[MAJ]po4a://manpages-fr-extra/openssl/po4a/SSL_CTX_set/po/fr.po 621t 5f 5u

[David Prévot <david@tilapin.org>]

Salut,

Le 17/06/2015 16:39, David Prévot a écrit :
> Peux-tu fournir le bon fichier PO s’il te plaît ?

Merci pour la réponse rapide, je viens d’envoyer [1] ta mise à jour.

> Il y aura une dizaine de nouvelles chaînes à mettre à jour (cf. la
> branche tmp/openssl dans le dépôt)

Voilà la dernière version, par avance merci.

Amicalement

David

# French translations for the openssl package
# Copyright (C) 2008, 2012-2015 Debian French l10n team <debian-l10n-french@lists.debian.org>.
# This file is distributed under the same license as the openssl package.
#
# Nicolas François <nicolas.francois@centraliens.net>, 2008.
# David Prévot <david@tilapin.org>, 2012-2015.
# Jean-Paul Guillonneau <guillonneau.jeanpaul@free.fr>, 2014.
msgid ""
msgstr ""
"Project-Id-Version: openssl\n"
"POT-Creation-Date: 2015-06-13 15:23-0400\n"
"PO-Revision-Date: 2015-05-15 06:35+0200\n"
"Last-Translator: Jean-Paul Guillonneau <guillonneau.jeanpaul@free.fr>\n"
"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
"X-Generator: Lokalize 1.5\n"

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:3 C/ssl/SSL_CTX_set1_verify_cert_store.pod:3
#: C/ssl/SSL_CTX_set_cert_cb.pod:3 C/ssl/SSL_CTX_set_cert_store.pod:3
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:3
#: C/ssl/SSL_CTX_set_cipher_list.pod:3 C/ssl/SSL_CTX_set_client_CA_list.pod:3
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:3
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:3
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:3
#: C/ssl/SSL_CTX_set_generate_session_id.pod:3
#: C/ssl/SSL_CTX_set_info_callback.pod:3 C/ssl/SSL_CTX_set_max_cert_list.pod:3
#: C/ssl/SSL_CTX_set_mode.pod:3 C/ssl/SSL_CTX_set_msg_callback.pod:3
#: C/ssl/SSL_CTX_set_options.pod:3
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:32
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:3 C/ssl/SSL_CTX_set_read_ahead.pod:3
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:3
#: C/ssl/SSL_CTX_set_session_id_context.pod:3
#: C/ssl/SSL_CTX_set_ssl_version.pod:3 C/ssl/SSL_CTX_set_timeout.pod:3
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:3
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:3
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:3 C/ssl/SSL_CTX_set_verify.pod:3
msgid "NAME"
msgstr "NOM"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:5
msgid ""
"SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, "
"SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve, "
"SSL_CTX_set_ecdh_auto, SSL_set_ecdh_auto - EC supported curve functions"
msgstr ""
"SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves, "
"SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve, "
"SSL_CTX_set_ecdh_auto, SSL_set_ecdh_auto - Fonctions de courbes elliptiques "
"prises en charge"

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:9 C/ssl/SSL_CTX_set1_verify_cert_store.pod:11
#: C/ssl/SSL_CTX_set_cert_cb.pod:7 C/ssl/SSL_CTX_set_cert_store.pod:7
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:7
#: C/ssl/SSL_CTX_set_cipher_list.pod:7 C/ssl/SSL_CTX_set_client_CA_list.pod:9
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:7
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:7
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:7
#: C/ssl/SSL_CTX_set_generate_session_id.pod:7
#: C/ssl/SSL_CTX_set_info_callback.pod:7 C/ssl/SSL_CTX_set_max_cert_list.pod:7
#: C/ssl/SSL_CTX_set_mode.pod:7 C/ssl/SSL_CTX_set_msg_callback.pod:7
#: C/ssl/SSL_CTX_set_options.pod:7
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:36
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:7 C/ssl/SSL_CTX_set_read_ahead.pod:9
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:7
#: C/ssl/SSL_CTX_set_session_id_context.pod:7
#: C/ssl/SSL_CTX_set_ssl_version.pod:8 C/ssl/SSL_CTX_set_timeout.pod:7
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:7
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:7
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:7 C/ssl/SSL_CTX_set_verify.pod:7
msgid "SYNOPSIS"
msgstr "SYNOPSIS"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:11
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:13 C/ssl/SSL_CTX_set_cert_cb.pod:9
#: C/ssl/SSL_CTX_set_cert_store.pod:9
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:9
#: C/ssl/SSL_CTX_set_cipher_list.pod:9 C/ssl/SSL_CTX_set_client_cert_cb.pod:9
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:9
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:9
#: C/ssl/SSL_CTX_set_generate_session_id.pod:9
#: C/ssl/SSL_CTX_set_info_callback.pod:9 C/ssl/SSL_CTX_set_max_cert_list.pod:9
#: C/ssl/SSL_CTX_set_mode.pod:9 C/ssl/SSL_CTX_set_msg_callback.pod:9
#: C/ssl/SSL_CTX_set_options.pod:9
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:38
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:9 C/ssl/SSL_CTX_set_read_ahead.pod:11
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:9
#: C/ssl/SSL_CTX_set_session_id_context.pod:9
#: C/ssl/SSL_CTX_set_ssl_version.pod:10 C/ssl/SSL_CTX_set_timeout.pod:9
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:9
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:9 C/ssl/SSL_CTX_set_verify.pod:9
#, no-wrap
msgid ""
" #include <openssl/ssl.h>\n"
"\n"
msgstr ""
"B< #include E<lt>openssl/ssl.hE<gt>>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:13
#, no-wrap
msgid ""
" int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);\n"
" int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set1_curves(SSL_CTX *>I<ctx>B<, int *>I<clist>B<, int> I<clistlen>B<);>\n"
" B<int SSL_CTX_set1_curves_list(SSL_CTX *>I<ctx>B<, char *>I<list>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:16
#, no-wrap
msgid ""
" int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);\n"
" int SSL_set1_curves_list(SSL *ssl, char *list);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set1_curves(SSL *>I<ssl>B<, int *>I<clist>B<, int> I<clistlen>B<);>\n"
" B<int SSL_CTX_set1_curves_list(SSL *>I<ssl>B<, char *>I<list>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:19
#, no-wrap
msgid ""
" int SSL_get1_curves(SSL *ssl, int *curves);\n"
" int SSL_get_shared_curve(SSL *s, int n);\n"
"\n"
msgstr ""
"B< int SSL_get1_curves(SSL *>I<ssl>B<, int *>I<curves>B<);>\n"
" B<int SSL_get_shared_curve(SSL *s, int> I<n>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:22
#, no-wrap
msgid ""
" int SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int onoff);\n"
" int SSL_set_ecdh_auto(SSL *s, int onoff);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set_ecdh_auto(SSL_CTX *>I<ctx>B<, int> I<onoff>B<);>\n"
" B<int SSL_set_ecdh_auto(SSL *s, int> I<onoff>B<);>\n"
"\n"

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:25
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:25
#: C/ssl/SSL_CTX_set_cert_cb.pod:16 C/ssl/SSL_CTX_set_cert_store.pod:14
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:13
#: C/ssl/SSL_CTX_set_cipher_list.pod:14
#: C/ssl/SSL_CTX_set_client_CA_list.pod:18
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:15
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:40
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:16
#: C/ssl/SSL_CTX_set_generate_session_id.pod:19
#: C/ssl/SSL_CTX_set_info_callback.pod:17
#: C/ssl/SSL_CTX_set_max_cert_list.pod:17 C/ssl/SSL_CTX_set_mode.pod:17
#: C/ssl/SSL_CTX_set_msg_callback.pod:17 C/ssl/SSL_CTX_set_options.pod:22
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:50
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:17 C/ssl/SSL_CTX_set_read_ahead.pod:21
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:14
#: C/ssl/SSL_CTX_set_session_id_context.pod:16
#: C/ssl/SSL_CTX_set_ssl_version.pod:16 C/ssl/SSL_CTX_set_timeout.pod:14
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:16
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:19
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:23 C/ssl/SSL_CTX_set_verify.pod:20
msgid "DESCRIPTION"
msgstr "DESCRIPTION"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:27
msgid ""
"SSL_CTX_set1_curves() sets the supported curves for B<ctx> to B<clistlen> "
"curves in the array B<clist>. The array consist of all NIDs of curves in "
"preference order. For a TLS client the curves are used directly in the "
"supported curves extension. For a TLS server the curves are used to "
"determine the set of shared curves."
msgstr ""
"B<SSL_CTX_set1_curves>() définit les courbes elliptiques prises en charge "
"pour I<ctx> Ã  I<clistlen> courbes dans le tableau I<clist>. Le tableau est "
"constitué de tous les identifiants de courbe dans lâ??ordre de préférence. "
"Pour un client TLS, les courbes sont utilisées directement dans lâ??extension "
"prise en charge. Pour un serveur TLS, les courbes sont utilisées pour "
"déterminer lâ??ensemble des courbes partagées."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:33
msgid ""
"SSL_CTX_set1_curves_list() sets the supported curves for B<ctx> to string "
"B<list>. The string is a colon separated list of curve NIDs or names, for "
"example \"P-521:P-384:P-256\"."
msgstr ""
"B<SSL_CTX_set1_curves_list>() définit les courbes prises en charge pour "
"I<ctx> dans la chaîne I<list>. La chaîne est constituée dâ??une liste de noms "
"ou identifiants séparés par des deux points, par exemple « P-521:P-384:"
"P-256 »."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:37
msgid ""
"SSL_set1_curves() and SSL_set1_curves_list() are similar except they set "
"supported curves for the SSL structure B<ssl>."
msgstr ""
"B<SSL_set1_curves>() et B<SSL_set1_curves_list>() sont similaires aux "
"précédentes sauf quâ??elles définissent les courbes prises en charge pour les "
"structures SSL I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:40
msgid ""
"SSL_get1_curves() returns the set of supported curves sent by a client in "
"the supported curves extension. It returns the total number of supported "
"curves. The B<curves> parameter can be B<NULL> to simply return the number "
"of curves for memory allocation purposes. The B<curves> array is in the form "
"of a set of curve NIDs in preference order. It can return zero if the client "
"did not send a supported curves extension."
msgstr ""
"B<SSL_get1_curves>() renvoie lâ??ensemble des courbes prises en charge par un "
"client dans lâ??extension des courbes prises en charge. Elle renvoie le nombre "
"total de courbes prises en charge. Le paramètre I<curves> peut être NULL "
"pour simplement renvoyer le nombre de courbes dans le but dâ??allouer de la "
"mémoire. Le tableau I<curves> est sous la forme dâ??un ensemble dâ??identifiants "
"de courbe dans un ordre préférentiel. Elle peut renvoyer B<0> si le client "
"ne renvoie pas dâ??extension de courbes prises en charge."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:48
msgid ""
"SSL_get_shared_curve() returns shared curve B<n> for a server-side SSL "
"B<ssl>. If B<n> is -1 then the total number of shared curves is returned, "
"which may be zero. Other than for diagnostic purposes, most applications "
"will only be interested in the first shared curve so B<n> is normally set to "
"zero. If the value B<n> is out of range, NID_undef is returned."
msgstr ""
"B<SSL_get_shared_curve>() renvoie I<n> courbes partagées pour un SSL du côté "
"serveur I<ssl>. Si I<n> est égal à B<-1>, alors le nombre total de courbes "
"partagées est renvoyé, et peut valoir zéro. Autrement que pour des buts de "
"diagnostic, la plupart des applications ne seront intéressées que par la "
"première courbe partagée, aussi I<n> est normalement réglé à zéro. Si la "
"valeur de I<n> est hors limites, NID_undef est renvoyé."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:55
msgid ""
"SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() set automatic curve "
"selection for server B<ctx> or B<ssl> to B<onoff>. If B<onoff> is 1 then the "
"highest preference curve is automatically used for ECDH temporary keys used "
"during key exchange."
msgstr ""
"B<SSL_CTX_set_ecdh_auto>() et B<SSL_set_ecdh_auto>() règlent la sélection "
"automatique de courbes pour le serveur I<ctx> ou I<ssl> Ã  I<onoff>. Si "
"I<onoff> vaut B<1>, alors la courbe de plus haute préférence est "
"automatiquement employée pour les clefs temporaires ECDH utilisées durant "
"lâ??échange de clefs."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:60
msgid "All these functions are implemented as macros."
msgstr "Toutes ces fonctions sont implémentées en utilisant des macros."

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:62
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:43
#: C/ssl/SSL_CTX_set_cert_cb.pod:36 C/ssl/SSL_CTX_set_cert_store.pod:23
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:19
#: C/ssl/SSL_CTX_set_cipher_list.pod:23
#: C/ssl/SSL_CTX_set_client_CA_list.pod:35
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:38
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:103
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:32
#: C/ssl/SSL_CTX_set_generate_session_id.pod:31
#: C/ssl/SSL_CTX_set_info_callback.pod:36
#: C/ssl/SSL_CTX_set_max_cert_list.pod:32 C/ssl/SSL_CTX_set_mode.pod:29
#: C/ssl/SSL_CTX_set_msg_callback.pod:74 C/ssl/SSL_CTX_set_options.pod:44
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:67
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:33 C/ssl/SSL_CTX_set_read_ahead.pod:37
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:21
#: C/ssl/SSL_CTX_set_session_id_context.pod:24
#: C/ssl/SSL_CTX_set_ssl_version.pod:29 C/ssl/SSL_CTX_set_timeout.pod:21
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:107
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:34
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:48 C/ssl/SSL_CTX_set_verify.pod:40
msgid "NOTES"
msgstr "NOTES"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:64
msgid ""
"If an application wishes to make use of several of these functions for "
"configuration purposes either on a command line or in a file it should "
"consider using the SSL_CONF interface instead of manually parsing options."
msgstr ""
"Si une application désire utiliser plusieurs de ces fonctions pour des "
"besoins de configuration, soit en ligne de commande ou avec un fichier, "
"lâ??utilisation de lâ??interface SSL_CONF est à  préférer à  lâ??analyse manuelle "
"des options."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:68
msgid ""
"The functions SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() can be used to "
"make a server always choose the most appropriate curve for a client. If set "
"it will override any temporary ECDH parameters set by a server. Previous "
"versions of OpenSSL could effectively only use a single ECDH curve set using "
"a function such as SSL_CTX_set_ecdh_tmp(). Newer applications should just "
"call:"
msgstr ""
"Les fonctions B<SSL_CTX_set_ecdh_auto>() et B<SSL_set_ecdh_auto>() peuvent "
"être utilisées pour quâ??un serveur choisisse toujours la courbe la plus "
"appropriée pour un client. Dans ce cas, les paramètres temporaires ECDH "
"définis par le serveur seront outrepassés. Les versions précédentes "
"dâ??OpenSSL pouvaient effectivement seulement utiliser une seule courbe ECDH "
"définie en employant une fonction telle que B<SSL_CTX_set_ecdh_tmp>(). Les "
"nouvelles applications doivent juste appeler :"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_curves.pod:75
#, no-wrap
msgid ""
" SSL_CTX_set_ecdh_auto(ctx, 1);\n"
"\n"
msgstr ""
" SSL_CTX_set_ecdh_auto(ctx, 1);\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:77
msgid ""
"and they will automatically support ECDH using the most appropriate shared "
"curve."
msgstr ""
"et elles prendront en charge ECDH automatiquement en utilisant la courbe "
"partagée la plus adéquate."

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:80
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:69
#: C/ssl/SSL_CTX_set_cert_store.pod:52
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:57
#: C/ssl/SSL_CTX_set_cipher_list.pod:61
#: C/ssl/SSL_CTX_set_client_CA_list.pod:59
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:122
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:52
#: C/ssl/SSL_CTX_set_generate_session_id.pod:132
#: C/ssl/SSL_CTX_set_info_callback.pod:101
#: C/ssl/SSL_CTX_set_max_cert_list.pod:60 C/ssl/SSL_CTX_set_mode.pod:86
#: C/ssl/SSL_CTX_set_options.pod:303
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:71
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:49 C/ssl/SSL_CTX_set_read_ahead.pod:42
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:113
#: C/ssl/SSL_CTX_set_session_id_context.pod:60
#: C/ssl/SSL_CTX_set_ssl_version.pod:38 C/ssl/SSL_CTX_set_timeout.pod:45
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:178
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:134
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:141 C/ssl/SSL_CTX_set_verify.pod:161
msgid "RETURN VALUES"
msgstr "VALEURS DE RETOUR"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:82
msgid ""
"SSL_CTX_set1_curves(), SSL_CTX_set1_curves_list(), SSL_set1_curves(), "
"SSL_set1_curves_list(), SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto()  "
"return 1 for success and 0 for failure."
msgstr ""
"B<SSL_CTX_set1_curves>(), B<SSL_CTX_set1_curves_list>(), "
"B<SSL_set1_curves>(), B<SSL_set1_curves_list>(), B<SSL_CTX_set_ecdh_auto>() "
"et B<SSL_set_ecdh_auto>() renvoient B<1> en cas de réussite et B<0> lors "
"dâ??un échec."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:86
msgid "SSL_get1_curves() returns the number of curves, which may be zero."
msgstr "B<SSL_get1_curves>() renvoie le nombre de courbes, pouvant être zéro."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:88
msgid ""
"SSL_get_shared_curve() returns the NID of shared curve B<n> or NID_undef if "
"there is no shared curve B<n>; or the total number of shared curves if B<n> "
"is -1."
msgstr ""
"B<SSL_get_shared_curve>() renvoie lâ??identifiant de la courbe partagée I<n> "
"ou NID_undef sâ??il nâ??existe pas de courbe partagée I<n>; ou le nombre total "
"de courbes partagées si I<n> vaut B<-1>."

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:92
msgid ""
"When called on a client B<ssl>, SSL_get_shared_curve() has no meaning and "
"returns -1."
msgstr ""
"Lorsquâ??appelée sur un client I<ssl>, B<SSL_get_shared_curve>() ne signifie "
"rien et renvoie B<-1>."

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:95
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:73
#: C/ssl/SSL_CTX_set_cert_cb.pod:61 C/ssl/SSL_CTX_set_cert_store.pod:58
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:61
#: C/ssl/SSL_CTX_set_cipher_list.pod:66
#: C/ssl/SSL_CTX_set_client_CA_list.pod:87
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:87
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:71
#: C/ssl/SSL_CTX_set_generate_session_id.pod:140
#: C/ssl/SSL_CTX_set_info_callback.pod:148
#: C/ssl/SSL_CTX_set_max_cert_list.pod:68 C/ssl/SSL_CTX_set_mode.pod:93
#: C/ssl/SSL_CTX_set_msg_callback.pod:90 C/ssl/SSL_CTX_set_options.pod:316
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:57 C/ssl/SSL_CTX_set_read_ahead.pod:47
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:120
#: C/ssl/SSL_CTX_set_session_id_context.pod:79
#: C/ssl/SSL_CTX_set_ssl_version.pod:55 C/ssl/SSL_CTX_set_timeout.pod:51
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:182
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:142
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:152 C/ssl/SSL_CTX_set_verify.pod:283
msgid "SEE ALSO"
msgstr "VOIR AUSSI"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:97
msgid "L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>"
msgstr "L<B<SSL_CTX_add_extra_chain_cert>(3)|SSL_CTX_add_extra_chain_cert(3)>"

#. type: =head1
#: C/ssl/SSL_CTX_set1_curves.pod:99
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:87
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:67
#: C/ssl/SSL_CTX_set_generate_session_id.pod:144
#: C/ssl/SSL_CTX_set_max_cert_list.pod:73 C/ssl/SSL_CTX_set_mode.pod:97
#: C/ssl/SSL_CTX_set_msg_callback.pod:94 C/ssl/SSL_CTX_set_options.pod:323
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:132
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:191
msgid "HISTORY"
msgstr "HISTORIQUE"

#. type: textblock
#: C/ssl/SSL_CTX_set1_curves.pod:101
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:89
msgid "These functions were first added to OpenSSL 1.0.2."
msgstr "Ces fonctions ont été introduites dans OpenSSL 1.0.2"

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:5
msgid ""
"SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, "
"SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, "
"SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, "
"SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate "
"verification or chain store"
msgstr ""
"SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store, "
"SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store, "
"SSL_set0_verify_cert_store, SSL_set1_verify_cert_store, "
"SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - Définir le stockage "
"des vérifications de chaîne ou certificat"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:15
#, no-wrap
msgid ""
" int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set0_verify_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_CTX_set1_verify_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_CTX_set0_chain_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_CTX_set1_chain_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:20
#, no-wrap
msgid ""
" int SSL_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
" int SSL_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);\n"
"\n"
msgstr ""
"B< int SSL_set0_verify_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_set1_verify_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_set0_chain_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
" B<int SSL_set1_chain_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<st>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:27
msgid ""
"SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store()  set "
"the certificate store used for certificate verification to B<st>."
msgstr ""
"B<SSL_CTX_set0_verify_cert_store>() et B<SSL_CTX_set1_verify_cert_store>() "
"définissent le stockage de certificats utilisé pour leur vérification à "
"I<st>."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:30
msgid ""
"SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store()  set the "
"certificate store used for certificate chain building to B<st>."
msgstr ""
"B<SSL_CTX_set0_chain_cert_store>() et B<SSL_CTX_set1_chain_cert_store>() "
"définissent le stockage de certificats utilisé pour la construction de "
"chaîne de certificats à I<st>."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:33
msgid ""
"SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(), "
"SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar "
"except they apply to SSL structure B<ssl>."
msgstr ""
"B<SSL_set0_verify_cert_store>(), B<SSL_set1_verify_cert_store>(), "
"B<SSL_set0_chain_cert_store>() et B<SSL_set1_chain_cert_store>() sont "
"similaires sauf quâ??elles sâ??appliquent à  une structure SSL I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:37
msgid ""
"All these functions are implemented as macros. Those containing a B<1> "
"increment the reference count of the supplied store so it must be freed at "
"some point after the operation. Those containing a B<0> do not increment "
"reference counts and the supplied store B<MUST NOT> be freed after the "
"operation."
msgstr ""
"Toutes ces fonctions sont mises en Å?uvre avec des macros. Celles contenant "
"un B<1> incrémentent le compteur de références du stockage fourni, afin que "
"celui-ci soit libéré à  un certain moment après lâ??opération. Celles contenant "
"un B<0> nâ??incrémentent point le compteur et le stockage fourni B<ne doit "
"pas> être libéré après lâ??opération."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:45
msgid ""
"The stores pointers associated with an SSL_CTX structure are copied to any "
"SSL structures when SSL_new() is called. As a result SSL structures will not "
"be affected if the parent SSL_CTX store pointer is set to a new value."
msgstr ""
"Les pointeurs de stockage associés avec une structure SSL_CTX sont copiés "
"dans nâ??importe quelle structure SSL quand B<SSL_new>() est appelée. Par "
"conséquent, les structures SSL ne seront pas affectées si le pointeur de "
"stockage SSL_CTX parent est défini à une nouvelle valeur."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:49
msgid ""
"The verification store is used to verify the certificate chain sent by the "
"peer: that is an SSL/TLS client will use the verification store to verify "
"the server's certificate chain and a SSL/TLS server will use it to verify "
"any client certificate chain."
msgstr ""
"Le stockage de vérification est utilisé pour vérifier la chaîne de "
"certificats envoyée par le pair : câ??est-à -dire, un client SSL/TLS utilisera "
"le stockage de vérification pour vérifier la chaîne de certificats du "
"serveur et un serveur SSL/TLS lâ??utilisera pour vérifier nâ??importe quelle "
"chaîne de certificats de client."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:54
msgid "The chain store is used to build the certificate chain."
msgstr ""
"Le stockage de chaînes est utilisé pour construire la chaîne de certificats."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:56
msgid ""
"If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set or a certificate chain is "
"configured already (for example using the functions such as "
"L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)> or "
"L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>) then "
"automatic chain building is disabled."
msgstr ""
"Si le mode B<SSL_MODE_NO_AUTO_CHAIN> est utilisé ou une chaîne de "
"certificats est déjà configurée (par exemple en utilisant des fonctions "
"telles que L<B<SSL_CTX_add1_chain_cert>(3)|SSL_CTX_add1_chain_cert(3)> ou "
"L<B<SSL_CTX_add_extra_chain_cert>(3)|SSL_CTX_add_extra_chain_cert(3)>), "
"alors la construction automatique de chaîne est désactivée."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:62
msgid ""
"If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set then automatic chain building "
"is disabled."
msgstr ""
"Si le mode B<SSL_MODE_NO_AUTO_CHAIN> est utilisé, alors la construction "
"automatique de chaîne est désactivée."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:65
msgid ""
"If the chain or the verification store is not set then the store associated "
"with the parent SSL_CTX is used instead to retain compatibility with "
"previous versions of OpenSSL."
msgstr ""
"Si le stockage de chaînes ou vérifications nâ??est défini, alors le stockage "
"associé avec le SSL_CTX parent est utilisé pour conserver la compatibilité "
"avec les précédentes versions dâ??OpenSSL."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:71
msgid "All these functions return 1 for success and 0 for failure."
msgstr ""
"Toutes ces fonctions renvoient B<1> en cas de succès et B<0> lors dâ??un échec."

#. type: textblock
#: C/ssl/SSL_CTX_set1_verify_cert_store.pod:75
msgid ""
"L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)> "
"L<SSL_CTX_set0_chain(3)|SSL_CTX_set0_chain(3)> L<SSL_CTX_set1_chain(3)|"
"SSL_CTX_set1_chain(3)> L<SSL_CTX_add0_chain_cert(3)|"
"SSL_CTX_add0_chain_cert(3)> L<SSL_CTX_add1_chain_cert(3)|"
"SSL_CTX_add1_chain_cert(3)> L<SSL_set0_chain(3)|SSL_set0_chain(3)> "
"L<SSL_set1_chain(3)|SSL_set1_chain(3)> L<SSL_add0_chain_cert(3)|"
"SSL_add0_chain_cert(3)> L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)> "
"L<SSL_CTX_build_cert_chain(3)|SSL_CTX_build_cert_chain(3)> "
"L<SSL_build_cert_chain(3)|SSL_build_cert_chain(3)>"
msgstr ""
"L<B<SSL_CTX_add_extra_chain_cert>(3)|SSL_CTX_add_extra_chain_cert(3)> "
"L<B<SSL_CTX_set0_chain>(3)|SSL_CTX_set0_chain(3)> L<B<SSL_CTX_set1_chain>(3)|"
"SSL_CTX_set1_chain(3)> L<B<SSL_CTX_add0_chain_cert>(3)|"
"SSL_CTX_add0_chain_cert(3)> L<B<SSL_CTX_add1_chain_cert>(3)|"
"SSL_CTX_add1_chain_cert(3)> L<B<SSL_set0_chain>(3)|SSL_set0_chain(3)> "
"L<B<SSL_set1_chain>(3)|SSL_set1_chain(3)> L<B<SSL_add0_chain_cert>(3)|"
"SSL_add0_chain_cert(3)> L<B<SSL_add1_chain_cert>(3)|SSL_add1_chain_cert(3)> "
"L<B<SSL_CTX_build_cert_chain>(3)|SSL_CTX_build_cert_chain(3)> "
"L<B<SSL_build_cert_chain>(3)|SSL_build_cert_chain(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:5
msgid ""
"SSL_CTX_set_cert_cb, SSL_set_cert_cb - handle certificate callback function"
msgstr ""
"SSL_CTX_set_cert_cb, SSL_set_cert_cb - Gestion de la fonction de rappel de "
"certificat client."

#. type: verbatim
#: C/ssl/SSL_CTX_set_cert_cb.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cert_cb)(SSL *ssl, void *arg), void *arg);\n"
" void SSL_set_cert_cb(SSL *s, int (*cert_cb)(SSL *ssl, void *arg), void *arg);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*>I<cert_cb>B<)(SSL *>I<ssl>B<, void *>I<arg>B<), void *>I<arg>B<);>\n"
" B<void SSL_set_cert_cb(SSL *s, int (*>I<cert_cb>B<)(SSL *>I<ssl>B<, void *>I<arg>B<), void *>I<arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_cert_cb.pod:14
#, no-wrap
msgid ""
" int (*cert_cb)(SSL *ssl, void *arg);\n"
"\n"
msgstr ""
"B< int (*>I<cert_cb>B<)(SSL *>I<ssl>B<, void *>I<arg>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:18
msgid ""
"SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the B<cert_cb()> callback, "
"B<arg> value is pointer which is passed to the application callback."
msgstr ""
"B<SSL_CTX_set_cert_cb>() et  B<SSL_set_cert_cb>() définissent la fonction de "
"rappel B<cert_cb()>, la valeur I<arg> est un pointeur qui est transmis à la "
"fonction de rappel de lâ??application."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:21
msgid "When B<cert_cb()> is NULL, no callback function is used."
msgstr ""
"Lorsque B<cert_cb()> est NULL, aucune fonction de rappel nâ??est utilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:23
msgid ""
"cert_cb() is the application defined callback. It is called before a "
"certificate will be used by a client or server. The callback can then "
"inspect the passed B<ssl> structure and set or clear any appropriate "
"certificates. If the callback is successful it B<MUST> return 1 even if no "
"certificates have been set. A zero is returned on error which will abort the "
"handshake with a fatal internal error alert. A negative return value will "
"suspend the handshake and the handshake function will return immediately.  "
"L<SSL_get_error(3)|SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP "
"to indicate, that the handshake was suspended. The next call to the "
"handshake function will again lead to the call of cert_cb(). It is the job "
"of the cert_cb() to store information about the state of the last call, if "
"required to continue."
msgstr ""
"B<cert_cb()> est le rappel défini par lâ??application. Il est employé avant "
"quâ??un certificat soit utilisé par un client ou un serveur. Le rappel peut "
"alors inspecter la structure transmise I<ssl> et établir ou supprimer "
"nâ??importe quel certificat. Si le rappel est réussi, il B<doit> renvoyer B<1> "
"même si aucun certificat nâ??est établi. Un B<0> est renvoyé lors dâ??une erreur "
"qui interrompt lâ??initiation de connexion avec une alerte dâ??erreur interne "
"fatale. Le renvoi dâ??une valeur négative suspendra lâ??initiation de connexion "
"et la fonction dâ??initiation s'arrêtera immédiatement. L<B<SSL_get_error>(3)|"
"SSL_get_error(3)> renverra SSL_ERROR_WANT_X509_LOOKUP pour signaler que "
"lâ??initiation est suspendue. Le prochain appel à  la fonction dâ??initiation "
"amènera de nouveau à  lâ??appel de B<client_cert_cb>(). Câ??est au B<cert_cb>() "
"dâ??emmagasiner lâ??information sur lâ??état du dernier appel, si une demande de "
"continuation est faite."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:38
msgid ""
"An application will typically call SSL_use_certificate() and "
"SSL_use_PrivateKey() to set the end entity certificate and private key.  It "
"can add intermediate and optionally the root CA certificates using "
"SSL_add1_chain_cert()."
msgstr ""
"Une application appellera habituellement B<SSL_use_certificate>() et "
"B<SSL_use_PrivateKey>() pour définir les clef privée et certificat dâ??entité "
"de fin. Elle peut facultativement ajouter en intermédiaire les certificats "
"dâ??autorité racine en employant B<SSL_add1_chain_cert>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:43
msgid ""
"It might also call SSL_certs_clear() to delete any certificates associated "
"with the B<SSL> object."
msgstr ""
"Elle peut aussi appeler B<SSL_certs_clear>() pour supprimer nâ??importe quel "
"certificat associé avec lâ??objet I<SSL>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:46
msgid ""
"The certificate callback functionality supercedes the (largely broken)  "
"functionality provided by the old client certificate callback interface.  It "
"is B<always> called even is a certificate is already set so the callback can "
"modify or delete the existing certificate."
msgstr ""
"La fonction de rappel de certificat remplace la (défectueuse) fonction "
"fournie par la vieille interface client de rappel de certificat. Elle est "
"B<toujours> appelée même si un certificat est déjà défini, ainsi le rappel "
"peut modifier ou supprimer les certificats existants."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:51
msgid ""
"A more advanced callback might examine the handshake parameters and set "
"whatever chain is appropriate. For example a legacy client supporting only "
"TLS v1.0 might receive a certificate chain signed using SHA1 whereas a TLS "
"v1.2 client which advertises support for SHA256 could receive a chain using "
"SHA256."
msgstr ""
"Un rappel de plus haut niveau peut examiner les paramètres de lâ??initiation "
"de connexion et définir toute chaîne appropriée. Par exemple, un ancien "
"client ne prenant en charge que TLS v1.0 peut recevoir une chaîne de "
"certificats signée avec SHA1, tandis quâ??un client TLS v1.2 déclarant la "
"prise en charge de SHA256 peut recevoir une chaîne utilisant SHA256."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:57
msgid ""
"Normal server sanity checks are performed on any certificates set by the "
"callback. So if an EC chain is set for a curve the client does not support "
"it will B<not> be used."
msgstr ""
"Des contrôles de validité pour le serveur sont réalisés sur tous les "
"certificats définis par le rappel. Aussi, si une chaîne de courbe elliptique "
"est définie pour une courbe que le client ne prend pas en charge, elle ne "
"sera B<pas> utilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_cb.pod:63
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_use_certificate(3)|SSL_use_certificate(3)>, "
"L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>, "
"L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, L<SSL_clear(3)|"
"SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_use_certificate>(3)|SSL_use_certificate(3)>, "
"L<B<SSL_add1_chain_cert>(3)|SSL_add1_chain_cert(3)>, "
"L<B<SSL_get_client_CA_list>(3)|SSL_get_client_CA_list(3)>, L<B<SSL_clear>(3)|"
"SSL_clear(3)>, L<B<SSL_free>(3)|SSL_free(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:5
msgid ""
"SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate "
"verification storage"
msgstr ""
"SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - Manipuler le stockage de "
"vérification de certificats X509"

#. type: verbatim
#: C/ssl/SSL_CTX_set_cert_store.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);\n"
" X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_cert_store(SSL_CTX *>I<ctx>B<, X509_STORE *>I<stockage>B<);>\n"
" B<X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *>I<ctx>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:16
msgid ""
"SSL_CTX_set_cert_store() sets/replaces the certificate verification storage "
"of B<ctx> to/with B<store>. If another X509_STORE object is currently set in "
"B<ctx>, it will be X509_STORE_free()ed."
msgstr ""
"B<SSL_CTX_set_cert_store>() définit et remplace le stockage de vérifications "
"de certificat de I<ctx> en I<stockage>. Si un autre objet X509_STORE est "
"actuellement défini dans I<ctx>, il sera libéré avec B<X509_STORE_free>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:20
msgid ""
"SSL_CTX_get_cert_store() returns a pointer to the current certificate "
"verification storage."
msgstr ""
"B<SSL_CTX_set_cert_store>() renvoie un pointeur vers le stockage actuel de "
"vérifications de certificat."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:25
msgid ""
"In order to verify the certificates presented by the peer, trusted CA "
"certificates must be accessed. These CA certificates are made available via "
"lookup methods, handled inside the X509_STORE. From the X509_STORE the "
"X509_STORE_CTX used when verifying certificates is created."
msgstr ""
"Afin de vérifier les certificats présentés par le pair, il faut accéder aux "
"certificats d'autorité de certification. Ces certificats d'autorité de "
"certification sont rendus disponibles par des méthodes de recherche, "
"traitées à l'intérieur de X509_STORE. Le X509_STORE_CTX utilisé lors de la "
"vérification de certificats est créé à partir de X509_STORE."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:30
msgid ""
"Typically the trusted certificate store is handled indirectly via using "
"L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.  Using "
"the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions it is "
"possible to manipulate the X509_STORE object beyond the "
"L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> call."
msgstr ""
"L'emplacement de stockage des certificats de confiance est typiquement géré "
"en utilisant L<B<SSL_CTX_load_verify_locations>(3)|"
"SSL_CTX_load_verify_locations(3)>. L'utilisation des fonctions "
"B<SSL_CTX_set_cert_store>() et B<SSL_CTX_get_cert_store>() est possible pour "
"manipuler l'objet X509_STORE au delà de l'appel "
"L<B<SSL_CTX_load_verify_locations>(3)|SSL_CTX_load_verify_locations(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:37
msgid ""
"Currently no detailed documentation on how to use the X509_STORE object is "
"available. Not all members of the X509_STORE are used when the verification "
"takes place. So will e.g. the verify_callback() be overridden with the "
"verify_callback() set via the L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> "
"family of functions.  This document must therefore be updated when "
"documentation about the X509_STORE object and its handling becomes available."
msgstr ""
"Aucune documentation détaillée du mode d'utilisation de l'objet X509_STORE "
"n'est pour l'instant disponible. Les éléments du X509_STORE ne sont pas tous "
"utilisés au moment de la vérification. Ainsi, par exemple, la fonction "
"B<verify_callback>() sera écrasée par la fonction B<verify_callback>() "
"définie par la famille de fonctions L<B<SSL_CTX_set_verify>(3)|"
"SSL_CTX_set_verify(3)>. Ce document devra par conséquent être mis à jour "
"lorsque la documentation de l'objet X509_STORE et de son traitement sera "
"disponible."

