App strings reworked #1465
App strings reworked #1465
Conversation
| <string name="override_dns">Override DNS Settings by Server</string> | ||
| <string name="dns_override_summary">Use your own DNS Servers</string> | ||
| <string name="override_dns">Override DNS Settings by server</string> | ||
| <string name="dns_override_summary">Use your own DNS servers</string> | ||
| <string name="searchdomain">searchDomain</string> |
There was a problem hiding this comment.
What is this? Domain to search in?
There was a problem hiding this comment.
searchDomain is basically a fixed term related to DNS configuration
There was a problem hiding this comment.
It looks a bit off in translation, and is harder to understand in languages where the verb, object and subject are switched around.
main/src/main/res/values/strings.xml
Outdated
| <string name="nobind_summary">Do not bind to local address and port</string> | ||
| <string name="no_bind">No local binding</string> | ||
| <string name="import_configuration_file">Import configuration file</string> | ||
| <string name="faq_security_title">Security considerations</string> | ||
| <string name="faq_security">"As OpenVPN is security sensitive a few notes about security are sensible. All data on the sdcard is inherently insecure. Every app can read it (for example this program requires no special sd card rights). The data of this application can only be read by the application itself. By using the import option for cacert/cert/key in the file dialog the data is stored in the VPN profile. The VPN profiles are only accessible by this application. (Do not forget to delete the copies on the sd card afterwards). Even though accessible only by this application the data is still unencrypted. By rooting the telephone or other exploits it may be possible to retrieve the data. Saved passwords are stored in plain text as well. For pkcs12 files it is highly recommended that you import them into the android keystore."</string> | ||
| <string name="faq_security">"As OpenVPN is security sensitive a few notes about security are sensible. All data on the SD card is inherently insecure. Every program can read it (for example this program requires no special SD card rights). The data of this program can only be read by the program itself. By using the import option for CA cert/cert/key in the file dialog the data is stored in the VPN profile. The VPN profiles are only accessible by this program. (Do not forget to delete the copies on the sd card afterwards). Even though accessible only by this program the data is still unencrypted. By rooting the device or other exploits it may be possible to retrieve the data. Saved passwords are stored in plaintext too. For PKCS 12 files it is highly recommended that you import them into the Android keystore."</string> |
| <string name="ab_only_cidr">Android supports only CIDR routes to the VPN. Since non-CIDR routes are almost never used, OpenVPN for Android will use a /32 for routes that are not CIDR and issue a warning.</string> | ||
| <string name="ab_tethering_44">Tethering works while the VPN is active. The tethered connection will NOT use the VPN.</string> | ||
| <string name="ab_only_cidr">Android supports only CIDR routes to the VPN. Since non-CIDR routes are almost never used, OpenVPN for Android will use a /32 IP block for non-CIDR routes and issue a warning.</string> | ||
| <string name="ab_tethering_44">Tethering works while the VPN is active. The tethered connection will NOT use the VPN tunnel.</string> |
| @@ -341,113 +342,113 @@ | |||
| <string name="delete">Delete</string> | |||
| <string name="add_remote">Add new remote</string> | |||
| <string name="remote_random">Use connection entries in random order on connect</string> | |||
| <string name="remote_no_server_selected">You need to define and enable at least one remote server.</string> | |||
| <string name="remote_no_server_selected">Define and connect to at least one remote server.</string> | |||
| <string name="ab_vpn_reachability_44">Only destination can be reached over the VPN that are reachable without VPN. IPv6 VPNs does not work at all.</string> | ||
| <string name="ab_only_cidr_title">Non CIDR Routes</string> | ||
| <string name="ab_kitkat_reconnect">"Multiple users report the mobile connection/mobile data connection dropping frequently while using the VPN app. It seems to affect only some mobile provider/device combination and so far no cause/workaround has been found."</string> | ||
| <string name="ab_vpn_reachability_44">Only destinations reachable without the VPN can be reached with it. VPNs over IPv6 does not work at all.</string> |
| <string name="service_restarted">Restarting OpenVPN Service (App crashed probably crashed or killed for memory pressure)</string> | ||
| <string name="import_config_error">Importing the config yielded an error, cannot save it</string> | ||
| <string name="service_restarted">Restarting OpenVPN Service… (The app probably crashed or was killed due to memory pressure)</string> | ||
| <string name="import_config_error">Could not save the imported configuration</string> |
There was a problem hiding this comment.
