# # AUTHOR , YEAR. # msgid "" msgstr "" "Project-Id-Version: 0\n" "POT-Creation-Date: 2013-08-13T01:54:52\n" "PO-Revision-Date: 2013-08-13T01:54:52\n" "Last-Translator: Automatically generated\n" "Language-Team: None\n" "MIME-Version: 1.0\n" "Content-Type: application/x-publican; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Tag: programlisting #, no-c-format msgid "\n" "PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);\n" "NSSInitContext *const ctx =\n" " NSS_InitContext(\"sql:/etc/pki/nssdb\", \"\", \"\", \"\", NULL,\n" " NSS_INIT_READONLY | NSS_INIT_PK11RELOAD);\n" "if (ctx == NULL) {\n" " const PRErrorCode err = PR_GetError();\n" " fprintf(stderr, \"error: NSPR error code %d: %s\n" "\",\n" " err, PR_ErrorToName(err));\n" " exit(1);\n" "}\n" "\n" "// Ciphers to enable.\n" "static const PRUint16 good_ciphers[] = {\n" " TLS_RSA_WITH_AES_128_CBC_SHA,\n" " TLS_RSA_WITH_AES_256_CBC_SHA,\n" " SSL_RSA_WITH_3DES_EDE_CBC_SHA,\n" " SSL_NULL_WITH_NULL_NULL // sentinel\n" "};\n" "\n" "// Check if the current policy allows any strong ciphers. If it\n" "// doesn't, set the cipher suite policy. This is not thread-safe\n" "// and has global impact. Consequently, we only do it if absolutely\n" "// necessary.\n" "int found_good_cipher = 0;\n" "for (const PRUint16 *p = good_ciphers; *p != SSL_NULL_WITH_NULL_NULL;\n" " ++p) {\n" " PRInt32 policy;\n" " if (SSL_CipherPolicyGet(*p, &policy) != SECSuccess) {\n" " const PRErrorCode err = PR_GetError();\n" " fprintf(stderr, \"error: policy for cipher %u: error %d: %s\n" "\",\n" " (unsigned)*p, err, PR_ErrorToName(err));\n" " exit(1);\n" " }\n" " if (policy == SSL_ALLOWED) {\n" " fprintf(stderr, \"info: found cipher %x\n" "\", (unsigned)*p);\n" " found_good_cipher = 1;\n" " break;\n" " }\n" "}\n" "if (!found_good_cipher) {\n" " if (NSS_SetDomesticPolicy() != SECSuccess) {\n" " const PRErrorCode err = PR_GetError();\n" " fprintf(stderr, \"error: NSS_SetDomesticPolicy: error %d: %s\n" "\",\n" " err, PR_ErrorToName(err));\n" " exit(1);\n" " }\n" "}\n" "\n" "// Initialize the trusted certificate store.\n" "char module_name[] = \"library=libnssckbi.so name=\\\"Root Certs\\\"\";\n" "SECMODModule *module = SECMOD_LoadUserModule(module_name, NULL, PR_FALSE);\n" "if (module == NULL || !module->loaded) {\n" " const PRErrorCode err = PR_GetError();\n" " fprintf(stderr, \"error: NSPR error code %d: %s\n" "\",\n" " err, PR_ErrorToName(err));\n" " exit(1);\n" "}\n" "" msgstr ""