#. type: =head1
#: C/ssl/SSL_CTX_set_cert_store.pod:45
msgid "RESTRICTIONS"
msgstr "RESTRICTIONS"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:47
msgid ""
"The X509_STORE structure used by an SSL_CTX is used for verifying peer "
"certificates and building certificate chains, it is also shared by every "
"child SSL structure. Applications wanting finer control can use functions "
"such as SSL_CTX_set1_verify_cert_store() instead."
msgstr ""
"La structure X509_STORE utilisée par un SSL_CTX est employée pour vérifier "
"les certificats de pairs et construire la chaîne de certificats ; elle est "
"aussi partagée par toute structure SSL enfant. Les applications désirant un "
"contrôle plus fin peuvent plutôt utiliser des fonctions telles que "
"B<SSL_CTX_set1_verify_cert_store>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:54
msgid "SSL_CTX_set_cert_store() does not return diagnostic output."
msgstr "B<SSL_CTX_set_cert_store>() ne renvoie pas de sortie de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:56
msgid "SSL_CTX_get_cert_store() returns the current setting."
msgstr "B<SSL_CTX_set_cert_store>() renvoie la configuration actuelle."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_store.pod:60
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_load_verify_locations(3)|"
"SSL_CTX_load_verify_locations(3)>, L<SSL_CTX_set_verify(3)|"
"SSL_CTX_set_verify(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_load_verify_locations>(3)|"
"SSL_CTX_load_verify_locations(3)>, L<B<SSL_CTX_set_verify>(3)|"
"SSL_CTX_set_verify(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:5
msgid ""
"SSL_CTX_set_cert_verify_callback - set peer certificate verification "
"procedure"
msgstr ""
"SSL_CTX_set_cert_verify_callback - Définir la procédure de vérification de "
"certificat de pair"

#. type: verbatim
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_cert_verify_callback(SSL_CTX *>I<ctx>B<, int (*>I<rappel>B<)(X509_STORE_CTX *,void *), void *>I<arg>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:15
msgid ""
"SSL_CTX_set_cert_verify_callback() sets the verification callback function "
"for I<ctx>. SSL objects that are created from I<ctx> inherit the setting "
"valid at the time when L<SSL_new(3)|SSL_new(3)> is called."
msgstr ""
"B<SSL_CTX_set_cert_verify_callback>() définit la fonction de rappel de "
"vérification pour I<ctx>. Les objets SSL créés à partir de I<ctx> héritent "
"des réglages valables au moment de lâ??appel de L<B<SSL_new>(3)|SSL_new(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:21
msgid ""
"Whenever a certificate is verified during a SSL/TLS handshake, a "
"verification function is called. If the application does not explicitly "
"specify a verification callback function, the built-in verification function "
"is used.  If a verification callback I<callback> is specified via "
"SSL_CTX_set_cert_verify_callback(), the supplied callback function is called "
"instead. By setting I<callback> to NULL, the default behaviour is restored."
msgstr ""
"Ã? chaque fois quâ??un certificat est vérifié durant une initiation de "
"connexion SSL/TLS, une fonction de vérification est appelée. Si "
"lâ??application ne précise pas de fonction de rappel de vérification, la "
"fonction interne est utilisée. Si un rappel pour vérification I<rappel> est "
"précisé à  lâ??aide de B<SSL_CTX_set_cert_verify_callback>(), la fonction de "
"rappel indiquée est appelée. En réglant I<rappel> à NULL, le comportement "
"par défaut est restauré."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:28
msgid ""
"When the verification must be performed, I<callback> will be called with the "
"arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The argument "
"I<arg> is specified by the application when setting I<callback>."
msgstr ""
"Quand une vérification doit être effectuée, I<rappel> sera appelé avec les "
"arguments I<rappel(X509_STORE_CTX *x509_store_ctx, void *arg)>.Lâ??argument "
"I<arg> est indiqué par lâ??application lors de la configuration de I<rappel>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:32
msgid ""
"I<callback> should return 1 to indicate verification success and 0 to "
"indicate verification failure. If SSL_VERIFY_PEER is set and I<callback> "
"returns 0, the handshake will fail. As the verification procedure may allow "
"to continue the connection in case of failure (by always returning 1)  the "
"verification result must be set in any case using the B<error> member of "
"I<x509_store_ctx> so that the calling application will be informed about the "
"detailed result of the verification procedure!"
msgstr ""
"I<rappel> renvoie B<1> en cas de réussite et B<0> en cas dâ??échec. Si "
"SSL_VERIFY_PEER est configuré et I<rappel> renvoie B<0>, lâ??initiation de "
"connexion échouera. Comme la vérification de procédure permet de continuer "
"la connexion en cas dâ??échec (en renvoyant toujours B<1>), le résultat de la "
"vérification doit, dans tous les cas, être indiqué en utilisant la partie "
"B<error> de B<x509_store_ctx>, de façon que lâ??application appelante soit "
"informée du résultat détaillé de la procédure de vérification !"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:40
msgid ""
"Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback> "
"function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>."
msgstr ""
"Dans B<x509_store_ctx>, I<rappel> peut accéder à la fonction "
"I<verify_callback> établie en utilisant L<B<SSL_CTX_set_verify>(3)|"
"SSL_CTX_set_verify(3)>."

#. type: =head1
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:43
#: C/ssl/SSL_CTX_set_session_id_context.pod:47
msgid "WARNINGS"
msgstr "AVERTISSEMENTS"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:45
msgid ""
"Do not mix the verification callback described in this function with the "
"B<verify_callback> function called during the verification process. The "
"latter is set using the L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> "
"family of functions."
msgstr ""
"Ne pas mélanger le rappel de vérification décrit dans cette fonction avec la "
"fonction I<verify_callback> appelée durant la procédure de vérification. "
"Cette dernière est définie en utilisant la famille de fonctions "
"L<B<SSL_CTX_set_verify>(3)|SSL_CTX_set_verify(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:50
msgid ""
"Providing a complete verification procedure including certificate purpose "
"settings etc is a complex task. The built-in procedure is quite powerful and "
"in most cases it should be sufficient to modify its behaviour using the "
"B<verify_callback> function."
msgstr ""
"Fournir une procédure de vérification complète incluant les indications "
"dâ??objectif de certificat est une tâche complexe. La procédure interne est "
"plutôt puissante, et, dans la plupart des cas, il sera suffisant de modifier "
"son comportement en utilisant la fonction I<verify_callback>."

#. type: =head1
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:55
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:63 C/ssl/SSL_CTX_set_verify.pod:149
msgid "BUGS"
msgstr "BOGUES"

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:59
msgid ""
"SSL_CTX_set_cert_verify_callback() does not provide diagnostic information."
msgstr ""
"B<SSL_CTX_set_cert_verify_callback>() ne fournit pas dâ??information de "
"diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:63
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, "
"L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, "
"L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_set_verify>(3)|SSL_CTX_set_verify(3)>, "
"L<B<SSL_get_verify_result>(3)|SSL_get_verify_result(3)>, "
"L<B<SSL_CTX_load_verify_locations>(3)|SSL_CTX_load_verify_locations(3)>"

#. type: verbatim
#: C/ssl/SSL_CTX_set_cert_verify_callback.pod:69
#, no-wrap
msgid ""
"Previous to OpenSSL 0.9.7, the I<arg> argument to B<SSL_CTX_set_cert_verify_callback>\n"
"was ignored, and I<callback> was called simply as\n"
" int (*callback)(X509_STORE_CTX *)\n"
"To compile software written for previous versions of OpenSSL, a dummy\n"
"argument will have to be added to I<callback>.\n"
"\n"
msgstr ""
"Antérieurement à  OpenSSL 0.9.7, lâ??argument I<arg> de B<SSL_CTX_set_cert_verify_callback>\n"
"était ignoré et I<rappel> était simplement appelé comme ceci :\n"
" int (*I<rappel>)(X509_STORE_CTX *)\n"
"\n"
"\n"
"Pour compiler des logiciels écrits pour de précédentes versions dâ??OpenSSL, \n"
"un argument factice doit être ajouté à I<rappel>.\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:5
msgid ""
"SSL_CTX_set_cipher_list, SSL_set_cipher_list - choose list of available "
"SSL_CIPHERs"
msgstr ""
"SSL_CTX_set_cipher_list, SSL_set_cipher_list - Choisir la liste des "
"SSL_CIPHER disponibles"

#. type: verbatim
#: C/ssl/SSL_CTX_set_cipher_list.pod:11
#, no-wrap
msgid ""
" int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);\n"
" int SSL_set_cipher_list(SSL *ssl, const char *str);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set_cipher_list(SSL_CTX *>I<ctx>B<, const char *>I<str>B<);>\n"
" B<int SSL_set_cipher_list(SSL *>I<ssl>B<, const char *>I<str>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:16
msgid ""
"SSL_CTX_set_cipher_list() sets the list of available ciphers for B<ctx> "
"using the control string B<str>. The format of the string is described in "
"L<ciphers(1)|ciphers(1)>. The list of ciphers is inherited by all B<ssl> "
"objects created from B<ctx>."
msgstr ""
"B<SSL_CTX_set_cipher_list>() définit la liste des algorithmes de chiffrement "
"disponibles pour I<ctx> en utilisant la chaîne de contrôle I<str>. Le format "
"de la chaîne est décrit dans L<B<ciphers>(1)|ciphers(1)>. La liste "
"d'algorithmes de chiffrement est héritée par tous les objets I<ssl> créés à "
"partir de I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:21
msgid "SSL_set_cipher_list() sets the list of ciphers only for B<ssl>."
msgstr ""
"B<SSL_set_cipher_list>() ne définit la liste des algorithmes de chiffrement "
"que pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:25
msgid ""
"The control string B<str> should be universally usable and not depend on "
"details of the library configuration (ciphers compiled in). Thus no syntax "
"checking takes place. Items that are not recognized, because the "
"corresponding ciphers are not compiled in or because they are mistyped, are "
"simply ignored. Failure is only flagged if no ciphers could be collected at "
"all."
msgstr ""
"La chaîne de contrôle I<str> devrait être universellement utilisable sans "
"dépendre de détails de la configuration de bibliothèques (algorithmes de "
"chiffrement compilés à l'intérieur). Ainsi, aucune vérification de syntaxe "
"n'est effectuée. Les éléments qui ne sont pas reconnus, parce que les "
"algorithmes de chiffrement correspondants ne sont pas compilés à "
"l'intérieur, ou parce qu'ils n'ont pas été écrits correctement, sont "
"simplement ignorés. Un échec nâ??est signalé que si aucun algorithme de "
"chiffrement n'a pu être collecté."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:32
msgid ""
"It should be noted, that inclusion of a cipher to be used into the list is a "
"necessary condition. On the client side, the inclusion into the list is also "
"sufficient. On the server side, additional restrictions apply. All ciphers "
"have additional requirements. ADH ciphers don't need a certificate, but DH-"
"parameters must have been set. All other ciphers need a corresponding "
"certificate and key."
msgstr ""
"Précision importante : l'inclusion d'un algorithme de chiffrement à utiliser "
"dans la liste est une condition nécessaire. Du côté client, l'inclusion dans "
"la liste est aussi suffisante. Du côté serveur, des restrictions "
"supplémentaires s'appliquent. Tous les algorithmes de chiffrement ont des "
"conditions nécessaires supplémentaires. Les algorithmes de chiffrement ADH "
"n'ont pas besoin d'un certificat, mais les paramètres DH doivent avoir été "
"définis. Tous les autres algorithmes de chiffrement ont besoin d'un "
"certificat et d'une clef correspondants"

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:39
msgid ""
"A RSA cipher can only be chosen, when a RSA certificate is available.  RSA "
"export ciphers with a keylength of 512 bits for the RSA key require a "
"temporary 512 bit RSA key, as typically the supplied key has a length of "
"1024 bit (see L<SSL_CTX_set_tmp_rsa_callback(3)|"
"SSL_CTX_set_tmp_rsa_callback(3)>).  RSA ciphers using DHE need a certificate "
"and key and additional DH-parameters (see L<SSL_CTX_set_tmp_dh_callback(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>)."
msgstr ""
"Seul un algorithme de chiffrement RSA peut être choisi quand un certificat "
"RSA est disponible. Les algorithmes de chiffrement RSA exportés avec une "
"taille de clef de 512Â bits pour la clef RSA ont besoin d'une clef RSA "
"temporaire de 512Â bits, puisque les clefs typiquement fournies ont une "
"taille de 1024Â bits (consultez L<B<SSL_CTX_set_tmp_rsa_callback>(3)|"
"SSL_CTX_set_tmp_rsa_callback(3)>). Les algorithmes de chiffrement RSA "
"utilisant DHE ont besoin d'un certificat et d'une clef et de paramètres DH "
"supplémentaires (consultez L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>)."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:47
msgid ""
"A DSA cipher can only be chosen, when a DSA certificate is available.  DSA "
"ciphers always use DH key exchange and therefore need DH-parameters (see "
"L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>)."
msgstr ""
"Seul un algorithme de chiffrement DSA peut être choisi quand un certificat "
"DSA est disponible. Les algorithmes de chiffrement DSA utilisent toujours un "
"échange de clefs DH, et ont par conséquent besoin de paramètres DH "
"(consultez L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>)."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:51
msgid ""
"When these conditions are not met for any cipher in the list (e.g. a client "
"only supports export RSA ciphers with a asymmetric key length of 512 bits "
"and the server is not configured to use temporary RSA keys), the \"no shared "
"cipher\" (SSL_R_NO_SHARED_CIPHER) error is generated and the handshake will "
"fail."
msgstr ""
"Quand ces conditions ne sont pas réunies pour aucun algorithme de "
"chiffrement de la liste (par exemple un client qui ne gère que les "
"algorithmes de chiffrement RSA pour lâ??export avec une taille de clef "
"asymétrique de 512 bits et que le serveur n'est pas configuré pour utiliser "
"des clefs RSA temporaires), l'erreur « pas d'algorithme de chiffrement "
"partagé » (SSL_R_NO_SHARED_CIPHER) est générée, et l'initialisation échouera."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:57
msgid ""
"If the cipher list does not contain any SSLv2 cipher suites (this is the "
"default) then SSLv2 is effectively disabled and neither clients nor servers "
"will attempt to use SSLv2."
msgstr ""
"Si la liste dâ??algorithmes de chiffrement ne contient aucune suite de "
"chiffrement SSLv2 (état par défaut), alors SSLv2 est réellement désactivé et "
"ni les clients, ni les serveurs, ne pourront utiliser SSLv2."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:63
msgid ""
"SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher "
"could be selected and 0 on complete failure."
msgstr ""
"B<SSL_CTX_set_cipher_list>() et B<SSL_set_cipher_list>() renvoient B<1> si "
"un algorithme de chiffrement a pu être sélectionné et B<0> en cas d'échec "
"complet."

#. type: textblock
#: C/ssl/SSL_CTX_set_cipher_list.pod:68
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, "
"L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, "
"L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>, "
"L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>, "
"L<ciphers(1)|ciphers(1)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_get_ciphers>(3)|SSL_get_ciphers(3)>, "
"L<B<SSL_CTX_use_certificate>(3)|SSL_CTX_use_certificate(3)>, "
"L<B<SSL_CTX_set_tmp_rsa_callback>(3)|SSL_CTX_set_tmp_rsa_callback(3)>, "
"L<B<SSL_CTX_set_tmp_dh_callback>(3)|SSL_CTX_set_tmp_dh_callback(3)>, "
"L<B<ciphers>(1)|ciphers(1)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:5
msgid ""
"SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_CTX_add_client_CA, "
"SSL_add_client_CA - set list of CAs sent to the client when requesting a "
"client certificate"
msgstr ""
"SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_CTX_add_client_CA, "
"SSL_add_client_CA - Définir la liste dâ??autorités de certification (CA) "
"adressée au client lors dâ??une demande de certificat client"

#. type: verbatim
#: C/ssl/SSL_CTX_set_client_CA_list.pod:11
#, no-wrap
msgid ""
" #include <openssl/ssl.h>\n"
" \n"
msgstr ""
"B< #include E<lt>openssl/ssl.hE<gt>>\n"
" \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_client_CA_list.pod:13
#, no-wrap
msgid ""
" void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);\n"
" void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);\n"
" int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);\n"
" int SSL_add_client_CA(SSL *ssl, X509 *cacert);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_client_CA_list(SSL_CTX *>I<ctx>B<, STACK_OF(X509_NAME)*>I<liste>B<);>\n"
" B<void SSL_set_client_CA_list(SSL *>I<s>B<, STACK_OF(X509_NAME) *>I<liste>B<);>\n"
" B<int SSL_CTX_add_client_CA(SSL_CTX *>I<ctx>B<, X509 *>I<ca_cert>B<);>\n"
" B<int SSL_add_client_CA(SSL *>I<ssl>B<, X509 *>I<ca_cert>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:20
msgid ""
"SSL_CTX_set_client_CA_list() sets the B<list> of CAs sent to the client when "
"requesting a client certificate for B<ctx>."
msgstr ""
"B<SSL_CTX_set_client_CA_list>() définit la I<liste> de CA adressée au client "
"lors dâ??une requête de certificat client pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:23
msgid ""
"SSL_set_client_CA_list() sets the B<list> of CAs sent to the client when "
"requesting a client certificate for the chosen B<ssl>, overriding the "
"setting valid for B<ssl>'s SSL_CTX object."
msgstr ""
"B<SSL_set_client_CA_list>() définit la I<liste> de CA adressée au client "
"lors dâ??une requête de certificat client pour le I<ssl> choisi, redéfinissant "
"le réglage valable de lâ??objet SSL_CTX de I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:27
msgid ""
"SSL_CTX_add_client_CA() adds the CA name extracted from B<cacert> to the "
"list of CAs sent to the client when requesting a client certificate for "
"B<ctx>."
msgstr ""
"B<SSL_CTX_add_client_CA>() ajoute le nom de la CA, extrait de I<ca_cert>, Ã  "
"la liste de CA adressée au client lors dâ??une requête de certificat client "
"pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:31
msgid ""
"SSL_add_client_CA() adds the CA name extracted from B<cacert> to the list of "
"CAs sent to the client when requesting a client certificate for the chosen "
"B<ssl>, overriding the setting valid for B<ssl>'s SSL_CTX object."
msgstr ""
"B<SSL_add_client_CA>() ajoute le nom de la CA extrait de I<ca_cert> Ã  la "
"liste de CA adressée au client lors dâ??une requête dâ??un certificat client "
"pour le I<ssl> choisi, redéfinissant le réglage valable pour lâ??objet SSL_CTX "
"de I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:37
msgid ""
"When a TLS/SSL server requests a client certificate (see "
"B<SSL_CTX_set_verify(3)>), it sends a list of CAs, for which it will accept "
"certificates, to the client."
msgstr ""
"Quand un serveur TLS/SSL demande un certificat client (consultez "
"B<SSL_CTX_set_verify>(3)), il envoie une liste de CA, depuis laquelle il "
"acceptera des certificats, au client."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:41
msgid ""
"This list must explicitly be set using SSL_CTX_set_client_CA_list() for "
"B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list "
"specified overrides the previous setting. The CAs listed do not become "
"trusted (B<list> only contains the names, not the complete certificates); "
"use L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> to "
"additionally load them for verification."
msgstr ""
"Cette liste doit clairement être définie en utilisant "
"B<SSL_CTX_set_client_CA_list>() pour I<ctx> et B<SSL_set_client_CA_list>() "
"pour le I<ssl> particulier. La liste indiquée redéfinit la précédente "
"configuration. Les CA listées ne deviennent pas de confiance (I<liste> "
"contient seulement les noms, mais pas les certificats en entier)Â ; utilisez "
"L<B<SSL_CTX_load_verify_locations>(3)|SSL_CTX_load_verify_locations(3)> pour "
"en plus les charger pour la vérification."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:48
msgid ""
"If the list of acceptable CAs is compiled in a file, the "
"L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)> function can be "
"used to help importing the necessary data."
msgstr ""
"Si la liste de CA acceptables est dressée dans un fichier, la fonction "
"L<B<SSL_load_client_CA_file>(3)|SSL_load_client_CA_file(3)> peut être "
"utilisée pour lâ??importation des données nécessaires."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:52
msgid ""
"SSL_CTX_add_client_CA() and SSL_add_client_CA() can be used to add "
"additional items the list of client CAs. If no list was specified before "
"using SSL_CTX_set_client_CA_list() or SSL_set_client_CA_list(), a new client "
"CA list for B<ctx> or B<ssl> (as appropriate) is opened."
msgstr ""
"B<SSL_CTX_add_client_CA>() et B<SSL_add_client_CA>() peuvent être utilisées "
"pour ajouter des éléments dans la liste de CA client. Si aucune liste "
"nâ??était indiquée avant lâ??utilisation de B<SSL_CTX_set_client_CA_list>() ou "
"B<SSL_set_client_CA_list>(), une nouvelle liste de CA client pour I<ctx> ou "
"I<ssl> (selon le cas) est ouverte."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:57
msgid "These functions are only useful for TLS/SSL servers."
msgstr "Ces fonctions sont seulement utiles pour les serveurs TLS/SSL."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:61
msgid ""
"SSL_CTX_set_client_CA_list() and SSL_set_client_CA_list() do not return "
"diagnostic information."
msgstr ""
"B<SSL_CTX_set_client_CA_list>() et B<SSL_set_client_CA_list>() ne renvoient "
"pas de renseignements de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:64
msgid ""
"SSL_CTX_add_client_CA() and SSL_add_client_CA() have the following return "
"values:"
msgstr ""
"B<SSL_CTX_add_client_CA>() et B<SSL_add_client_CA>() ont les valeurs de "
"retour suivantes."

#. type: =item
#: C/ssl/SSL_CTX_set_client_CA_list.pod:69
#: C/ssl/SSL_CTX_set_session_id_context.pod:67
#: C/ssl/SSL_CTX_set_ssl_version.pod:45
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:92
msgid "Z<>0"
msgstr "Z<>0"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:71
msgid ""
"A failure while manipulating the STACK_OF(X509_NAME) object occurred or the "
"X509_NAME could not be extracted from B<cacert>. Check the error stack to "
"find out the reason."
msgstr ""
"Une erreur lors de la manipulation de lâ??objet STACK_OF(X509_NAME) est "
"survenue ou X509_NAME nâ??a pu être extrait de I<ca_cert>. Vérifiez la pile "
"dâ??erreurs pour en trouver la raison."

#. type: =item
#: C/ssl/SSL_CTX_set_client_CA_list.pod:75
#: C/ssl/SSL_CTX_set_session_id_context.pod:73
#: C/ssl/SSL_CTX_set_ssl_version.pod:49
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:87
msgid "Z<>1"
msgstr "Z<>1"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:77
#: C/ssl/SSL_CTX_set_session_id_context.pod:75
#: C/ssl/SSL_CTX_set_ssl_version.pod:51
msgid "The operation succeeded."
msgstr "L'opération a réussi."

#. type: =head1
#: C/ssl/SSL_CTX_set_client_CA_list.pod:81
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:57
#: C/ssl/SSL_CTX_set_generate_session_id.pod:95
#: C/ssl/SSL_CTX_set_info_callback.pod:107
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:126
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:101
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:90 C/ssl/SSL_CTX_set_verify.pod:165
msgid "EXAMPLES"
msgstr "EXEMPLES"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:83
msgid "Scan all certificates in B<CAfile> and list them as acceptable CAs:"
msgstr ""
"Examiner tous les certificats dans I<fichier_CA> et les incorporer dans la "
"liste de CA acceptables :"

#. type: verbatim
#: C/ssl/SSL_CTX_set_client_CA_list.pod:85
#, no-wrap
msgid ""
"  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));\n"
"\n"
msgstr ""
"  SSL_CTX_set_client_CA_list(I<ctx>,SSL_load_client_CA_file(I<fichier_CA>));\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_CA_list.pod:89
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, "
"L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>, "
"L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_get_client_CA_list>(3)|"
"SSL_get_client_CA_list(3)>, L<B<SSL_load_client_CA_file>(3)|"
"SSL_load_client_CA_file(3)>, L<B<SSL_CTX_load_verify_locations>(3)|"
"SSL_CTX_load_verify_locations(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:5
msgid ""
"SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client "
"certificate callback function"
msgstr ""
"SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - Gestion de la "
"fonction de rappel de certificat client."

#. type: verbatim
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));\n"
" int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);\n"
" int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_client_cert_cb(SSL_CTX *>I<ctx>B<, int (*client_cert_cb)(SSL *>I<ssl>B<, X509 **x>I<509>B<, EVP_PKEY **>I<pkey>B<));>\n"
" B<int (*SSL_CTX_get_client_cert_cb(SSL_CTX *>I<ctx>B<))(SSL *>I<ssl>B<, X509 **>I<x509>B<, EVP_PKEY **>I<pkey>B<);>\n"
" B<int (*client_cert_cb)(SSL *>I<ssl>B<, X509 **>I<x509>B<, EVP_PKEY **>I<pkey>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:17
msgid ""
"SSL_CTX_set_client_cert_cb() sets the B<client_cert_cb()> callback, that is "
"called when a client certificate is requested by a server and no certificate "
"was yet set for the SSL object."
msgstr ""
"B<SSL_CTX_set_client_cert_cb>() définit le rappel B<client_cert_cb>(), qui "
"est appelé lors dâ??une demande de certificat client par un serveur et "
"quâ??aucun certificat nâ??a été défini pour lâ??objet SSL."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:21
msgid "When B<client_cert_cb()> is NULL, no callback function is used."
msgstr ""
"Lorsque B<client_cert_cb>() est NULL, aucune fonction de rappel nâ??est "
"utilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:23
msgid ""
"SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback "
"function."
msgstr ""
"B<SSL_CTX_ge_client_cert_cb>() renvoie un pointeur vers la fonction de "
"rappel actuellement définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:26
msgid ""
"client_cert_cb() is the application defined callback. If it wants to set a "
"certificate, a certificate/private key combination must be set using the "
"B<x509> and B<pkey> arguments and \"1\" must be returned. The certificate "
"will be installed into B<ssl>, see the NOTES and BUGS sections.  If no "
"certificate should be set, \"0\" has to be returned and no certificate will "
"be sent. A negative return value will suspend the handshake and the "
"handshake function will return immediately. L<SSL_get_error(3)|"
"SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that "
"the handshake was suspended. The next call to the handshake function will "
"again lead to the call of client_cert_cb(). It is the job of the "
"client_cert_cb() to store information about the state of the last call, if "
"required to continue."
msgstr ""
"B<client_cert_cb>() est le rappel défini par lâ??application. Si elle veut "
"définir un certificat, une combinaison clef/certificat privé doit être "
"indiquée en utilisant les arguments I<x509> et I<pkey>, et B<1> doit être "
"renvoyé. Le certificat sera installé dans I<ssl> ; consultez les sections "
"NOTES et BOGUES. Si aucun certificat ne doit être défini, B<0> doit être "
"renvoyé et aucun certificat ne sera adressé. Le renvoi dâ??une valeur négative "
"suspendra lâ??initiation de connexion et la fonction dâ??initiation s'arrêtera "
"immédiatement. L<B<SSL_get_error>(3)|SSL_get_error(3)> renverra "
"SSL_ERROR_WANT_X509_LOOKUP pour signaler que lâ??initiation est suspendue. Le "
"prochain appel à  la fonction dâ??initiation amènera de nouveau à  lâ??appel de "
"B<client_cert_cb>(). Câ??est au B<client_cert_cb>() dâ??emmagasiner "
"lâ??information sur lâ??état du dernier appel, si une demande de continuation "
"est faite."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:40
msgid ""
"During a handshake (or renegotiation) a server may request a certificate "
"from the client. A client certificate must only be sent, when the server did "
"send the request."
msgstr ""
"Pendant lâ??initialisation de connexion (ou renégociation), un serveur peut "
"demander un certificat au client. Un certificat client doit seulement être "
"adressé, lorsque le serveur a bien envoyé la requête."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:44
msgid ""
"When a certificate was set using the L<SSL_CTX_use_certificate(3)|"
"SSL_CTX_use_certificate(3)> family of functions, it will be sent to the "
"server. The TLS standard requires that only a certificate is sent, if it "
"matches the list of acceptable CAs sent by the server. This constraint is "
"violated by the default behavior of the OpenSSL library. Using the callback "
"function it is possible to implement a proper selection routine or to allow "
"a user interaction to choose the certificate to be sent."
msgstr ""
"Quand un certificat a été défini en utilisant la famille de fonctions "
"L<B<SSL_CTX_use_certificate>(3)|SSL_CTX_use_certificate(3)>, il est adressé "
"au serveur. La norme TLS exige quâ??un seul certificat soit adressé, sâ??il a "
"une correspondance dans la liste de CA acceptables envoyée par le serveur. "
"Cette contrainte nâ??est pas respectée par le comportement par défaut de la "
"bibliothèque OpenSSL. Lâ??utilisation de la fonction de rappel permet "
"dâ??implémenter une routine de sélection appropriée ou de choisir le "
"certificat à  envoyer par une interaction de lâ??utilisateur."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:53
msgid ""
"If a callback function is defined and no certificate was yet defined for the "
"SSL object, the callback function will be called.  If the callback function "
"returns a certificate, the OpenSSL library will try to load the private key "
"and certificate data into the SSL object using the SSL_use_certificate() and "
"SSL_use_private_key() functions.  Thus it will permanently install the "
"certificate and key for this SSL object. It will not be reset by calling "
"L<SSL_clear(3)|SSL_clear(3)>.  If the callback returns no certificate, the "
"OpenSSL library will not send a certificate."
msgstr ""
"Si une fonction de rappel est définie et quâ??aucun certificat nâ??a été défini "
"pour lâ??objet SSL, la fonction de rappel est appelée. Si la fonction de "
"rappel renvoie un certificat, la bibliothèque OpenSSL essayera de charger la "
"clef privée et les données de certificat dans lâ??objet SSL, en utilisant les "
"fonctions B<SSL_use_certificate>() et B<SSL_use_private_key>(). Par "
"conséquent, les clef et certificat seront installés définitivement pour "
"lâ??objet SSL. Ils ne seront pas réinitialisés par L<B<SSL_clear>(3)|"
"SSL_clear(3)>. Si le rappel ne renvoie aucun certificat, la bibliothèque "
"OpenSSl nâ??adressera pas de certificat."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:65
msgid ""
"The client_cert_cb() cannot return a complete certificate chain, it can only "
"return one client certificate. If the chain only has a length of 2, the root "
"CA certificate may be omitted according to the TLS standard and thus a "
"standard conforming answer can be sent to the server. For a longer chain, "
"the client must send the complete chain (with the option to leave out the "
"root CA certificate). This can only be accomplished by either adding the "
"intermediate CA certificates into the trusted certificate store for the "
"SSL_CTX object (resulting in having to add CA certificates that otherwise "
"maybe would not be trusted), or by adding the chain certificates using the "
"L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)> function, "
"which is only available for the SSL_CTX object as a whole and that therefore "
"probably can only apply for one client certificate, making the concept of "
"the callback function (to allow the choice from several certificates) "
"questionable."
msgstr ""
"B<client_cert_cb>() ne peut pas renvoyer une chaîne de certificats complète, "
"il peut simplement renvoyer un certificat client. Si la chaîne est de "
"longueur 2 le certificat du CA racine peut être omis en accord avec le "
"standard TLS et donc, une réponse conforme au standard peut être adressée au "
"serveur. Pour une chaîne plus longue, le client doit envoyer la chaîne "
"complète (avec lâ??option dâ??omettre le certificat du CA racine). Cela peut "
"être uniquement accompli soit en ajoutant les certificats de CA "
"intermédiaires dans le stockage de certificats de confiance pour lâ??objet "
"SSL_CTX (avec pour conséquence dâ??avoir à  ajouter des certificats de CA qui "
"peut-être ne seraient pas considérés de confiance), soit en ajoutant la "
"chaîne de certificats avec la fonction L<B<SSL_CTX_add_extra_chain_cert>(3)|"
"SSL_CTX_add_extra_chain_cert(3)>, qui est seulement disponible pour lâ??objet "
"SSL_CTX globalement, et par conséquent peut probablement sâ??appliquer à  un "
"seul certificat client, rendant le concept de fonction de rappel (pour "
"permettre le choix parmi plusieurs certificats) discutable."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:81
msgid ""
"Once the SSL object has been used in conjunction with the callback function, "
"the certificate will be set for the SSL object and will not be cleared even "
"when L<SSL_clear(3)|SSL_clear(3)> is being called. It is therefore mandatory "
"to destroy the SSL object using L<SSL_free(3)|SSL_free(3)> and create a new "
"one to return to the previous state."
msgstr ""
"Une fois que lâ??objet SSL a été utilisé conjointement avec la fonction de "
"rappel, le certificat sera défini pour lâ??objet SSL et ne sera pas effacé "
"même quand L<B<SSL_clear>(3)|SSL_clear(3)> sera appelée. Il est donc "
"obligatoire de détruire lâ??objet SSL avec L<B<SSL_free>(3)|SSL_free(3)> et "
"créer un nouvel objet pour retourner à  lâ??état précédent."

#. type: textblock
#: C/ssl/SSL_CTX_set_client_cert_cb.pod:89
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, "
"L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, "
"L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, L<SSL_clear(3)|"
"SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_use_certificate>(3)|"
"SSL_CTX_use_certificate(3)>, L<B<SSL_CTX_add_extra_chain_cert>(3)|"
"SSL_CTX_add_extra_chain_cert(3)>, L<B<SSL_get_client_CA_list>(3)|"
"SSL_get_client_CA_list(3)>, L<B<SSL_clear>(3)|SSL_clear(3)>, "
"L<B<SSL_free>(3)|SSL_free(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:5
msgid ""
"SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext - custom TLS "
"extension handling"
msgstr ""
"SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext - Gestion "
"personnalisée dâ??extension TLS"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:11
#, no-wrap
msgid ""
" int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,\n"
"\t\t\t           custom_ext_add_cb add_cb,\n"
"\t\t\t           custom_ext_free_cb free_cb, void *add_arg,\n"
"\t\t\t           custom_ext_parse_cb parse_cb,\n"
"\t\t\t\t   void *parse_arg);\n"
"\n"
msgstr ""
"B< int SSL_CTX_add_client_custom_ext(SSL_CTX *>I<ctx>B<, unsigned int> I<ext_type>B<,>\n"
" \t\t\t           B<custom_ext_add_cb> I<add_cb>B<,>\n"
" \t\t\t           B<custom_ext_free_cb> I<free_cb>B<, void *>I<add_arg>B<,>\n"
" \t\t\t           B<custom_ext_parse_cb> I<parse_cb>B<,>\n"
" \t\t\t\t   B<void *>I<parse_arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:17
#, no-wrap
msgid ""
" int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,\n"
"\t\t\t           custom_ext_add_cb add_cb,\n"
"\t\t\t           custom_ext_free_cb free_cb, void *add_arg,\n"
"\t\t\t           custom_ext_parse_cb parse_cb,\n"
"\t\t\t\t   void *parse_arg);\n"
"\n"
msgstr ""
"B< int SSL_CTX_add_server_custom_ext(SSL_CTX *>I<ctx>B<, unsigned int> I<ext_type>B<,>\n"
" \t\t\t           B<custom_ext_add_cb> I<add_cb>B<,>\n"
" \t\t\t           B<custom_ext_free_cb> I<free_cb>B<, void *>I<add_arg>B<,>\n"
" \t\t\t           B<custom_ext_parse_cb> I<parse_cb>B<,>\n"
" \t\t\t\t   B<void *>I<parse_arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:23
#, no-wrap
msgid ""
" int SSL_extension_supported(unsigned int ext_type);\n"
"\n"
msgstr ""
"B< int SSL_extension_supported(unsigned int> I<ext_type>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:25
#, no-wrap
msgid ""
" typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,\n"
"\t\t\t\t  const unsigned char **out,\n"
"\t\t\t\t  size_t *outlen, int *al,\n"
"\t\t\t\t  void *add_arg);\n"
"\n"
msgstr ""
"B< typedef int (*>I<custom_ext_add_cb>B<)(SSL *s>B<, unsigned int> I<ext_type>B<,>\n"
" \t\t\t\t  B<const unsigned char **>I<out>B<,>\n"
" \t\t\t\t  B<size_t *>I<outlen>B<, int *>I<al>B<,>\n"
" \t\t\t\t  B<void *>I<add_arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:30
#, no-wrap
msgid ""
" typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,\n"
"\t\t\t\t    const unsigned char *out,\n"
"\t\t\t\t    void *add_arg);\n"
"\n"
msgstr ""
"B< typedef void (*>I<custom_ext_free_cb>B<)(SSL *s, unsigned intB> I<ext_type>B<,>\n"
" \t\t\t\t    B<const unsigned char *>I<out>B<,>\n"
" \t\t\t\t    B<void *>I<add_arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:34
#, no-wrap
msgid ""
" typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,\n"
"\t\t\t\t    const unsigned char *in,\n"
"\t\t\t\t    size_t inlen, int *al,\n"
"\t\t\t\t    void *parse_arg);\n"
"\n"
msgstr ""
"B< typedef int (*>I<custom_ext_parse_cb>B<)(SSL *s, unsigned intB> I<ext_type>B<,>\n"
" \t\t\t\t    B<const unsigned char *>I<in>B<,>\n"
" \t\t\t\t    B<size_t> I<inlen>B<, int *>I<al>B<,>\n"
" \t\t\t\t    B<void *>I<parse_arg>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:42
msgid ""
"SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS client "
"with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and "
"B<parse_cb>."
msgstr ""
"B<SSL_CTX_add_client_custom_ext>() ajoute une extension personnalisée pour "
"un client TLS avec une extension de type I<ext_type> et les rappels "
"I<add_cb>, I<free_cb> et I<parse_cb>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:46
msgid ""
"SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS server "
"with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and "
"B<parse_cb>."
msgstr ""
"B<SSL_CTX_add_server_custom_ext>() ajoute une extension personnalisée pour "
"un serveur TLS avec une extension de type I<ext_type> et les rappels "
"I<add_cb>, I<free_cb> et I<parse_cb>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:50
msgid ""
"In both cases the extension type must not be handled by OpenSSL internally "
"or an error occurs."
msgstr ""
"Dans les deux cas, le type dâ??extension ne doit pas être géré en interne par "
"OpenSSL, sinon une erreur se produit."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:53
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:130
msgid ""
"SSL_extension_supported() returns 1 if the extension B<ext_type> is handled "
"internally by OpenSSL and 0 otherwise."
msgstr ""
"B<SSL_extension_supported>() renvoie B<1> si lâ??extension I<ext_type> est "
"gérée en interne par OpenSSL ou autrement B<0>."

