Re: [libvirt] [PATCH] Add some basic sanity checking of certificates before use
On 07/15/2011 06:15 AM, Jiri Denemark wrote:
On Fri, Jul 15, 2011 at 11:40:01 +0100, Daniel P. Berrange wrote:
> If the libvirt daemon or libvirt client is configured with bogus
> certificates, it is very unhelpful to only find out about this
> when a TLS connection is actually attempted. Not least because
> the error messages you get back for failures are incredibly
> obscure.
> + if (gnutls_x509_crt_import(cert, &data,
GNUTLS_X509_FMT_PEM) < 0) {
> + virNetError(VIR_ERR_SYSTEM_ERROR,
> + _("Unable to import %s certificate %s"),
> + isServer ? "server" : "client", certFile);
Shouldn't this and several other instances below rather be something like
isServer ? _("Unable to import server certificate %s")
: _("Unable to import client certificate %s")
Yes, the translators _do_ prefer complete sentences. Not to mention
that the patch as written doesn't translate "server" or "client",
so it
would look weird having an English word injected into an otherwise
translated sentence.
> + virNetError(VIR_ERR_SYSTEM_ERROR,
> + _("Unable to verify %s certificate against CA
certificate"),
> + isServer ? "server": "client");
Another instance of translation issues.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 620 bytes)