Is the config used temporarily and just not saved?
| <string name="deprecated_tls_remote">Config uses option tls-remote that was deprecated in 2.3 and finally removed in 2.4</string> | ||
| <string name="sorted_lru">Most recently used profiles shown</string> | ||
| <string name="sorted_az">Profiles A-Z</string> | ||
| <string name="deprecated_tls_remote">The configuration uses the \"tls-remote\" option deprecated in OpenVPN 2.3 and finally removed in 2.4</string> |
| <string name="faq_killswitch_title">Block non VPN connection (\"Killswitch\")</string> | ||
| <string name="faq_killswitch">It is often desired to block connections without VPN. Other apps often use markting terms like \"Killswitch\" or \"Seamless tunnel\" for this feature. OpenVPN and this app offer persist-tun, a feature to implement this functionality.<p>The problem with all these methods offered by apps is that they can only provide best effort and are no complete solutions. On boot, app crashing and other corner cases the app cannot ensure that this block of non VPN connection works. Thus giving the user a false sense of security.<p>The <b>only</b> reliable way to ensure non VPN connections are blocked is to use Android 8.0 or later and use the \"block connections without VPN\" setting that can be found under Settings > Network & Internet > Advanced/VPN > OpenVPN for Android > Enable Always ON VPN, Enable Block Connections without VPN</string> | ||
| <string name="extauth_not_configured">External two-factor app not configured</string> | ||
| <string name="faq_killswitch_title">Block non-VPN connections (\"Killswitch\")</string> |
main/src/main/res/values/strings.xml
Outdated
| <string name="summary_block_address_families">This option instructs Android to not allow protocols (IPv4/IPv6) if the VPN does not set any IPv4 or IPv6 addresses.</string> | ||
| <string name="title_block_address_families">Block IPv6 (or IPv4) if not used by the VPN</string> | ||
| <string name="install_keychain">Install new certificate</string> | ||
| <string name="as_servername">AS servername</string> | ||
| <string name="as_servername">As servername</string> |
There was a problem hiding this comment.
"As" correct? (I don't know what "AS" is)
There was a problem hiding this comment.
Yes. AS is correct. You don't know what it is and still changed it ...
There was a problem hiding this comment.
Tried searching for it to no avail. Will add a comment.
| <string name="ab_kitkat_reconnect">"Multiple users report that the mobile connection/mobile data connection is frequently dropped while using the VPN app. The behaviour seems to affect only some mobile provider/device combination and so far no cause/workaround for the bug could be identified. "</string> | ||
| <string name="ab_vpn_reachability_44">Only destination can be reached over the VPN that are reachable without VPN. IPv6 VPNs does not work at all.</string> | ||
| <string name="ab_only_cidr_title">Non CIDR Routes</string> | ||
| <string name="ab_kitkat_reconnect">"Multiple users report the mobile connection/mobile data connection dropping frequently while using the VPN app. It seems to affect only some mobile provider/device combination and so far no cause/workaround has been found."</string> |
There was a problem hiding this comment.
Removing ending whitespace OK?
| @@ -7,79 +7,79 @@ | |||
| <string name="address">Server Address:</string> | |||
| <string name="port">Server Port:</string> | |||
| <string name="location">Location</string> | |||
| <string name="cant_read_folder">Unable to read directory</string> | |||
| <string name="cant_read_folder">Could not read directory</string> | |||
There was a problem hiding this comment.
Not sure that is needed to change.
There was a problem hiding this comment.
The idea is to have consistency for every similar error message.
Then they can all be grouped as such in Weblate, making it easier to translate them all.
Arguably it is also a consistent experience between one error message to the next, which is a more gracious way to fail.
| <string name="select">Select</string> | ||
| <string name="cancel">Cancel</string> | ||
| <string name="no_data">No Data</string> | ||
| <string name="useLZO">LZO Compression</string> | ||
| <string name="client_no_certificate">No Certificate</string> | ||
| <string name="client_certificate_title">Client Certificate</string> | ||
| <string name="client_key_title">Client Certificate Key</string> | ||
| <string name="client_pkcs12_title">PKCS12 File</string> | ||
| <string name="client_pkcs12_title">PKCS 12 File</string> |
There was a problem hiding this comment.
Also PKCS12 is like file a type, so writing it together is better.
There was a problem hiding this comment.
It used to be "PCKS 12" http://www.foo.be/docs-free/opensst/ref/pkcs-12v1.pdf
and is now PCKS #12 https://datatracker.ietf.org/doc/html/rfc7292 by the looks of it.