#. type: =head1
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:56
msgid "EXTENSION CALLBACKS"
msgstr "FONCTIONS DE RAPPEL Dâ??EXTENSION"

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:58
msgid ""
"The callback B<add_cb> is called to send custom extension data to be "
"included in ClientHello for TLS clients or ServerHello for servers. The "
"B<ext_type> parameter is set to the extension type which will be added and "
"B<add_arg> to the value set when the extension handler was added."
msgstr ""
"Le rappel I<add_cb> est demandé pour envoyer des données dâ??extension "
"personnalisée à inclure dans ClientHello pour un client TLS ou ServerHello "
"pour un serveur TLS. Le paramètre I<ext_type> est défini au type dâ??extension "
"qui sera ajouté et le paramètre I<add_arg> à la valeur définie lorsque le "
"gestionnaire dâ??extension a été ajouté."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:63
msgid ""
"If the application wishes to include the extension B<ext_type> it should set "
"B<*out> to the extension data, set B<*outlen> to the length of the extension "
"data and return 1."
msgstr ""
"Si lâ??application veut inclure lâ??extension I<ext_type>, elle doit définir "
"I<*out> aux données dâ??extension, définir I<*outlen> à  la longueur des "
"données dâ??extension et renvoyer B<1>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:67
msgid ""
"If the B<add_cb> does not wish to include the extension it must return 0."
msgstr ""
"Si le rappel I<add_cb> ne veut pas inclure lâ??extension, il doit renvoyer "
"B<0>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:69
msgid ""
"If B<add_cb> returns -1 a fatal handshake error occurs using the TLS alert "
"value specified in B<*al>."
msgstr ""
"Si le rappel I<add_cb> renvoie B<-1>, une erreur fatale dâ??initiation de "
"connexion sâ??est produite avec un message dâ??alerte TLS indiqué dans I<*al>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:72
msgid ""
"For clients (but not servers) if B<add_cb> is set to NULL a zero length "
"extension is added for B<ext_type>."
msgstr ""
"Pour les clients (mais pas les serveurs), si I<add_cb> est défini à NULL, "
"une extension de longueur zéro est ajoutée pour I<ext_type>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:75
msgid ""
"For clients every registered B<add_cb> is always called to see if the "
"application wishes to add an extension to ClientHello."
msgstr ""
"Pour les clients, chaque I<add_cb> enregistré est toujours appelé pour "
"savoir si lâ??application veut ajouter une extension à  ClientHello."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:78
msgid ""
"For servers every registered B<add_cb> is called once if and only if the "
"corresponding extension was received in ClientHello to see if the "
"application wishes to add the extension to ServerHello. That is, if no "
"corresponding extension was received in ClientHello then B<add_cb> will not "
"be called."
msgstr ""
"Pour les serveurs, chaque I<add_cb> enregistré est appelé une fois, si et "
"seulement si lâ??extension correspondante a été intégrée dans ClientHello, "
"pour savoir si lâ??application veut ajouter lâ??extension à  ServerHello. Câ??est-à -"
"dire, sans extension correspondante dans ClientHello, I<add_cb> nâ??est pas "
"appelé."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:83
msgid ""
"If an extension is added (that is B<add_cb> returns 1) B<free_cb> is called "
"(if it is set) with the value of B<out> set by the add callback. It can be "
"used to free up any dynamic extension data set by B<add_cb>. Since B<out> is "
"constant (to permit use of constant data in B<add_cb>) applications may need "
"to cast away const to free the data."
msgstr ""
"Si une extension est ajoutée (câ??est-à -dire, I<add_cb> renvoie B<1>), "
"I<free_cb> est appelé (sâ??il est défini) avec la valeur de I<out> définie par "
"le rappel dâ??ajout. Il peut être utilisé pour libérer nâ??importe quelles "
"données dâ??extension variables définies par I<add_cb>. Puisque I<out> est "
"constant (pour permettre lâ??utilisation de données constantes dans "
"I<add_cb>), les applications peuvent nécessiter de rejeter cette constance "
"pour libérer les données."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:89
msgid ""
"The callback B<parse_cb> receives data for TLS extensions. For TLS clients "
"the extension data will come from ServerHello and for TLS servers it will "
"come from ClientHello."
msgstr ""
"Le rappel I<parse_cb> reçoit des données pour des extensions TLS. Pour les "
"clients TLS les données dâ??extension proviennent de ServerHello et pour les "
"serveurs TLS de ClientHello."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:93
msgid ""
"The extension data consists of B<inlen> bytes in the buffer B<in> for the "
"extension B<extension_type>."
msgstr ""
"Les données dâ??extension consistent en I<inlen> octets dans le tampon I<in> "
"pour lâ??extension I<extension_type>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:96
msgid ""
"If the B<parse_cb> considers the extension data acceptable it must return 1. "
"If it returns 0 or a negative value a fatal handshake error occurs using the "
"TLS alert value specified in B<*al>."
msgstr ""
"Si I<parse_cb> juge les données dâ??extension valables, il doit renvoyer B<1>. "
"Sâ??il renvoie B<0> ou une valeur négative, une erreur fatale dâ??initiation de "
"connexion se produit avec un message dâ??alerte indiqué dans I<*al>."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:100
msgid ""
"The buffer B<in> is a temporary internal buffer which will not be valid "
"after the callback returns."
msgstr ""
"Le tampon I<in> est un tampon interne temporaire qui ne sera plus valable "
"après le renvoi du rappel."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:105
msgid ""
"The B<add_arg> and B<parse_arg> parameters can be set to arbitrary values "
"which will be passed to the corresponding callbacks. They can, for example, "
"be used to store the extension data received in a convenient structure or "
"pass the extension data to be added or freed when adding extensions."
msgstr ""
"Les paramètres I<add_arg> et I<parse_arg> peuvent être définis à des valeurs "
"arbitraires transmises aux rappels correspondants. Ils peuvent, par exemple "
"servir au stockage des données dâ??extension reçues dans une structure "
"appropriée ou à  transmettre les données dâ??extension à  ajouter ou libérer "
"lors de lâ??ajout de lâ??extension."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:110
msgid ""
"The B<ext_type> parameter corresponds to the B<extension_type> field of "
"RFC5246 et al. It is B<not> a NID."
msgstr ""
"Le paramètre I<ext_type> correspond au champ I<extension_type> de la "
"RFCÂ 5246 (entre autres). Ce nâ??est B<pas> un identifiant (NID)."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:113
msgid ""
"If the same custom extension type is received multiple times a fatal "
"B<decode_error> alert is sent and the handshake aborts. If a custom "
"extension is received in ServerHello which was not sent in ClientHello a "
"fatal B<unsupported_extension> alert is sent and the handshake is aborted. "
"The ServerHello B<add_cb> callback is only called if the corresponding "
"extension was received in ClientHello. This is compliant with the TLS "
"specifications.  This behaviour ensures that each callback is called at most "
"once and that an application can never send unsolicited extensions."
msgstr ""
"Si la même extension personnalisée est reçue plusieurs fois, une alerte "
"I<decode_error> fatale est envoyée et lâ??initiation de connexion échoue. Si "
"une extension personnalisée est reçue dans ServerHello qui nâ??avait pas été "
"envoyée dans ClientHello, une alerte I<unsupported_extension> est envoyée et "
"lâ??initiation de connexion avorte. Le rappel I<add_cb> de ServerHello est "
"seulement appelé si lâ??extension correspondante a été reçue dans ClientHello. "
"Cela est conforme aux spécifications TLS. Ce comportement assure que chaque "
"rappel est fait au plus une fois et quâ??une application ne ne puisse envoyer "
"une extension non sollicitée."

#. type: textblock
#: C/ssl/SSL_CTX_set_custom_cli_ext.pod:124
msgid ""
"SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 "
"for success and 0 for failure. A failure can occur if an attempt is made to "
"add the same B<ext_type> more than once, if an attempt is made to use an "
"extension type handled internally by OpenSSL or if an internal error occurs "
"(for example a memory allocation failure)."
msgstr ""
"B<SSL_CTX_add_client_custom_ext>() et B<SSL_CTX_add_server_custom_ext>() "
"renvoient B<1> pour un succès et B<0> pour un échec. Un échec peut se "
"produire si un essai est fait dâ??ajouter plus dâ??une fois le même I<ext_type>, "
"si un essai est fait dâ??utiliser un type dâ??extension utilisé en interne par "
"OpenSSL ou si une erreur interne se produit (par exemple un échec "
"dâ??allocation mémoire)."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:5
msgid ""
"SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata - set "
"passwd callback for encrypted PEM file handling"
msgstr ""
"SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata - "
"Définir le rappel du mot de passe pour la gestion de fichier utilisant le "
"chiffrage PEM "

#. type: verbatim
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);\n"
" void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_default_passwd_cb(SSL_CTX *>I<ctx>B<, pem_password_cb *cb);>\n"
" B<void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *>I<ctx>B<, void *u);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:14
#, no-wrap
msgid ""
" int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);\n"
"\n"
msgstr ""
"B< int pem_passwd_cb(char *>I<tamp>B<, int> I<taille>B<, int> I<rwflag>B<, void *>I<userdata>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:18
msgid ""
"SSL_CTX_set_default_passwd_cb() sets the default password callback called "
"when loading/storing a PEM certificate with encryption."
msgstr ""
"B<SSL_CTX_set_default_passwd_cb>() définit le rappel du mot de passe par "
"défaut appelé lors dâ??un chargement ou enregistrement chiffré avec un "
"certificat PEM"

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:21
msgid ""
"SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to B<userdata> which "
"will be provided to the password callback on invocation."
msgstr ""
"B<SSL_CTX_set_default_passwd_cb_userdata>() définit un pointeur vers "
"I<userdata> qui sera fourni à  lâ??invocation du rappel de mot de passe."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:24
msgid ""
"The pem_passwd_cb(), which must be provided by the application, hands back "
"the password to be used during decryption. On invocation a pointer to "
"B<userdata> is provided. The pem_passwd_cb must write the password into the "
"provided buffer B<buf> which is of size B<size>. The actual length of the "
"password must be returned to the calling function. B<rwflag> indicates "
"whether the callback is used for reading/decryption (rwflag=0) or writing/"
"encryption (rwflag=1)."
msgstr ""
"B<pem_passwd_cb()>, qui doit être fourni par lâ??application, restitue le mot "
"de passe lors du déchiffrement. Lors de lâ??invocation, un pointeur vers "
"I<userdata> est fourni. B<pem_passwd_cb> doit écrire le mot de passe dans le "
"tampon I<tampon> fourni qui est de taille I<taille>. La taille réelle doit "
"être renvoyée à la fonction de rappel. I<rwflag> indique si le rappel est "
"utilisé pour lecture et déchiffrement (I<rwflag>=0) ou écriture et "
"chiffrement (I<rwflag>=1)."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:34
msgid ""
"When loading or storing private keys, a password might be supplied to "
"protect the private key. The way this password can be supplied may depend on "
"the application. If only one private key is handled, it can be practical to "
"have pem_passwd_cb() handle the password dialog interactively. If several "
"keys have to be handled, it can be practical to ask for the password once, "
"then keep it in memory and use it several times. In the last case, the "
"password could be stored into the B<userdata> storage and the "
"pem_passwd_cb() only returns the password already stored."
msgstr ""
"Lors du chargement ou du stockage de clefs privées, un mot de passe devrait "
"être fourni pour protéger la clef privée. La façon de fournir ce mot de "
"passe dépend de lâ??application. Si une seule clef privée est gérée, cela peut "
"être pratique que B<pem_passwd_cb()> gère le dialogue pour le mot de passe "
"de façon interactive. Si plusieurs clefs doivent être gérées, il peut être "
"pratique de demander le mot de passe une fois, puis le garder en mémoire et "
"lâ??utiliser plusieurs fois. Dans ce dernier cas, le mot de passe peut être "
"mémorisé dans le stockage I<userdata> et B<pem_passwd_cb()> ne renvoie que "
"le mot de passe déjà enregistré."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:43
msgid ""
"When asking for the password interactively, pem_passwd_cb() can use "
"B<rwflag> to check, whether an item shall be encrypted (rwflag=1).  In this "
"case the password dialog may ask for the same password twice for comparison "
"in order to catch typos, that would make decryption impossible."
msgstr ""
"Lors dâ??une demande interactive, B<pem_passwd_cb()> peut utiliser I<rwflag> "
"pour déterminer si un objet doit être chiffré (I<rwflag>=1). Dans ce cas, le "
"dialogue pour le mot de passe peut demander le mot de passe deux fois pour "
"éviter les erreurs de frappe qui rendent le déchiffrement impossible."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:49
msgid ""
"Other items in PEM formatting (certificates) can also be encrypted, it is "
"however not usual, as certificate information is considered public."
msgstr ""
"Dâ??autres objets formatés en PEM (certificats) peuvent aussi être chiffrés. "
"Ce nâ??est pas courant, lâ??information sur les certificats est considérée comme "
"publique."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:54
msgid ""
"SSL_CTX_set_default_passwd_cb() and "
"SSL_CTX_set_default_passwd_cb_userdata()  do not provide diagnostic "
"information."
msgstr ""
"B<SSL_CTX_set_default_passwd_cb>() et "
"B<SSL_CTX_set_default_passwd_cb_userdata>() ne fournissent pas dâ??information "
"de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:59
msgid ""
"The following example returns the password provided as B<userdata> to the "
"calling function. The password is considered to be a '\\0' terminated "
"string. If the password does not fit into the buffer, the password is "
"truncated."
msgstr ""
"Lâ??exemple suivant renvoie le mot de passe fourni par I<userdata> Ã  la "
"fonction de rappel. Le mot de passe est censé être une chaîne finissant par "
"« \\0 ». Si le mot de passe ne tient pas dans le tampon, il est tronqué."

#. type: verbatim
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:64
#, no-wrap
msgid ""
" int pem_passwd_cb(char *buf, int size, int rwflag, void *password)\n"
" {\n"
"  strncpy(buf, (char *)(password), size);\n"
"  buf[size - 1] = '\\0';\n"
"  return(strlen(buf));\n"
" }\n"
"\n"
msgstr ""
" int pem_passwd_cb(char *I<tamp>, int I<taille>, int I<rwflag>, void *I<mot_de_passe>)\n"
" {\n"
"  strncpy(I<tamp>, (char *)(I<mot_de_passe>), I<taille>);\n"
"  I<tamp>[I<taille> - 1] = '\\0';\n"
"  return(strlen(I<tamp>));\n"
" }\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_default_passwd_cb.pod:73
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_use_certificate>(3)|"
"SSL_CTX_use_certificate(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:5
msgid ""
"SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, "
"SSL_has_matching_session_id - manipulate generation of SSL session IDs "
"(server only)"
msgstr ""
"SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, "
"SSL_has_matching_session_id - Contrôler la création dâ??identifiant de session "
"SSL (serveur uniquement)"

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:11
#, no-wrap
msgid ""
" typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,\n"
"                               unsigned int *id_len);\n"
"\n"
msgstr ""
"B< typedef int (*GEN_SESSION_CB)(const SSL *>I<ssl>B<, unsigned char *>I<id>B<,>\n"
"                               B<unsigned int *>I<id_long>)B<;>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:14
#, no-wrap
msgid ""
" int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);\n"
" int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);\n"
" int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,\n"
"\t\t\t\t unsigned int id_len);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set_generate_session_id(SSL_CTX *>I<ctx>B<, GEN_SESSION_CB> I<cb>B<);>\n"
" B<int SSL_set_generate_session_id(SSL *>I<ssl>B<, GEN_SESSION_CB,> I<cb>B<);>\n"
" B<int SSL_has_matching_session_id(const SSL *>I<ssl>B<, const unsigned char *>I<id>B<,>\n"
" \t\t\t\t B<unsigned int> I<id_long>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:21
msgid ""
"SSL_CTX_set_generate_session_id() sets the callback function for generating "
"new session ids for SSL/TLS sessions for B<ctx> to be B<cb>."
msgstr ""
"B<SSL_CTX_set_generate_session_id>() définit la fonction de rappel pour la "
"création dâ??identifiants de nouvelles sessions SSL/TLS pour I<ctx> à  I<cb>."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:24
msgid ""
"SSL_set_generate_session_id() sets the callback function for generating new "
"session ids for SSL/TLS sessions for B<ssl> to be B<cb>."
msgstr ""
"B<SSL_CTX_set_generate_session_id>() définit la fonction de rappel pour la "
"création dâ??identifiants de nouvelles sessions SSL/TLS pour I<ssl> à  I<cb>."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:27
msgid ""
"SSL_has_matching_session_id() checks, whether a session with id B<id> (of "
"length B<id_len>) is already contained in the internal session cache of the "
"parent context of B<ssl>."
msgstr ""
"B<SSL_has_matching_session_id>() vérifie si une session dâ??identifiant I<id> "
"(de longueur I<id_long>) est déjà contenue dans le cache interne de session "
"du contexte parent de I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:33
msgid ""
"When a new session is established between client and server, the server "
"generates a session id. The session id is an arbitrary sequence of bytes.  "
"The length of the session id is 16 bytes for SSLv2 sessions and between 1 "
"and 32 bytes for SSLv3/TLSv1. The session id is not security critical but "
"must be unique for the server. Additionally, the session id is transmitted "
"in the clear when reusing the session so it must not contain sensitive "
"information."
msgstr ""
"Quand une nouvelle session est établie entre client et serveur, le serveur "
"crée un identifiant de session. Celui-ci est une séquence arbitraire "
"dâ??octets. La longueur de lâ??identifiant est de 16Â octets pour les sessions "
"SSLv2 et entre 1 et 32Â octets pour celles SSLv3/TLSv1. Lâ??identifiant nâ??est "
"pas critique pour la sécurité mais doit être unique pour le serveur. De plus "
"lâ??identifiant est transmis en clair, aussi ne doit-il pas contenir "
"dâ??informations sensibles."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:41
msgid ""
"Without a callback being set, an OpenSSL server will generate a unique "
"session id from pseudo random numbers of the maximum possible length.  Using "
"the callback function, the session id can be changed to contain additional "
"information like e.g. a host id in order to improve load balancing or "
"external caching techniques."
msgstr ""
"Sans rappel défini, un serveur OpenSSL créera un seul identifiant de session "
"à partir de nombres pseudo-aléatoire de la longueur la plus grande possible. "
"En utilisant la fonction de rappel, lâ??identifiant peut être changé et "
"contenir des informations supplémentaires, comme p.ex. un identifiant dâ??hôte "
"pour améliorer la répartition de charge ou les techniques de cache externe."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:47
msgid ""
"The callback function receives a pointer to the memory location to put B<id> "
"into and a pointer to the maximum allowed length B<id_len>. The buffer at "
"location B<id> is only guaranteed to have the size B<id_len>.  The callback "
"is only allowed to generate a shorter id and reduce B<id_len>; the callback "
"B<must never> increase B<id_len> or write to the location B<id> exceeding "
"the given limit."
msgstr ""
"La fonction de rappel reçoit un pointeur vers lâ??emplacement mémoire où "
"mettre I<id> et un autre vers la longueur maximale admise I<id_long>. Le "
"tampon à  lâ??emplacement I<id> est seulement sûr dâ??avoir la taille de "
"I<id_long>. Le rappel est seulement autorisé à créer un identifiant plus "
"petit et à réduire I<id_long> ; le rappel B<ne doit jamais> augmenter "
"I<id_long> ou écrire dans lâ??emplacement I<id> en dépassant la limite donnée."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:54
msgid ""
"If a SSLv2 session id is generated and B<id_len> is reduced, it will be "
"restored after the callback has finished and the session id will be padded "
"with 0x00. It is not recommended to change the B<id_len> for SSLv2 "
"sessions.  The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> "
"function to check, whether the session is of type SSLv2."
msgstr ""
"Si un identifiant de session SSLv2 est créé et I<id_long> réduit, il sera "
"restauré après la fin du rappel et lâ??identifiant empli avec des 0x00. "
"Changer I<id_long> nâ??est pas recommandé pour des sessions SSLv2. Le rappel "
"peut utiliser la fonction L<B<SSL_get_version>(3)|SSL_get_version(3)> pour "
"vérifier si la fonction est de type SSLv2."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:60
msgid ""
"The location B<id> is filled with 0x00 before the callback is called, so the "
"callback may only fill part of the possible length and leave B<id_len> "
"untouched while maintaining reproducibility."
msgstr ""
"Lâ??emplacement I<id> est empli avec des 0x00 avant lâ??appel du rappel, aussi "
"le rappel peut seulement remplir une partie de la longueur possible et "
"laisse I<id_long> inchangé tout en maintenant la reproductibilité."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:64
msgid ""
"Since the sessions must be distinguished, session ids must be unique.  "
"Without the callback a random number is used, so that the probability of "
"generating the same session id is extremely small (2^128 possible ids for an "
"SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the uniqueness of "
"the generated session id, the callback must call "
"SSL_has_matching_session_id() and generate another id if a conflict occurs.  "
"If an id conflict is not resolved, the handshake will fail.  If the "
"application codes e.g. a unique host id, a unique process number, and a "
"unique sequence number into the session id, uniqueness could easily be "
"achieved without randomness added (it should however be taken care that no "
"confidential information is leaked this way). If the application can not "
"guarantee uniqueness, it is recommended to use the maximum B<id_len> and "
"fill in the bytes not used to code special information with random data to "
"avoid collisions."
msgstr ""
"Puisque les sessions doivent pouvoir être distinguées, les identifiants de "
"session doivent être uniques. En dehors du rappel, un nombre aléatoire est "
"utilisé, aussi la possibilité de créer un même identifiant est extrêmement "
"faible (2^128Â identifiants possibles pour une session SSLv2 , 2^256 pour "
"SSLv3/TLSv1). Dans le but dâ??assurer lâ??unicité de lâ??identifiant créé, le "
"rappel doit appeler B<SSL_has_matching_session_id>() et créer un autre "
"identifiant si un conflit se produit. Si un conflit dâ??identifiant apparait, "
"lâ??initiation de connexion échouera. Si lâ??application code p.ex. un "
"identifiant unique dâ??hôte, un numéro unique de processus et un numéro unique "
"de suite dans lâ??identifiant de session, lâ??unicité peut facilement être "
"parachevée sans caractères aléatoires ajoutés (en prenant soin quâ??aucune "
"information confidentielle ne puisse être divulguée). Si lâ??application ne "
"peut garantir lâ??unicité, lâ??utilisation du maximum de I<id_long> est "
"recommandée ainsi que remplir les octets, non utilisés pour coder une "
"information particulière, avec des données aléatoires pour éviter un conflit."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:79
msgid ""
"SSL_has_matching_session_id() will only query the internal session cache, "
"not the external one. Since the session id is generated before the handshake "
"is completed, it is not immediately added to the cache. If another thread is "
"using the same internal session cache, a race condition can occur in that "
"another thread generates the same session id.  Collisions can also occur "
"when using an external session cache, since the external cache is not tested "
"with SSL_has_matching_session_id()  and the same race condition applies."
msgstr ""
"B<SSL_has_matching_session_id>() interrogera le cache interne de session "
"mais pas celui externe. Puisque lâ??identifiant de session est créé avant que "
"lâ??initiation ne soit terminée, il nâ??est pas ajouté immédiatement au cache. "
"Si un autre processus utilise le même cache interne de session, une "
"situation de compétition peut survenir si cet autre processus crée le même "
"identifiant. Des conflits peuvent survenir lors de lâ??utilisation du cache de "
"session externe puisque celui-ci nâ??est pas vérifié avec "
"B<SSL_has_matching_session_id>(), et la même situation de compétition existe."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:88
msgid ""
"When calling SSL_has_matching_session_id() for an SSLv2 session with reduced "
"B<id_len>, the match operation will be performed using the fixed length "
"required and with a 0x00 padded id."
msgstr ""
"Lors de lâ??appel de B<SSL_has_matching_session_id>()pour une session SSLv2 "
"avec I<id_long> réduit, la correspondance sera réalisée en utilisant la "
"longueur demandée et lâ??identifiant emplit de 0x00."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:92
msgid ""
"The callback must return 0 if it cannot generate a session id for whatever "
"reason and return 1 on success."
msgstr ""
"Le rappel doit renvoyer B<0> si un identifiant ne peut être créé pour "
"nâ??importe quelle raison et B<1> en cas de réussite."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:97
msgid ""
"The callback function listed will generate a session id with the server id "
"given, and will fill the rest with pseudo random bytes:"
msgstr ""
"La fonction de rappel doit créé un identifiant de session avec lâ??identifiant "
"de serveur fourni, et compléter le reste avec des octets pseudo-aléatoires."

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:100
#, no-wrap
msgid ""
" const char session_id_prefix = \"www-18\";\n"
"\n"
msgstr ""
" const char session_id_prefix = \"www-18\";\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:102
#, no-wrap
msgid ""
" #define MAX_SESSION_ID_ATTEMPTS 10\n"
" static int generate_session_id(const SSL *ssl, unsigned char *id,\n"
"                              unsigned int *id_len)\n"
"      {\n"
"      unsigned int count = 0;\n"
"      const char *version;\n"
"\n"
msgstr ""
" #define MAX_SESSION_ID_ATTEMPTS 10\n"
" static int generate_session_id(const SSL *ssl, unsigned char *id,\n"
"                              unsigned int *id_long)\n"
"      {\n"
"      unsigned int count = 0;\n"
"      const char *version;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:109
#, no-wrap
msgid ""
"      version = SSL_get_version(ssl);\n"
"      if (!strcmp(version, \"SSLv2\"))\n"
"\t  /* we must not change id_len */;\n"
"\n"
msgstr ""
"      version = SSL_get_version(ssl);\n"
"      if (!strcmp(version, \"SSLv2\"))\n"
"\t  /* ne pas changer id_long */;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_generate_session_id.pod:113
#, no-wrap
msgid ""
"      do      {\n"
"              RAND_pseudo_bytes(id, *id_len);\n"
"              /* Prefix the session_id with the required prefix. NB: If our\n"
"               * prefix is too long, clip it - but there will be worse effects\n"
"               * anyway, eg. the server could only possibly create 1 session\n"
"               * ID (ie. the prefix!) so all future session negotiations will\n"
"               * fail due to conflicts. */\n"
"              memcpy(id, session_id_prefix,\n"
"                      (strlen(session_id_prefix) < *id_len) ?\n"
"                      strlen(session_id_prefix) : *id_len);\n"
"              }\n"
"      while(SSL_has_matching_session_id(ssl, id, *id_len) &&\n"
"              (++count < MAX_SESSION_ID_ATTEMPTS));\n"
"      if(count >= MAX_SESSION_ID_ATTEMPTS)\n"
"              return 0;\n"
"      return 1;\n"
"      }\n"
"\n"
msgstr ""
"      do      {\n"
"              RAND_pseudo_bytes(id, *id_len);\n"
"              /* Préfixer le session_id avec le préfixe demandé.\n"
"               * Avertissement : si le préfixe est trop long, rognez-le\n"
"               * â?? des effets pervers sont possibles, par exemple,\n"
"               * le serveur peut créer un identifiant de session\n"
"               * (câ??est-à -dire le préfixe) de telle sorte que toutes\n"
"               * les négociations de sessions suivante échoueront à \n"
"               * cause des conflits. */\n"
"              memcpy(id, session_id_prefix,\n"
"                      (strlen(session_id_prefix) < *id_long) ?\n"
"                      strlen(session_id_prefix) : *id_long);\n"
"              }\n"
"      while(SSL_has_matching_session_id(ssl, id, *id_long) &&\n"
"              (++count < MAX_SESSION_ID_ATTEMPTS));\n"
"      if(count >= MAX_SESSION_ID_ATTEMPTS)\n"
"              return 0;\n"
"      return 1;\n"
"      }\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:134
msgid ""
"SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id()  always "
"return 1."
msgstr ""
"B<SSL_CTX_set_generate_session_id>() et B<SSL_set_generate_session_id>() "
"renvoient B<1>."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:137
msgid ""
"SSL_has_matching_session_id() returns 1 if another session with the same id "
"is already in the cache."
msgstr ""
"B<SSL_has_matching_session_id>() renvoie B<1> si une autre session avec le "
"même identifiant est déjà dans le cache."

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:142
msgid "L<ssl(3)|ssl(3)>, L<SSL_get_version(3)|SSL_get_version(3)>"
msgstr "L<B<ssl>(3)|ssl(3)>, L<B<SSL_get_version>(3)|SSL_get_version(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_generate_session_id.pod:146
msgid ""
"SSL_CTX_set_generate_session_id(), SSL_set_generate_session_id()  and "
"SSL_has_matching_session_id() have been introduced in OpenSSL 0.9.7."
msgstr ""
"B<SSL_CTX_set_generate_session_id>(), B<SSL_set_generate_session_id>() et "
"B<SSL_has_matching_session_id>() ont été introduits dans OpenSSL 0.9.7."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:5
msgid ""
"SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, "
"SSL_get_info_callback - handle information callback for SSL connections"
msgstr ""
"SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, "
"SSL_get_info_callback - Gestion du rappel dâ??information pour les connexions "
"SSL"

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());\n"
" void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_info_callback(SSL_CTX *>I<ctx>B<, void (*>I<rappel>B<)());>\n"
" B<void (*SSL_CTX_get_info_callback(const SSL_CTX *>I<ctx>B<))();>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:14
#, no-wrap
msgid ""
" void SSL_set_info_callback(SSL *ssl, void (*callback)());\n"
" void (*SSL_get_info_callback(const SSL *ssl))();\n"
"\n"
msgstr ""
"B< void SSL_set_info_callback(SSL *>I<ssl>B<, void (*>I<rappel>B<)());>\n"
" B<void (*SSL_get_info_callback(const SSL *>I<ssl>B<))();>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:19
msgid ""
"SSL_CTX_set_info_callback() sets the B<callback> function, that can be used "
"to obtain state information for SSL objects created from B<ctx> during "
"connection setup and use. The setting for B<ctx> is overridden from the "
"setting for a specific SSL object, if specified.  When B<callback> is NULL, "
"not callback function is used."
msgstr ""
"B<SSL_CTX_set_info_callback>() définit la fonction I<rappel>, qui peut être "
"utilisée pour obtenir lâ??information dâ??état pour des objets SSL créés à  "
"partir de I<ctx> pendant la configuration de la connexion et son "
"utilisation. Le réglage pour I<ctx> est redéfini par la configuration pour "
"un objet SSL spécifique, sâ??il existe. Si I<rappel> est NULL, aucune fonction "
"de rappel nâ??est utilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:25
msgid ""
"SSL_set_info_callback() sets the B<callback> function, that can be used to "
"obtain state information for B<ssl> during connection setup and use.  When "
"B<callback> is NULL, the callback setting currently valid for B<ctx> is used."
msgstr ""
"B<SSL_set_info_callback>() définit la fonction I<rappel>, qui peut être "
"utilisée pour lâ??information dâ??état pour I<ssl> pendant la configuration de "
"la connexion et son utilisation. Si I<rappel> est NULL, le réglage du rappel "
"en cours pour I<ctx> est utilisé."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:30
msgid ""
"SSL_CTX_get_info_callback() returns a pointer to the currently set "
"information callback function for B<ctx>."
msgstr ""
"B<SSL_CTX_get_info_callback>() renvoie un pointeur vers lâ??actuelle fonction "
"de rappel dâ??information pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:33
msgid ""
"SSL_get_info_callback() returns a pointer to the currently set information "
"callback function for B<ssl>."
msgstr ""
"B<SSL_get_info_callback>() renvoie un pointeur vers lâ??actuelle fonction de "
"rappel dâ??information pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:38
msgid ""
"When setting up a connection and during use, it is possible to obtain state "
"information from the SSL/TLS engine. When set, an information callback "
"function is called whenever the state changes, an alert appears, or an error "
"occurs."
msgstr ""
"Durant la configuration de connexion et son utilisation, il est possible "
"dâ??obtenir des informations dâ??état du moteur SSL/TLS. Si définie, une "
"fonction de rappel dâ??information est appelée à  chaque fois que lâ??état "
"change, une alerte apparait, ou une erreur survient."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:42
msgid ""
"The callback function is called as B<callback(SSL *ssl, int where, int "
"ret)>.  The B<where> argument specifies information about where (in which "
"context)  the callback function was called. If B<ret> is 0, an error "
"condition occurred.  If an alert is handled, SSL_CB_ALERT is set and B<ret> "
"specifies the alert information."
msgstr ""
"La fonction de rappel est demandée ainsi : B<rappel(SSL *>I<ssl>B<, int "
">I<où>B<, int> I<ret>B<)>. Lâ??argument I<où> précise lâ??information sur où "
"(dans quel contexte) la fonction de rappel a été appelée. Si I<ret> est "
"B<0>, une condition dâ??erreur est survenue. Si une alerte est gérée, "
"SSL_CB_ALERT est défini et I<ret> indique la connaissance dâ??une alerte."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:48
msgid "B<where> is a bitmask made up of the following bits:"
msgstr "I<où> est un masquage fait avec les éléments suivants."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:52
msgid "SSL_CB_LOOP"
msgstr "SSL_CB_LOOP"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:54
msgid "Callback has been called to indicate state change inside a loop."
msgstr ""
"Le rappel a été demandé pour indiquer un changement dâ??état dans une boucle."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:56
msgid "SSL_CB_EXIT"
msgstr "SSL_CB_EXIT"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:58
msgid ""
"Callback has been called to indicate error exit of a handshake function.  "
"(May be soft error with retry option for non-blocking setups.)"
msgstr ""
"Le rappel a été demandé pour indiquer une sortie dâ??erreur dans une fonction "
"dâ??initiation de connexion (Peut être une erreur bénigne avec la possibilité "
"de recommencer dans les configurations non bloquantes)."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:61
msgid "SSL_CB_READ"
msgstr "SSL_CB_READ"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:63
msgid "Callback has been called during read operation."
msgstr "Le rappel a été demandé pendant une opération de lecture."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:65
msgid "SSL_CB_WRITE"
msgstr "SSL_CB_WRITE"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:67
msgid "Callback has been called during write operation."
msgstr "Le rappel a été demandé durant une opération dâ??écriture."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:69
msgid "SSL_CB_ALERT"
msgstr "SSL_CB_ALERT"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:71
msgid "Callback has been called due to an alert being sent or received."
msgstr "Le rappel a été demandé à  cause dâ??une alerte envoyée ou reçue."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:73
msgid "SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)"
msgstr "SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:75
msgid "SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)"
msgstr "SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:77
msgid "SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)"
msgstr "SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:79
msgid "SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)"
msgstr "SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:81
msgid "SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)"
msgstr "SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:83
msgid "SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)"
msgstr "SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)"

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:85
msgid "SSL_CB_HANDSHAKE_START"
msgstr "SSL_CB_HANDSHAKE_START"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:87
msgid "Callback has been called because a new handshake is started."
msgstr ""
"Le rappel a été demandé car une nouvelle initialisation de connexion a "
"commencé."

#. type: =item
#: C/ssl/SSL_CTX_set_info_callback.pod:89
msgid "SSL_CB_HANDSHAKE_DONE 0x20"
msgstr "SSL_CB_HANDSHAKE_DONE 0x20"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:91
msgid "Callback has been called because a handshake is finished."
msgstr "Le rappel a été demandé parce que lâ??initialisation est terminée."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:95
msgid ""
"The current state information can be obtained using the "
"L<SSL_state_string(3)|SSL_state_string(3)> family of functions."
msgstr ""
"Lâ??actuelle information dâ??état peut être obtenue avec la famille de fonctions "
"L<B<SSL_state_string>(3)|SSL_state_string(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:98
msgid ""
"The B<ret> information can be evaluated using the L<SSL_alert_type_string(3)|"
"SSL_alert_type_string(3)> family of functions."
msgstr ""
"Lâ??information I<ret> peut être évaluée avec la famille de fonctions "
"L<B<SSL_alert_type_string>(3)|SSL_alert_type_string(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:103
msgid "SSL_set_info_callback() does not provide diagnostic information."
msgstr "B<SSL_set_info_callback>() ne fournit pas dâ??information de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:105
msgid "SSL_get_info_callback() returns the current setting."
msgstr "B<SSL_get_info_callback>() renvoie le réglage actuel."

