SSL 連接,即握手已完成,且未呼叫 :meth:`SSLSocket.unwrap`。" #: ../../library/ssl.rst:1123 msgid "" "Normally you should use the socket API methods like :meth:`~socket.socket." "recv` and :meth:`~socket.socket.send` instead of these methods." msgstr "" +"通常你應該使用像 :meth:`~socket.socket.recv` 和 :meth:`~socket.socket.send` " +"這樣的 socket API 方法,而不是直接使用這些方法。" #: ../../library/ssl.rst:1129 msgid "Perform the SSL setup handshake." -msgstr "" +msgstr "執行 SSL 設定握手。" #: ../../library/ssl.rst:1131 msgid "" @@ -1604,12 +1609,16 @@ msgid "" "`~SSLContext.check_hostname` attribute of the socket's :attr:`~SSLSocket." "context` is true." msgstr "" +"當 socket 的 :attr:`~SSLSocket.context` 的 :attr:`~SSLContext." +"check_hostname` 屬性質為 true 時,握手方法也會執行 :func:`match_hostname`。" #: ../../library/ssl.rst:1136 msgid "" "The socket timeout is no longer reset each time bytes are received or sent. " "The socket timeout is now the maximum total duration of the handshake." msgstr "" +"Socket 超時時間已經不會在每次接收或傳送位元組時重置。現在,超時時間是握手過程" +"的最大總持續時間。" #: ../../library/ssl.rst:1140 msgid "" @@ -1618,6 +1627,9 @@ msgid "" "or IP address, the handshake is aborted early and a TLS alert message is " "sent to the peer." msgstr "" +"在握手過程中,OpenSSL 會去配對主機名稱或 IP 地址。已不再使用 :func:" +"`match_hostname` 函式。如果 OpenSSL 拒絕某個主機名稱或 IP 地址,握手將會提前" +"中止,並向對方發送 TLS 警報訊息。" #: ../../library/ssl.rst:1148 msgid "" @@ -1625,6 +1637,8 @@ msgid "" "return ``None``. If the SSL handshake hasn't been done yet, raise :exc:" "`ValueError`." msgstr "" +"如果連線端沒有證書,則回傳 ``None``。如果 SSL 握手尚未完成,則引發 :exc:" +"`ValueError`。" #: ../../library/ssl.rst:1152 msgid "" @@ -1637,6 +1651,11 @@ msgid "" "of the *Subject Alternative Name* extension (see :rfc:`3280`), there will " "also be a ``subjectAltName`` key in the dictionary." msgstr "" +"如果 ``binary_form`` 參數為 :const:`False`,且從對等 (peer) 接收到證書,則該" +"方法回傳一個 :class:`dict` 實例。如果證書未被驗證,則該字典為空。若證書已被驗" +"證,則回傳的字典將包含數個鍵值,包括 ``subject`` (證書所簽發的對象) 和 " +"``issuer`` (簽發證書的主體)。如果證書中包含 *Subject Alternative Name* 擴充 " +"(參考\\ :rfc:`3280`\\ ),字典中還會有一個 ``subjectAltName`` 鍵。" #: ../../library/ssl.rst:1161 msgid "" @@ -1645,6 +1664,9 @@ msgid "" "structure for the respective fields, and each RDN is a sequence of name-" "value pairs. Here is a real-world example::" msgstr "" +"``subject`` 和 ``issuer`` 欄位欄位是包含相對識別名稱 (relative distinguished " +"names, RDNs) 序列的元組,這些 RDN 來自證書資料結構中的相應欄位。每個 RDN 都是" +"一組名稱與值的對。以下是現實中的範例: ::" #: ../../library/ssl.rst:1166 msgid "" @@ -1696,12 +1718,15 @@ msgid "" "certificate. Whether the peer provides a certificate depends on the SSL " "socket's role:" msgstr "" +"如果 ``binary_form`` 參數設定為 :const:`True`,且對等提供了證書,則該方法會" +"以 DER 編碼形式 將整個證書以位元組序列形式回傳。如果對等未提供證書,則回傳:" +"const:`None`。對等是否提供證書取決於 SSL socket 的腳色:" #: ../../library/ssl.rst:1191 msgid "" "for a client SSL socket, the server will always provide a certificate, " "regardless of whether validation was required;" -msgstr "" +msgstr "對於客戶端 SSL socket,伺服器將永遠提供證書,無論是否需要進行驗證;" #: ../../library/ssl.rst:1194 msgid "" @@ -1710,6 +1735,9 @@ msgid "" "`None` if you used :const:`CERT_NONE` (rather than :const:`CERT_OPTIONAL` " "or :const:`CERT_REQUIRED`)." msgstr "" +"對於伺服器 SSL socket,客戶端僅在伺服器要求時才會提供證書;因此,如果你使用的" +"是 :const:`CERT_NONE` (而非 :const:`CERT_OPTIONAL` 或 :const:" +"`CERT_REQUIRED`),則 :meth:`getpeercert` 會回傳 :const:`None`。" #: ../../library/ssl.rst:1199 msgid "See also :attr:`SSLContext.check_hostname`."