As long as it isn't both that is better, but I think the latter is the more correct one.
Sorry for getting this wrong.
Edit: I think PKCS #12 (.p12 or .pfx) File might be good.
| <string name="ca_title">CA Certificate</string> | ||
| <string name="no_certificate">You must select a certificate</string> |
There was a problem hiding this comment.
This is an error message, so loosing the You must changes the meaning.
There was a problem hiding this comment.
"Select a certificate first" is my preference, but that is a good call.
main/src/main/res/values/strings.xml
Outdated
| <string name="copyright_others">This program uses the following components; see the source code for full details on the licenses</string> | ||
| <string name="no_certificate">Select a certificate</string> | ||
| <string name="copyright_guicode">Source code and issue tracker at https://github.com/schwabe/ics-openvpn/</string> | ||
| <string name="copyright_others">This program uses the following components; the source code has full details on licenses</string> |
| <string name="ipv4_address">IPv4 Address</string> | ||
| <string name="ipv6_address">IPv6 Address</string> | ||
| <string name="custom_option_warning">Enter custom OpenVPN options. Use with caution. Also note that many of the tun related OpenVPN settings cannot be supported by design of the VPNSettings. If you think an important option is missing contact the author</string> | ||
| <string name="custom_option_warning">Enter custom OpenVPN options. Use with caution. Also note that many of the TUN related OpenVPN settings cannot be supported by design of the VPNSettings. Contact the author if you think an important option is missing.</string> |
There was a problem hiding this comment.
no tun is almost always written small.
There was a problem hiding this comment.
|
I started reviewing this but I found that I don't agree on many changes here. Since neither of us is a native speaker I find many of these changes questionable and just because they sound better to another non-native speaker is not something that I think is good enough to change them. Overall I find the changes too "intrusive". I will have to go through them and pick the ones that are fixing actual mistakes but this is not something I can just accept. |
|
@schwabe Be that as it may, it gives some amount of preference to people that aren't. A lot of this is aimed at avoiding uncertainty and likely errors in translation based on experience. There is a reason for every change, even if subtle. |
| <string name="missing_certificates">Missing user certificate or user certifcate key file</string> | ||
| <string name="crl_title">Certifcate Revoke List (optional)</string> | ||
| <string name="missing_tlsauth">tls-auth file missing</string> | ||
| <string name="missing_certificates">Missing user certificate or user certifcate keyfile</string> |
There was a problem hiding this comment.
| <string name="missing_certificates">Missing user certificate or user certifcate keyfile</string> | |
| <string name="missing_certificates">Missing user certificate or user certificate keyfile</string> |
|
您好,谢谢你的邮件,我已收到。
|
schwabe
force-pushed
the
master
branch
4 times, most recently
from
2290b8d
to
f010753
Compare
Depends on #1422
Decide between "app" and "program"?
Possibly tackle these two strings:
Announce to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed this number of bytes. (The default is 1450)
There are some variation of this message depending on the exact situation. They all have in common that server and client could not agree on a common cipher. The main reasons are: <ul><li> You are still relying on the fact that OpenVPN 2.4 and older allowed BF-CBC in the default configuration (if no --cipher was set). OpenVPN 2.5 does not allow it per default anymore since it is a <a href="https://community.openvpn.net/openvpn/wiki/SWEET32">broken/outdated cipher</a>.</li><li>The server runs OpenVPN 2.3 (or even older) with --enable-small (at least 4-5 year old OpenVPN)</li><li></ul>Broken configuration (e.g., mismatching data-ciphers on client and server)</li> <p> The <a href="https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/cipher-negotiation.rst\">OpenVPN manual section on cipher negotiation</a> explains the different scenarios of cipher negotiation very well and what to do in these situation.<p>TP-Link devices use a at least 5 year old OpenVPN 2.3.x version (possibly older) on their devices, even in the 2019/2020 models.<p>Last but not least, there is a popular VPN provider that has a broken server that always says it is using 'BF-CBC' because its developer thought it would be a good idea to create a proprietary cipher negotiation patch that is incompatible with standard OpenVPN.<p>In summary: all sane configurations should not get these errors. But (apart from the broken VPN provider's server) the client can be persuaded to still connect (fixing the sympton and not the real problem). When connecting to older servers the comaptiblity mode option in the basic settings of a VPN should be able to address most of the common compatiblity problems.