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:109
msgid ""
"The following example callback function prints state strings, information "
"about alerts being handled and error messages to the B<bio_err> BIO."
msgstr ""
"Lâ??exemple suivant de fonction de rappel écrit les chaînes dâ??état, "
"lâ??information sur les alertes gérées et les messages dâ??erreur dans le BIO "
"I<bio_err>."

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:112
#, no-wrap
msgid ""
" void apps_ssl_info_callback(SSL *s, int where, int ret)\n"
"\t{\n"
"\tconst char *str;\n"
"\tint w;\n"
"\n"
msgstr ""
" void apps_ssl_info_callback(SSL *s, int où, int ret)\n"
"\t{\n"
"\tconst char *str;\n"
"\tint w;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:117
#, no-wrap
msgid ""
"\tw=where& ~SSL_ST_MASK;\n"
"\n"
msgstr ""
"\tw=où& ~SSL_ST_MASK;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:119
#, no-wrap
msgid ""
"\tif (w & SSL_ST_CONNECT) str=\"SSL_connect\";\n"
"\telse if (w & SSL_ST_ACCEPT) str=\"SSL_accept\";\n"
"\telse str=\"undefined\";\n"
"\n"
msgstr ""
"\tif (w & SSL_ST_CONNECT) str=\"SSL_connect\";\n"
"\telse if (w & SSL_ST_ACCEPT) str=\"SSL_accept\";\n"
"\telse str=\"undefined\";\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_info_callback.pod:123
#, no-wrap
msgid ""
"\tif (where & SSL_CB_LOOP)\n"
"\t\t{\n"
"\t\tBIO_printf(bio_err,\"%s:%s\\n\",str,SSL_state_string_long(s));\n"
"\t\t}\n"
"\telse if (where & SSL_CB_ALERT)\n"
"\t\t{\n"
"\t\tstr=(where & SSL_CB_READ)?\"read\":\"write\";\n"
"\t\tBIO_printf(bio_err,\"SSL3 alert %s:%s:%s\\n\",\n"
"\t\t\tstr,\n"
"\t\t\tSSL_alert_type_string_long(ret),\n"
"\t\t\tSSL_alert_desc_string_long(ret));\n"
"\t\t}\n"
"\telse if (where & SSL_CB_EXIT)\n"
"\t\t{\n"
"\t\tif (ret == 0)\n"
"\t\t\tBIO_printf(bio_err,\"%s:failed in %s\\n\",\n"
"\t\t\t\tstr,SSL_state_string_long(s));\n"
"\t\telse if (ret < 0)\n"
"\t\t\t{\n"
"\t\t\tBIO_printf(bio_err,\"%s:error in %s\\n\",\n"
"\t\t\t\tstr,SSL_state_string_long(s));\n"
"\t\t\t}\n"
"\t\t}\n"
"\t}\n"
"\n"
msgstr ""
"\tif (où & SSL_CB_LOOP)\n"
"\t\t{\n"
"\t\tBIO_printf(bio_err,\"%s:%s\\n\",str,SSL_state_string_long(s));\n"
"\t\t}\n"
"\telse if (où & SSL_CB_ALERT)\n"
"\t\t{\n"
"\t\tstr=(où & SSL_CB_READ)?\"read\":\"write\";\n"
"\t\tBIO_printf(bio_err,\"SSL3 alert %s:%s:%s\\n\",\n"
"\t\t\tstr,\n"
"\t\t\tSSL_alert_type_string_long(ret),\n"
"\t\t\tSSL_alert_desc_string_long(ret));\n"
"\t\t}\n"
"\telse if (où & SSL_CB_EXIT)\n"
"\t\t{\n"
"\t\tif (ret == 0)\n"
"\t\t\tBIO_printf(bio_err,\"%s : erreur dans %s\\n\",\n"
"\t\t\t\tstr,SSL_state_string_long(s));\n"
"\t\telse if (ret < 0)\n"
"\t\t\t{\n"
"\t\t\tBIO_printf(bio_err,\"%s : erreur dans %s\\n\",\n"
"\t\t\t\tstr,SSL_state_string_long(s));\n"
"\t\t\t}\n"
"\t\t}\n"
"\t}\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_info_callback.pod:150
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_state_string(3)|SSL_state_string(3)>, "
"L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_state_string>(3)|SSL_state_string(3)>, "
"L<B<SSL_alert_type_string>(3)|SSL_alert_type_string(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:5
msgid ""
"SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, "
"SSL_get_max_cert_list, - manipulate allowed for the peer's certificate chain"
msgstr ""
"SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, "
"SSL_get_max_cert_list - Contrôles autorisés sur les chaînes de certificats "
"de pairs"

#. type: verbatim
#: C/ssl/SSL_CTX_set_max_cert_list.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);\n"
" long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_max_cert_list(SSL_CTX *>I<ctx>B<, long size);>\n"
" B<long SSL_CTX_get_max_cert_list(SSL_CTX *>I<ctx>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_max_cert_list.pod:14
#, no-wrap
msgid ""
" long SSL_set_max_cert_list(SSL *ssl, long size);\n"
" long SSL_get_max_cert_list(SSL *ctx);\n"
"\n"
msgstr ""
"B< long SSL_set_max_cert_list(SSL *>I<ssl>B<, long size);>\n"
" B<long SSL_get_max_cert_list(SSL *>I<ctx>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:19
msgid ""
"SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer's "
"certificate chain for all SSL objects created from B<ctx> to be <size> "
"bytes.  The SSL objects inherit the setting valid for B<ctx> at the time "
"L<SSL_new(3)|SSL_new(3)> is being called."
msgstr ""
"B<SSL_CTX_set_max_cert_list>() définit la taille maximale autorisée pour les "
"chaînes de certificats de pairs pour tous les objets SSL créés à partir de "
"I<ctx> à I<taille> octets. Les objets SSL hérite des réglages valables pour "
"I<ctx> au moment où L<B<SSL_new>(3)|SSL_new(3)> est appelé."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:24
msgid ""
"SSL_CTX_get_max_cert_list() returns the currently set maximum size for "
"B<ctx>."
msgstr ""
"B<SSL_CTX_get_max_cert_list>() renvoie lâ??actuelle taille maximale pour "
"I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:26
msgid ""
"SSL_set_max_cert_list() sets the maximum size allowed for the peer's "
"certificate chain for B<ssl> to be <size> bytes. This setting stays valid "
"until a new value is set."
msgstr ""
"B<SSL_set_max_cert_list>() définit la taille maximale autorisée pour la "
"chaîne de certificats du pair pour I<ssl> à I<taille> octets. Ce réglage "
"reste valable jusquâ??Ã  ce quâ??une nouvelle valeur soit choisie."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:30
msgid ""
"SSL_get_max_cert_list() returns the currently set maximum size for B<ssl>."
msgstr ""
"B<SSL_get_max_cert_list>() renvoie lâ??actuelle taille maximale pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:34
msgid ""
"During the handshake process, the peer may send a certificate chain.  The "
"TLS/SSL standard does not give any maximum size of the certificate chain.  "
"The OpenSSL library handles incoming data by a dynamically allocated "
"buffer.  In order to prevent this buffer from growing without bounds due to "
"data received from a faulty or malicious peer, a maximum size for the "
"certificate chain is set."
msgstr ""
"Pendant le processus dâ??initialisation de connexion, le pair envoie une "
"chaîne de certificats. La norme TLS/SSL nâ??indique pas de taille maximale "
"pour la chaîne de certificats. La bibliothèque dâ??OpenSSL prend en charge les "
"entrées de données avec un tampon alloué dynamiquement. Pour éviter que ce "
"tampon grossisse sans limite à  cause de données reçues dâ??un pair "
"malveillant, une taille maximale pour la chaîne de certificats est définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:41
msgid ""
"The default value for the maximum certificate chain size is 100kB (30kB on "
"the 16bit DOS platform). This should be sufficient for usual certificate "
"chains (OpenSSL's default maximum chain length is 10, see "
"L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, and certificates without "
"special extensions have a typical size of 1-2kB)."
msgstr ""
"La valeur maximale par défaut de la taille de chaîne de certificats est "
"100 ko (30 ko sur les plateformes DOS 16 bits). Cela devrait être suffisant "
"pour les chaînes de certificats courantes (pour OpenSSL, la longueur "
"maximale par défaut est 10, consultez L<B<SSL_CTX_set_verify>(3)|"
"SSL_CTX_set_verify(3)>, et les certificats sans extensions particulières ont "
"classiquement une taille de 1 Ã  2Â ko."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:47
msgid ""
"For special applications it can be necessary to extend the maximum "
"certificate chain size allowed to be sent by the peer, see e.g. the work on "
"\"Internet X.509 Public Key Infrastructure Proxy Certificate Profile\" and "
"\"TLS Delegation Protocol\" at http://www.ietf.org/ and http://www.globus.";
"org/ ."
msgstr ""
"Pour des applications particulières, il peut être nécessaire dâ??augmenter la "
"taille maximale de la chaîne de certificats pouvant être envoyée par le "
"pair, consultez p.ex., « Internet X.509 Public Key Infrastructure Proxy "
"Certificate Profile » et « TLS Delegation Protocol » sur http://www.ietf.";
"org/ et http://www.globus.org/.";

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:53
msgid ""
"Under normal conditions it should never be necessary to set a value smaller "
"than the default, as the buffer is handled dynamically and only uses the "
"memory actually required by the data sent by the peer."
msgstr ""
"Dans des conditions normales, il ne devrait jamais être nécessaire de "
"définir une valeur plus petite que celle par défaut, car le tampon est géré "
"dynamiquement et nâ??utilise que la mémoire réellement nécessaire pour les "
"données envoyées par le pair."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:57
msgid ""
"If the maximum certificate chain size allowed is exceeded, the handshake "
"will fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error."
msgstr ""
"Si la taille maximale de la chaîne de certificats est dépassée, "
"lâ??initialisation de connexion échouera avec une erreur "
"SSL_R_EXCESSIVE_MESSAGE_SIZE."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:62
msgid ""
"SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the "
"previously set value."
msgstr ""
"B<SSL_CTX_set_max_cert_list>() et B<SSL_set_max_cert_list>() renvoient la "
"valeur précédemment définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:65
msgid ""
"SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently "
"set value."
msgstr ""
"B<SSL_CTX_get_max_cert_list>() et B<SSL_get_max_cert_list>() renvoient la "
"valeur actuellement définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:70
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_set_verify(3)|"
"SSL_CTX_set_verify(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_new>(3)|SSL_new(3)>, L<B<SSL_CTX_set_verify>(3)|"
"SSL_CTX_set_verify(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_max_cert_list.pod:75
msgid "SSL*_set/get_max_cert_list() have been introduced in OpenSSL 0.9.7."
msgstr ""
"B<SSL>I<*>B<_set>() et B<get_max_cert_list>() ont été introduites dans "
"OpenSSLÂ 0.9.7."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:5
msgid ""
"SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate "
"SSL engine mode"
msgstr ""
"SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - Manipuler "
"le mode du moteur SSL"

#. type: verbatim
#: C/ssl/SSL_CTX_set_mode.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);\n"
" long SSL_set_mode(SSL *ssl, long mode);\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_mode(SSL_CTX *>I<ctx>B<, long> I<mode>B<);>\n"
" B<long SSL_set_mode(SSL *>I<ssl>B<, long> I<mode>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_mode.pod:14
#, no-wrap
msgid ""
" long SSL_CTX_get_mode(SSL_CTX *ctx);\n"
" long SSL_get_mode(SSL *ssl);\n"
"\n"
msgstr ""
"B< long SSL_CTX_get_mode(SSL_CTX *>I<ctx>B<);>\n"
" B<long SSL_get_mode(SSL *>I<ssl>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:19
msgid ""
"SSL_CTX_set_mode() adds the mode set via bitmask in B<mode> to B<ctx>.  "
"Options already set before are not cleared."
msgstr ""
"B<SSL_CTX_set_mode>() ajoute le mode à  lâ??aide dâ??un masquage dans I<mode> à  "
"I<ctx>. Les options déjà définies ne sont pas effacées."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:22
msgid ""
"SSL_set_mode() adds the mode set via bitmask in B<mode> to B<ssl>.  Options "
"already set before are not cleared."
msgstr ""
"B<SSL_set_mode>() ajoute le mode à  lâ??aide dâ??un masquage dans I<mode> à  "
"I<ssl>. Les options déjà définies ne sont pas effacées."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:25
msgid "SSL_CTX_get_mode() returns the mode set for B<ctx>."
msgstr "B<SSL_CTX_get_mode>() renvoie le mode défini pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:27
msgid "SSL_get_mode() returns the mode set for B<ssl>."
msgstr "B<SSL_get_mode>() renvoie le mode défini pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:31
msgid "The following mode changes are available:"
msgstr "Les modes suivants sont disponibles."

#. type: =item
#: C/ssl/SSL_CTX_set_mode.pod:35
msgid "SSL_MODE_ENABLE_PARTIAL_WRITE"
msgstr "SSL_MODE_ENABLE_PARTIAL_WRITE"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:37
msgid ""
"Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success when "
"just a single record has been written). When not set (the default), "
"SSL_write() will only report success once the complete chunk was written.  "
"Once SSL_write() returns with r, r bytes have been successfully written and "
"the next call to SSL_write() must only send the n-r bytes left, imitating "
"the behaviour of write()."
msgstr ""
"Autoriser B<SSL_write>(..., I<n>) Ã  renvoyer I<r> avec 0Â <Â I<r>Â <Â I<n> (c-Ã -"
"d., rendre compte de la réussite lorsquâ??un seul enregistrement a été écrit). "
"Si non défini (état par défaut), B<SSL_write>() nâ??indiquera une réussite que "
"lorsquâ??un morceau complet est écrit. Après un renvoi de B<SSL_write>() avec "
"I<r>, I<r> octets ont été écrits avec succès et le prochain appel à "
"B<SSL_write>() ne doit envoyer que les derniers n-r octets, à  lâ??instar du "
"comportement de B<write>()."

#. type: =item
#: C/ssl/SSL_CTX_set_mode.pod:44
msgid "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER"
msgstr "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:46
msgid ""
"Make it possible to retry SSL_write() with changed buffer location (the "
"buffer contents must stay the same). This is not the default to avoid the "
"misconception that non-blocking SSL_write() behaves like non-blocking "
"write()."
msgstr ""
"Rendre possible un nouvel essai de B<SSL_write>() avec un emplacement de "
"tampon différent (le contenu du tampon doit rester le même). Ce nâ??est pas le "
"comportement par défaut pour éviter lâ??idée fausse que B<SSL_write>() non "
"bloquant a le même comportement que B<write>() non bloquant."

#. type: =item
#: C/ssl/SSL_CTX_set_mode.pod:51
msgid "SSL_MODE_AUTO_RETRY"
msgstr "SSL_MODE_AUTO_RETRY"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:53
msgid ""
"Never bother the application with retries if the transport is blocking.  If "
"a renegotiation take place during normal operation, a L<SSL_read(3)|"
"SSL_read(3)> or L<SSL_write(3)|SSL_write(3)> would return with -1 and "
"indicate the need to retry with SSL_ERROR_WANT_READ.  In a non-blocking "
"environment applications must be prepared to handle incomplete read/write "
"operations.  In a blocking environment, applications are not always prepared "
"to deal with read/write operations returning without success report. The "
"flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return "
"after the handshake and successful completion."
msgstr ""
"Ne contrariez jamais lâ??application avec de nouveaux essais si le transfert "
"est bloquant. Si une renégociation a lieu durant une opération normale, "
"L<B<SSL_read>(3)|SSL_read(3)> ou L<B<SSL_write>(3)|SSL_write(3)> renverrait "
"B<-1> et indiquerait la nécessité de réessayer avec SSL_ERROR_WANT_READ. "
"Dans un environnement non bloquant, les applications doivent être préparées "
"à prendre en charge les opérations de lecture et écriture incomplètes. Dans "
"un environnement bloquant, les applications ne sont pas préparées à "
"sâ??occuper des opérations de lecture et écriture, se terminant sans "
"indication de réussite. Lâ??indicateur SSL_MODE_AUTO_RETRY  fera que les "
"opérations le lecture et écriture ne se termineront quâ??après la réussite "
"complète de lâ??initiation de connexion."

#. type: =item
#: C/ssl/SSL_CTX_set_mode.pod:64
msgid "SSL_MODE_RELEASE_BUFFERS"
msgstr "SSL_MODE_RELEASE_BUFFERS"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:66
msgid ""
"When we no longer need a read buffer or a write buffer for a given SSL, then "
"release the memory we were using to hold it.  Released memory is either "
"appended to a list of unused RAM chunks on the SSL_CTX, or simply freed if "
"the list of unused chunks would become longer than SSL_CTX-"
">freelist_max_len, which defaults to 32.  Using this flag can save around "
"34k per idle SSL connection.  This flag has no effect on SSL v2 connections, "
"or on DTLS connections."
msgstr ""
"Sâ??il nâ??est plus besoin dâ??un tampon de lecture ou dâ??écriture pour un SSL "
"donné, libérer la mémoire utilisée pour ce tampon. La mémoire libérée est "
"soit ajoutée à une liste de morceaux de RAM dans le SSL_CTX, ou simplement "
"libérée si la liste de morceaux devient plus grande que SSL_CTX-"
">freelist_max_len, de valeur 32 par défaut. Utiliser cet indicateur peut "
"sauver 34Â k par connexion inactive, Cet indicateur nâ??a aucun effet sur les "
"connexions SSLÂ v2, ou DTLS."

#. type: =item
#: C/ssl/SSL_CTX_set_mode.pod:74
msgid "SSL_MODE_SEND_FALLBACK_SCSV"
msgstr "SSL_MODE_SEND_FALLBACK_SCSV"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:76
msgid ""
"Send TLS_FALLBACK_SCSV in the ClientHello.  To be set only by applications "
"that reconnect with a downgraded protocol version; see draft-ietf-tls-"
"downgrade-scsv-00 for details."
msgstr ""
"Envoyer TLS_FALLBACK_SCSV dans ClientHello. Ã? nâ??activer que par les "
"applications qui se reconnectent avec une version dégradée de protocole ; "
"consultez draft-ietf-tls-downgrade-scsv-00 pour plus de précisions."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:80
msgid ""
"DO NOT ENABLE THIS if your application attempts a normal handshake.  Only "
"use this in explicit fallback retries, following the guidance in draft-ietf-"
"tls-downgrade-scsv-00."
msgstr ""
"Nâ??activez jamais cela si lâ??application essaye une initialisation de "
"connexion normale. Nâ??utilisez cela que dans les tentatives de reconnexion en "
"solution de repli explicite, en suivant les conseils de draft-ietf-tls-"
"downgrade-scsv-00."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:88
msgid ""
"SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask after "
"adding B<mode>."
msgstr ""
"B<SSL_CTX_set_mode>() et B<SSL_set_mode>() renvoient le nouveau masquage du "
"mode après lâ??ajout de I<mode>."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:91
msgid "SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask."
msgstr ""
"B<SSL_CTX_get_mode>() et B<SSL_get_mode>() renvoient lâ??actuel masquage."

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:95
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_read(3)|SSL_read(3)>, L<SSL_write(3)|SSL_write(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_read>(3)|SSL_read(3)>, L<B<SSL_write>(3)|"
"SSL_write(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_mode.pod:99
msgid "SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6."
msgstr "SSL_MODE_AUTO_RETRY a été ajouté dans OpenSSL 0.9.6."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:5
msgid ""
"SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, "
"SSL_set_msg_callback, SSL_get_msg_callback_arg - install callback for "
"observing protocol messages"
msgstr ""
"SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, "
"SSL_set_msg_callback, SSL_get_msg_callback_arg - Installer le rappel pour "
"lâ??observation des messages de protocole"

#. type: verbatim
#: C/ssl/SSL_CTX_set_msg_callback.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));\n"
" void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_msg_callback(SSL_CTX *>I<ctx>B<, void (*>I<cb>B<)(int> I<write_p>B<, int> I<version>B<, int> I<content_type>B<, const void *>I<tamp>B<, size_t> I<taille>B<, SSL *>I<ssl>B<, void *>I<arg>B<));>\n"
" B<void SSL_CTX_set_msg_callback_arg(SSL_CTX *>I<ctx>B<, void *>I<arg>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_msg_callback.pod:14
#, no-wrap
msgid ""
" void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));\n"
" void SSL_set_msg_callback_arg(SSL *ssl, void *arg);\n"
"\n"
msgstr ""
"B< void SSL_set_msg_callback(SSL *>I<ssl>B<, void (*>I<cb>B<)(int> I<write_p>B<, int> I<version>B<, int> I<content_type>B<, const void *>I<tamp>B<, size_t> I<taille>B<, SSL *>I<ssl>B<, void *>I<arg>B<));>\n"
" B<void SSL_set_msg_callback_arg(SSL *>I<ssl>B<, void *>I<arg>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:19
msgid ""
"SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to define a "
"message callback function I<cb> for observing all SSL/TLS protocol messages "
"(such as handshake messages) that are received or sent.  "
"SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg()  can be used "
"to set argument I<arg> to the callback function, which is available for "
"arbitrary application use."
msgstr ""
"B<SSL_CTX_set_msg_callback>() ou B<SSL_set_msg_callback>() peuvent être "
"utilisées pour définir une fonction de rappel de message I<cb> pour observer "
"tous les messages de protocole SSL/TLS (tels des messages dâ??initiation de "
"connexion) qui sont reçus ou envoyés. B<SSL_CTX_set_msg_callback_arg>() et "
"B<SSL_set_msg_callback_arg>() peuvent être utilisées pour définir lâ??argument "
"I<arg> de la fonction de rappel, qui est disponible pour toute application."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:26
msgid ""
"SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify "
"default settings that will be copied to new B<SSL> objects by L<SSL_new(3)|"
"SSL_new(3)>. SSL_set_msg_callback() and SSL_set_msg_callback_arg() modify "
"the actual settings of an B<SSL> object. Using a B<0> pointer for I<cb> "
"disables the message callback."
msgstr ""
"B<SSL_CTX_set_msg_callback>() et B<SSL_CTX_set_msg_callback_arg>() précisent "
"les réglages par défaut qui seront copiés dans les nouveaux objets SSL par "
"L<B<SSL_new>(3)|SSL_new(3)>. B<SSL_set_msg_callback>() et "
"B<SSL_set_msg_callback_arg>() changent les réglages existants dâ??un objet "
"SSL. Lâ??utilisation dâ??un pointeur B<0> pour I<cb> désactive le rappel de "
"messages."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:32
msgid ""
"When I<cb> is called by the SSL/TLS library for a protocol message, the "
"function arguments have the following meaning:"
msgstr ""
"Quand I<cb> est appelé par la bibliothèque SSL/TLS pour un message de "
"protocole, les arguments de la fonction ont les significations suivantes."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:37
msgid "I<write_p>"
msgstr "I<write_p>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:39
msgid ""
"This flag is B<0> when a protocol message has been received and B<1> when a "
"protocol message has been sent."
msgstr ""
"Cet indicateur est B<0> lorsquâ??un message de protocole est reçu et B<1> "
"lorsquâ??un message est envoyé."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:42
msgid "I<version>"
msgstr "I<version>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:44
msgid ""
"The protocol version according to which the protocol message is interpreted "
"by the library. Currently, this is one of B<SSL2_VERSION>, B<SSL3_VERSION> "
"and B<TLS1_VERSION> (for SSL 2.0, SSL 3.0 and TLS 1.0, respectively)."
msgstr ""
"La version du protocole à partir de laquelle la bibliothèque interprètera "
"les messages de protocole. Actuellement câ??est une parmi B<SSL2_VERSION>, "
"B<SSL3_VERSION> et B<TLS1_VERSION> (pour SSLÂ 2.0, SSLÂ 3.0 et TLSÂ 1.0, "
"respectivement)."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:49
msgid "I<content_type>"
msgstr "I<content_type>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:51
msgid ""
"In the case of SSL 2.0, this is always B<0>.  In the case of SSL 3.0 or TLS "
"1.0, this is one of the B<ContentType> values defined in the protocol "
"specification (B<change_cipher_spec(20)>, B<alert(21)>, B<handshake(22)>; "
"but never B<application_data(23)> because the callback will only be called "
"for protocol messages)."
msgstr ""
"Pour SSLÂ 2.0, câ??est toujours B<0>. Pour SSLÂ 3.0 ou TLSÂ 1.0, câ??est une des "
"valeurs de B<ContentType> définies dans les spécifications de protocole "
"(B<change_cipher_spec(20)>, B<alert(21)>, B<handshake(22)>Â ; mais jamais "
"B<application_data(23)> car le rappel nâ??est demandé que pour des messages de "
"protocole."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:57
msgid "I<buf>, I<len>"
msgstr "I<tamp>, I<taille>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:59
msgid ""
"I<buf> points to a buffer containing the protocol message, which consists of "
"I<len> bytes. The buffer is no longer valid after the callback function has "
"returned."
msgstr ""
"I<tamp> pointe vers un tampon contenant le message de protocole, qui est "
"constitué de I<taille> octets. Le tampon nâ??est plus valable après que la "
"fonction de rappel s'est terminée."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:63
msgid "I<ssl>"
msgstr "I<ssl>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:65
msgid "The B<SSL> object that received or sent the message."
msgstr "Lâ??objet SSL qui a reçu ou envoyé le message."

#. type: =item
#: C/ssl/SSL_CTX_set_msg_callback.pod:67
msgid "I<arg>"
msgstr "I<arg>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:69
msgid ""
"The user-defined argument optionally defined by "
"SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg()."
msgstr ""
"Lâ??argument défini par lâ??utilisateur, facultativement défini  par "
"B<SSL_CTX_set_msg_callback_arg>() ou B<SSL_set_msg_callback_arg>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:76
msgid ""
"Protocol messages are passed to the callback function after decryption and "
"fragment collection where applicable. (Thus record boundaries are not "
"visible.)"
msgstr ""
"Les messages de protocole sont transmis à la fonction de rappel après "
"déchiffrement et lâ??assemblage de morceaux où câ??est autorisé (les limites "
"dâ??enregistrement ne sont pas visibles)."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:80
msgid ""
"If processing a received protocol message results in an error, the callback "
"function may not be called.  For example, the callback function will never "
"see messages that are considered too large to be processed."
msgstr ""
"Si durant le processus, un message de protocole reçu conduit à une erreur, "
"la fonction de rappel ne sera pas appelée. Par exemple, la fonction de "
"rappel ne verra jamais les messages considérés comme trop grands pour être "
"traités."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:85
msgid ""
"Due to automatic protocol version negotiation, I<version> is not necessarily "
"the protocol version used by the sender of the message: If a TLS 1.0 "
"ClientHello message is received by an SSL 3.0-only server, I<version> will "
"be B<SSL3_VERSION>."
msgstr ""
"� cause de la négociation automatique de version de protocole, I<version> "
"nâ??est pas inévitablement la version de protocole utilisée par lâ??expéditeur "
"du message. Si un message ClientHello de TLS 1.0 est reçu par un serveur "
"uniquement SSLÂ 3.0, I<version> sera B<SSL3_VERSION>."

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:92
msgid "L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>"
msgstr "L<B<ssl>(3)|ssl(3)>, L<B<SSL_new>(3)|SSL_new(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_msg_callback.pod:96
msgid ""
"SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(), "
"SSL_set_msg_callback() and SSL_get_msg_callback_arg() were added in OpenSSL "
"0.9.7."
msgstr ""
"B<SSL_CTX_set_msg_callback>(), B<SSL_CTX_set_msg_callback_arg>(), "
"B<SSL_set_msg_callback>() et B<SSL_get_msg_callback_arg>() ont été ajoutées "
"dans OpenSSLÂ 0.9.7."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:5
msgid ""
"SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, "
"SSL_clear_options, SSL_CTX_get_options, SSL_get_options, "
"SSL_get_secure_renegotiation_support - manipulate SSL options"
msgstr ""
"SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, "
"SSL_clear_options, SSL_CTX_get_options, SSL_get_options, "
"SSL_get_secure_renegotiation_support - Manipuler des options SSL"

#. type: verbatim
#: C/ssl/SSL_CTX_set_options.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_options(SSL_CTX *ctx, long options);\n"
" long SSL_set_options(SSL *ssl, long options);\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_options(SSL_CTX *>I<ctx>B<, long> I<options>B<);>\n"
" B<long SSL_set_options(SSL *>I<ssl>B<, long> I<options>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_options.pod:14
#, no-wrap
msgid ""
" long SSL_CTX_clear_options(SSL_CTX *ctx, long options);\n"
" long SSL_clear_options(SSL *ssl, long options);\n"
"\n"
msgstr ""
"B< long SSL_CTX_clear_options(SSL_CTX *>I<ctx>B<, long> I<options>B<);>\n"
" B<long SSL_clear_options(SSL *>I<ssl>B<, long> I<options>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_options.pod:17
#, no-wrap
msgid ""
" long SSL_CTX_get_options(SSL_CTX *ctx);\n"
" long SSL_get_options(SSL *ssl);\n"
"\n"
msgstr ""
"B< long SSL_CTX_get_options(SSL_CTX *>I<ctx>B<);>\n"
" B<long SSL_get_options(SSL *>I<ssl>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_options.pod:20
#, no-wrap
msgid ""
" long SSL_get_secure_renegotiation_support(SSL *ssl);\n"
"\n"
msgstr ""
"B< long SSL_get_secure_renegotiation_support(SSL *>I<ssl>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:24
msgid "Note: all these functions are implemented using macros."
msgstr "Note : toutes ces fonctions sont implémentées en utilisant des macros."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:26
msgid ""
"SSL_CTX_set_options() adds the options set via bitmask in B<options> to "
"B<ctx>.  Options already set before are not cleared!"
msgstr ""
"B<SSL_CTX_set_options>() ajoute les options, définies à  lâ??aide dâ??un masquage "
"dans I<options>, à I<ctx>. Les options déjà définies ne sont pas effacées !"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:29
msgid ""
"SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.  "
"Options already set before are not cleared!"
msgstr ""
"B<SSL_set_options>() ajoute les options, définies à  lâ??aide dâ??un masquage "
"dans I<options>, à I<ctx>. Les options déjà définies ne sont pas effacées !"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:32
msgid ""
"SSL_CTX_clear_options() clears the options set via bitmask in B<options> to "
"B<ctx>."
msgstr ""
"B<SSL_CTX_clear_options>() efface les options, définies à  lâ??aide dâ??un "
"masquage dans I<options>, de I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:35
msgid ""
"SSL_clear_options() clears the options set via bitmask in B<options> to "
"B<ssl>."
msgstr ""
"B<SSL_clear_options>() efface les options, définies à  lâ??aide dâ??un masquage "
"dans I<options>, de I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:37
msgid "SSL_CTX_get_options() returns the options set for B<ctx>."
msgstr "B<SSL_CTX_get_options>() renvoie les options définies pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:39
msgid "SSL_get_options() returns the options set for B<ssl>."
msgstr "B<SSL_get_options>() renvoie les options définies pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:41
msgid ""
"SSL_get_secure_renegotiation_support() indicates whether the peer supports "
"secure renegotiation."
msgstr ""
"B<SSL_get_secure_renegotiation_support>() signale si le pair gère les "
"renégociations sécurisées."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:46
msgid ""
"The behaviour of the SSL library can be changed by setting several options.  "
"The options are coded as bitmasks and can be combined by a logical B<or> "
"operation (|)."
msgstr ""
"Le comportement de la bibliothèque SSL peut être modifié en réglant "
"plusieurs options. Les options sont codées comme des masquages et peuvent "
"être associées avec une opération logique B<ou> (|)."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:50
msgid ""
"SSL_CTX_set_options() and SSL_set_options() affect the (external)  protocol "
"behaviour of the SSL library. The (internal) behaviour of the API can be "
"changed by using the similar L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and "
"SSL_set_mode() functions."
msgstr ""
"B<SSL_CTX_set_options>() et B<SSL_set_options>() affectent le comportement "
"de protocole (externe) de la bibliothèque SSL. Le comportement (interne) de "
"lâ??API peut être changé en utilisant les fonctions similaires "
"L<B<SSL_CTX_set_mode>(3)|SSL_CTX_set_mode(3)> et B<SSL_set_mode>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:55
msgid ""
"During a handshake, the option settings of the SSL object are used. When a "
"new SSL object is created from a context using SSL_new(), the current option "
"setting is copied. Changes to B<ctx> do not affect already created SSL "
"objects. SSL_clear() does not affect the settings."
msgstr ""
"Pendant une initialisation de connexion, les réglages dâ??options de lâ??objet "
"SSL sont utilisés. Quand un nouvel objet SSL est créé à  partir dâ??un contexte "
"en utilisant B<SSL_new>(), les réglages dâ??option sont copiés. Les "
"modifications à  I<ctx> nâ??agissent sur les objets SSL déjà  créés. "
"B<SSL_clear>() ne modifie pas les réglages."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:60
msgid "The following B<bug workaround> options are available:"
msgstr "Les options suivantes de palliatif de bogue sont disponibles."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:64
msgid "SSL_OP_MICROSOFT_SESS_ID_BUG"
msgstr "SSL_OP_MICROSOFT_SESS_ID_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:66
msgid ""
"www.microsoft.com - when talking SSLv2, if session-id reuse is performed, "
"the session-id passed back in the server-finished message is different from "
"the one decided upon."
msgstr ""
"www.microsoft.com â?? avec SSLv2, si une réutilisation de lâ??identifiant de "
"session est faite, lâ??identifiant transmis dans le message quand le serveur a "
"terminé est différent de celui décidé pour SSLv2."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:70
msgid "SSL_OP_NETSCAPE_CHALLENGE_BUG"
msgstr "SSL_OP_NETSCAPE_CHALLENGE_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:72
msgid ""
"Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte challenge but "
"then appears to only use 16 bytes when generating the encryption keys.  "
"Using 16 bytes is ok but it should be ok to use 32.  According to the SSLv3 "
"spec, one should use 32 bytes for the challenge when operating in SSLv2/v3 "
"compatibility mode, but as mentioned above, this breaks this server so 16 "
"bytes is the way to go."
msgstr ""
"Netscape-Commerce/1.12, avec SSLv2, accepte une demande dâ??accès en 32 octets "
"mais il semble seulement utiliser 16Â octets lors de la production de la clef "
"de chiffrement. Utiliser 16Â octets est correct, mais 32Â octets le serait "
"aussi. Dâ??après les spécifications SSLv3, 32 octets devraient être utilisés "
"lors dâ??une demande dans le mode de compatibilité SSLv2/v3, mais comme "
"mentionné ci-dessus, cela casse le serveur et 16 octets est la méthode à "
"utiliser."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:79
msgid "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG"
msgstr "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:81
msgid "As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect."
msgstr "Comme dans OpenSSLÂ 0.9.8q et 1.0.0c, cette option nâ??a pas dâ??effet."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:83
msgid "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG"
msgstr "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:85 C/ssl/SSL_CTX_set_options.pod:89
#: C/ssl/SSL_CTX_set_options.pod:98 C/ssl/SSL_CTX_set_options.pod:102
#: C/ssl/SSL_CTX_set_options.pod:106 C/ssl/SSL_CTX_set_options.pod:173
#: C/ssl/SSL_CTX_set_options.pod:177 C/ssl/SSL_CTX_set_options.pod:187
msgid "..."
msgstr "..."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:87
msgid "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER"
msgstr "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:91
msgid "SSL_OP_SAFARI_ECDHE_ECDSA_BUG"
msgstr "SSL_OP_SAFARI_ECDHE_ECDSA_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:93
msgid ""
"Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS "
"X.  OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers."
msgstr ""
"Ne choisissez pas les signatures ECDHE-ECDSA si le client apparait être "
"Safari sur OSÂ X. OSÂ XÂ 10.8..10.8.3 ne prennent plus en charge les signatures "
"ECDHE-ECDSA."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:96
msgid "SSL_OP_SSLEAY_080_CLIENT_DH_BUG"
msgstr "SSL_OP_SSLEAY_080_CLIENT_DH_BUG"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:100
msgid "SSL_OP_TLS_D5_BUG"
msgstr "SSL_OP_TLS_D5_BUG"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:104
msgid "SSL_OP_TLS_BLOCK_PADDING_BUG"
msgstr "SSL_OP_TLS_BLOCK_PADDING_BUG"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:108
msgid "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS"
msgstr "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:110
msgid ""
"Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability "
"affecting CBC ciphers, which cannot be handled by some broken SSL "
"implementations.  This option has no effect for connections using other "
"ciphers."
msgstr ""
"Désactiver les contre-mesures sur une vulnérabilité du protocole SSL 3.0/"
"TLS 1.0, qui ne peut être gérée par quelques implémentations cassées. Cette "
"option nâ??a aucun effet sur les connexions utilisant dâ??autres signatures."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:115
msgid "SSL_OP_TLSEXT_PADDING"
msgstr "SSL_OP_TLSEXT_PADDING"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:117
msgid ""
"Adds a padding extension to ensure the ClientHello size is never between 256 "
"and 511 bytes in length. This is needed as a workaround for some "
"implementations."
msgstr ""
"Ajouter une extension dâ??emplissage pour garantir que la taille de "
"ClientHello ne soit jamais comprise entre 256 et 512Â octets. Cela est "
"nécessaire comme palliatif pour quelques implémentations."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:121
msgid "SSL_OP_ALL"
msgstr "SSL_OP_ALL"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:123
msgid "All of the above bug workarounds."
msgstr "Tous les palliatifs pour les bogues ci-dessus."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:127
msgid ""
"It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround options "
"if compatibility with somewhat broken implementations is desired."
msgstr ""
"Utiliser B<SSL_OP_ALL> est généralement sans danger pour activer les options "
"de palliatif de bogue si la compatibilité avec quelques implémentations "
"légèrement non conformes est désirée."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:131
msgid "The following B<modifying> options are available:"
msgstr "Les options B<modificatrices> suivantes sont disponibles."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:135
msgid "SSL_OP_TLS_ROLLBACK_BUG"
msgstr "SSL_OP_TLS_ROLLBACK_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:137
msgid "Disable version rollback attack detection."
msgstr "Désactiver la détection de la variante attaque par annulation. "

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:139
msgid ""
"During the client key exchange, the client must send the same information "
"about acceptable SSL/TLS protocol levels as during the first hello. Some "
"clients violate this rule by adapting to the server's answer. (Example: the "
"client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server only "
"understands up to SSLv3. In this case the client must still use the same "
"SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect to "
"the server's answer and violate the version rollback protection.)"
msgstr ""
"Pendant lâ??échange de clefs, le client doit envoyer la même information sur "
"les niveaux acceptables de protocole SSL/TLS comme pendant le premier hello. "
"Certains clients enfreignent cette règle en sâ??adaptant à  la réponse du "
"serveur. (Exemple : le client envoie un hello SSLv2 et accepte jusquâ??à  "
"SSLv3.1=TLSv1, le serveur comprend jusquâ??Ã  SSLv3. Dans ce cas, le client "
"doit encore utiliser la même annonce SSLv3.1=TLSv1. Certains clients se "
"rabattent sur SSLv3 en accord avec la réponse du serveur et enfreignent la "
"variante protection contre annulation.)"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:147
msgid "SSL_OP_SINGLE_DH_USE"
msgstr "SSL_OP_SINGLE_DH_USE"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:149
msgid ""
"Always create a new key when using temporary/ephemeral DH parameters (see "
"L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).  This "
"option must be used to prevent small subgroup attacks, when the DH "
"parameters were not generated using \"strong\" primes (e.g. when using DSA-"
"parameters, see L<dhparam(1)|dhparam(1)>).  If \"strong\" primes were used, "
"it is not strictly necessary to generate a new DH key during each handshake "
"but it is also recommended.  B<SSL_OP_SINGLE_DH_USE> should therefore be "
"enabled whenever temporary/ephemeral DH parameters are used."
msgstr ""
"Toujours créer une nouvelle clef lors de lâ??utilisation de paramètres DH "
"temporaires ou éphémères (consultez L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>). Cette option doit être utilisée en "
"prévention des attaques par petits sous-groupes, si les paramètres DH "
"nâ??étaient pas créés avec des nombres premiers « forts » (p. ex. lors de "
"lâ??utilisation de paramètres DSA, consultez L<B<dhparam>(1)|dhparam(1)>). Si "
"des nombres premiers « forts » sont utilisés, créer une nouvelle clef DH à "
"chaque initialisation de connexion nâ??est pas strictement nécessaire mais "
"recommandé. B<SSL_OP_SINGLE_DH_USE> devrait par conséquent être activé "
"chaque fois que des paramètres temporaires ou éphémères sont utilisés."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:159
msgid "SSL_OP_EPHEMERAL_RSA"
msgstr "SSL_OP_EPHEMERAL_RSA"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:161
msgid "This option is no longer implemented and is treated as no op."
msgstr "Cette option nâ??est plus effective, elle est ignorée."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:163
msgid "SSL_OP_CIPHER_SERVER_PREFERENCE"
msgstr "SSL_OP_CIPHER_SERVER_PREFERENCE"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:165
msgid ""
"When choosing a cipher, use the server's preferences instead of the client "
"preferences. When not set, the SSL server will always follow the clients "
"preferences. When set, the SSLv3/TLSv1 server will choose following its own "
"preferences. Because of the different protocol, for SSLv2 the server will "
"send its list of preferences to the client and the client chooses."
msgstr ""
"Lors du choix dâ??une signature, utiliser les préférences du serveur plutôt "
"que celles du client. Sans ce réglage, le serveur SSL suivra toujours les "
"préférences du client. Avec ce réglage, le serveur SSLv3/TLSv1 choisira de "
"suivre ses propres préférences. � cause de la différence de protocole, pour "
"SSLv2 le serveur enverra sa liste de préférences au client et celui-ci "
"choisira."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:171
msgid "SSL_OP_PKCS1_CHECK_1"
msgstr "SSL_OP_PKCS1_CHECK_1"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:175
msgid "SSL_OP_PKCS1_CHECK_2"
msgstr "SSL_OP_PKCS1_CHECK_2"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:179
msgid "SSL_OP_NETSCAPE_CA_DN_BUG"
msgstr "SSL_OP_NETSCAPE_CA_DN_BUG"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:181
msgid ""
"If we accept a netscape connection, demand a client cert, have a non-self-"
"signed CA which does not have its CA in netscape, and the browser has a "
"cert, it will crash/hang.  Works for 3.x and 4.xbeta"
msgstr ""
"Si une connexion Netscape est acceptée, demande un certificat client, "
"possède un CA non auto-signé nâ??ayant pas son CA dans Netscape, et que le "
"navigateur a un certificat, cela provoquera un plantage ou un blocage. "
"Valable pour 3.x et 4.xbeta."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:185
msgid "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"
msgstr "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:189
msgid "SSL_OP_NO_SSLv2"
msgstr "SSL_OP_NO_SSLv2"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:191
msgid "Do not use the SSLv2 protocol."
msgstr "Ne pas utiliser le protocole SSLv2."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:193
msgid "SSL_OP_NO_SSLv3"
msgstr "SSL_OP_NO_SSLv3"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:195
msgid "Do not use the SSLv3 protocol."
msgstr "Ne pas utiliser le protocole SSLv3."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:197
msgid "SSL_OP_NO_TLSv1"
msgstr "SSL_OP_NO_TLSv1"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:199
msgid "Do not use the TLSv1 protocol."
msgstr "Ne pas utiliser le protocole TLSv1."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:201
msgid "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"
msgstr "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:203
msgid ""
"When performing renegotiation as a server, always start a new session (i.e., "
"session resumption requests are only accepted in the initial handshake). "
"This option is not needed for clients."
msgstr ""
"Lors dâ??une renégociation par un serveur, toujours démarrer une nouvelle "
"session (câ??est-à -dire, une requête de reprise de session est seulement "
"acceptée au cours de lâ??initiation initiale de connexion). Cette option nâ??est "
"pas nécessaire pour les clients."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:207
msgid "SSL_OP_NO_TICKET"
msgstr "SSL_OP_NO_TICKET"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:209
msgid ""
"Normally clients and servers will, where possible, transparently make use of "
"RFC4507bis tickets for stateless session resumption."
msgstr ""
"Normalement les clients et serveurs, où câ??est possible, font usage de "
"certificats RFC4507bis de manière transparente pour la reprise dâ??une session "
"sans état."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:212
msgid ""
"If this option is set this functionality is disabled and tickets will not be "
"used by clients or servers."
msgstr ""
"Si cette option est activée, cette fonctionnalité est désactivée et les "
"certificats ne seront pas utilisés par les clients ou serveurs."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:215
msgid "SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION"
msgstr "SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:217
msgid ""
"Allow legacy insecure renegotiation between OpenSSL and unpatched clients or "
"servers. See the B<SECURE RENEGOTIATION> section for more details."
msgstr ""
"Autoriser les anciennes renégociations non sécurisées entre OpenSSL et les "
"clients ou serveurs non protégés. Consultez la section B<REN�GOCIATION "
"S�CURIS�E> pour plus de détails."

#. type: =item
#: C/ssl/SSL_CTX_set_options.pod:220
msgid "SSL_OP_LEGACY_SERVER_CONNECT"
msgstr "SSL_OP_LEGACY_SERVER_CONNECT"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:222
msgid ""
"Allow legacy insecure renegotiation between OpenSSL and unpatched servers "
"B<only>: this option is currently set by default. See the B<SECURE "
"RENEGOTIATION> section for more details."
msgstr ""
"Autoriser les anciennes renégociations non sécurisées entre OpenSSL et les "
"serveurs non protégés B<uniquement>. Cette option est actuellement établie "
"par défaut. Consultez la section B<REN�GOCIATION S�CURIS�E> pour plus de "
"détails."

#. type: =head1
#: C/ssl/SSL_CTX_set_options.pod:228
msgid "SECURE RENEGOTIATION"
msgstr "RENÃ?GOCIATION SÃ?CURISÃ?E"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:230
msgid ""
"OpenSSL 0.9.8m and later always attempts to use secure renegotiation as "
"described in RFC5746. This counters the prefix attack described in "
"CVE-2009-3555 and elsewhere."
msgstr ""
"OpenSSL 0.9.8m et ses versions postérieures essayent dâ??utiliser les "
"renégociations sécurisées comme décrites dans la RFC5746. Cela contre "
"lâ??attaque par préfixe décrite entre autres dans CVE-2009-3555."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:234
msgid ""
"The deprecated and highly broken SSLv2 protocol does not support "
"renegotiation at all: its use is B<strongly> discouraged."
msgstr ""
"Le protocole SSLv2, déprécié et couramment transgressé, ne gère absolument "
"pas les renégociations ; son usage est très B<fortement> déconseillé."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:237
msgid ""
"This attack has far reaching consequences which application writers should "
"be aware of. In the description below an implementation supporting secure "
"renegotiation is referred to as I<patched>. A server not supporting secure "
"renegotiation is referred to as I<unpatched>."
msgstr ""
"Cette attaque est de grande portée et les développeurs dâ??application devrait "
"en tenir compte. Dans la description qui suit une implémentation gérant une "
"renégociation sécurisée est qualifiée de I<protégée>. Un serveur ne prenant "
"pas en charge les renégociations sécurisées est qualifié de I<non protégé>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:242
msgid ""
"The following sections describe the operations permitted by OpenSSL's secure "
"renegotiation implementation."
msgstr ""
"Les sections suivantes décrivent les opérations permises par les "
"implémentations de renégociation sécurisée."

#. type: =head2
#: C/ssl/SSL_CTX_set_options.pod:245
msgid "Patched client and server"
msgstr "Client et serveur protégés"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:247
msgid ""
"Connections and renegotiation are always permitted by OpenSSL "
"implementations."
msgstr ""
"Les connexions et renégociations sont toujours autorisées par les "
"implémentations dâ??OpenSSL."

#. type: =head2
#: C/ssl/SSL_CTX_set_options.pod:249
msgid "Unpatched client and patched OpenSSL server"
msgstr "Client non protégé et serveur OpenSSL protégé"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:251
msgid ""
"The initial connection succeeds but client renegotiation is denied by the "
"server with a B<no_renegotiation> warning alert if TLS v1.0 is used or a "
"fatal B<handshake_failure> alert in SSL v3.0."
msgstr ""
"La connexion initiale réussit mais la renégociation du client est refusée "
"par le serveur avec un message dâ??avertissement B<no_renegotiation> si "
"TLS v1.0 utilisé, ou un message fatal B<handshake_failure> si câ??est SSL v3.0."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:255
msgid ""
"If the patched OpenSSL server attempts to renegotiate a fatal "
"B<handshake_failure> alert is sent. This is because the server code may be "
"unaware of the unpatched nature of the client."
msgstr ""
"Si le serveur OpenSSL protégé essaie de renégocier, un message fatal "
"B<handshake_failure> est envoyé. Cela est dû à  lâ??ignorance du serveur de la "
"nature non protégée du client."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:259
msgid ""
"If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then "
"renegotiation B<always> succeeds."
msgstr ""
"Si lâ??option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> est validée, alors "
"la renégociation réussira B<toujours>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:262
msgid ""
"B<NB:> a bug in OpenSSL clients earlier than 0.9.8m (all of which are "
"unpatched) will result in the connection hanging if it receives a "
"B<no_renegotiation> alert. OpenSSL versions 0.9.8m and later will regard a "
"B<no_renegotiation> alert as fatal and respond with a fatal "
"B<handshake_failure> alert. This is because the OpenSSL API currently has no "
"provision to indicate to an application that a renegotiation attempt was "
"refused."
msgstr ""
"B<Remarque> : un bogue dans les clients OpenSSL antérieurs à  0.9.8m (aucun "
"dâ??entre eux nâ??est protégé) conduira à  un blocage de la connexion si un "
"message B<no_renegotiation> est reçu. Les versions 0.9.8m et ultérieures "
"dâ??OpenSSL considéreront un message B<no_renegotiation> comme fatal et "
"répondront par un message fatal B<handshake_failure>. Câ??est parce "
"quâ??actuellement lâ??API dâ??OpenSSL nâ??a aucun moyen dâ??indiquer à  une application "
"quâ??un essai est refusé."

#. type: =head2
#: C/ssl/SSL_CTX_set_options.pod:270
msgid "Patched OpenSSL client and unpatched server."
msgstr "Client OpenSSL protégé et serveur non protégé."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:272
msgid ""
"If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or "
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then initial connections "
"and renegotiation between patched OpenSSL clients and unpatched servers "
"succeeds. If neither option is set then initial connections to unpatched "
"servers will fail."
msgstr ""
"Si lâ??option B<SSL_OP_LEGACY_SERVER_CONNECT> ou "
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> est établie, les connexions et "
"les renégociations entre les clients OpenSSL et les serveurs non protégés "
"réussiront. Si aucune option nâ??est établie, alors les connexions initiales "
"vers les serveurs non protégés échoueront."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:278
msgid ""
"The option B<SSL_OP_LEGACY_SERVER_CONNECT> is currently set by default even "
"though it has security implications: otherwise it would be impossible to "
"connect to unpatched servers (i.e. all of them initially) and this is "
"clearly not acceptable. Renegotiation is permitted because this does not add "
"any additional security issues: during an attack clients do not see any "
"renegotiations anyway."
msgstr ""
"Lâ??option B<SSL_OP_LEGACY_SERVER_CONNECT> est actuellement établie par défaut "
"même si elle a des implications sur la sécurité : sans quoi il serait "
"impossible de se connecter sur des serveurs non protégés (câ??est-à -dire "
"initialement tous) et cela nâ??est clairement pas acceptable. La renégociation "
"est autorisée parce que cela nâ??ajoute aucun problème de sécurité : pendant "
"une attaque, les clients ne voient de toute façon aucune renégociation."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:285
msgid ""
"As more servers become patched the option B<SSL_OP_LEGACY_SERVER_CONNECT> "
"will B<not> be set by default in a future version of OpenSSL."
msgstr ""
"Comme de plus en plus de serveurs deviennent protégés, lâ??option "
"B<SSL_OP_LEGACY_SERVER_CONNECT> ne sera B<pas> active par défaut dans une "
"future version de OpenSSL."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:288
msgid ""
"OpenSSL client applications wishing to ensure they can connect to unpatched "
"servers should always B<set> B<SSL_OP_LEGACY_SERVER_CONNECT>"
msgstr ""
"Les applications clientes dâ??OpenSSL voulant être sûres de se connecter à  des "
"serveurs non protégés devrait toujours B<activer> "
"B<SSL_OP_LEGACY_SERVER_CONNECT>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:291
msgid ""
"OpenSSL client applications that want to ensure they can B<not> connect to "
"unpatched servers (and thus avoid any security issues) should always "
"B<clear> B<SSL_OP_LEGACY_SERVER_CONNECT> using SSL_CTX_clear_options() or "
"SSL_clear_options()."
msgstr ""
"Les applications clientes dâ??OpenSSL voulant être sûres de ne B<pas> se "
"connecter à des serveurs non protégés (et donc éviter tout problème de "
"sécurité) devraient toujours B<désactiver> B<SSL_OP_LEGACY_SERVER_CONNECT> "
"en utilisant B<SSL_CTX_clear_options>() ou B<SSL_clear_options>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:296
msgid ""
"The difference between the B<SSL_OP_LEGACY_SERVER_CONNECT> and "
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> options is that "
"B<SSL_OP_LEGACY_SERVER_CONNECT> enables initial connections and secure "
"renegotiation between OpenSSL clients and unpatched servers B<only>, while "
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> allows initial connections and "
"renegotiation between OpenSSL and unpatched clients or servers."
msgstr ""
"La différence entre les options B<SSL_OP_LEGACY_SERVER_CONNECT> et "
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> est que "
"B<SSL_OP_LEGACY_SERVER_CONNECT> autorise les connections initiales et "
"renégociation sécurisée entre des clients OpenSSL et B<seulement> des "
"serveurs non protégés, quand B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> "
"autorise des connexions initiales et renégociation sécurisée entre OpenSSL "
"et des clients ou serveurs non protégés."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:305
msgid ""
"SSL_CTX_set_options() and SSL_set_options() return the new options bitmask "
"after adding B<options>."
msgstr ""
"B<SSL_CTX_set_options>() et B<SSL_set_options>() renvoient les nouveaux "
"masquages dâ??options après lâ??ajout dâ??B<options>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:308
msgid ""
"SSL_CTX_clear_options() and SSL_clear_options() return the new options "
"bitmask after clearing B<options>."
msgstr ""
"B<SSL_CTX_clear_options>() et B<SSL_clear_options>() renvoient les nouveaux "
"masquages dâ??options après effacement dâ??B<options>."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:311
msgid "SSL_CTX_get_options() and SSL_get_options() return the current bitmask."
msgstr ""
"B<SSL_CTX_get_options>() et B<SSL_get_options>() renvoient lâ??actuel masquage."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:313
msgid ""
"SSL_get_secure_renegotiation_support() returns 1 is the peer supports secure "
"renegotiation and 0 if it does not."
msgstr ""
"B<SSL_get_secure_renegotiation_support>() renvoie B<1> si le pair prend en "
"charge les renégociations sécurisées et B<0> dans le cas contraire."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:318
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>, "
"L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>, "
"L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>, "
"L<dhparam(1)|dhparam(1)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_new>(3)|SSL_new(3)>, L<B<SSL_clear>(3)|"
"SSL_clear(3)>, L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>, L<B<SSL_CTX_set_tmp_rsa_callback>(3)|"
"SSL_CTX_set_tmp_rsa_callback(3)>, L<B<dhparam>(1)|dhparam(1)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:325
msgid ""
"B<SSL_OP_CIPHER_SERVER_PREFERENCE> and "
"B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in OpenSSL "
"0.9.7."
msgstr ""
"B<SSL_OP_CIPHER_SERVER_PREFERENCE> et "
"B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> ont été ajoutées dans "
"OpenSSLÂ 0.9.7."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:329
msgid ""
"B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was "
"automatically enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer "
"included in B<SSL_OP_ALL> and must be explicitly set."
msgstr ""
"B<SSL_OP_TLS_ROLLBACK_BUG> a été ajoutée dans OpenSSL 0.9.6 et était "
"automatiquement activée avec B<SSL_OP_ALL>. Ã? partir de 0.9.7, elle nâ??est "
"plus incluse dans B<SSL_OP_ALL> et doit être clairement indiquée."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:333
msgid ""
"B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.  "
"Versions up to OpenSSL 0.9.6c do not include the countermeasure that can be "
"disabled with this option (in OpenSSL 0.9.6d, it was always enabled)."
msgstr ""
"B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> a été ajoutée dans OpenSSL 0.9.6e. Les "
"versions jusquâ??Ã  OpenSSLÂ 0.9.6c nâ??incluent pas de contre-mesure qui puisse "
"être désactivée avec cette option (dans OpenSSL 0.9.6d, elle était toujours "
"active)."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:338
msgid ""
"SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL "
"0.9.8m."
msgstr ""
"B<SSL_CTX_clear_options>() et B<SSL_clear_options>() ont été ajoutées la "
"première fois dans OpenSSL 0.9.8m."

#. type: textblock
#: C/ssl/SSL_CTX_set_options.pod:341
msgid ""
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT> "
"and the function SSL_get_secure_renegotiation_support() were first added in "
"OpenSSL 0.9.8m."
msgstr ""
"B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT> "
"et la fonction B<SSL_get_secure_renegotiation_support>() ont été ajoutées la "
"première fois dans OpenSSL 0.9.8m."

#. type: =end
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:3
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:30
msgid "comment"
msgstr "comment"

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:5
msgid "Copyright 2005 Nokia. All rights reserved."
msgstr "Copyright 2005 Nokia. All rights reserved."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:7
msgid ""
"The portions of the attached software (\"Contribution\") is developed by "
"Nokia Corporation and is licensed pursuant to the OpenSSL open source "
"license."
msgstr ""
"The portions of the attached software (\"Contribution\") is developed by "
"Nokia Corporation and is licensed pursuant to the OpenSSL open source "
"license."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:11
msgid ""
"The Contribution, originally written by Mika Kousa and Pasi Eronen of Nokia "
"Corporation, consists of the \"PSK\" (Pre-Shared Key) ciphersuites support "
"(see RFC 4279) to OpenSSL."
msgstr ""
"The Contribution, originally written by Mika Kousa and Pasi Eronen of Nokia "
"Corporation, consists of the \"PSK\" (Pre-Shared Key) ciphersuites support "
"(see RFC 4279) to OpenSSL."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:15
msgid ""
"No patent licenses or other rights except those expressly stated in the "
"OpenSSL open source license shall be deemed granted or received expressly, "
"by implication, estoppel, or otherwise."
msgstr ""
"No patent licenses or other rights except those expressly stated in the "
"OpenSSL open source license shall be deemed granted or received expressly, "
"by implication, estoppel, or otherwise."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:19
msgid ""
"No assurances are provided by Nokia that the Contribution does not infringe "
"the patent or other intellectual property rights of any third party or that "
"the license provides you with all the necessary rights to make use of the "
"Contribution."
msgstr ""
"No assurances are provided by Nokia that the Contribution does not infringe "
"the patent or other intellectual property rights of any third party or that "
"the license provides you with all the necessary rights to make use of the "
"Contribution."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:24
msgid ""
"THE SOFTWARE IS PROVIDED \"AS IS\" WITHOUT WARRANTY OF ANY KIND. IN ADDITION "
"TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA SPECIFICALLY DISCLAIMS ANY "
"LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY OTHER ENTITY BASED ON "
"INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR OTHERWISE."
msgstr ""
"THE SOFTWARE IS PROVIDED \"AS IS\" WITHOUT WARRANTY OF ANY KIND. IN ADDITION "
"TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA SPECIFICALLY DISCLAIMS ANY "
"LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY OTHER ENTITY BASED ON "
"INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR OTHERWISE."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:34
msgid ""
"SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK "
"client callback"
msgstr ""
"SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - Définir un "
"rappel client PSK"

#. type: verbatim
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:40
#, no-wrap
msgid ""
" void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,\n"
"\tunsigned int (*callback)(SSL *ssl, const char *hint,\n"
"\tchar *identity, unsigned int max_identity_len,\n"
"\tunsigned char *psk, unsigned int max_psk_len));\n"
" void SSL_set_psk_client_callback(SSL *ssl,\n"
"\tunsigned int (*callback)(SSL *ssl, const char *hint,\n"
"\tchar *identity, unsigned int max_identity_len,\n"
" \tunsigned char *psk, unsigned int max_psk_len));\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_psk_client_callback(SSL_CTX *>I<ctx>B<,>\n"
" \tB<unsigned int (*>I<callback>B<)(SSL *>I<ssl>B<, const char *>I<hint>B<,>\n"
" \tB<char *>I<identity>B<, unsigned int> I<max_identity_len>B<,>\n"
" \tB<unsigned char *>I<psk>B<, unsigned int> I<max_psk_len>B<));>\n"
" B<void SSL_set_psk_client_callback(SSL *>I<ssl>B<,>\n"
" \tB<unsigned int (*>I<callback>B<)(SSL *>I<ssl>B<, const char *>I<hint>B<,>\n"
" \tB<char *>I<identity>B<, unsigned int> I<max_identity_len>B<,>\n"
" \tB<unsigned char *>I<psk>B<, unsigned int> I<max_psk_len>B<));>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:52
msgid ""
"A client application must provide a callback function which is called when "
"the client is sending the ClientKeyExchange message to the server."
msgstr ""
"Une application cliente doit fournir une fonction de rappel qui est appelée "
"quand le client envoie le message ClientKeyExchange au serveur."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:55
msgid ""
"The purpose of the callback function is to select the PSK identity and the "
"pre-shared key to use during the connection setup phase."
msgstr ""
"Le but de cette fonction de rappel est de sélectionner l'identité PSK et la "
"clef prépartagée à utiliser pendant la phase de configuration de connexion."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:58
msgid ""
"The callback is set using functions SSL_CTX_set_psk_client_callback()  or "
"SSL_set_psk_client_callback(). The callback function is given the connection "
"in parameter B<ssl>, a B<NULL>-terminated PSK identity hint sent by the "
"server in parameter B<hint>, a buffer B<identity> of length "
"B<max_identity_len> bytes where the the resulting B<NULL>-terminated "
"identity is to be stored, and a buffer B<psk> of length B<max_psk_len> bytes "
"where the resulting pre-shared key is to be stored."
msgstr ""
"Le rappel est défini en utilisant les fonctions "
"B<SSL_CTX_set_psk_client_callback>() ou B<SSL_set_psk_client_callback>(). Ã? "
"la fonction de rappel, sont fournis : la connexion dans le paramètre I<ssl>, "
"un indice d'identité PSK terminé par B<NULL> envoyé par le serveur dans le "
"paramètre I<hint>, un tampon I<identity> de taille "
"I<max_identity_len> octets où l'identité terminée par B<NULL> résultante "
"sera stockée, et un tampon I<psk> de taille I<max_psk_len> octets où la clef "
"prépartagée résultante sera stockée."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:69
msgid "Note that parameter B<hint> given to the callback may be B<NULL>."
msgstr ""
"Remarquez que le paramètre I<hint> donné au rappel pourrait être B<NULL>."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:73
msgid "Return values from the client callback are interpreted as follows:"
msgstr "Les valeurs de retour du rappel client sont interprétées comme suit."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:75
msgid ""
"On success (callback found a PSK identity and a pre-shared key to use)  the "
"length (> 0) of B<psk> in bytes is returned."
msgstr ""
"En cas de réussite (le rappel a trouvé une identité PSK et une clef "
"prépartagée à utiliser), la taille (> 0) de I<psk> en octet est renvoyée."

#. type: textblock
#: C/ssl/SSL_CTX_set_psk_client_callback.pod:78
msgid ""
"Otherwise or on errors callback should return 0. In this case the connection "
"setup fails."
msgstr ""
"Sinon, ou en cas d'erreur, le rappel devrait renvoyer 0. Dans ce cas, la "
"configuration de connexion échoue."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:5
msgid ""
"SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, "
"SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown "
"behaviour"
msgstr ""
"SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, "
"SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - Manipuler le comportement "
"de lâ??arrêt"

#. type: verbatim
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);\n"
" int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_quiet_shutdown(SSL_CTX *>I<ctx>B<, int> I<mode>B<);>\n"
" B<int SSL_CTX_get_quiet_shutdown(const SSL_CTX *>I<ctx>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:14
#, no-wrap
msgid ""
" void SSL_set_quiet_shutdown(SSL *ssl, int mode);\n"
" int SSL_get_quiet_shutdown(const SSL *ssl);\n"
"\n"
msgstr ""
"B< void SSL_set_quiet_shutdown(SSL *>I<ssl>B<, int> I<mode>B<);>\n"
" B<int SSL_get_quiet_shutdown(const SSL *>I<ssl>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:19
msgid ""
"SSL_CTX_set_quiet_shutdown() sets the \"quiet shutdown\" flag for B<ctx> to "
"be B<mode>. SSL objects created from B<ctx> inherit the B<mode> valid at the "
"time L<SSL_new(3)|SSL_new(3)> is called. B<mode> may be 0 or 1."
msgstr ""
"B<SSL_CTX_set_quiet_shutdown>() définit lâ??attribut « arrêt sûr » pour I<ctx> "
"à I<mode>. Les objets SSL créés à partir de I<ctx> héritent du I<mode> "
"valable au moment de lâ??appel de L<B<SSL_new>(3)|SSL_new(3)>. I<mode> peut "
"être B<0> ou B<1>."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:23
msgid ""
"SSL_CTX_get_quiet_shutdown() returns the \"quiet shutdown\" setting of "
"B<ctx>."
msgstr ""
"B<SSL_CTX_get_quiet_shutdown>() renvoie le réglage de « arrêt sûr » de "
"I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:25
msgid ""
"SSL_set_quiet_shutdown() sets the \"quiet shutdown\" flag for B<ssl> to be "
"B<mode>. The setting stays valid until B<ssl> is removed with L<SSL_free(3)|"
"SSL_free(3)> or SSL_set_quiet_shutdown() is called again.  It is not changed "
"when L<SSL_clear(3)|SSL_clear(3)> is called.  B<mode> may be 0 or 1."
msgstr ""
"B<SSL_set_quiet_shutdown>() définit lâ??attribut « arrêt sûr » pour I<ssl> à  "
"I<mode>. Le réglage reste valable jusquâ??à  ce que I<ssl> soit supprimé avec "
"L<B<SSL_free>(3)|SSL_free(3)> ou que B<SSL_set_quiet_shutdown>() soit de "
"nouveau appelé. Lâ??attribut nâ??est pas changé lorsque L<B<SSL_clear>(3)|"
"SSL_clear(3)> est appelé. I<mode> peut être B<0> ou B<1>."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:31
msgid ""
"SSL_get_quiet_shutdown() returns the \"quiet shutdown\" setting of B<ssl>."
msgstr ""
"B<SSL_get_quiet_shutdown>() renvoie le réglage de « arrêt sûr » de I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:35
msgid ""
"Normally when a SSL connection is finished, the parties must send out "
"\"close notify\" alert messages using L<SSL_shutdown(3)|SSL_shutdown(3)> for "
"a clean shutdown."
msgstr ""
"Normalement quand une connexion SSL est terminée, les éléments doivent "
"envoyer des messages « notification dâ??arrêt » en utilisant "
"L<B<SSL_shutdown>(3)|SSL_shutdown(3)> pour un arrêt propre."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:39
msgid ""
"When setting the \"quiet shutdown\" flag to 1, L<SSL_shutdown(3)|"
"SSL_shutdown(3)> will set the internal flags to SSL_SENT_SHUTDOWN|"
"SSL_RECEIVED_SHUTDOWN.  (L<SSL_shutdown(3)|SSL_shutdown(3)> then behaves "
"like L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> called with "
"SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.)  The session is thus considered to "
"be shutdown, but no \"close notify\" alert is sent to the peer. This "
"behaviour violates the TLS standard."
msgstr ""
"Lors du réglage de lâ??attribut « arrêt sûr » à  B<1>, L<B<SSL_shutdown>(3)|"
"SSL_shutdown(3)> définira les attributs internes de SSL_SENT_SHUTDOWN|"
"SSL_RECEIVED_SHUTDOWN. (L<B<SSL_shutdown>(3)|SSL_shutdown(3)> se comporte "
"alors comme L<B<SSL_set_shutdown>(3)|SSL_set_shutdown(3)> appelée avec "
"SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) La session est par conséquent "
"considérée comme terminée, mais aucun message « notification dâ??arrêt » nâ??est "
"envoyé au pair. Cela transgresse la norme TLS."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:47
msgid ""
"The default is normal shutdown behaviour as described by the TLS standard."
msgstr ""
"Par défaut, le comportement lâ??arrêt est celui décrit dans la norme TLS."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:51
msgid ""
"SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return "
"diagnostic information."
msgstr ""
"B<SSL_CTX_set_quiet_shutdown>() et B<SSL_set_quiet_shutdown>() ne renvoient "
"pas dâ??information de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:54
msgid ""
"SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current "
"setting."
msgstr ""
"B<SSL_CTX_get_quiet_shutdown>() et B<SSL_get_quiet_shutdown> renvoient le "
"réglage actuel."

#. type: textblock
#: C/ssl/SSL_CTX_set_quiet_shutdown.pod:59
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|"
"SSL_set_shutdown(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|"
"SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_shutdown>(3)|SSL_shutdown(3)>, "
"L<B<SSL_set_shutdown>(3)|SSL_set_shutdown(3)>, L<B<SSL_new>(3)|SSL_new(3)>, "
"L<B<SSL_clear>(3)|SSL_clear(3)>, L<B<SSL_free>(3)|SSL_free(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:5
msgid ""
"SSL_CTX_set_read_ahead, SSL_CTX_set_default_read_ahead, "
"SSL_CTX_get_read_ahead, SSL_CTX_get_default_read_ahead, SSL_set_read_ahead, "
"SSL_get_read_ahead - manage whether to read as many input bytes as possible"
msgstr ""
"SSL_CTX_set_read_ahead, SSL_CTX_set_default_read_ahead, "
"SSL_CTX_get_read_ahead, SSL_CTX_get_default_read_ahead, SSL_set_read_ahead, "
"SSL_get_read_ahead - Décider de la lecture dâ??autant dâ??octets dâ??entrée que "
"possibles"

#. type: verbatim
#: C/ssl/SSL_CTX_set_read_ahead.pod:13
#, no-wrap
msgid ""
" int SSL_get_read_ahead(const SSL *s);\n"
" void SSL_set_read_ahead(SSL *s, int yes);\n"
"\n"
msgstr ""
"B< int SSL_get_read_ahead(const SSL *s);>\n"
" B<void SSL_set_read_ahead(SSL *s, int> I<yes>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_read_ahead.pod:16
#, no-wrap
msgid ""
" #define SSL_CTX_get_default_read_ahead(ctx)\n"
" #define SSL_CTX_set_default_read_ahead(ctx,m)\n"
" #define SSL_CTX_get_read_ahead(ctx)\n"
" #define SSL_CTX_set_read_ahead(ctx,m)\n"
"\n"
msgstr ""
"B< #define SSL_CTX_get_default_read_ahead(ctx)>\n"
" B<#define SSL_CTX_set_default_read_ahead(ctx,>I<m>B<)>\n"
" B<#define SSL_CTX_get_read_ahead(ctx)>\n"
" B<#define SSL_CTX_set_read_ahead(ctx,>I<m>B<)>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:23
msgid ""
"SSL_CTX_set_read_ahead() and SSL_set_read_ahead() set whether we should read "
"as many input bytes as possible (for non-blocking reads) or not. For example "
"if B<x> bytes are currently required by OpenSSL, but B<y> bytes are "
"available from the underlying BIO (where B<y> > B<x>), then OpenSSL will "
"read all B<y> bytes into its buffer (providing that the buffer is large "
"enough) if reading ahead is on, or B<x> bytes otherwise. The parameter "
"B<yes> or B<m> should be 0 to ensure reading ahead is off, or non zero "
"otherwise."
msgstr ""
"B<SSL_CTX_set_read_ahead>() et B<SSL_set_read_ahead>() définissent si autant "
"dâ??octets que possibles doivent être lus ou pas (pour les lectures non "
"bloquantes). Par exemple, si I<x> octets sont demandés par OpenSSL, mais que "
"I<y> octets sont disponibles dans le BIO en cause (où I<y> > I<x>), alors "
"OpenSSL lira tous les I<y>Â octets dans son tampon (pourvu que le tampon soit "
"suffisamment grand) si la lecture complète est activée, ou I<x> octets dans "
"le cas contraire. Les paramètres I<yes> ou I<m> doivent être à B<0> pour "
"être sûr que la lecture complète soit désactivée, ou différent de zéro pour "
"le contraire."

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:31
msgid ""
"SSL_CTX_set_default_read_ahead is a synonym for SSL_CTX_set_read_ahead, and "
"SSL_CTX_get_default_read_ahead is a synonym for SSL_CTX_get_read_ahead."
msgstr ""
"B<SSL_CTX_set_default_read_ahead> est un synonyme de "
"B<SSL_CTX_set_read_ahead>, et B<SSL_CTX_get_default_read_ahead> pour "
"B<SSL_CTX_get_read_ahead>."

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:34
msgid ""
"SSL_CTX_get_read_ahead() and SSL_get_read_ahead() indicate whether reading "
"ahead has been set or not."
msgstr ""
"B<SSL_CTX_get_read_ahead>() et B<SSL_get_read_ahead>() précisent si la "
"lecture complète a été activée ou non."

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:39
msgid ""
"These functions have no impact when used with DTLS. The return values for "
"SSL_CTX_get_read_head() and SSL_get_read_ahead() are undefined for DTLS."
msgstr ""
"Ces fonctions nâ??ont aucun impact si elles sont utilisées avec DTLS. Les "
"valeurs de retour avec DTLS de B<SSL_CTX_get_read_head>() et "
"B<SSL_get_read_ahead>() sont indéterminées."

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:44
msgid ""
"SSL_get_read_ahead and SSL_CTX_get_read_ahead return 0 if reading ahead is "
"off, and non zero otherwise."
msgstr ""
"B<SSL_get_read_ahead> et B<SSL_CTX_get_read_ahead> renvoient B<0> si la "
"lecture complète est désactivée et une valeur différente de zéro dans le cas "
"contraire."

#. type: textblock
#: C/ssl/SSL_CTX_set_read_ahead.pod:49
#: C/ssl/SSL_CTX_set_session_id_context.pod:81
msgid "L<ssl(3)|ssl(3)>"
msgstr "L<B<ssl>(3)|ssl(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:5
msgid ""
"SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/"
"disable session caching"
msgstr ""
"SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - Activer ou "
"désactiver la mise en cache de session"

#. type: verbatim
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);\n"
" long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_session_cache_mode(SSL_CTX> I<ctx>B<, long> I<mode>B<);>\n"
" B<long SSL_CTX_get_session_cache_mode(SSL_CTX> I<ctx>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:16
msgid ""
"SSL_CTX_set_session_cache_mode() enables/disables session caching by setting "
"the operational mode for B<ctx> to <mode>."
msgstr ""
"B<SSL_CTX_set_session_cache_mode>() permet ou pas la mise en cache de "
"session en définissant le mode opérationnel pour I<ctx> à I<mode>."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:19
msgid "SSL_CTX_get_session_cache_mode() returns the currently used cache mode."
msgstr "B<SSL_CTX_get_session_cache_mode>() renvoie le mode actuel du cache."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:23
msgid ""
"The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse.  "
"The sessions can be held in memory for each B<ctx>, if more than one SSL_CTX "
"object is being maintained, the sessions are unique for each SSL_CTX object."
msgstr ""
"La bibliothèque OpenSSL peut mémoriser ou extraire des sessions SSL/TLS pour "
"usage ultérieur. Les sessions peuvent être gardées en mémoire pour chaque "
"I<ctx>, si plus dâ??un objet SSL_CTX est conservé. Celui-ci nâ??a quâ??une seule "
"session."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:28
msgid ""
"In order to reuse a session, a client must send the session's id to the "
"server. It can only send exactly one id.  The server then either agrees to "
"reuse the session or it starts a full handshake (to create a new session)."
msgstr ""
"Pour réutiliser une session, un client doit envoyer lâ??identifiant de session "
"au serveur. Il ne peut envoyer quâ??un seul identifiant. Le serveur choisit "
"soit de réutiliser la session, soit de lancer une initialisation de "
"connexion complète (pour créer une nouvelle session)."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:33
msgid ""
"A server will lookup up the session in its internal session storage. If the "
"session is not found in internal storage or lookups for the internal storage "
"have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will "
"try the external storage if available."
msgstr ""
"Un serveur recherchera la session dans son stockage interne de sessions. Si "
"la session nâ??est pas trouvée dans le stockage interne ou que la recherche "
"pour le stockage interne a été désactivée "
"(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), le serveur essaiera dans le stockage "
"externe sâ??il est disponible."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:38
msgid ""
"Since a client may try to reuse a session intended for use in a different "
"context, the session id context must be set by the server (see "
"L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>)."
msgstr ""
"Puisquâ??un client peut essayer de réutiliser la session pour lâ??utiliser dans "
"un contexte différent, lâ??identifiant de session du contexte doit être défini "
"par le serveur (consultez L<B<SSL_CTX_set_session_id_context>(3)|"
"SSL_CTX_set_session_id_context(3)>)."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:42
msgid "The following session cache modes and modifiers are available:"
msgstr ""
"Les modes et modificateurs de cache de session suivants sont disponibles."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:46
msgid "SSL_SESS_CACHE_OFF"
msgstr "SSL_SESS_CACHE_OFF"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:48
msgid "No session caching for client or server takes place."
msgstr "Pas de mise en cache de session pour le client ou le serveur."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:50
msgid "SSL_SESS_CACHE_CLIENT"
msgstr "SSL_SESS_CACHE_CLIENT"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:52
msgid ""
"Client sessions are added to the session cache. As there is no reliable way "
"for the OpenSSL library to know whether a session should be reused or which "
"session to choose (due to the abstract BIO layer the SSL engine does not "
"have details about the connection), the application must select the session "
"to be reused by using the L<SSL_set_session(3)|SSL_set_session(3)> function. "
"This option is not activated by default."
msgstr ""
"Les sessions de client sont ajoutées au cache de session. Comme il nâ??est pas "
"possible pour la bibliothèque OpenSSL de savoir si une session sera "
"réutilisée ou quelle session choisir (à cause de la couche d'abstraction du "
"BIO, le moteur SSL ne connait pas de détail sur la connexion), lâ??application "
"doit choisir la session à réutiliser en utilisant la fonction "
"L<B<SSL_set_session>(3)|SSL_set_session(3)>. Cette option nâ??est pas activée "
"par défaut."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:59
msgid "SSL_SESS_CACHE_SERVER"
msgstr "SSL_SESS_CACHE_SERVER"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:61
msgid ""
"Server sessions are added to the session cache. When a client proposes a "
"session to be reused, the server looks for the corresponding session in "
"(first)  the internal session cache (unless "
"SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set), then (second) in the external "
"cache if available. If the session is found, the server will try to reuse "
"the session.  This is the default."
msgstr ""
"Les sessions du serveur sont ajoutées au cache de session. Quand le client "
"propose de réutiliser une session, le serveur recherche en premier la "
"session correspondante dans le cache interne de session (Ã  moins que "
"SSL_SESS_CACHE_NO_INTERNAL_LOOKUP soit établie), puis dans le cache externe "
"sâ??il est disponible. Si la session est trouvée, le serveur essayera de "
"réutiliser la session. Câ??est lâ??action par défaut."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:67
msgid "SSL_SESS_CACHE_BOTH"
msgstr "SSL_SESS_CACHE_BOTH"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:69
msgid ""
"Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time."
msgstr "Activer SSL_SESS_CACHE_CLIENT et SSL_SESS_CACHE_SERVER en même temps."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:71
msgid "SSL_SESS_CACHE_NO_AUTO_CLEAR"
msgstr "SSL_SESS_CACHE_NO_AUTO_CLEAR"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:73
msgid ""
"Normally the session cache is checked for expired sessions every 255 "
"connections using the L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> "
"function. Since this may lead to a delay which cannot be controlled, the "
"automatic flushing may be disabled and L<SSL_CTX_flush_sessions(3)|"
"SSL_CTX_flush_sessions(3)> can be called explicitly by the application."
msgstr ""
"Normalement, les sessions expirées sont recherchées dans le cache de session "
"toutes les 255 connexions en utilisant la fonction "
"L<B<SSL_CTX_flush_sessions>(3)|SSL_CTX_flush_sessions(3)>. Comme cela peut "
"mener à un délai non contrôlable, la suppression automatique peut être "
"désactivée et L<B<SSL_CTX_flush_sessions>(3)|SSL_CTX_flush_sessions(3)> peut "
"être explicitement demandée par lâ??application."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:81
msgid "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP"
msgstr "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:83
msgid ""
"By setting this flag, session-resume operations in an SSL/TLS server will "
"not automatically look up sessions in the internal cache, even if sessions "
"are automatically stored there. If external session caching callbacks are in "
"use, this flag guarantees that all lookups are directed to the external "
"cache.  As automatic lookup only applies for SSL/TLS servers, the flag has "
"no effect on clients."
msgstr ""
"Avec cet attribut, les opérations de redémarrage de session dans un serveur "
"SSL/TLS ne rechercheront pas automatiquement des sessions dans le cache "
"interne, même si des sessions sont automatiquement stockées dedans. Si des "
"rappels de mise en cache externe de session sont utilisés, cet attribut "
"garantit que les recherches sont directement dirigées vers le cache externe."
"Comme la recherche automatique sâ??applique uniquement sur les serveurs SSL/"
"TLS, lâ??attribut nâ??a aucun effet sur les clients."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:90
msgid "SSL_SESS_CACHE_NO_INTERNAL_STORE"
msgstr "SSL_SESS_CACHE_NO_INTERNAL_STORE"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:92
msgid ""
"Depending on the presence of SSL_SESS_CACHE_CLIENT and/or "
"SSL_SESS_CACHE_SERVER, sessions negotiated in an SSL/TLS handshake may be "
"cached for possible reuse.  Normally a new session is added to the internal "
"cache as well as any external session caching (callback) that is configured "
"for the SSL_CTX. This flag will prevent sessions being stored in the "
"internal cache (though the application can add them manually using "
"L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>). Note: in any SSL/TLS "
"servers where external caching is configured, any successful session lookups "
"in the external cache (ie. for session-resume requests) would normally be "
"copied into the local cache before processing continues - this flag prevents "
"these additions to the internal cache as well."
msgstr ""
"En fonction de la présence de SSL_SESS_CACHE_CLIENT et/ou "
"SSL_SESS_CACHE_SERVER, les sessions négociées dans une initialisation de "
"connexion SSL/TLS peuvent être mise en cache pour une possible "
"réutilisation. Normalement, une nouvelle session est ajoutée dans le cache "
"interne, ainsi que pour nâ??importe quelle mise en cache externe de session "
"(rappel) qui est configurée, pour le SSL_CTX. Cet attribut empêche les "
"sessions dâ??être stockées dans le cache interne (bien que lâ??application "
"puisse les ajouter manuellement en utilisant L<B<SSL_CTX_add_session>(3)|"
"SSL_CTX_add_session(3)>). Note : dans tous les serveurs SSL/TLS où la mise "
"en cache externe est configurée, toute recherche de session réussie dans le "
"cache externe (pour une requête de reprise de session) devrait normalement "
"être copiée dans le cache local avant tout traitement ultérieur ; cet "
"attribut empêche aussi son ajout dans le cache interne."

#. type: =item
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:103
msgid "SSL_SESS_CACHE_NO_INTERNAL"
msgstr "SSL_SESS_CACHE_NO_INTERNAL"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:105
msgid ""
"Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and "
"SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time."
msgstr ""
"Activer SSL_SESS_CACHE_NO_INTERNAL_LOOKUP et "
"SSL_SESS_CACHE_NO_INTERNAL_STORE en même temps."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:111
msgid "The default mode is SSL_SESS_CACHE_SERVER."
msgstr "Le mode par défaut est SSL_SESS_CACHE_SERVER."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:115
msgid "SSL_CTX_set_session_cache_mode() returns the previously set cache mode."
msgstr ""
"B<SSL_CTX_set_session_cache_mode>() renvoie le précédent mode du cache."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:117
msgid "SSL_CTX_get_session_cache_mode() returns the currently set cache mode."
msgstr "B<SSL_CTX_get_session_cache_mode>() renvoie lâ??actuel mode du cache."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:122
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>, "
"L<SSL_session_reused(3)|SSL_session_reused(3)>, L<SSL_CTX_add_session(3)|"
"SSL_CTX_add_session(3)>, L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, "
"L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>, "
"L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, "
"L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>, "
"L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, "
"L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_set_session>(3)|SSL_set_session(3)>, "
"L<B<SSL_session_reused>(3)|SSL_session_reused(3)>, "
"L<B<SSL_CTX_add_session>(3)|SSL_CTX_add_session(3)>, "
"L<B<SSL_CTX_sess_number>(3)|SSL_CTX_sess_number(3)>, "
"L<B<SSL_CTX_sess_set_cache_size>(3)|SSL_CTX_sess_set_cache_size(3)>, "
"L<B<SSL_CTX_sess_set_get_cb>(3)|SSL_CTX_sess_set_get_cb(3)>, "
"L<B<SSL_CTX_set_session_id_context>(3)|SSL_CTX_set_session_id_context(3)>, "
"L<B<SSL_CTX_set_timeout>(3)|SSL_CTX_set_timeout(3)>, "
"L<B<SSL_CTX_flush_sessions>(3)|SSL_CTX_flush_sessions(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_cache_mode.pod:134
msgid ""
"SSL_SESS_CACHE_NO_INTERNAL_STORE and SSL_SESS_CACHE_NO_INTERNAL were "
"introduced in OpenSSL 0.9.6h."
msgstr ""
"SSL_SESS_CACHE_NO_INTERNAL_STORE et SSL_SESS_CACHE_NO_INTERNAL ont été "
"introduits dans OpenSSLÂ 0.9.6h."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:5
msgid ""
"SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context "
"within which session can be reused (server side only)"
msgstr ""
"SSL_CTX_set_session_id_context, SSL_set_session_id_context - Définir le "
"contexte dans lequel la session peut être réutilisée (seulement du coté "
"serveur)"

#. type: verbatim
#: C/ssl/SSL_CTX_set_session_id_context.pod:11
#, no-wrap
msgid ""
" int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,\n"
"                                    unsigned int sid_ctx_len);\n"
" int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,\n"
"                                unsigned int sid_ctx_len);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set_session_id_context(SSL_CTX *>I<ctx>B<, const unsigned char *>I<sid_ctx>B<,>\n"
"                                    B<unsigned int> I<sid_ctx_len>B<);>\n"
" B<int SSL_set_session_id_context(SSL *>I<ssl>B<, const unsigned char *>I<sid_ctx>B<,>\n"
"                                B<unsigned int> I<sid_ctx_len>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:18
msgid ""
"SSL_CTX_set_session_id_context() sets the context B<sid_ctx> of length "
"B<sid_ctx_len> within which a session can be reused for the B<ctx> object."
msgstr ""
"B<SSL_CTX_set_session_id_context>() définit le contexte I<sid_ctx> de "
"longueur I<sid_ctx_len> dans lequel une session peut être réutilisée pour "
"lâ??objet I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:21
msgid ""
"SSL_set_session_id_context() sets the context B<sid_ctx> of length "
"B<sid_ctx_len> within which a session can be reused for the B<ssl> object."
msgstr ""
"B<SSL_set_session_id_context>() définit le contexte I<sid_ctx> de longueur "
"I<sid_ctx_len> dans lequel une session peut être réutilisée pour lâ??objet "
"I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:26
msgid ""
"Sessions are generated within a certain context. When exporting/importing "
"sessions with B<i2d_SSL_SESSION>/B<d2i_SSL_SESSION> it would be possible, to "
"re-import a session generated from another context (e.g. another "
"application), which might lead to malfunctions. Therefore each application "
"must set its own session id context B<sid_ctx> which is used to distinguish "
"the contexts and is stored in exported sessions. The B<sid_ctx> can be any "
"kind of binary data with a given length, it is therefore possible to use e."
"g. the name of the application and/or the hostname and/or service name ..."
msgstr ""
"Les sessions sont créées à  lâ??intérieur dâ??un certain contexte. Lors de "
"lâ??importation ou exportation de session avec B<i2d_SSL_SESSION> ou "
"B<d2i_SSL_SESSION>, il serait possible de réimporter une session créée à "
"partir dâ??un autre contexte (câ??est-Ã -dire, une autre application), qui "
"pourrait amener des défaillances. Par conséquent chaque application doit "
"définir son propre contexte dâ??identifiant de session I<sid_ctx> qui est "
"utilisé pour différencier les contextes et est stocké dans les sessions "
"exportées. I<sid_ctx> peut être nâ??importe quelle donnée binaire avec une "
"longueur donnée, et donc il est possible dâ??utiliser par exemple le nom de "
"lâ??application et/ou le nom dâ??hôte et/ou le nom du serviceâ?¦"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:36
msgid ""
"The session id context becomes part of the session. The session id context "
"is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and "
"SSL_set_session_id_context() functions are therefore only useful on the "
"server side."
msgstr ""
"Le contexte dâ??identifiant de session devient partie de la session. Il est "
"défini par le serveur SSL/TSL. Les fonctions "
"B<SSL_CTX_set_session_id_context>() et B<SSL_set_session_id_context>() sont "
"donc seulement utiles du coté serveur."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:41
msgid ""
"OpenSSL clients will check the session id context returned by the server "
"when reusing a session."
msgstr ""
"Les clients OpenSSL vérifieront le contexte dâ??identifiant de session renvoyé "
"par le serveur lors de la réutilisation dâ??une session."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:44
msgid ""
"The maximum length of the B<sid_ctx> is limited to "
"B<SSL_MAX_SSL_SESSION_ID_LENGTH>."
msgstr ""
"La longueur maximale de I<sid_ctx> est B<SSL_MAX_SSL_SESSION_ID_LENGTH>."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:49
msgid ""
"If the session id context is not set on an SSL/TLS server and client "
"certificates are used, stored sessions will not be reused but a fatal error "
"will be flagged and the handshake will fail."
msgstr ""
"Si le contexte dâ??identifiant de session nâ??est pas défini sur un serveur SSL/"
"TLS et que les certificats sont utilisés, les sessions stockées ne seront "
"pas réutilisées, mais une erreur fatale sera signalée et lâ??initialisation de "
"connexion échouera."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:54
msgid ""
"If a server returns a different session id context to an OpenSSL client when "
"reusing a session, an error will be flagged and the handshake will fail. "
"OpenSSL servers will always return the correct session id context, as an "
"OpenSSL server checks the session id context itself before reusing a session "
"as described above."
msgstr ""
"Si un serveur renvoie un contexte différent dâ??identifiant de session à  un "
"client OpenSSL réutilisant une session, une erreur sera signalée et "
"lâ??initialisation de connexion échouera. Les serveurs OpenSSL renvoient "
"lâ??exact contexte dâ??identifiant de connexion, puisquâ??ils contrôlent le "
"contexte dâ??identifiant de connexion avant de réutiliser une session comme "
"décrit ci-dessus."

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:62
msgid ""
"SSL_CTX_set_session_id_context() and SSL_set_session_id_context()  return "
"the following values:"
msgstr ""
"B<SSL_CTX_set_session_id_context>() et B<SSL_set_session_id_context>() "
"renvoient les valeurs suivantes :"

#. type: textblock
#: C/ssl/SSL_CTX_set_session_id_context.pod:69
msgid ""
"The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded the "
"maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error is "
"logged to the error stack."
msgstr ""
"La longueur I<sid_ctx_len> du contexte dâ??identifiant de session I<sid_ctx> "
"dépasse la longueur maximale allouée de B<SSL_MAX_SSL_SESSION_ID_LENGTH>. "
"Lâ??erreur est journalisée dans la pile dâ??erreurs."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:5
msgid ""
"SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method - choose a "
"new TLS/SSL method"
msgstr ""
"SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method - Choisir "
"une nouvelle méthode TLS ou SSL"

#. type: verbatim
#: C/ssl/SSL_CTX_set_ssl_version.pod:12
#, no-wrap
msgid ""
" int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);\n"
" int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);\n"
" const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);\n"
"\n"
msgstr ""
"B< int SSL_CTX_set_ssl_version(SSL_CTX *>I<ctx>B<, const SSL_METHOD *>I<method>B<);>\n"
" B<int SSL_set_ssl_method(SSL *>I<s>B<, const SSL_METHOD *>I<method>B<);>\n"
" B<const SSL_METHOD *SSL_get_ssl_method(SSL *>I<ssl>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:18
msgid ""
"SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL "
"objects newly created from this B<ctx>. SSL objects already created with "
"L<SSL_new(3)|SSL_new(3)> are not affected, except when L<SSL_clear(3)|"
"SSL_clear(3)> is being called."
msgstr ""
"B<SSL_CTX_set_ssl_version>() définit une nouvelle I<method> TLS ou SSL par "
"défaut pour les objets SSL nouvellement créés à partir de ce I<ctx>. Les "
"objets SSL déjà créés avec L<B<SSL_new>(3)|SSL_new(3)> ne sont pas "
"concernés, sauf si L<B<SSL_clear>(3)|SSL_clear(3)> est appelée."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:23
msgid ""
"SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl> "
"object. It may be reset, when SSL_clear() is called."
msgstr ""
"B<SSL_set_ssl_method>() définit une nouvelle I<method> TLS ou SSL pour un "
"objet I<ssl> spécifique. Elle pourrait être redéfinie si B<SSL_clear>() est "
"appelé."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:26
msgid ""
"SSL_get_ssl_method() returns a function pointer to the TLS/SSL method set in "
"B<ssl>."
msgstr ""
"B<SSL_get_ssl_method>() renvoie un pointeur de fonction vers la méthode TLS "
"ou SSL définie en I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:31
msgid ""
"The available B<method> choices are described in L<SSL_CTX_new(3)|"
"SSL_CTX_new(3)>."
msgstr ""
"Les possibilités de I<method> disponibles sont décrites en "
"L<B<SSL_CTX_new>(3)|SSL_CTX_new(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:34
msgid ""
"When L<SSL_clear(3)|SSL_clear(3)> is called and no session is connected to "
"an SSL object, the method of the SSL object is reset to the method currently "
"set in the corresponding SSL_CTX object."
msgstr ""
"Quand L<B<SSL_clear>(3)|SSL_clear(3)> est appelée et qu'aucune session n'est "
"connectée à un objet SSL, la méthode de l'objet SSL est redéfinie à la "
"méthode actuellement définie dans l'objet SSL_CTX correspondant."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:40
msgid ""
"The following return values can occur for SSL_CTX_set_ssl_version()  and "
"SSL_set_ssl_method():"
msgstr ""
"Les valeurs suivantes peuvent être renvoyées pour "
"B<SSL_CTX_set_ssl_version>() et B<SSL_set_ssl_method>()."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:47
msgid "The new choice failed, check the error stack to find out the reason."
msgstr ""
"Le nouveau choix a échoué, vérifiez la pile d'erreur pour découvrir la "
"raison."

#. type: textblock
#: C/ssl/SSL_CTX_set_ssl_version.pod:57
msgid ""
"L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|"
"SSL_clear(3)>, L<ssl(3)|ssl(3)>, L<SSL_set_connect_state(3)|"
"SSL_set_connect_state(3)>"
msgstr ""
"L<B<SSL_CTX_new>(3)|SSL_CTX_new(3)>, L<B<SSL_new>(3)|SSL_new(3)>, "
"L<B<SSL_clear>(3)|SSL_clear(3)>, L<B<ssl>(3)|ssl(3)>, "
"L<B<SSL_set_connect_state>(3)|SSL_set_connect_state(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:5
msgid ""
"SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for "
"session caching"
msgstr ""
"SSL_CTX_set_timeout, SSL_CTX_get_timeout - Manipuler les valeurs de délai "
"d'expiration pour le cache de sessions"

#. type: verbatim
#: C/ssl/SSL_CTX_set_timeout.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);\n"
" long SSL_CTX_get_timeout(SSL_CTX *ctx);\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_timeout(SSL_CTX *>I<ctx>B<, long> I<t>B<);>\n"
" B<long SSL_CTX_get_timeout(SSL_CTX *>I<ctx>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:16
msgid ""
"SSL_CTX_set_timeout() sets the timeout for newly created sessions for B<ctx> "
"to B<t>. The timeout value B<t> must be given in seconds."
msgstr ""
"B<SSL_CTX_set_timeout>() définit le délai d'expiration pour les sessions "
"nouvellement créées pour I<ctx> à I<t>. La valeur de délai d'expiration I<t> "
"doit être donnée en seconde."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:19
msgid ""
"SSL_CTX_get_timeout() returns the currently set timeout value for B<ctx>."
msgstr ""
"B<SSL_CTX_get_timeout>() renvoie la valeur de délai d'expiration "
"actuellement définie pour I<ctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:23
msgid ""
"Whenever a new session is created, it is assigned a maximum lifetime. This "
"lifetime is specified by storing the creation time of the session and the "
"timeout value valid at this time. If the actual time is later than creation "
"time plus timeout, the session is not reused."
msgstr ""
"� chaque fois qu'une nouvelle session est créée, une durée de vie maximale "
"lui est attribuée. Cette durée de vie est indiquée en gardant la date de "
"création de la session et la valeur de délai d'expiration valable à ce "
"moment. Si la date réelle est au delà du délai d'expiration ajouté à la date "
"de création, la session n'est pas réutilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:28
msgid ""
"Due to this realization, all sessions behave according to the timeout value "
"valid at the time of the session negotiation. Changes of the timeout value "
"do not affect already established sessions."
msgstr ""
"� cause de cette actualisation, toutes les sessions se comportent d'après la "
"valeur de délai d'expiration valable au moment de la négociation de session. "
"Les modifications à la valeur de délai d'expiration n'affectent pas les "
"sessions déjà établies."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:32
msgid ""
"The expiration time of a single session can be modified using the "
"L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)> family of functions."
msgstr ""
"La date d'expiration d'une seule session peut être modifiée en utilisant la "
"famille de fonctions L<B<SSL_SESSION_get_time>(3)|SSL_SESSION_get_time(3)>."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:35
msgid ""
"Expired sessions are removed from the internal session cache, whenever "
"L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> is called, either "
"directly by the application or automatically (see "
"L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)"
msgstr ""
"Les sessions expirées sont supprimées du cache de sessions interne, à chaque "
"fois que L<B<SSL_CTX_flush_sessions>(3)|SSL_CTX_flush_sessions(3)> est "
"appelée, soit directement par l'application, soit automatiquement (consultez "
"L<B<SSL_CTX_set_session_cache_mode>(3)|SSL_CTX_set_session_cache_mode(3)>)"

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:40
msgid ""
"The default value for session timeout is decided on a per protocol basis, "
"see L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>.  All currently "
"supported protocols have the same default timeout value of 300 seconds."
msgstr ""
"La valeur par défaut pour le délai d'expiration de la session est décidée en "
"fonction du protocole, consultez L<B<SSL_get_default_timeout>(3)|"
"SSL_get_default_timeout(3)>. Tous les protocoles actuellement pris en charge "
"ont la même valeur de délai d'expiration par défaut de 300 secondes."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:47
msgid "SSL_CTX_set_timeout() returns the previously set timeout value."
msgstr ""
"B<SSL_CTX_set_timeout>() renvoie la valeur de délai d'expiration "
"précédemment définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:49
msgid "SSL_CTX_get_timeout() returns the currently set timeout value."
msgstr ""
"B<SSL_CTX_get_timeout>() renvoie la valeur de délai d'expiration "
"actuellement définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_timeout.pod:53
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_set_session_cache_mode(3)|"
"SSL_CTX_set_session_cache_mode(3)>, L<SSL_SESSION_get_time(3)|"
"SSL_SESSION_get_time(3)>, L<SSL_CTX_flush_sessions(3)|"
"SSL_CTX_flush_sessions(3)>, L<SSL_get_default_timeout(3)|"
"SSL_get_default_timeout(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_set_session_cache_mode>(3)|"
"SSL_CTX_set_session_cache_mode(3)>, L<B<SSL_SESSION_get_time>(3)|"
"SSL_SESSION_get_time(3)>, L<B<SSL_CTX_flush_sessions>(3)|"
"SSL_CTX_flush_sessions(3)>, L<B<SSL_get_default_timeout>(3)|"
"SSL_get_default_timeout(3)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:5
msgid ""
"SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket "
"processing"
msgstr ""
"SSL_CTX_set_tlsext_ticket_key_cb - Définir un rappel pour le traitement de "
"ticket de session"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:9
#, no-wrap
msgid ""
" #include <openssl/tls1.h>\n"
"\n"
msgstr ""
"B< #include E<lt>openssl/tls1.hE<gt>>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:11
#, no-wrap
msgid ""
" long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,\n"
"        int (*cb)(SSL *s, unsigned char key_name[16],\n"
"\t          unsigned char iv[EVP_MAX_IV_LENGTH],\n"
"\t\t  EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));\n"
"\n"
msgstr ""
"B< long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX> I<sslctx>B<,>\n"
"        B<int (*>I<cb>B<)(SSL *s, unsigned char key_name[16],>\n"
" \t          B<unsigned char> I<iv>B<[EVP_MAX_IV_LENGTH],>\n"
" \t\t  B<EVP_CIPHER_CTX *>I<ctx>B<, HMAC_CTX *>I<hctx>B<, int> I<enc>B<));>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:18
msgid ""
"SSL_CTX_set_tlsext_ticket_key_cb() sets a callback fuction I<cb> for "
"handling session tickets for the ssl context I<sslctx>. Session tickets, "
"defined in RFC5077 provide an enhanced session resumption capability where "
"the server implementation is not required to maintain per session state. It "
"only applies to TLS and there is no SSLv3 implementation."
msgstr ""
"B<SSL_CTX_set_tlsext_ticket_key_cb>() définit une fonction de rappel I<cb> "
"pour gérer les tickets de session pour le contexte SSL I<sslctx>. Les "
"tickets de session définis dans la RFC5077 procurent une amélioration de "
"capacité de reprise de session là  où lâ??implémentation du serveur ne requiert "
"pas la conservation de lâ??état par session. Cela ne sâ??applique quâ??à  TLS et il "
"nâ??existe pas dâ??implémentation pour SSLv3."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:24
msgid ""
"The callback is available when the OpenSSL library was built without "
"I<OPENSSL_NO_TLSEXT> being defined."
msgstr ""
"Le rappel est disponible lorsque la bibliothèque OpenSSL a été construite "
"sans que B<OPENSSL_NO_TLSEXT> soit défini."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:27
msgid ""
"The callback function I<cb> will be called for every client instigated TLS "
"session when session ticket extension is presented in the TLS hello message. "
"It is the responsibility of this function to create or retrieve the "
"cryptographic parameters and to maintain their state."
msgstr ""
"La fonction de rappel I<cb> sera appelée pour chaque client qui initie une "
"session TLS lorsque lâ??extension de ticket de session est présentée dans le "
"message « hello » de TLS. Câ??est la charge de cette fonction de créer ou "
"extraire les paramètres de chiffrement et de conserver leur état."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:32
msgid ""
"The OpenSSL library uses your callback function to help implement a common "
"TLS ticket construction state according to RFC5077 Section 4 such that per "
"session state is unnecessary and a small set of cryptographic variables "
"needs to be maintained by the callback function implementation."
msgstr ""
"La bibliothèque OpenSSL utilise la fonction de rappel pour mettre en Å?uvre "
"un état commun de construction de ticket selon la section 4 de la RFC5077, "
"et est telle que lâ??état de session lâ??état est inutile et quâ??un petit "
"ensemble de variables de chiffrement doit être conservé par lâ??implémentation "
"de la fonction de rappel."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:37
msgid ""
"In order to reuse a session, a TLS client must send the a session ticket "
"extension to the server. The client can only send exactly one session "
"ticket.  The server, through the callback function, either agrees to reuse "
"the session ticket information or it starts a full TLS handshake to create a "
"new session ticket."
msgstr ""
"Pour réutiliser une session, un client TLS doit envoyer une extension de "
"ticket de session au serveur. Le client ne peut envoyer quâ??un seul ticket de "
"session. Le serveur, Ã  lâ??aide de la fonction de rappel, soit accepte de "
"réutiliser les données du ticket de session ou démarre une initialisation de "
"connexion TLS complète pour créer un nouveau ticket de session."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:43
msgid ""
"Before the callback function is started I<ctx> and I<hctx> have been "
"initialised with EVP_CIPHER_CTX_init and HMAC_CTX_init respectively."
msgstr ""
"Avant dâ??utiliser la fonction de rappel, I<ctx> et I<hctx> sont initialisés "
"avec respectivement EVP_CIPHER_CTX_init et HMAC_CTX_init."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:46
msgid ""
"For new sessions tickets, when the client doesn't present a session ticket, "
"or an attempted retreival of the ticket failed, or a renew option was "
"indicated, the callback function will be called with I<enc> equal to 1. The "
"OpenSSL library expects that the function will set an arbitary I<name>, "
"initialize I<iv>, and set the cipher context I<ctx> and the hash context "
"I<hctx>."
msgstr ""
"Pour les nouveaux tickets de session, si le client nâ??en présente pas, ou une "
"recherche de ticket échoue, ou un renouvellement dâ??option est présenté, la "
"fonction de rappel sera demandée avec I<enc> égal à B<1>. La bibliothèque "
"OpenSSl demande que la fonction définisse un I<name> arbitraire, initialise "
"I<iv>, et définisse le contexte du chiffrement I<ctx> et le contexte du "
"hachage I<hctx>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:52
msgid "The I<name> is 16 characters long and is used as a key identifier."
msgstr ""
"Le I<name> comporte 16 caractères et est utilisé comme clef dâ??identification."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:54
msgid ""
"The I<iv> length is the length of the IV of the corresponding cipher. The "
"maximum IV length is L<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>."
msgstr ""
"La longueur de I<iv> est la longueur du vecteur dâ??initialisation de "
"lâ??algorithme de chiffrement correspondant. La longueur maximale est "
"B<EVP_MAX_IV_LENGTH> octets définie dans I<evp.h>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:57
msgid ""
"The initialization vector I<iv> should be a random value. The cipher context "
"I<ctx> should use the initialisation vector I<iv>. The cipher context can be "
"set using L<EVP_EncryptInit_ex>. The hmac context can be set using "
"L<HMAC_Init_ex>."
msgstr ""
"Le vecteur dâ??initialisation I<iv> doit être une valeur aléatoire. Le "
"contexte de chiffrement I<ctx> doit utiliser le vecteur I<iv>. Le contexte "
"peut être défini en utilisant B<EVP_EncryptInit_ex>. Le contexte HMAC peut "
"lâ??être avec B<HMAC_Init_ex>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:61
msgid ""
"When the client presents a session ticket, the callback function with be "
"called with I<enc> set to 0 indicating that the I<cb> function should "
"retreive a set of parameters. In this case I<name> and I<iv> have already "
"been parsed out of the session ticket. The OpenSSL library expects that the "
"I<name> will be used to retrieve a cryptographic parameters and that the "
"cryptographic context I<ctx> will be set with the retreived parameters and "
"the initialization vector I<iv>. using a function like "
"L<EVP_DecryptInit_ex>. The I<hctx> needs to be set using L<HMAC_Init_ex>."
msgstr ""
"Quand un client présente un ticket de session, la fonction de rappel sera "
"appelée avec I<enc> défini à B<0>, signifiant que la fonction I<cb> doit "
"retrouver un ensemble de paramètres. Dans ce cas, I<name> et I<iv> ont déjà "
"été séparés du ticket de session. La bibliothèque OpenSSl sâ??attend à  ce que "
"I<name> soit utilisé pour récupérer les paramètres de chiffrement et que le "
"contexte de chiffrement I<ctx> soit défini pour retrouver les paramètres et "
"le vecteur dâ??initialisation I<iv>, en utilisant une fonction telle que "
"B<EVP_DecryptInit_ex>. I<hctx> doit être défini avec B<HMAC_Init_ex>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:70
msgid ""
"If the I<name> is still valid but a renewal of the ticket is required the "
"callback function should return 2. The library will call the callback again "
"with an arguement of enc equal to 1 to set the new ticket."
msgstr ""
"Si I<name> est toujours valable mais quâ??un renouvellement du ticket est "
"demandé, la fonction de rappel renverra B<2>. La bibliothèque appellera de "
"nouveau le rappel avec un argument pour I<enc> égal à B<1> pour définir le "
"nouveau ticket."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:74
msgid ""
"The return value of the I<cb> function is used by OpenSSL to determine what "
"further processing will occur. The following return values have meaning:"
msgstr ""
"La valeur de retour de la fonction I<cb> est utilisée par OpenSSL pour "
"déterminer quel est le traitement à venir. Les valeurs suivantes "
"signifient : "

#. type: =item
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:79
msgid "Z<>2"
msgstr "Z<>2"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:81
msgid ""
"This indicates that the I<ctx> and I<hctx> have been set and the session can "
"continue on those parameters. Additionally it indicates that the session "
"ticket is in a renewal period and should be replaced. The OpenSSL library "
"will call I<cb> again with an enc argument of 1 to set the new ticket (see "
"RFC5077 3.3 paragraph 2)."
msgstr ""
"Cela indique que I<ctx> et I<hctx> ont été définis et que la session peut "
"continuer avec ces paramètres. En plus, cela indique que le ticket de "
"session est dans une période de renouvellement et devrait être renouvelé. La "
"bibliothèque OpenSSL appellera de nouveau I<cb> avec un argument I<enc> de "
"B<1> pour définir le nouveau ticket (consultez la RFC5077 3.3, paragraphe 2)."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:89
msgid ""
"This indicates that the I<ctx> and I<hctx> have been set and the session can "
"continue on those parameters."
msgstr ""
"Cela indique que I<ctx> et I<hctx> ont été définis et que la session peut "
"continuer avec ces paramètres."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:94
msgid ""
"This indicates that it was not possible to set/retrieve a session ticket and "
"the SSL/TLS session will continue by by negiotationing a set of "
"cryptographic parameters or using the alternate SSL/TLS resumption "
"mechanism, session ids."
msgstr ""
"Cela indique quâ??il nâ??a pas été possible de définir ou retrouver un ticket de "
"session et que la session SSL/TLS continuera par une négociation dâ??un "
"ensemble de paramètres de chiffrement ou en utilisant le mécanisme de "
"reprise alternatif de SSL/TLS par identifiants de session."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:98
msgid ""
"If called with enc equal to 0 the library will call the I<cb> again to get a "
"new set of parameters."
msgstr ""
"Si appelée avec I<enc> égal B<0>, la bibliothèque appellera de nouveau I<cb> "
"pour obtenir un nouveau jeu de paramètres."

#. type: =item
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:101
msgid "less than 0"
msgstr "inférieur à 0"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:103
msgid "This indicates an error."
msgstr "Cela indique une erreur."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:109
msgid ""
"Session resumption shortcuts the TLS so that the client certificate "
"negiotation don't occur. It makes up for this by storing client certificate "
"an all other negotiated state information encrypted within the ticket. In a "
"resumed session the applications will have all this state information "
"available exactly as if a full negiotation had occured."
msgstr ""
"La reprise de session court-circuite TLS de façon à ce que la négociation de "
"certificat du client ne se produise pas. Pour cela, le certificat du client "
"et toute autre information sur lâ??état de la négociation sont chiffrés dans "
"le ticket. Dans une reprise de session, les applications auront toute "
"lâ??information dâ??état disponible comme après une pleine négociation."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:115
msgid ""
"If an attacker can obtain the key used to encrypt a session ticket, they can "
"obtain the master secret for any ticket using that key and decrypt any "
"traffic using that session: even if the ciphersuite supports forward "
"secrecy. As a result applications may wish to use multiple keys and avoid "
"using long term keys stored in files."
msgstr ""
"Si un attaquant pouvait obtenir la clef utilisée pour chiffrer le ticket de "
"session, il pourrait, pour tout ticket utilisant cette clef, obtenir la clef "
"secrète maître et déchiffrer tous les messages émis par cette session, même "
"si la suite de chiffrement prend en charge la confidentialité persistante. "
"Par conséquent, les applications peuvent vouloir utiliser plusieurs clefs et "
"éviter les clefs utilisées sur un long terme et stockées dans des fichiers."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:121
msgid ""
"Applications can use longer keys to maintain a consistent level of "
"security.  For example if a ciphersuite uses 256 bit ciphers but only a 128 "
"bit ticket key the overall security is only 128 bits because breaking the "
"ticket key will enable an attacker to obtain the session keys."
msgstr ""
"Les applications peuvent utiliser des clefs plus longues pour conserver un "
"niveau de sécurité constant. Par exemple, si la suite de chiffrement est "
"basée sur 256 bits mais que la clef du ticket est basée sur 128 bits, la "
"sécurité dâ??ensemble est basée sur 128 bits car le cassage de la clef de "
"ticket permettra à  un attaquant dâ??obtenir les clefs de session."

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:128
#, no-wrap
msgid ""
"Reference Implemention:\n"
"  SSL_CTX_set_tlsext_ticket_key_cb(SSL,ssl_tlsext_ticket_key_cb);\n"
"  ....\n"
"\n"
msgstr ""
"Implémentation de référence :\n"
"  SSL_CTX_set_tlsext_ticket_key_cb(SSL,ssl_tlsext_ticket_key_cb);\n"
"  ...\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:132
#, no-wrap
msgid ""
"  static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)\n"
"  {\n"
"      if (enc) { /* create new session */\n"
"          if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {\n"
"              return -1; /* insufficient random */\n"
"          }\n"
"  \n"
msgstr ""
"  static int ssl_tlsext_ticket_key_cb(SSL *s,\n"
"                                      unsigned char key_name[16],\n"
"                                      unsigned char *iv, EVP_CIPHER_CTX *ctx,\n"
"                                      HMAC_CTX *hctx, int enc)\n"
"  {\n"
"      if (enc) { /* créer une nouvelle session */\n"
"          if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {\n"
"              return -1; /* entropie insuffisante */\n"
"          }\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:139
#, no-wrap
msgid ""
"          key = currentkey(); /* something that you need to implement */\n"
"          if ( !key ) {\n"
"              /* current key doesn't exist or isn't valid */\n"
"              key = createkey(); /* something that you need to implement.\n"
"                                   * createkey needs to initialise, a name,\n"
"                                   * an aes_key, a hmac_key and optionally\n"
"                                   * an expire time. */\n"
"              if ( !key ) { /* key couldn't be created */\n"
"                  return 0;\n"
"              }\n"
"          }\n"
"          memcpy(key_name, key->name, 16);\n"
"  \n"
msgstr ""
"          key = currentkey(); /* quelque chose à  mettre en Å?uvre */\n"
"          if ( !key ) {\n"
"              /* la clef actuelle nâ??existe pas ou nâ??est pas valable */\n"
"              key = createkey(); /* quelque chose à  mettre en Å?uvre.\n"
"                                  * createkey doit initialiser un nom,\n"
"                                  * une clef AES, une clef HMAC et\n"
"                                  * peut-être une date limite. */\n"
"              if ( !key ) { /* la clef nâ??a pu être créée */\n"
"                  return 0;\n"
"              }\n"
"          }\n"
"          memcpy(key_name, key->name, 16);\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:152
#, no-wrap
msgid ""
"          EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);\n"
"          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);\n"
"  \n"
msgstr ""
"          EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,\n"
"                             key->aes_key, iv);\n"
"          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:155
#, no-wrap
msgid ""
"          return 1;\n"
"  \n"
msgstr ""
"          return 1;\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:157
#, no-wrap
msgid ""
"      } else { /* retrieve session */\n"
"          key = findkey(name);\n"
"  \n"
msgstr ""
"      } else { /* retrouver une session */\n"
"          key = findkey(name);\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:160
#, no-wrap
msgid ""
"          if  (!key || key->expire < now() ) {\n"
"              return 0;\n"
"          }\n"
"  \n"
msgstr ""
"          if  (!key || key->expire < now() ) {\n"
"              return 0;\n"
"          }\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:164
#, no-wrap
msgid ""
"          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);\n"
"          EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );\n"
"\n"
msgstr ""
"          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);\n"
"          EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,\n"
"                             key->aes_key, iv);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:167
#, no-wrap
msgid ""
"          if (key->expire < ( now() - RENEW_TIME ) ) {\n"
"              /* return 2 - this session will get a new ticket even though the current is still valid */\n"
"              return 2;\n"
"          }\n"
"          return 1;\n"
"  \n"
msgstr ""
"          if (key->expire < ( now() - RENEW_TIME ) ) {\n"
"              /* return 2 ~ cette session doit obtenir un nouveau\n"
"                 ticket même si lâ??actuel est encore valable */\n"
"              return 2;\n"
"          }\n"
"          return 1;\n"
"  \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:173
#, no-wrap
msgid ""
"      }\n"
"  }\n"
"\n"
msgstr ""
"      }\n"
"  }\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:180
msgid "returns 0 to indicate the callback function was set."
msgstr "B<0> est renvoyé pour signifier quâ??une fonction de rappel est définie."

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:184
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>, "
"L<SSL_session_reused(3)|SSL_session_reused(3)>, L<SSL_CTX_add_session(3)|"
"SSL_CTX_add_session(3)>, L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>, "
"L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>, "
"L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_set_session>(3)|SSL_set_session(3)>, "
"L<B<SSL_session_reused>(3)|SSL_session_reused(3)>, "
"L<B<SSL_CTX_add_session>(3)|SSL_CTX_add_session(3)>, "
"L<B<SSL_CTX_sess_number>(3)|SSL_CTX_sess_number(3)>, "
"L<B<SSL_CTX_sess_set_get_cb>(3)|SSL_CTX_sess_set_get_cb(3)>, "
"L<B<SSL_CTX_set_session_id_context>(3)|SSL_CTX_set_session_id_context(3)>,"

#. type: textblock
#: C/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod:193
msgid "This function was introduced in OpenSSL 0.9.8h"
msgstr "Cette fonction a été introduite dans OpenSSL 0.9.8h"

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:5
msgid ""
"SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, "
"SSL_set_tmp_dh - handle DH keys for ephemeral key exchange"
msgstr ""
"SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, "
"SSL_set_tmp_dh - Gérer les clefs DH pour lâ??échange de clefs éphémères"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,\n"
"            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));\n"
" long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_tmp_dh_callback(SSL_CTX *>I<ctx>B<,>\n"
"            B<DH *(*>I<tmp_dh_callback>B<)(SSL *>I<ssl>B<, int> I<is_export>B<,>\n"
"                                   B<int> I<taille_clef>B<);>\n"
" B<long SSL_CTX_set_tmp_dh(SSL_CTX *>I<ctx>B<, DH *>I<dh>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:15
#, no-wrap
msgid ""
" void SSL_set_tmp_dh_callback(SSL *ctx,\n"
"            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));\n"
" long SSL_set_tmp_dh(SSL *ssl, DH *dh)\n"
"\n"
msgstr ""
"B< void SSL_set_tmp_dh_callback(SSL *>I<ctx>B<,>\n"
"            B<DH *(*>I<tmp_dh_callback>B<)(SSL *>I<ssl>B<, int> I<is_export>B<,>\n"
"                                   B<int> I<taille_clef>B<));>\n"
" B<long SSL_set_tmp_dh(SSL *>I<ssl>B<, DH *>I<dh>B<)>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:21
msgid ""
"SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be "
"used when a DH parameters are required to B<tmp_dh_callback>.  The callback "
"is inherited by all B<ssl> objects created from B<ctx>."
msgstr ""
"B<SSL_CTX_set_tmp_dh_callback>() définit la fonction de rappel à utiliser "
"pour I<ctx> lorsquâ??un paramètre DH est nécessaire pour I<tmp_dh_callback>. "
"Tous les objets I<ssl> créés à partir de I<ctx> héritent du rappel."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:25
msgid ""
"SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.  The key is "
"inherited by all B<ssl> objects created from B<ctx>."
msgstr ""
"B<SSL_CTX_set_tmp_dh>() définit les paramètres DH à utiliser à I<dh>. Tous "
"les objets I<ssl> créés à partir de I<ctx> héritent de la clef."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:28
msgid "SSL_set_tmp_dh_callback() sets the callback only for B<ssl>."
msgstr "B<SSL_set_tmp_dh_callback>() définit le rappel seulement pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:30
msgid "SSL_set_tmp_dh() sets the parameters only for B<ssl>."
msgstr "B<SSL_set_tmp_dh>() définit les paramètres seulement pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:32
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:46
msgid "These functions apply to SSL/TLS servers only."
msgstr "Ces fonctions sont applicables aux serveurs SSL/TLS uniquement."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:36
msgid ""
"When using a cipher with RSA authentication, an ephemeral DH key exchange "
"can take place. Ciphers with DSA keys always use ephemeral DH keys as well.  "
"In these cases, the session data are negotiated using the ephemeral/"
"temporary DH key and the key supplied and certified by the certificate chain "
"is only used for signing.  Anonymous ciphers (without a permanent server "
"key) also use ephemeral DH keys."
msgstr ""
"Lors de lâ??utilisation dâ??un algorithme de chiffrement avec authentification "
"RSA, un échange de clefs éphémères DH peut survenir. Les algorithmes avec "
"clefs DSA utilisent toujours des clefs éphémères DH. Dans ces cas, les "
"données de session sont négociées en utilisant une clef éphémère/temporaire "
"DH et la clef fournie et authentifiée par la chaîne de certificats est "
"utilisée uniquement pour la signature. Les algorithmes anonymes (sans "
"serveur permanent de clefs) utilisent aussi les clefs éphémères DH."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:43
msgid ""
"Using ephemeral DH key exchange yields forward secrecy, as the connection "
"can only be decrypted, when the DH key is known. By generating a temporary "
"DH key inside the server application that is lost when the application is "
"left, it becomes impossible for an attacker to decrypt past sessions, even "
"if he gets hold of the normal (certified) key, as this key was only used for "
"signing."
msgstr ""
"Lâ??usage de clef éphémère DH rend la confidentialité persistante, car la "
"connexion ne peut être déchiffrée que lorsque la clef DH est connue. En "
"créant une clef DH éphémère uniquement pendant la durée de la mise en Å?uvre "
"du serveur, un attaquant ne peut absolument pas déchiffrer des sessions "
"terminées même sâ??il se procure une clef conforme (certifiée), puisque la "
"clef nâ??a été utilisée que pour la signature."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:50
msgid ""
"In order to perform a DH key exchange the server must use a DH group (DH "
"parameters) and generate a DH key.  The server will always generate a new DH "
"key during the negotiation if either the DH parameters are supplied via "
"callback or the SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set "
"(or both).  It will immediately create a DH key if DH parameters are "
"supplied via SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set.  In "
"this case, it may happen that a key is generated on initialization without "
"later being needed, while on the other hand the computer time during the "
"negotiation is being saved."
msgstr ""
"Pour réaliser lâ??échange de clefs DH, le serveur doit utiliser un ensemble DH "
"(paramètres DH) et créer une clef DH. Durant la négociation, le serveur "
"générera toujours une nouvelle clef DH si les paramètres DH sont fournis à "
"lâ??aide du rappel ou si lâ??option B<SSL_OP_SINGLE_DH_USE> de "
"B<SSL_CTX_set_options>(3) est définie (ou les deux). Le serveur créera "
"immédiatement une clef DH si les paramètres DH sont fournis à  lâ??aide de "
"B<SSL_CTX_set_tmp_dh>() et que B<SSL_OP_SINGLE_DH_USE> nâ??est pas définie. "
"Dans ce cas, une clef peut être créée lors dâ??une initialisation et nâ??être "
"jamais nécessaire, quoique dâ??un autre coté, le temps de calcul pendant la "
"négociation est économisé."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:62
#, fuzzy
#| msgid ""
#| "If \"strong\" primes were used to generate the DH parameters, it is not "
#| "strictly necessary to generate a new key for each handshake but it does "
#| "improve forward secrecy. If it is not assured, that \"strong\" primes "
#| "were used (see especially the section about DSA parameters below), "
#| "SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup "
#| "attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the computer "
#| "time needed during negotiation, but it is not very large, so application "
#| "authors/users should consider to always enable this option."
msgid ""
"If \"strong\" primes were used to generate the DH parameters, it is not "
"strictly necessary to generate a new key for each handshake but it does "
"improve forward secrecy. If it is not assured that \"strong\" primes were "
"used, SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup "
"attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the computer "
"time needed during negotiation, but it is not very large, so application "
"authors/users should consider always enabling this option.  The option is "
"required to implement perfect forward secrecy (PFS)."
msgstr ""
"Si des nombres premiers « forts » sont utilisés pour générer les paramètres "
"DH, créer une nouvelle clef nâ??est pas strictement nécessaire à  chaque "
"initialisation de connexion mais cela améliore la confidentialité "
"persistante. Si lâ??utilisation de nombres premiers « forts » nâ??est pas sûre, "
"(consultez particulièrement la section ci-dessous à propos des paramètres "
"DSA), B<SSL_OP_SINGLE_DH_USE> doit être utilisée pour empêcher les attaques "
"par sous-groupes. Lâ??utilisation de B<SSL_OP_SINGLE_DH_USE> a toujours des "
"incidences sur le temps de calcul nécessaire à  la négociation, mais ce nâ??est "
"pas très important et les créateurs ou utilisateurs devraient toujours "
"activer cette option."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:71
#, fuzzy
#| msgid ""
#| "As generating DH parameters is extremely time consuming, an application "
#| "should not generate the parameters on the fly but supply the parameters.  "
#| "DH parameters can be reused, as the actual key is newly generated during "
#| "the negotiation. The risk in reusing DH parameters is that an attacker "
#| "may specialize on a very often used DH group. Applications should "
#| "therefore generate their own DH parameters during the installation "
#| "process using the openssl L<dhparam(1)|dhparam(1)> application. In order "
#| "to reduce the computer time needed for this generation, it is possible to "
#| "use DSA parameters instead (see L<dhparam(1)|dhparam(1)>), but in this "
#| "case SSL_OP_SINGLE_DH_USE is mandatory."
msgid ""
"As generating DH parameters is extremely time consuming, an application "
"should not generate the parameters on the fly but supply the parameters.  DH "
"parameters can be reused, as the actual key is newly generated during the "
"negotiation. The risk in reusing DH parameters is that an attacker may "
"specialize on a very often used DH group. Applications should therefore "
"generate their own DH parameters during the installation process using the "
"openssl L<dhparam(1)|dhparam(1)> application. This application guarantees "
"that \"strong\" primes are used."
msgstr ""
"Comme le temps pour générer les paramètres DH est extrêmement long, les "
"applications ne devraient pas les créer à la volée mais les fournir. Ces "
"paramètres DH peuvent être réutilisés puisque la clef effective est "
"fraichement créée durant la négociation. Le risque de la réutilisation est "
"quâ??un attaquant pourrait se focaliser sur un groupe DH très souvent utilisé. "
"Les applications devraient donc créer leurs propres paramètres DH durant le "
"processus dâ??installation en utilisant la fonction dâ??OpenSSL L<B<dhparam>(1)|"
"dhparam(1)>. Dans le but de réduire le temps de calcul nécessaire, les "
"paramètres DSA peuvent être utilisés à la place (consultez L<B<dhparam>(1)|"
"dhparam(1)>), mais dans ce cas B<SSL_OP_SINGLE_DH_USE> est obligatoire."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:80
#, fuzzy
#| msgid ""
#| "Application authors may compile in DH parameters. Files dh512.pem, dh1024."
#| "pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current "
#| "version of the OpenSSL distribution contain the 'SKIP' DH parameters, "
#| "which use safe primes and were generated verifiably pseudo-randomly.  "
#| "These files can be converted into C code using the B<-C> option of the "
#| "L<dhparam(1)|dhparam(1)> application.  Authors may also generate their "
#| "own set of parameters using L<dhparam(1)|dhparam(1)>, but a user may not "
#| "be sure how the parameters were generated. The generation of DH "
#| "parameters during installation is therefore recommended."
msgid ""
"Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current "
"version of the OpenSSL distribution contain the 'SKIP' DH parameters, which "
"use safe primes and were generated verifiably pseudo-randomly.  These files "
"can be converted into C code using the B<-C> option of the L<dhparam(1)|"
"dhparam(1)> application. Generation of custom DH parameters during "
"installation should still be preferred to stop an attacker from specializing "
"on a commonly used group. Files dh1024.pem and dh512.pem contain old "
"parameters that must not be used by applications."
msgstr ""
"Les créateurs dâ??application peuvent compiler avec les paramètres DH. Les "
"fichiers I<dh512.pem>, I<dh1024.pem>, I<dh2048.pem>, et I<dh4096.pem> dans "
"le répertoire « apps » de lâ??actuelle distribution dâ??OpenSSL contenant le "
"paramètre DH « SKIP », celui-ci utilisant des nombres premiers sûrs et, "
"dâ??une manière vérifiable, générés de manière pseudo-aléatoire. Ces fichiers "
"peuvent être convertis en code C avec lâ??option B<-C> de la fonction "
"L<B<dhparam>(1)|dhparam(1)>. Les créateurs peuvent aussi générer leur propre "
"jeu de paramètres en utilisant L<B<dhparam>(1)|dhparam(1)>, mais un "
"utilisateur ne sera jamais certain de la manière dont ces paramètres ont été "
"créés. La création des paramètres DH lors de lâ??installation est donc "
"recommandée."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:90
#, fuzzy
#| msgid ""
#| "An application may either directly specify the DH parameters or can "
#| "supply the DH parameters via a callback function. The callback approach "
#| "has the advantage, that the callback may supply DH parameters for "
#| "different key lengths."
msgid ""
"An application may either directly specify the DH parameters or can supply "
"the DH parameters via a callback function."
msgstr ""
"Une application peut soit indiquer les paramètres DH, soit les fournir avec "
"une fonction de rappel. La méthode avec rappel a lâ??avantage que le rappel "
"peut fournir ces paramètres pour différentes longueurs de clef."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:93
msgid ""
"Previous versions of the callback used B<is_export> and B<keylength> "
"parameters to control parameter generation for export and non-export cipher "
"suites. Modern servers that do not support export ciphersuites are advised "
"to either use SSL_CTX_set_tmp_dh() in combination with SSL_OP_SINGLE_DH_USE, "
"or alternatively, use the callback but ignore B<keylength> and B<is_export> "
"and simply supply at least 2048-bit parameters in the callback."
msgstr ""

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:103
#, fuzzy
#| msgid ""
#| "Handle DH parameters for key lengths of 512 and 1024 bits. (Error "
#| "handling partly left out.)"
msgid ""
"Setup DH parameters with a key length of 2048 bits. (Error handling partly "
"left out.)"
msgstr ""
"Prise en charge des paramètres DH pour des longueurs de clef de 512 et "
"1024 bits. (la gestion des erreurs est délaissée)."

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:106
#, no-wrap
msgid ""
" Command-line parameter generation:\n"
" $ openssl dhparam -out dh_param_2048.pem 2048\n"
"\n"
msgstr ""

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:109
#, no-wrap
msgid ""
" Code for setting up parameters during server initialization:\n"
"\n"
msgstr ""

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:111
#, no-wrap
msgid ""
" ...\n"
" SSL_CTX ctx = SSL_CTX_new();\n"
" ...\n"
"\n"
msgstr ""

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:115
#, no-wrap
msgid ""
" /* Set up ephemeral DH parameters. */\n"
" DH *dh_2048 = NULL;\n"
" FILE *paramfile;\n"
" paramfile = fopen(\"dh_param_2048.pem\", \"r\");\n"
" if (paramfile) {\n"
"   dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);\n"
"   fclose(paramfile);\n"
" } else {\n"
"   /* Error. */\n"
" }\n"
" if (dh_2048 == NULL) {\n"
"  /* Error. */\n"
" }\n"
" if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {\n"
"   /* Error. */\n"
" }\n"
" SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);\n"
" ...\n"
"\n"
msgstr ""

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:136
msgid ""
"SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return "
"diagnostic output."
msgstr ""
"B<SSL_CTX_set_tmp_dh_callback>() et B<SSL_set_tmp_dh_callback>() ne "
"renvoient pas dâ??information de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:139
msgid ""
"SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0 on "
"failure. Check the error queue to find out the reason of failure."
msgstr ""
"B<SSL_CTX_set_tmp_dh>() et B<SSL_set_tmp_dh>() renvoient B<1> en cas de "
"réussite et B<0> en cas dâ??échec."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_dh_callback.pod:144
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>, "
"L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>, "
"L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, L<ciphers(1)|ciphers(1)>, "
"L<dhparam(1)|dhparam(1)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_set_cipher_list>(3)|"
"SSL_CTX_set_cipher_list(3)>, L<B<SSL_CTX_set_tmp_rsa_callback>(3)|"
"SSL_CTX_set_tmp_rsa_callback(3)>, L<B<SSL_CTX_set_options>(3)|"
"SSL_CTX_set_options(3)>, L<B<ciphers>(1)|ciphers(1)>, L<B<dhparam>(1)|"
"dhparam(1)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:5
msgid ""
"SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, "
"SSL_set_tmp_rsa_callback, SSL_set_tmp_rsa, SSL_need_tmp_rsa - handle RSA "
"keys for ephemeral key exchange"
msgstr ""
"SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, "
"SSL_set_tmp_rsa_callback, SSL_set_tmp_rsa, SSL_need_tmp_rsa - Gérer les "
"clefs RSA pour lâ??échange de clefs éphémères"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,\n"
"            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));\n"
" long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);\n"
" long SSL_CTX_need_tmp_rsa(SSL_CTX *ctx);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *>I<ctx>B<,>\n"
"            B<RSA *(*>I<tmp_rsa_callback>B<)(SSL *>I<ssl>B<, int> I<is_export>B<,>\n"
"                                     B<int> I<taille_clef>B<));>\n"
" B<long SSL_CTX_set_tmp_rsa(SSL_CTX *>I<ctx>B<, RSA *>I<rsa>B<);>\n"
" B<long SSL_CTX_need_tmp_rsa(SSL_CTX *>I<ctx>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:16
#, no-wrap
msgid ""
" void SSL_set_tmp_rsa_callback(SSL_CTX *ctx,\n"
"            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));\n"
" long SSL_set_tmp_rsa(SSL *ssl, RSA *rsa)\n"
" long SSL_need_tmp_rsa(SSL *ssl)\n"
"\n"
msgstr ""
"B< void SSL_set_tmp_rsa_callback(SSL_CTX *>I<ctx>B<,>\n"
"            B<RSA *(*>I<tmp_rsa_callback>B<)(SSL *>I<ssl>B<, int> I<is_export>B<,>\n"
"                                     B<int> I<taille_clef>B<));>\n"
" B<long SSL_set_tmp_rsa(SSL *>I<ssl>B<, RSA *>I<rsa>B<)>\n"
" B<long SSL_need_tmp_rsa(SSL *>I<ssl>B<)>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:21
#, no-wrap
msgid ""
" RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength);\n"
"\n"
msgstr ""
"B< RSA *(*>I<tmp_rsa_callback>B<)(SSL *>I<ssl>B<, int> I<is_export>B<,>\n"
"                          B<int> I<taille_clef>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:25
msgid ""
"SSL_CTX_set_tmp_rsa_callback() sets the callback function for B<ctx> to be "
"used when a temporary/ephemeral RSA key is required to B<tmp_rsa_callback>.  "
"The callback is inherited by all SSL objects newly created from B<ctx> with "
"<SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected."
msgstr ""
"B<SSL_CTX_set_tmp_rsa_callback>() définit la fonction de rappel pour I<ctx> "
"à utiliser quand une clef RSA temporaire ou éphémère est nécessaire pour "
"I<tmp_rsa_callback>. Tous les objets SSL nouvellement créés à partir de "
"I<ctx> avec L<B<SSL_new>(3)|SSL_new(3)> héritent du rappel. Les objets SSL "
"déjà créés ne sont pas affectés."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:30
msgid ""
"SSL_CTX_set_tmp_rsa() sets the temporary/ephemeral RSA key to be used to be "
"B<rsa>. The key is inherited by all SSL objects newly created from B<ctx> "
"with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected."
msgstr ""
"B<SSL_CTX_set_tmp_rsa>() définit une clef RSA temporaire/éphémère à utiliser "
"pour I<rsa>. Tous les objets SSL nouvellement créés à partir de I<ctx> avec "
"L<B<SSL_new>(3)|SSL_new(3)> héritent de la clef. Les objets SSL déjà créés "
"ne sont pas affectés."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:34
msgid ""
"SSL_CTX_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed "
"for RSA-based strength-limited 'exportable' ciphersuites because a RSA key "
"with a keysize larger than 512 bits is installed."
msgstr ""
"B<SSL_CTX_need_tmp_rsa>() renvoie B<1>, si une clef RSA temporaire/éphémère "
"est nécessaire pour les suites de chiffrement â?? « exportables », de force "
"limitée, basées sur RSA â?? parce quâ??une longueur de clef supérieure à  "
"512Â bits est en place."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:38
msgid "SSL_set_tmp_rsa_callback() sets the callback only for B<ssl>."
msgstr "B<SSL_set_tmp_rsa_callback>() définit le rappel seulement pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:40
msgid "SSL_set_tmp_rsa() sets the key only for B<ssl>."
msgstr "B<SSL_set_tmp_rsa3>() définit la clef seulement pour I<ssl>."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:42
msgid ""
"SSL_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed, "
"for RSA-based strength-limited 'exportable' ciphersuites because a RSA key "
"with a keysize larger than 512 bits is installed."
msgstr ""
"B<SSL_need_tmp_rsa>() renvoie B<1>, si une clef RSA temporaire/éphémère est "
"nécessaire pour les suites de chiffrement â?? « exportables », de force "
"limitée, basées sur RSA â?? parce quâ??une longueur de clef supérieure à  "
"512Â bits est en place."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:50
msgid ""
"When using a cipher with RSA authentication, an ephemeral RSA key exchange "
"can take place. In this case the session data are negotiated using the "
"ephemeral/temporary RSA key and the RSA key supplied and certified by the "
"certificate chain is only used for signing."
msgstr ""
"Lors de lâ??utilisation dâ??un algorithme de chiffrement avec authentification "
"RSA, un échange de clefs éphémères DH peut survenir. Dans ce cas, les "
"données de session sont négociées en utilisant une clef éphémère/temporaire "
"RSA et la clef fournie et authentifiée par la chaîne de certificats est "
"utilisée uniquement pour la signature."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:55
msgid ""
"Under previous export restrictions, ciphers with RSA keys shorter (512 "
"bits)  than the usual key length of 1024 bits were created. To use these "
"ciphers with RSA keys of usual length, an ephemeral key exchange must be "
"performed, as the normal (certified) key cannot be directly used."
msgstr ""
"Sous de précédentes restrictions dâ??export, des chiffrements avec des clefs "
"plus courtes (512 octets) que la longueur habituelle de 1024 octets ont été "
"créés. Pour utiliser ces chiffrements, un échange de clefs éphémères doit "
"être réalisé, puisque la clef normale (authentifiée) ne peut être "
"directement utilisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:60
msgid ""
"Using ephemeral RSA key exchange yields forward secrecy, as the connection "
"can only be decrypted, when the RSA key is known. By generating a temporary "
"RSA key inside the server application that is lost when the application is "
"left, it becomes impossible for an attacker to decrypt past sessions, even "
"if he gets hold of the normal (certified) RSA key, as this key was used for "
"signing only. The downside is that creating a RSA key is computationally "
"expensive."
msgstr ""
"Lâ??usage de clef éphémère RSA rend la confidentialité persistante, car la "
"connexion ne peut être déchiffrée que lorsque la clef RSA est connue. En "
"créant une clef RSA temporaire uniquement pendant la durée de la mise en "
"Å?uvre du serveur, un attaquant ne peut absolument pas déchiffrer des "
"sessions terminées même sâ??il se procure la clef normale (authentifiée), "
"puisque la clef nâ??a été utilisée que pour la signature. Lâ??inconvénient est "
"que la génération dâ??une clef RSA est coûteuse en calculs."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:68
msgid ""
"Additionally, the use of ephemeral RSA key exchange is only allowed in the "
"TLS standard, when the RSA key can be used for signing only, that is for "
"export ciphers. Using ephemeral RSA key exchange for other purposes violates "
"the standard and can break interoperability with clients.  It is therefore "
"strongly recommended to not use ephemeral RSA key exchange and use DHE "
"(Ephemeral Diffie-Hellman) key exchange instead in order to achieve forward "
"secrecy (see L<SSL_CTX_set_tmp_dh_callback(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>)."
msgstr ""
"En outre, lâ??utilisation dâ??échange de clefs éphémères est seulement permise "
"par la norme TLS, quand la clef RSA peut être utilisée seulement pour "
"signer, câ??est-à -dire pour les chiffrements exportés. Lâ??utilisation de "
"lâ??échange de clefs RSA éphémères pour dâ??autres buts transgresse la norme et "
"peut rompre lâ??interopérabilité entre clients. Donc, il est fortement "
"recommandé de ne pas utiliser lâ??échange de clefs éphémères RSA et dâ??utiliser "
"DHE (Diffie-Hellman éphémère) pour permettre la confidentialité persistante "
"(consultez L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>)."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:77
msgid ""
"An application may either directly specify the key or can supply the key via "
"a callback function. The callback approach has the advantage, that the "
"callback may generate the key only in case it is actually needed. As the "
"generation of a RSA key is however costly, it will lead to a significant "
"delay in the handshake procedure.  Another advantage of the callback "
"function is that it can supply keys of different size while the explicit "
"setting of the key is only useful for key size of 512 bits to satisfy the "
"export restricted ciphers and does give away key length if a longer key "
"would be allowed."
msgstr ""
"Une application peut soit indiquer la clef directement ou la fournir par une "
"fonction de rappel. La méthode par le rappel a lâ??avantage que le rappel peut "
"générer la clef que lorsque nécessaire. Comme cette génération est coûteuse, "
"la durée de procédure de connexion augmentera de manière significative. Un "
"autre avantage de la fonction de rappel est quâ??elle peut fournir des clefs "
"de différentes longueurs, tandis que le réglage direct de la clef est "
"seulement utile pour des longueurs de clef de 512Â bits pour les algorithmes "
"de chiffrement limité pour lâ??export et qui ne communiquent pas la longueur "
"de clef si une clef plus importante est autorisée."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:86
msgid ""
"The B<tmp_rsa_callback> is called with the B<keylength> needed and the "
"B<is_export> information. The B<is_export> flag is set, when the ephemeral "
"RSA key exchange is performed with an export cipher."
msgstr ""
"I<tmp_rsa_callback> est appelée avec la I<taille_clef> désirée et "
"lâ??information I<is_export>. Lâ??attribut I<is_export> est activé lorsque "
"lâ??échange de clefs éphémères RSA est réalisé avec un algorithme de "
"chiffrement pour lâ??export."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:92
msgid ""
"Generate temporary RSA keys to prepare ephemeral RSA key exchange. As the "
"generation of a RSA key costs a lot of computer time, they saved for later "
"reuse. For demonstration purposes, two keys for 512 bits and 1024 bits "
"respectively are generated."
msgstr ""
"Générer des clefs RSA temporaires pour préparer un échange de clefs "
"éphémères. Comme cette génération coûte beaucoup de temps de calcul, elles "
"sont stockées pour une utilisation ultérieure. � des fins de démonstrations, "
"deux clefs pour 512 bits et 1024 bits respectivement sont créées."

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:97
#, no-wrap
msgid ""
" ...\n"
" /* Set up ephemeral RSA stuff */\n"
" RSA *rsa_512 = NULL;\n"
" RSA *rsa_1024 = NULL;\n"
"\n"
msgstr ""
" ...\n"
" /* Définir ce qui concerne RSA éphémère */\n"
" RSA *rsa_512 = NULL;\n"
" RSA *rsa_1024 = NULL;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:102
#, no-wrap
msgid ""
" rsa_512 = RSA_generate_key(512,RSA_F4,NULL,NULL);\n"
" if (rsa_512 == NULL)\n"
"     evaluate_error_queue();\n"
"\n"
msgstr ""
" rsa_512 = RSA_generate_key(512,RSA_F4,NULL,NULL);\n"
" if (rsa_512 == NULL)\n"
"     evaluate_error_queue();\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:106
#, no-wrap
msgid ""
" rsa_1024 = RSA_generate_key(1024,RSA_F4,NULL,NULL);\n"
" if (rsa_1024 == NULL)\n"
"   evaluate_error_queue();\n"
"\n"
msgstr ""
" rsa_1024 = RSA_generate_key(1024,RSA_F4,NULL,NULL);\n"
" if (rsa_1024 == NULL)\n"
"   evaluate_error_queue();\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:110
#, no-wrap
msgid ""
" ...\n"
"\n"
msgstr ""
" ...\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:112
#, no-wrap
msgid ""
" RSA *tmp_rsa_callback(SSL *s, int is_export, int keylength)\n"
" {\n"
"    RSA *rsa_tmp=NULL;\n"
"\n"
msgstr ""
" RSA *tmp_rsa_callback(SSL *s, int is_export, int taille_clef)\n"
" {\n"
"    RSA *rsa_tmp=NULL;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:116
#, no-wrap
msgid ""
"    switch (keylength) {\n"
"    case 512:\n"
"      if (rsa_512)\n"
"        rsa_tmp = rsa_512;\n"
"      else { /* generate on the fly, should not happen in this example */\n"
"        rsa_tmp = RSA_generate_key(keylength,RSA_F4,NULL,NULL);\n"
"        rsa_512 = rsa_tmp; /* Remember for later reuse */\n"
"      }\n"
"      break;\n"
"    case 1024:\n"
"      if (rsa_1024)\n"
"        rsa_tmp=rsa_1024;\n"
"      else\n"
"        should_not_happen_in_this_example();\n"
"      break;\n"
"    default:\n"
"      /* Generating a key on the fly is very costly, so use what is there */\n"
"      if (rsa_1024)\n"
"        rsa_tmp=rsa_1024;\n"
"      else\n"
"        rsa_tmp=rsa_512; /* Use at least a shorter key */\n"
"    }\n"
"    return(rsa_tmp);\n"
" }\n"
"\n"
msgstr ""
"    switch (taille_clef) {\n"
"    case 512:\n"
"      if (rsa_512)\n"
"        rsa_tmp = rsa_512;\n"
"      else { /* générer à  la volée, ce qui nâ??est\n"
"                pas le cas dans cet exemple */\n"
"        rsa_tmp = RSA_generate_key(taille_clef,RSA_F4,NULL,NULL);\n"
"        rsa_512 = rsa_tmp; /* mémorisation pour un usage ultérieur */\n"
"      }\n"
"      break;\n"
"    case 1024:\n"
"      if (rsa_1024)\n"
"        rsa_tmp=rsa_1024;\n"
"      else\n"
"        should_not_happen_in_this_example();\n"
"      break;\n"
"    default:\n"
"      /* générer une clef à la volée est très coûteux,\n"
"         aussi utilisez ceci */\n"
"      if (rsa_1024)\n"
"        rsa_tmp=rsa_1024;\n"
"      else\n"
"        rsa_tmp=rsa_512; /* utiliser au moins une clef plus courte */\n"
"    }\n"
"    return(rsa_tmp);\n"
" }\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:143
msgid ""
"SSL_CTX_set_tmp_rsa_callback() and SSL_set_tmp_rsa_callback() do not return "
"diagnostic output."
msgstr ""
"B<SSL_CTX_set_tmp_rsa_callback>() et B<SSL_set_tmp_rsa_callback>() ne "
"renvoient pas de sortie de diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:146
msgid ""
"SSL_CTX_set_tmp_rsa() and SSL_set_tmp_rsa() do return 1 on success and 0 on "
"failure. Check the error queue to find out the reason of failure."
msgstr ""
"B<SSL_CTX_set_tmp_rsa>() et B<SSL_set_tmp_rsa>() doivent renvoyer B<1> lors "
"dâ??une réussite et B<0> pour un échec. Consultez la file dâ??erreurs pour "
"trouver la raison de lâ??échec."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:149
msgid ""
"SSL_CTX_need_tmp_rsa() and SSL_need_tmp_rsa() return 1 if a temporary RSA "
"key is needed and 0 otherwise."
msgstr ""
"B<SSL_CTX_need_tmp_rsa>() et B<SSL_need_tmp_rsa>() renvoient B<1> si une "
"clef est nécessaire et B<0> autrement."

#. type: textblock
#: C/ssl/SSL_CTX_set_tmp_rsa_callback.pod:154
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>, "
"L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, "
"L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>, "
"L<SSL_new(3)|SSL_new(3)>, L<ciphers(1)|ciphers(1)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_CTX_set_cipher_list>(3)|"
"SSL_CTX_set_cipher_list(3)>, L<B<SSL_CTX_set_options>(3)|"
"SSL_CTX_set_options(3)>, L<B<SSL_CTX_set_tmp_dh_callback>(3)|"
"SSL_CTX_set_tmp_dh_callback(3)>, L<B<SSL_new>(3)|SSL_new(3)>, "
"L<B<ciphers>(1)|ciphers(1)>"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:5
msgid ""
"SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, "
"SSL_set_verify_depth - set peer certificate verification parameters"
msgstr ""
"SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, "
"SSL_set_verify_depth - Définir les paramètres de vérification du certificat "
"du pair"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:11
#, no-wrap
msgid ""
" void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,\n"
"                         int (*verify_callback)(int, X509_STORE_CTX *));\n"
" void SSL_set_verify(SSL *s, int mode,\n"
"                     int (*verify_callback)(int, X509_STORE_CTX *));\n"
" void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);\n"
" void SSL_set_verify_depth(SSL *s, int depth);\n"
"\n"
msgstr ""
"B< void SSL_CTX_set_verify(SSL_CTX *>I<ctx>B<, int> I<mode>B<,>\n"
"                         B<int (*>I<verify_callback>B<)(int, X509_STORE_CTX *));>\n"
" B<void SSL_set_verify(SSL *s, int> I<mode>B<,>\n"
"                     B<int (*>I<verify_callback>B<)(int, X509_STORE_CTX *));>\n"
" B<void SSL_CTX_set_verify_depth(SSL_CTX *>I<ctx>B<,int> I<profondeur>B<);>\n"
" B<void SSL_set_verify_depth(SSL *>I<s>B<, int> I<profondeur>B<);>\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:18
#, no-wrap
msgid ""
" int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);\n"
"\n"
msgstr ""
"B< int verify_callback(int preverify_ok, X509_STORE_CTX *>I<x509_ctx>B<);>\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:22
msgid ""
"SSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> "
"and specifies the B<verify_callback> function to be used. If no callback "
"function shall be specified, the NULL pointer can be used for "
"B<verify_callback>."
msgstr ""
"B<SSL_CTX_set_verify>() définit les attributs de vérification pour I<ctx> à "
"I<mode> et précise la fonction I<verify_callback> à utiliser. Si aucune "
"fonction de rappel nâ??est précisée, le pointeur NULL peut être utilisé pour "
"I<verify_callback>."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:26
msgid ""
"SSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and "
"specifies the B<verify_callback> function to be used. If no callback "
"function shall be specified, the NULL pointer can be used for "
"B<verify_callback>. In this case last B<verify_callback> set specifically "
"for this B<ssl> remains. If no special B<callback> was set before, the "
"default callback for the underlying B<ctx> is used, that was valid at the "
"time B<ssl> was created with L<SSL_new(3)|SSL_new(3)>."
msgstr ""
"B<SSL_CTX_set_verify>() définit les attributs de vérification pour I<ssl> à "
"I<mode> et précise la fonction I<verify_callback> à utiliser. Si aucune "
"fonction de rappel nâ??est précisée, le pointeur NULL peut être utilisé pour "
"I<verify_callback>. Dans ce cas le dernier I<verify_callback> défini "
"précisément pour ce I<ssl> est conservé. Si aucun I<rappel> nâ??était défini "
"auparavant, le rappel par défaut pour le I<ctx> sous-jacent, et qui était "
"valable au moment où I<ssl> a été créé avec L<B<SSL_new>(3)|SSL_new(3)>, est "
"utilisé."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:34
msgid ""
"SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate "
"chain verification that shall be allowed for B<ctx>. (See the BUGS section.)"
msgstr ""
"B<SSL_CTX_set_verify_depth>() définit la I<profondeur> maximale pour la "
"vérification de chaîne de certificats qui sera autorisée pour I<ctx> "
"(consultez la section BOGUES)."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:37
msgid ""
"SSL_set_verify_depth() sets the maximum B<depth> for the certificate chain "
"verification that shall be allowed for B<ssl>. (See the BUGS section.)"
msgstr ""
"B<SSL_CTX_set_verify_depth>() définit la I<profondeur> maximale pour la "
"vérification de chaîne de certificats qui sera autorisée pour I<ssl> "
"(consultez la section BOGUES)."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:42
msgid ""
"The verification of certificates can be controlled by a set of logically "
"or'ed B<mode> flags:"
msgstr ""
"La vérification des certificats peut être contrôlée par une suite "
"dâ??opérations « ou » logiques dâ??attributs I<mode>."

#. type: =item
#: C/ssl/SSL_CTX_set_verify.pod:47
msgid "SSL_VERIFY_NONE"
msgstr "SSL_VERIFY_NONE"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:49
msgid ""
"B<Server mode:> the server will not send a client certificate request to the "
"client, so the client will not send a certificate."
msgstr ""
"B<Mode serveur>Â : le serveur nâ??enverra pas de demande de certificat client "
"au client, aussi le client nâ??enverra pas de certificat."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:52
msgid ""
"B<Client mode:> if not using an anonymous cipher (by default disabled), the "
"server will send a certificate which will be checked. The result of the "
"certificate verification process can be checked after the TLS/SSL handshake "
"using the L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> function.  "
"The handshake will be continued regardless of the verification result."
msgstr ""
"B<Mode client>Â : sâ??il nâ??utilise pas un algorithme de chiffrement anonyme "
"(fonctionnement par défaut), le serveur enverra un certificat qui sera "
"contrôlé. Le résultat du processus de vérification de certificat peut être "
"contrôlé après lâ??initiation de connexion TLS/SSL en utilisant la fonction "
"L<B<SSL_get_verify_result>(3)|SSL_get_verify_result(3)>. Lâ??initiation de "
"connexion peut continuer indépendamment de la vérification du résultat."

#. type: =item
#: C/ssl/SSL_CTX_set_verify.pod:58
msgid "SSL_VERIFY_PEER"
msgstr "SSL_VERIFY_PEER"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:60
msgid ""
"B<Server mode:> the server sends a client certificate request to the "
"client.  The certificate returned (if any) is checked. If the verification "
"process fails, the TLS/SSL handshake is immediately terminated with an alert "
"message containing the reason for the verification failure.  The behaviour "
"can be controlled by the additional SSL_VERIFY_FAIL_IF_NO_PEER_CERT and "
"SSL_VERIFY_CLIENT_ONCE flags."
msgstr ""
"B<Mode serveur>Â : le serveur demande un certificat au client. Le certificat "
"renvoyé (le cas échéant) est vérifié. Si la vérification échoue, "
"lâ??initiation de connexion TLS/SSl se termine immédiatement avec un message "
"dâ??alerte contenant le pourquoi de lâ??échec de vérification. Le comportement "
"peut être contrôlé par les attributs additionnels "
"B<SSL_VERIFY_FAIL_IF_NO_PEER_CERT> et B<SSL_VERIFY_CLIENT_ONCE>."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:68
msgid ""
"B<Client mode:> the server certificate is verified. If the verification "
"process fails, the TLS/SSL handshake is immediately terminated with an alert "
"message containing the reason for the verification failure. If no server "
"certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is "
"ignored."
msgstr ""
"B<Mode client> : le certificat du serveur est vérifié. Si la vérification "
"échoue, lâ??initiation de connexion TLS/SSL se termine immédiatement avec un "
"message dâ??alerte contenant le pourquoi de lâ??échec de vérification. Si aucun "
"certificat de serveur est envoyé, à  cause de lâ??utilisation dâ??un algorithme "
"de chiffrement anonyme, B<SSL_VERIFY_PEER> est ignoré."

#. type: =item
#: C/ssl/SSL_CTX_set_verify.pod:74
msgid "SSL_VERIFY_FAIL_IF_NO_PEER_CERT"
msgstr "SSL_VERIFY_FAIL_IF_NO_PEER_CERT"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:76
msgid ""
"B<Server mode:> if the client did not return a certificate, the TLS/SSL "
"handshake is immediately terminated with a \"handshake failure\" alert.  "
"This flag must be used together with SSL_VERIFY_PEER."
msgstr ""
"B<Mode serveur>Â : si le client ne renvoie pas de certificat, "
"lâ??initialisation de connexion TSL/SSL se termine immédiatement avec un "
"message « handshake failure » (échec dâ??initialisation). Cet attribut doit "
"être utilisé de concert avec SSL_VERIFY_PEER."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:80 C/ssl/SSL_CTX_set_verify.pod:88
msgid "B<Client mode:> ignored"
msgstr "B<Mode client> : mode ignoré."

#. type: =item
#: C/ssl/SSL_CTX_set_verify.pod:82
msgid "SSL_VERIFY_CLIENT_ONCE"
msgstr "SSL_VERIFY_CLIENT_ONCE"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:84
msgid ""
"B<Server mode:> only request a client certificate on the initial TLS/SSL "
"handshake. Do not ask for a client certificate again in case of a "
"renegotiation. This flag must be used together with SSL_VERIFY_PEER."
msgstr ""
"B<Mode serveur> : requête uniquement dâ??un certificat de client lors de la "
"première initiation de connexion TLS/SSL. Une nouvelle demande ne doit pas "
"être faite dans le cas dâ??une renégociation. Cet attribut doit être utilisé "
"de concert avec SSL_VERIFY_PEER."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:92
msgid ""
"Exactly one of the B<mode> flags SSL_VERIFY_NONE and SSL_VERIFY_PEER must be "
"set at any time."
msgstr ""
"Un seul des attributs I<mode> B<SSL_VERIFY_NONE> et B<SSL_VERIFY_PEER> doit "
"être activé à tout moment."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:95
msgid ""
"The actual verification procedure is performed either using the built-in "
"verification procedure or using another application provided verification "
"function set with L<SSL_CTX_set_cert_verify_callback(3)|"
"SSL_CTX_set_cert_verify_callback(3)>.  The following descriptions apply in "
"the case of the built-in procedure. An application provided procedure also "
"has access to the verify depth information and the verify_callback() "
"function, but the way this information is used may be different."
msgstr ""
"La véritable procédure de vérification est réalisée en utilisant la "
"procédure de vérification interne ou une autre application fournissant une "
"fonction de vérification définie avec "
"L<B<SSL_CTX_set_cert_verify_callback>(3)|"
"SSL_CTX_set_cert_verify_callback(3)>. Les descriptions suivantes "
"sâ??appliquent dans le cas dâ??une procédure interne. Une procédure fournie par "
"une application a aussi accès à  lâ??information de profondeur de vérification "
"et à  la fonction I<verify_callback>(), mais la façon dont lâ??information est "
"utilisée peut être différente."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:104
msgid ""
"SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set the limit up to "
"which depth certificates in a chain are used during the verification "
"procedure. If the certificate chain is longer than allowed, the certificates "
"above the limit are ignored. Error messages are generated as if these "
"certificates would not be present, most likely a "
"X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY will be issued.  The depth "
"count is \"level 0:peer certificate\", \"level 1: CA certificate\", \"level "
"2: higher level CA certificate\", and so on. Setting the maximum depth to 2 "
"allows the levels 0, 1, and 2. The default depth limit is 100, allowing for "
"the peer certificate and additional 100 CA certificates."
msgstr ""
"B<SSL_CTX_set_verify_depth>() et B<SSL_set_verify_depth>() définissent la "
"limite supérieure de profondeur jusquâ??à  laquelle les certificats dans une "
"chaîne sont utilisés pendant la procédure de vérification. Si la chaîne de "
"certificats est plus grande que celle autorisée, les certificats après la "
"limite sont ignorés. Les messages dâ??erreur ne tiennent pas compte des "
"certificats au-dessus la limite, plus vraisemblablement un "
"B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> sera émis. Le compte "
"dâ??erreurs est « level 0:peer certificate », « level 1: CA certificate >, "
"« level 2: higher level CA certificate », etc. Définir la profondeur "
"maximale à  B<2> autorise les niveaux B<0>, B<1> et B<2>. La limite de "
"profondeur par défaut est B<100>, permettant le certificat du pair plus "
"100Â certificats de CA."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:115
msgid ""
"The B<verify_callback> function is used to control the behaviour when the "
"SSL_VERIFY_PEER flag is set. It must be supplied by the application and "
"receives two arguments: B<preverify_ok> indicates, whether the verification "
"of the certificate in question was passed (preverify_ok=1) or not "
"(preverify_ok=0). B<x509_ctx> is a pointer to the complete context used for "
"the certificate chain verification."
msgstr ""
"La fonction I<verify_callback> est utilisée pour contrôler le fonctionnement "
"lorsque lâ??attribut SSL_VERIFY_PEER flag est activé. Il doit être fourni par "
"lâ??application et reçoit deux arguments : B<preverify_ok> indique si la "
"vérification du certificat est demandée (B<preverify_ok>=B<1>) ou non "
"(B<preverify_ok>=B<0>). B<x509_ctx> est un pointeur vers le contexte complet "
"utilisé par la vérification de la chaîne de certificats."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:122
msgid ""
"The certificate chain is checked starting with the deepest nesting level "
"(the root CA certificate) and worked upward to the peer's certificate.  At "
"each level signatures and issuer attributes are checked. Whenever a "
"verification error is found, the error number is stored in B<x509_ctx> and "
"B<verify_callback> is called with B<preverify_ok>=0. By applying "
"X509_CTX_store_* functions B<verify_callback> can locate the certificate in "
"question and perform additional steps (see EXAMPLES). If no error is found "
"for a certificate, B<verify_callback> is called with B<preverify_ok>=1 "
"before advancing to the next level."
msgstr ""
"La chaîne de certificats est vérifiée en commençant par le niveau "
"dâ??emboitement le plus profond (le certificat de CA racine) et progresse "
"jusquâ??au certificat de pair. Ã? chaque niveau, les signatures et les "
"certificats dâ??émetteur sont contrôlées. Ã? chaque fois quâ??une erreur de "
"vérification est trouvée, le numéro dâ??erreur est stocké dans B<x509_ctx> et "
"I<verify_callback> est appelé avec B<preverify_ok>=B<0>. En utilisant les "
"fonctions B<X509_CTX_store_*>, I<verify_callback> peut trouver le certificat "
"en question et réaliser les étapes additionnelles (consultez EXEMPLES). Si "
"aucune erreur nâ??est trouvée pour un certificat, I<verify_callback> est "
"appelé avec B<preverify_ok>=B<1> avant accéder au prochain niveau."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:132
msgid ""
"The return value of B<verify_callback> controls the strategy of the further "
"verification process. If B<verify_callback> returns 0, the verification "
"process is immediately stopped with \"verification failed\" state. If "
"SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and "
"the TLS/SSL handshake is terminated. If B<verify_callback> returns 1, the "
"verification process is continued. If B<verify_callback> always returns 1, "
"the TLS/SSL handshake will not be terminated with respect to verification "
"failures and the connection will be established. The calling process can "
"however retrieve the error code of the last verification error using "
"L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its "
"own error storage managed by B<verify_callback>."
msgstr ""
"La valeur de retour de I<verify_callback> détermine la stratégie de la "
"procédure de vérification suivante. Si I<verify_callback> renvoie B<0>, la "
"procédure de vérification sâ??arrête avec un état « échec de vérification ». "
"Si B<SSL_VERIFY_PEER> est activé, un message dâ??échec de vérification est "
"envoyé au pair et la connexion TLS/SSL sâ??arrête. Si I<verify_callback> "
"renvoie B<1>, la procédure continue. Si I<verify_callback> renvoie toujours "
"B<1>, lâ??initialisation de connexion TLS/SSL ne sera pas achevée en ce qui "
"concerne les erreurs de connexion et la connexion sera établie. Le processus "
"demandeur peut cependant retrouver le code dâ??erreur de la dernière "
"vérification en utilisant L<B<SSL_get_verify_result>(3)|"
"SSL_get_verify_result(3)> ou en entretenant son propre stockage dâ??erreurs "
"géré par I<verify_callback>."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:144
msgid ""
"If no B<verify_callback> is specified, the default callback will be used.  "
"Its return value is identical to B<preverify_ok>, so that any verification "
"failure will lead to a termination of the TLS/SSL handshake with an alert "
"message, if SSL_VERIFY_PEER is set."
msgstr ""
"Si aucun I<verify_callback> nâ??est indiqué, le rappel par défaut sera "
"utilisé. Sa valeur de retour est identique à B<preverify_ok>, aussi toute "
"erreur de vérification conduira à une fin de la connexion TLS/SSL, avec un "
"message dâ??alerte si B<SSL_VERIFY_PEER> est activé."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:151
msgid ""
"In client mode, it is not checked whether the SSL_VERIFY_PEER flag is set, "
"but whether SSL_VERIFY_NONE is not set. This can lead to unexpected "
"behaviour, if the SSL_VERIFY_PEER and SSL_VERIFY_NONE are not used as "
"required (exactly one must be set at any time)."
msgstr ""
"Dans le mode client, la vérification de chaîne nâ??est pas faite si lâ??attribut "
"B<SSL_VERIFY_PEER> est activé, mais si B<SSL_VERIFY_NONE> nâ??est pas activé. "
"Cela peut conduire à un fonctionnement inattendu si B<SSL_VERIFY_PEER> et "
"B<SSL_VERIFY_NONE> ne sont pas utilisés comme exigé (seulement un seul "
"actif)."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:156
msgid ""
"The certificate verification depth set with SSL[_CTX]_verify_depth()  stops "
"the verification at a certain depth. The error message produced will be that "
"of an incomplete certificate chain and not X509_V_ERR_CERT_CHAIN_TOO_LONG as "
"may be expected."
msgstr ""
"La profondeur de vérification de certificats définie avec "
"B<SSL[_CTX]_verify_depth>() arrête la vérification à une certaine "
"profondeur. Le message dâ??erreur fourni sera celui dâ??une chaîne de "
"certificats incomplète et non B<X509_V_ERR_CERT_CHAIN_TOO_LONG> comme peut-"
"être espéré."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:163
msgid "The SSL*_set_verify*() functions do not provide diagnostic information."
msgstr ""
"Les fonctions B<SSL*_set_verify*>() ne fournissent pas dâ??information de "
"diagnostic."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:167
msgid ""
"The following code sequence realizes an example B<verify_callback> function "
"that will always continue the TLS/SSL handshake regardless of verification "
"failure, if wished. The callback realizes a verification depth limit with "
"more informational output."
msgstr ""
"Le code suivant réalise un exemple de la fonction I<verify_callback> qui "
"continuera toujours lâ??initiation de connexion TLS/SSL indépendamment "
"dâ??erreur de vérification, si voulu. Le rappel réalise une vérification avec "
"limite de profondeur et avec le maximum dâ??informations."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:172
msgid ""
"All verification errors are printed; information about the certificate chain "
"is printed on request.  The example is realized for a server that does allow "
"but not require client certificates."
msgstr ""
"Toutes les erreurs de vérification sont affichées ; lâ??information sur la "
"chaîne de certificats est affichée sur demande. Cet exemple concerne un "
"serveur qui autorise mais ne demande pas de certificat client."

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:177
msgid ""
"The example makes use of the ex_data technique to store application data "
"into/retrieve application data from the SSL structure (see "
"L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>, "
"L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|"
"SSL_get_ex_data_X509_STORE_CTX_idx(3)>)."
msgstr ""
"Cet exemple utilise la technique « ex_data » pour stocker les données "
"dâ??application dans la structure SSL ou les retrouver à  partir de cette "
"structure (consultez L<B<SSL_get_ex_new_index>(3)|SSL_get_ex_new_index(3)>, "
"L<B<SSL_get_ex_data_X509_STORE_CTX_idx>(3)|"
"SSL_get_ex_data_X509_STORE_CTX_idx(3)>)."

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:182
#, no-wrap
msgid ""
" ...\n"
" typedef struct {\n"
"   int verbose_mode;\n"
"   int verify_depth;\n"
"   int always_continue;\n"
" } mydata_t;\n"
" int mydata_index;\n"
" ...\n"
" static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)\n"
" {\n"
"    char    buf[256];\n"
"    X509   *err_cert;\n"
"    int     err, depth;\n"
"    SSL    *ssl;\n"
"    mydata_t *mydata;\n"
"\n"
msgstr ""
" ...\n"
" typedef struct {\n"
"   int verbose_mode;\n"
"   int verify_depth;\n"
"   int always_continue;\n"
" } mydata_t;\n"
" int mydata_index;\n"
" ...\n"
" static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)\n"
" {\n"
"    char    buf[256];\n"
"    X509   *err_cert;\n"
"    int     err, depth;\n"
"    SSL    *ssl;\n"
"    mydata_t *mydata;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:198
#, no-wrap
msgid ""
"    err_cert = X509_STORE_CTX_get_current_cert(ctx);\n"
"    err = X509_STORE_CTX_get_error(ctx);\n"
"    depth = X509_STORE_CTX_get_error_depth(ctx);\n"
"\n"
msgstr ""
"    err_cert = X509_STORE_CTX_get_current_cert(ctx);\n"
"    err = X509_STORE_CTX_get_error(ctx);\n"
"    depth = X509_STORE_CTX_get_error_depth(ctx);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:202
#, no-wrap
msgid ""
"    /*\n"
"     * Retrieve the pointer to the SSL of the connection currently treated\n"
"     * and the application specific data stored into the SSL object.\n"
"     */\n"
"    ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());\n"
"    mydata = SSL_get_ex_data(ssl, mydata_index);\n"
"\n"
msgstr ""
"    /*\n"
"     * Extraire le pointeur vers lâ??objet SSL de la connexion\n"
"     * actuellement traitée et les données spécifiques à \n"
"     * lâ??application stockées dans cet objet.\n"
"     */\n"
"    ssl = X509_STORE_CTX_get_ex_data(ctx,\n"
"                            SSL_get_ex_data_X509_STORE_CTX_idx());\n"
"    mydata = SSL_get_ex_data(ssl, mydata_index);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:209
#, no-wrap
msgid ""
"    X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);\n"
"\n"
msgstr ""
"    X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:211
#, no-wrap
msgid ""
"    /*\n"
"     * Catch a too long certificate chain. The depth limit set using\n"
"     * SSL_CTX_set_verify_depth() is by purpose set to \"limit+1\" so\n"
"     * that whenever the \"depth>verify_depth\" condition is met, we\n"
"     * have violated the limit and want to log this error condition.\n"
"     * We must do it here, because the CHAIN_TOO_LONG error would not\n"
"     * be found explicitly; only errors introduced by cutting off the\n"
"     * additional certificates would be logged.\n"
"     */\n"
"    if (depth > mydata->verify_depth) {\n"
"        preverify_ok = 0;\n"
"        err = X509_V_ERR_CERT_CHAIN_TOO_LONG;\n"
"        X509_STORE_CTX_set_error(ctx, err);\n"
"    } \n"
"    if (!preverify_ok) {\n"
"        printf(\"verify error:num=%d:%s:depth=%d:%s\\n\", err,\n"
"                 X509_verify_cert_error_string(err), depth, buf);\n"
"    }\n"
"    else if (mydata->verbose_mode)\n"
"    {\n"
"        printf(\"depth=%d:%s\\n\", depth, buf);\n"
"    }\n"
"\n"
msgstr ""
"    /*\n"
"     * Chaîne de certificats trop longue. La profondeur limite définie\n"
"     * par SSL_CTX_set_verify_depth() est en principe « limit+1 » aussi\n"
"     * si la condition « depth>verify_depth » est satisfaite, la limite\n"
"     * est dépassée et la journalisation de cette erreur doit être\n"
"     * faite. Cela doit être fait ici parce que lâ??erreur CHAIN_TOO_LONG\n"
"     * ne peut être trouvée explicitement ; les seules erreurs\n"
"     * introduites par des certificats additionnels sont journalisées.\n"
"     */\n"
"    if (depth > mydata->verify_depth) {\n"
"        preverify_ok = 0;\n"
"        err = X509_V_ERR_CERT_CHAIN_TOO_LONG;\n"
"        X509_STORE_CTX_set_error(ctx, err);\n"
"    } \n"
"    if (!preverify_ok) {\n"
"        printf(\"verify error:num=%d:%s:depth=%d:%s\\n\", err,\n"
"                 X509_verify_cert_error_string(err), depth, buf);\n"
"    }\n"
"    else if (mydata->verbose_mode)\n"
"    {\n"
"        printf(\"depth=%d:%s\\n\", depth, buf);\n"
"    }\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:234
#, no-wrap
msgid ""
"    /*\n"
"     * At this point, err contains the last verification error. We can use\n"
"     * it for something special\n"
"     */\n"
"    if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))\n"
"    {\n"
"      X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);\n"
"      printf(\"issuer= %s\\n\", buf);\n"
"    }\n"
"\n"
msgstr ""
"    /*\n"
"     * � ce moment, err contient la dernière erreur de vérification.\n"
"     * Ce peut être utilisé pour un but particulier\n"
"     */\n"
"    if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))\n"
"    {\n"
"      X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),\n"
"                        buf, 256);\n"
"      printf(\"issuer= %s\\n\", buf);\n"
"    }\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:244
#, no-wrap
msgid ""
"    if (mydata->always_continue)\n"
"      return 1;\n"
"    else\n"
"      return preverify_ok;\n"
" }\n"
" ...\n"
"\n"
msgstr ""
"    if (mydata->always_continue)\n"
"      return 1;\n"
"    else\n"
"      return preverify_ok;\n"
" }\n"
" ...\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:251
#, no-wrap
msgid ""
" mydata_t mydata;\n"
"\n"
msgstr ""
" mydata_t mydata;\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:253
#, no-wrap
msgid ""
" ...\n"
" mydata_index = SSL_get_ex_new_index(0, \"mydata index\", NULL, NULL, NULL);\n"
"\n"
msgstr ""
" ...\n"
" mydata_index = SSL_get_ex_new_index(0, \"mydata index\",\n"
"                                     NULL, NULL, NULL);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:256
#, no-wrap
msgid ""
" ...\n"
" SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,\n"
"                    verify_callback);\n"
"\n"
msgstr ""
" ...\n"
" SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,\n"
"                    verify_callback);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:260
#, no-wrap
msgid ""
" /*\n"
"  * Let the verify_callback catch the verify_depth error so that we get\n"
"  * an appropriate error in the logfile.\n"
"  */\n"
" SSL_CTX_set_verify_depth(verify_depth + 1);\n"
"\n"
msgstr ""
" /*\n"
"  * Permettre à  verify_callback de capturer lâ??erreur de verify_depth\n"
"  * pour obtenir une erreur appropriée dans le journal.\n"
"  */\n"
" SSL_CTX_set_verify_depth(verify_depth + 1);\n"
"\n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:266
#, no-wrap
msgid ""
" /*\n"
"  * Set up the SSL specific data into \"mydata\" and store it into th SSL\n"
"  * structure.\n"
"  */\n"
" mydata.verify_depth = verify_depth; ...\n"
" SSL_set_ex_data(ssl, mydata_index, &mydata);\n"
"\t\t\t\t\t     \n"
msgstr ""
" /*\n"
"  * Définir les données spécifiques au SSL dans « mydata » et les\n"
"  * stocker dans la structure SSL.\n"
"  */\n"
" mydata.verify_depth = verify_depth; ...\n"
" SSL_set_ex_data(ssl, mydata_index, &mydata);\n"
"\t\t\t\t\t     \n"

#. type: verbatim
#: C/ssl/SSL_CTX_set_verify.pod:273
#, no-wrap
msgid ""
" ...\n"
" SSL_accept(ssl);\t/* check of success left out for clarity */\n"
" if (peer = SSL_get_peer_certificate(ssl))\n"
" {\n"
"   if (SSL_get_verify_result(ssl) == X509_V_OK)\n"
"   {\n"
"     /* The client sent a certificate which verified OK */\n"
"   }\n"
" }\n"
"\n"
msgstr ""
" ...\n"
" SSL_accept(ssl);    /* Vérification dâ??une réussite omise pour clarté */\n"
" if (peer = SSL_get_peer_certificate(ssl))\n"
" {\n"
"   if (SSL_get_verify_result(ssl) == X509_V_OK)\n"
"   {\n"
"     /* Le client a envoyé un certificat valable */\n"
"   }\n"
" }\n"
"\n"

#. type: textblock
#: C/ssl/SSL_CTX_set_verify.pod:285
msgid ""
"L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_get_verify_mode(3)|"
"SSL_CTX_get_verify_mode(3)>, L<SSL_get_verify_result(3)|"
"SSL_get_verify_result(3)>, L<SSL_CTX_load_verify_locations(3)|"
"SSL_CTX_load_verify_locations(3)>, L<SSL_get_peer_certificate(3)|"
"SSL_get_peer_certificate(3)>, L<SSL_CTX_set_cert_verify_callback(3)|"
"SSL_CTX_set_cert_verify_callback(3)>, "
"L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|"
"SSL_get_ex_data_X509_STORE_CTX_idx(3)>, L<SSL_get_ex_new_index(3)|"
"SSL_get_ex_new_index(3)>"
msgstr ""
"L<B<ssl>(3)|ssl(3)>, L<B<SSL_new>(3)|SSL_new(3)>, "
"L<B<SSL_CTX_get_verify_mode>(3)|SSL_CTX_get_verify_mode(3)>, "
"L<B<SSL_get_verify_result>(3)|SSL_get_verify_result(3)>, "
"L<B<SSL_CTX_load_verify_locations>(3)|SSL_CTX_load_verify_locations(3)>, "
"L<B<SSL_get_peer_certificate>(3)|SSL_get_peer_certificate(3)>, "
"L<B<SSL_CTX_set_cert_verify_callback>(3)|"
"SSL_CTX_set_cert_verify_callback(3)>, "
"L<B<SSL_get_ex_data_X509_STORE_CTX_idx>(3)|"
"SSL_get_ex_data_X509_STORE_CTX_idx(3)>, L<B<SSL_get_ex_new_index(3)>|"
"SSL_get_ex_new_index(3)>"

#~ msgid ""
#~ "The B<tmp_dh_callback> is called with the B<keylength> needed and the "
#~ "B<is_export> information. The B<is_export> flag is set, when the "
#~ "ephemeral DH key exchange is performed with an export cipher."
#~ msgstr ""
#~ "I<tmp_dh_callback> est appelée avec la I<taille_clef> désirée et "
#~ "lâ??information I<is_export>. Lâ??attribut I<is_export> est activé lors de "
#~ "lâ??échange de clefs éphémères DH est réalisé avec un algorithme de "
#~ "chiffrement pour lâ??export."

#~ msgid ""
#~ " ...\n"
#~ " /* Set up ephemeral DH stuff */\n"
#~ " DH *dh_512 = NULL;\n"
#~ " DH *dh_1024 = NULL;\n"
#~ " FILE *paramfile;\n"
#~ "\n"
#~ msgstr ""
#~ " ...\n"
#~ " /* Définir ce qui concerne DH éphémère */\n"
#~ " DH *dh_512 = NULL;\n"
#~ " DH *dh_1024 = NULL;\n"
#~ " FILE *<fich_param>;\n"
#~ "\n"

#~ msgid ""
#~ " ...\n"
#~ " /* \"openssl dhparam -out dh_param_512.pem -2 512\" */\n"
#~ " paramfile = fopen(\"dh_param_512.pem\", \"r\");\n"
#~ " if (paramfile) {\n"
#~ "   dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);\n"
#~ "   fclose(paramfile);\n"
#~ " }\n"
#~ " /* \"openssl dhparam -out dh_param_1024.pem -2 1024\" */\n"
#~ " paramfile = fopen(\"dh_param_1024.pem\", \"r\");\n"
#~ " if (paramfile) {\n"
#~ "   dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);\n"
#~ "   fclose(paramfile);\n"
#~ " }\n"
#~ " ...\n"
#~ "\n"
#~ msgstr ""
#~ " ...\n"
#~ " /* \"openssl dhparam -out dh_param_512.pem -2 512\" */\n"
#~ " I<fich_param> = fopen(\"dh_param_512.pem\", \"r\");\n"
#~ " if (I<fich_param>) {\n"
#~ "   dh_512 = PEM_read_DHparams(I<fich_param>, NULL, NULL, NULL);\n"
#~ "   fclose(I<fich_param>);\n"
#~ " }\n"
#~ " /* \"openssl dhparam -out dh_param_1024.pem -2 1024\" */\n"
#~ " I<fich_param> = fopen(\"dh_param_1024.pem\", \"r\");\n"
#~ " if (I<fich_param>) {\n"
#~ "   dh_1024 = PEM_read_DHparams(I<fich_param>, NULL, NULL, NULL);\n"
#~ "   fclose(I<fich_param>);\n"
#~ " }\n"
#~ " ...\n"
#~ "\n"

#~ msgid ""
#~ " /* \"openssl dhparam -C -2 512\" etc... */\n"
#~ " DH *get_dh512() { ... }\n"
#~ " DH *get_dh1024() { ... }\n"
#~ "\n"
#~ msgstr ""
#~ " /* \"openssl dhparam -C -2 512\" etc. */\n"
#~ " DH *get_dh512() { ... }\n"
#~ " DH *get_dh1024() { ... }\n"
#~ "\n"

#~ msgid ""
#~ " DH *tmp_dh_callback(SSL *s, int is_export, int keylength)\n"
#~ " {\n"
#~ "    DH *dh_tmp=NULL;\n"
#~ "\n"
#~ msgstr ""
#~ " DH *tmp_dh_callback(SSL *s, int is_export, int taille_clef)\n"
#~ " {\n"
#~ "    DH *dh_tmp=NULL;\n"
#~ "\n"

#~ msgid ""
#~ "    switch (keylength) {\n"
#~ "    case 512:\n"
#~ "      if (!dh_512)\n"
#~ "        dh_512 = get_dh512();\n"
#~ "      dh_tmp = dh_512;\n"
#~ "      break;\n"
#~ "    case 1024:\n"
#~ "      if (!dh_1024)\n"
#~ "        dh_1024 = get_dh1024();\n"
#~ "      dh_tmp = dh_1024;\n"
#~ "      break;\n"
#~ "    default:\n"
#~ "      /* Generating a key on the fly is very costly, so use what is there */\n"
#~ "      setup_dh_parameters_like_above();\n"
#~ "    }\n"
#~ "    return(dh_tmp);\n"
#~ " }\n"
#~ "\n"
#~ msgstr ""
#~ "    switch (taille_clef) {\n"
#~ "    case 512:\n"
#~ "      if (!dh_512)\n"
#~ "        dh_512 = get_dh512();\n"
#~ "      dh_tmp = dh_512;\n"
#~ "      break;\n"
#~ "    case 1024:\n"
#~ "      if (!dh_1024)\n"
#~ "        dh_1024 = get_dh1024();\n"
#~ "      dh_tmp = dh_1024;\n"
#~ "      break;\n"
#~ "    default:\n"
#~ "      /* Créer une clef à la volée est très cher, aussi utilisez ceci */\n"
#~ "      setup_dh_parameters_like_above();\n"
#~ "    }\n"
#~ "    return(dh_tmp);\n"
#~ " }\n"
#~ "\n"

#~ msgid ""
#~ "Always use ephemeral (temporary) RSA key when doing RSA operations (see "
#~ "L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).  "
#~ "According to the specifications this is only done, when a RSA key can "
#~ "only be used for signature operations (namely under export ciphers with "
#~ "restricted RSA keylength). By setting this option, ephemeral RSA keys are "
#~ "always used. This option breaks compatibility with the SSL/TLS "
#~ "specifications and may lead to interoperability problems with clients and "
#~ "should therefore never be used. Ciphers with EDH (ephemeral Diffie-"
#~ "Hellman) key exchange should be used instead."
#~ msgstr ""
#~ "Toujours utiliser des clefs RSA éphémères (temporaires) lors dâ??opérations "
#~ "RSA (consultez L<B<SSL_CTX_set_tmp_rsa_callback>(3)|"
#~ "SSL_CTX_set_tmp_rsa_callback(3)>). Suivant les spécifications cela est "
#~ "fait uniquement quand une clef RSA peut être utilisée pour seulement les "
#~ "opérations de signature (à savoir avec les algorithmes destinés à "
#~ "lâ??export avec des longueurs limitées de clef RSA). En activant cette "
#~ "option, les clefs éphémères sont toujours utilisées. Cette option rompt "
#~ "la compatibilité avec spécifications SSL/TLS et peut mener à des "
#~ "problèmes dâ??interopérabilité avec des clients, et devrait donc nâ??être "
#~ "jamais utilisée. Lâ??échange de signatures avec EDH (Diffie-Hellman "
#~ "éphémère) devrait plutôt être choisi."

#~ msgid ""
#~ "On OpenSSL servers ephemeral RSA key exchange is therefore disabled by "
#~ "default and must be explicitly enabled using the SSL_OP_EPHEMERAL_RSA "
#~ "option of L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, violating the "
#~ "TLS/SSL standard. When ephemeral RSA key exchange is required for export "
#~ "ciphers, it will automatically be used without this option!"
#~ msgstr ""
#~ "Sur les serveurs SSL, lâ??échange de clefs RSA éphémères est donc désactivé "
#~ "par défaut et doit être formellement activé en utilisant lâ??option "
#~ "B<SSL_OP_EPHEMERAL_RSA> de L<B<SSL_CTX_set_options>(3)|"
#~ "SSL_CTX_set_options(3)>, en enfreignant la norme TLS/SSL. Quand lâ??échange "
#~ "de clefs éphémères RSA est nécessaire pour les algorithmes de chiffrement "
#~ "pour lâ??export, cela est fait automatiquement sans cette option !"

#~ msgid "C<0>"
#~ msgstr "Z<>0"

#~ msgid "C<1>"
#~ msgstr "Z<>1"

#~ msgid "1"
#~ msgstr "1"

#~ msgid "0"
#~ msgstr "0"

Attachment: signature.asc
Description: OpenPGP digital signature